## Updated at UTC 2026-03-09T03:48:52.432219

Access data as JSON

CVE CVSS EPSS Posts Repos Nuclei Updated Description
CVE-2026-3787 7.0 0.00% 2 0 2026-03-09T00:30:19 A weakness has been identified in UltraVNC 1.6.4.0 on Windows. This affects an u
CVE-2026-3769 8.8 0.00% 4 0 2026-03-08T21:15:51.470000 A vulnerability was detected in Tenda F453 1.0.0.3. Affected by this issue is th
CVE-2026-3768 8.8 0.00% 4 0 2026-03-08T21:15:51.267000 A security vulnerability has been detected in Tenda F453 1.0.0.3. Affected by th
CVE-2026-3728 8.8 0.05% 2 0 2026-03-08T12:30:34 A vulnerability was determined in Tenda F453 1.0.0.3/1.If. This issue affects th
CVE-2026-3727 8.8 0.05% 2 0 2026-03-08T12:30:27 A vulnerability was found in Tenda F453 1.0.0.3. This vulnerability affects the
CVE-2026-3732 8.8 0.05% 4 0 2026-03-08T11:15:50.523000 A security vulnerability has been detected in Tenda F453 1.0.0.3. This affects t
CVE-2026-3729 8.8 0.05% 2 0 2026-03-08T11:15:49.863000 A vulnerability was identified in Tenda F453 1.0.0.3/3.As. Impacted is the funct
CVE-2026-3726 8.8 0.05% 4 0 2026-03-08T09:30:27 A vulnerability has been found in Tenda F453 1.0.0.3. This affects the function
CVE-2026-3715 8.8 0.04% 4 0 2026-03-08T09:30:21 A vulnerability was found in Wavlink WL-WN579X3-C 231124. This affects the funct
CVE-2026-28683 8.7 0.02% 2 0 2026-03-08T08:37:48 ### Summary If a malicious authenticated user uploads SVG and creates a hotlink
CVE-2026-3703 9.8 0.07% 5 0 2026-03-08T06:31:15 A flaw has been found in Wavlink NU516U1 251208. This affects the function sub_4
CVE-2026-3701 8.8 0.04% 2 0 2026-03-08T06:31:15 A security vulnerability has been detected in H3C Magic B1 up to 100R004. Affect
CVE-2026-3698 8.8 0.04% 2 0 2026-03-08T03:30:34 A vulnerability was identified in UTT HiPER 810G up to 1.7.7-171114. This affect
CVE-2026-3700 8.8 0.04% 2 0 2026-03-08T03:30:34 A weakness has been identified in UTT HiPER 810G up to 1.7.7-171114. Affected is
CVE-2026-3699 8.8 0.04% 2 0 2026-03-08T03:16:04.017000 A security flaw has been discovered in UTT HiPER 810G up to 1.7.7-171114. This i
CVE-2026-3677 8.8 0.05% 2 0 2026-03-08T00:31:58 A vulnerability was found in Tenda FH451 1.0.0.9. This impacts the function from
CVE-2026-3678 8.8 0.05% 2 0 2026-03-08T00:31:58 A vulnerability was determined in Tenda FH451 1.0.0.9. Affected is the function
CVE-2026-3679 8.8 0.05% 2 0 2026-03-07T23:15:47.643000 A vulnerability was identified in Tenda FH451 1.0.0.9. Affected by this vulnerab
CVE-2026-24308 None 0.01% 1 0 2026-03-07T18:31:31 Improper handling of configuration values in ZKConfig in Apache ZooKeeper 3.8.5
CVE-2026-30860 9.9 0.08% 5 0 2026-03-07T17:15:53.823000 WeKnora is an LLM-powered framework designed for deep document understanding and
CVE-2026-29784 7.5 0.02% 2 0 2026-03-07T16:15:55.430000 Ghost is a Node.js content management system. From version 5.101.6 to 6.19.2, in
CVE-2026-28678 8.1 0.03% 2 0 2026-03-07T16:15:54.010000 DSA Study Hub is an interactive educational web application. Prior to commit d52
CVE-2026-29193 8.2 0.03% 2 0 2026-03-07T15:15:55.867000 ZITADEL is an open source identity management platform. From version 4.0.0 to 4.
CVE-2026-1074 7.2 0.06% 1 0 2026-03-07T08:16:09.020000 The WP App Bar plugin for WordPress is vulnerable to Stored Cross-Site Scripting
CVE-2025-14675 7.2 0.68% 2 0 2026-03-07T08:16:05.963000 The Meta Box plugin for WordPress is vulnerable to arbitrary file deletion due t
CVE-2025-8899 8.8 0.04% 1 0 2026-03-07T06:16:09.350000 The Paid Videochat Turnkey Site – HTML5 PPV Live Webcams plugin for WordPress is
CVE-2025-14353 7.5 0.07% 2 0 2026-03-07T03:30:29 The ZIP Code Based Content Protection plugin for WordPress is vulnerable to SQL
CVE-2025-15602 8.8 0.02% 1 0 2026-03-07T02:33:41 Snipe-IT versions prior to 8.3.7 contain sensitive user attributes related to ac
CVE-2026-2020 7.5 0.09% 1 0 2026-03-07T02:16:12.077000 The JS Archive List plugin for WordPress is vulnerable to PHP Object Injection i
CVE-2026-30861 10.0 0.21% 6 0 2026-03-07T01:59:02 ### Summary A critical unauthenticated remote code execution (RCE) vulnerabilit
CVE-2026-25070 0 1.03% 3 0 2026-03-07T01:15:57.427000 XikeStor SKS8310-8X Network Switch firmware versions 1.04.B07 and prior contain
CVE-2026-30855 9.8 0.08% 2 0 2026-03-06T23:53:57 ### Summary An authorization bypass in tenant management endpoints of WeKnora ap
CVE-2026-30851 8.1 0.01% 2 0 2026-03-06T23:38:45 ## Summary Caddy's `forward_auth` directive with `copy_headers` generates condi
CVE-2026-26017 7.7 0.04% 1 0 2026-03-06T22:43:40 A logical vulnerability in CoreDNS allows DNS access controls to be bypassed due
CVE-2025-45691 7.5 0.05% 2 0 2026-03-06T22:23:33 An Arbitrary File Read vulnerability exists in the ImageTextPromptValue class in
CVE-2026-30823 8.8 0.02% 1 0 2026-03-06T22:20:51 ### Summary The Flowise platform has a critical Insecure Direct Object Reference
CVE-2026-30822 7.7 0.04% 2 0 2026-03-06T22:19:14 ## Summary **A Mass Assignment vulnerability in the `/api/v1/leads` endpoint al
CVE-2026-30832 9.1 0.04% 4 0 2026-03-06T22:16:02 While auditing the codebase in the wake of the webhook SSRF fix shipped in v0.11
CVE-2026-29064 8.2 0.01% 1 0 2026-03-06T22:10:52 ### Summary A path traversal vulnerability in archive extraction allows a speci
CVE-2026-26018 7.5 0.04% 1 0 2026-03-06T22:08:22 ## Executive Summary A Denial of Service vulnerability exists in CoreDNS's loop
CVE-2026-29058 9.8 0.10% 4 0 2026-03-06T21:56:51 ## Impact An unauthenticated attacker can execute arbitrary OS commands on the
CVE-2026-30227 0 0.80% 2 0 2026-03-06T21:16:16.607000 MimeKit is a C# library which may be used for the creation and parsing of messag
CVE-2026-30223 8.8 0.02% 1 0 2026-03-06T21:16:16.113000 OliveTin gives access to predefined shell commands from a web interface. Prior t
CVE-2026-29091 8.1 0.25% 1 0 2026-03-06T19:16:21.720000 Locutus brings stdlibs of other programming languages to JavaScript for educatio
CVE-2026-30834 7.5 0.03% 2 0 2026-03-06T18:41:00 # SSRF with Full Response Exfiltration via Download Handler ### Summary A Serve
CVE-2026-30827 7.5 0.01% 1 0 2026-03-06T18:36:57 ## Summary The default `keyGenerator` in express-rate-limit applies IPv6 subnet
CVE-2026-28284 8.8 0.03% 2 0 2026-03-06T18:32:58.330000 FreePBX is an open source IP PBX. Prior to versions 16.0.10 and 17.0.5, the Free
CVE-2026-2446 9.8 0.07% 2 0 2026-03-06T18:32:19 The PowerPack for LearnDash WordPress plugin before 1.3.0 does not have authoriz
CVE-2026-3589 7.5 0.03% 3 0 2026-03-06T18:16:22.450000 The WooCommerce WordPress plugin from versions 5.4.0 to 10.5.2 does not properly
CVE-2026-29087 7.5 0.03% 1 0 2026-03-06T18:16:19.757000 @hono/node-server allows running the Hono application on Node.js. Prior to versi
CVE-2026-28789 7.5 0.09% 2 0 2026-03-06T18:16:19.300000 OliveTin gives access to predefined shell commands from a web interface. Prior t
CVE-2026-28514 0 0.11% 1 0 2026-03-06T18:16:19.103000 Rocket.Chat is an open-source, secure, fully customizable communications platfor
CVE-2026-28342 7.5 0.06% 2 0 2026-03-06T18:16:17.907000 OliveTin gives access to predefined shell commands from a web interface. Prior t
CVE-2025-70230 9.8 0.06% 2 0 2026-03-06T17:37:58.670000 Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime para
CVE-2025-70231 9.8 0.08% 2 0 2026-03-06T17:37:30.923000 D-Link DIR-513 version 1.10 contains a critical-level vulnerability. When proces
CVE-2025-70232 9.8 0.06% 2 0 2026-03-06T17:36:58.860000 Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime para
CVE-2026-29611 7.5 0.03% 2 0 2026-03-06T17:16:35.073000 OpenClaw versions prior to 2026.2.14 contain a local file inclusion vulnerabilit
CVE-2026-29610 8.8 0.07% 1 0 2026-03-06T17:16:34.833000 OpenClaw versions prior to 2026.2.14 contain a command hijacking vulnerability t
CVE-2026-29075 8.3 0.07% 1 0 2026-03-06T17:16:34.167000 Mesa is an open-source Python library for agent-based modeling, simulating compl
CVE-2026-28484 0 0.00% 1 0 2026-03-06T17:16:32.923000 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering
CVE-2026-28476 8.3 0.06% 2 0 2026-03-06T17:16:32.163000 OpenClaw versions prior to 2026.2.14 contain a server-side request forgery vulne
CVE-2026-28473 8.1 0.03% 1 0 2026-03-06T17:16:31.973000 OpenClaw versions prior to 2026.2.2 contain an authorization bypass vulnerabilit
CVE-2026-28464 5.9 0.09% 1 0 2026-03-06T17:16:30.390000 OpenClaw versions prior to 2026.2.12 use non-constant-time string comparison for
CVE-2026-28458 8.1 0.05% 1 0 2026-03-06T17:16:30 OpenClaw version 2026.1.20 prior to 2026.2.1 contains a vulnerability in the Bro
CVE-2026-28447 8.1 0.03% 1 0 2026-03-06T17:16:28.550000 OpenClaw versions 2026.1.29-beta.1 prior to 2026.2.1 contain a path traversal vu
CVE-2026-28442 8.5 0.04% 2 0 2026-03-06T17:16:28.200000 ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 syst
CVE-2026-28393 7.7 0.01% 1 0 2026-03-06T17:16:27.817000 OpenClaw versions 2.0.0-beta3 prior to 2026.2.14 contain a path traversal vulner
CVE-2026-0848 10.0 0.41% 2 0 2026-03-06T17:16:25.273000 NLTK versions <=3.9.2 are vulnerable to arbitrary code execution due to improper
CVE-2026-26288 9.4 0.07% 2 0 2026-03-06T16:16:10.723000 WebSocket endpoints lack proper authentication mechanisms, enabling attackers to
CVE-2026-24696 7.5 0.05% 1 0 2026-03-06T16:16:10.193000 The WebSocket Application Programming Interface lacks restrictions on the number
CVE-2026-20882 7.5 0.06% 1 0 2026-03-06T16:16:09.913000 The WebSocket Application Programming Interface lacks restrictions on the number
CVE-2026-29000 10.0 0.24% 1 1 2026-03-06T15:41:57 pac4j-jwt versions prior to 4.5.9, 5.7.9, and 6.3.3 contain an authentication by
CVE-2026-26051 9.4 0.10% 2 0 2026-03-06T15:31:36 WebSocket endpoints lack proper authentication mechanisms, enabling attackers to
CVE-2026-2753 7.5 0.07% 1 0 2026-03-06T15:31:36 An Absolute Path Traversal vulnerability exists in Navtor NavBox. The applicatio
CVE-2026-28794 None 0.32% 1 0 2026-03-06T15:16:22 ### Summary A critical Prototype Pollution vulnerability exists in the RPC JSON
CVE-2026-28787 8.2 0.05% 3 0 2026-03-06T15:16:16 ### Summary The WebAuthn authentication implementation does not store the chall
CVE-2026-2754 7.5 0.04% 1 0 2026-03-06T15:16:11.320000 Navtor NavBox exposes sensitive configuration and operational data due to missin
CVE-2026-29093 8.1 0.05% 1 0 2026-03-06T14:24:08 ## Summary The official `docker-compose.yml` publishes the memcached service on
CVE-2026-25921 9.3 0.02% 2 0 2026-03-06T14:02:02.117000 Gogs is an open source self-hosted Git service. Prior to version 0.14.2, overwri
CVE-2021-30952 7.8 1.51% 4 0 2026-03-06T13:44:17.940000 An integer overflow was addressed with improved input validation. This issue is
CVE-2021-22681 9.8 15.43% 3 0 2026-03-06T13:44:06.370000 Rockwell Automation Studio 5000 Logix Designer Versions 21 and later, and RSLogi
CVE-2018-25181 7.5 0.57% 2 0 2026-03-06T13:16:00.447000 Musicco 2.0.0 contains a path traversal vulnerability that allows unauthenticate
CVE-2018-25166 8.2 0.06% 1 0 2026-03-06T13:15:57.430000 Meneame English Pligg 5.8 contains an SQL injection vulnerability that allows un
CVE-2026-26416 8.8 0.03% 2 1 2026-03-06T12:31:37 An authorization bypass vulnerability in Tata Consultancy Services Cognix Recon
CVE-2025-70995 8.8 0.36% 2 1 2026-03-06T12:31:37 An issue in Aranda Service Desk Web Edition (ASDK API 8.6) allows authenticated
CVE-2025-13476 9.8 0.05% 2 0 2026-03-06T12:31:36 Rakuten Viber Cloak mode in Android v25.7.2.0g and Windows v25.6.0.0–v25.8.1.0 u
CVE-2025-70229 9.8 0.06% 2 0 2026-03-06T12:31:36 Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime para
CVE-2026-26418 7.5 0.06% 2 1 2026-03-06T12:31:36 Missing authentication and authorization in the web API of Tata Consultancy Serv
CVE-2025-70233 9.8 0.06% 2 0 2026-03-06T12:30:31 Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime para
CVE-2025-70949 7.5 0.03% 2 0 2026-03-06T11:16:08.263000 An observable timing discrepancy in @perfood/couch-auth v0.26.0 allows attackers
CVE-2025-70948 9.3 0.03% 2 0 2026-03-06T11:16:08.090000 A host header injection vulnerability in the mailer component of @perfood/couch-
CVE-2026-26417 8.1 0.03% 2 1 2026-03-06T10:16:22.163000 A broken access control vulnerability in the password reset functionality of Tat
CVE-2025-70616 7.8 0.01% 2 0 2026-03-06T10:16:21.803000 A stack buffer overflow vulnerability exists in the Wincor Nixdorf wnBios64.sys
CVE-2025-70614 8.1 0.03% 2 0 2026-03-06T10:16:21.627000 OpenCode Systems OC Messaging / USSD Gateway OC Release 6.32.2 contains a broken
CVE-2025-29165 9.8 0.04% 2 0 2026-03-06T10:16:20.040000 An issue in D-Link DIR-1253 MESH V1.6.1684 allows an attacker to escalate privil
CVE-2026-2331 9.8 0.17% 5 0 2026-03-06T09:31:41 An attacker may perform unauthenticated read and write operations on sensitive f
CVE-2026-2330 9.4 0.21% 2 0 2026-03-06T08:16:27.253000 An attacker may access restricted filesystem areas on the device via the CROWN R
CVE-2026-29183 9.3 0.03% 3 0 2026-03-06T08:16:27.090000 SiYuan is a personal knowledge management system. Prior to version 3.5.9, an una
CVE-2026-29074 7.5 0.04% 1 0 2026-03-06T08:16:26.920000 SVGO, short for SVG Optimizer, is a Node.js library and command-line application
CVE-2026-28681 8.1 0.06% 2 0 2026-03-06T05:16:37.710000 Internet Routing Registry daemon version 4 is an IRR database server, processing
CVE-2026-28679 8.6 0.04% 2 0 2026-03-06T05:16:36.977000 Home-Gallery.org is a self-hosted open-source web gallery to browse personal pho
CVE-2026-28677 8.2 0.04% 1 0 2026-03-06T05:16:36.610000 OpenSift is an AI study tool that sifts through large datasets using semantic se
CVE-2026-25888 8.8 0.23% 2 0 2026-03-06T05:16:29.903000 Chartbrew is an open-source web application that can connect directly to databas
CVE-2026-28501 9.8 0.03% 3 0 2026-03-06T04:16:08.177000 WWBN AVideo is an open source video platform. Prior to version 24.0, an unauthen
CVE-2025-59543 9.0 0.04% 3 0 2026-03-06T04:16:02.293000 Chamilo is a learning management system. Prior to version 1.11.34, there is a st
CVE-2025-59541 8.1 0.01% 3 0 2026-03-06T04:16:01.977000 Chamilo is a learning management system. Prior to version 1.11.34, a Cross-Site
CVE-2026-28466 10.0 0.09% 1 0 2026-03-06T01:05:55 ### Summary A remote code execution (RCE) vulnerability in the gateway-to-node
CVE-2026-28479 5.4 0.02% 1 0 2026-03-06T01:05:00 ## Affected Packages / Versions - npm package: `openclaw` - Affected versions: `
CVE-2026-28462 7.5 0.04% 1 0 2026-03-06T01:04:45 ## Summary OpenClaw’s browser control API accepted user-supplied output paths
CVE-2026-28469 9.8 0.03% 1 0 2026-03-06T01:03:20 ## Summary When multiple Google Chat webhook targets are registered on the same
CVE-2026-28470 9.8 0.07% 1 0 2026-03-06T01:02:34 ### Summary Exec approvals allowlist bypass via command substitution/backticks
CVE-2026-28465 5.9 0.02% 1 0 2026-03-06T01:01:24 ## Affected Packages / Versions This issue affects the optional voice-call plug
CVE-2026-29613 5.9 0.02% 1 0 2026-03-06T01:00:35 ## Summary The BlueBubbles webhook handler previously treated any request whose
CVE-2026-28456 7.2 0.06% 1 0 2026-03-06T00:59:49 ## Summary OpenClaw Gateway supports hook mappings with optional JavaScript/Typ
CVE-2026-28453 8.1 0.04% 1 0 2026-03-06T00:59:39 ## Summary OpenClaw versions before 2026.2.14 did not sufficiently validate TAR
CVE-2026-28454 9.8 0.02% 2 0 2026-03-06T00:58:49 ## Summary When Telegram webhook mode is enabled without a configured webhook s
CVE-2026-28727 7.8 0.01% 2 0 2026-03-06T00:31:42 Local privilege escalation due to insecure Unix socket permissions. The followin
CVE-2026-21536 9.8 0.40% 2 0 2026-03-06T00:31:41 Microsoft Devices Pricing Program Remote Code Execution Vulnerability
CVE-2026-22552 9.4 0.10% 2 0 2026-03-06T00:31:41 WebSocket endpoints lack proper authentication mechanisms, enabling attackers to
CVE-2026-28710 8.1 0.07% 1 0 2026-03-06T00:31:41 Sensitive information disclosure and manipulation due to improper authentication
CVE-2026-27778 7.5 0.06% 1 0 2026-03-06T00:16:10.960000 The WebSocket Application Programming Interface lacks restrictions on the number
CVE-2026-26125 8.6 0.08% 1 0 2026-03-05T23:16:20.160000 Payment Orchestrator Service Elevation of Privilege Vulnerability
CVE-2026-29188 9.1 0.06% 1 0 2026-03-05T22:50:22 ### Summary A broken access control vulnerability in the TUS protocol DELETE en
CVE-2026-28790 7.5 0.06% 2 0 2026-03-05T22:49:38 ### Summary OliveTin allows an unauthenticated guest to terminate running actio
CVE-2026-27944 9.8 0.05% 1 0 2026-03-05T22:37:22 ## Summary The `/api/backup` endpoint is accessible without authentication and
CVE-2026-26999 7.5 0.01% 1 0 2026-03-05T22:29:01 ## Impact There is a potential vulnerability in Traefik managing TLS handshake
CVE-2026-28478 7.5 0.08% 1 0 2026-03-05T22:16:22.210000 OpenClaw versions prior to 2026.2.13 contain a denial of service vulnerability i
CVE-2026-28463 8.4 0.02% 1 0 2026-03-05T22:16:19.127000 OpenClaw exec-approvals allowlist validation checks pre-expansion argv tokens bu
CVE-2026-28289 10.0 0.03% 1 1 2026-03-05T22:16:15.213000 FreeScout is a free help desk and shared inbox built with PHP's Laravel framewor
CVE-2026-29609 7.5 0.10% 1 0 2026-03-05T21:59:52 ### Summary URL-backed media fetch handling allocated the entire response payloa
CVE-2026-28474 None 0.04% 2 0 2026-03-05T21:52:02 ## Summary In affected versions of the optional Nextcloud Talk plugin (installe
CVE-2026-28472 None 0.04% 1 0 2026-03-05T21:51:23 ### Summary The gateway WebSocket `connect` handshake could allow skipping devi
CVE-2026-28468 7.1 0.02% 2 0 2026-03-05T21:50:00 ## Summary openclaw could start the sandbox browser bridge server without authe
CVE-2026-30244 7.5 0.02% 1 0 2026-03-05T21:48:12 ## Executive Summary A security vulnerability exists in the Plane project manag
CVE-2026-28451 8.6 0.04% 2 0 2026-03-05T21:44:47 ### Summary The Feishu extension could fetch attacker-controlled remote URLs in
CVE-2026-30242 8.5 0.03% 1 0 2026-03-05T21:43:16 ### Summary The webhook URL validation in `plane/app/serializers/webhook.py` onl
CVE-2026-28446 9.4 0.26% 1 0 2026-03-05T21:43:07 ### Summary An authentication bypass in the optional `voice-call` extension/plu
CVE-2026-28392 4.8 0.03% 2 0 2026-03-05T21:41:06 ## Summary When Slack DMs are configured with `dmPolicy=open`, the Slack slash-
CVE-2026-28391 None 0.05% 1 0 2026-03-05T21:40:43 ### Summary On Windows nodes, exec requests were executed via `cmd.exe /d /s /c
CVE-2026-28115 9.3 0.03% 1 0 2026-03-05T21:31:51 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti
CVE-2017-7921 10.0 94.27% 3 25 template 2026-03-05T21:31:32 An Improper Authentication issue was discovered in Hikvision DS-2CD2xx2F-I Serie
CVE-2026-24457 9.1 0.19% 3 0 2026-03-05T21:30:57 An unsafe parsing of OpenMQ's configuration, allows a remote attacker to read ar
CVE-2023-43000 8.8 0.11% 4 0 2026-03-05T21:30:24 A use-after-free issue was addressed with improved memory management. This issue
CVE-2023-41974 7.8 0.48% 4 0 2026-03-05T21:30:23 A use-after-free issue was addressed with improved memory management. This issue
CVE-2026-26478 9.8 0.86% 2 0 2026-03-05T18:13:33.993000 A shell command injection vulnerability in Mobvoi Tichome Mini smart speaker 012
CVE-2026-29186 7.7 0.07% 2 0 2026-03-05T00:12:09 ### Impact This is a configuration bypass vulnerability that enables arbitrary c
CVE-2026-29192 7.7 0.03% 2 0 2026-03-04T22:53:44 ### Summary A vulnerability in Zitadel's login V2 interface was discovered, all
CVE-2026-29191 9.3 0.03% 2 0 2026-03-04T22:47:09 ### Summary A vulnerability was discovered in Zitadel's login V2 interface that
CVE-2026-2256 6.5 2.31% 2 1 2026-03-03T21:52:29.877000 A command injection vulnerability in ModelScope's ms-agent versions v1.6.0rc1 an
CVE-2026-24101 9.8 1.13% 2 0 2026-03-03T19:44:19.120000 An issue was discovered in goform/formSetIptv in Tenda AC15V1.0 V15.03.05.18_mul
CVE-2024-47886 7.2 0.89% 2 0 2026-03-03T19:11:21.227000 Chamilo is a learning management system. Chamillo is affected by a post-authenti
CVE-2026-24107 9.8 1.13% 2 0 2026-03-03T15:55:11.547000 An issue was discovered in Tenda W20E V4.0br_V15.11.0.6. Failure to validate the
CVE-2026-24105 9.8 1.69% 2 0 2026-03-03T15:31:37 An issue was discovered in goform/formsetUsbUnload in Tenda AC15V1.0 V15.03.05.1
CVE-2026-1492 9.8 0.07% 2 1 2026-03-03T06:31:14 The User Registration & Membership – Custom Registration Form Builder, Custom Lo
CVE-2026-23600 0 0.24% 1 0 2026-03-02T20:29:29.330000 A remote authentication bypass vulnerability  exists in HPE AutoPass License S
CVE-2026-20127 10.0 2.60% 1 6 2026-02-26T16:20:02.187000 A vulnerability in the peering authentication in Cisco Catalyst SD-WAN Controlle
CVE-2026-2441 8.8 0.14% 2 8 2026-02-23T13:24:55.920000 Use after free in CSS in Google Chrome prior to 145.0.7632.75 allowed a remote a
CVE-2026-20841 8.8 0.10% 1 12 2026-02-11T15:31:25 Improper neutralization of special elements used in a command ('command injectio
CVE-2026-25253 8.8 0.05% 7 6 2026-02-02T23:41:06 ## Summary The Control UI trusts `gatewayUrl` from the query string without val
CVE-2025-38617 4.7 0.00% 1 0 2026-01-07T18:30:21 In the Linux kernel, the following vulnerability has been resolved: net/packet:
CVE-2025-14500 9.8 1.29% 1 0 2025-12-24T00:30:27 IceWarp14 X-File-Operation Command Injection Remote Code Execution Vulnerability
CVE-2025-55182 10.0 66.27% 1 100 template 2025-12-10T02:00:02.557000 A pre-authentication remote code execution vulnerability exists in React Server
CVE-2025-10959 6.3 0.20% 1 0 2025-09-25T18:30:45 A vulnerability has been found in Wavlink NU516U1 M16U1_V240425. The affected el
CVE-2023-38545 9.8 26.25% 2 9 2025-02-13T18:33:03 This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake.
CVE-2024-36694 8.1 0.59% 1 0 2024-12-18T22:03:16 A Server-Side Template Injection (SSTI) vulnerability in the Theme Editor Functi
CVE-2021-22901 8.1 0.34% 4 0 2024-11-21T05:50:52.580000 curl 7.75.0 through 7.76.1 suffers from a use-after-free vulnerability resulting
CVE-2026-29779 0 0.03% 2 0 N/A
CVE-2026-30863 0 0.07% 2 1 N/A
CVE-2026-28210 0 0.05% 2 0 N/A
CVE-2026-28287 0 0.11% 2 0 N/A
CVE-2026-29067 0 0.01% 2 0 N/A
CVE-2025-55208 0 0.05% 2 0 N/A
CVE-2026-28405 0 0.04% 2 0 N/A
CVE-2026-29089 0 0.01% 1 0 N/A
CVE-2026-29789 0 0.05% 2 0 N/A
CVE-2026-30840 0 0.04% 1 0 N/A
CVE-2025-14297 0 0.00% 1 0 N/A
CVE-2026-28485 0 0.06% 1 0 N/A
CVE-2025-55289 0 0.05% 1 0 N/A
CVE-2025-59542 0 0.04% 1 0 N/A
CVE-2026-29041 0 0.24% 1 1 N/A
CVE-2026-28429 0 0.36% 1 0 N/A
CVE-2026-28676 0 0.05% 1 0 N/A
CVE-2026-28680 0 0.03% 1 0 N/A
CVE-2026-27884 0 0.03% 1 0 N/A

CVE-2026-3787
(7.0 None)

EPSS: 0.00%

updated 2026-03-09T00:30:19

2 posts

A weakness has been identified in UltraVNC 1.6.4.0 on Windows. This affects an unknown function in the library cryptbase.dll of the component Windows Service. This manipulation causes uncontrolled search path. The attack requires local access. A high degree of complexity is needed for the attack. The exploitability is reported as difficult. The vendor was contacted early about this disclosure but

offseq at 2026-03-09T00:00:39.537Z ##

UltraVNC 1.6.4.0 on Windows hit by HIGH-severity vuln (CVE-2026-3787): uncontrolled DLL search path in cryptbase.dll. Local attackers could escalate privileges. No patch yet — restrict access & monitor for DLL hijacking. radar.offseq.com/threat/cve-20

##

offseq@infosec.exchange at 2026-03-09T00:00:39.000Z ##

UltraVNC 1.6.4.0 on Windows hit by HIGH-severity vuln (CVE-2026-3787): uncontrolled DLL search path in cryptbase.dll. Local attackers could escalate privileges. No patch yet — restrict access & monitor for DLL hijacking. radar.offseq.com/threat/cve-20 #OffSeq #Vuln #UltraVNC

##

CVE-2026-3769
(8.8 HIGH)

EPSS: 0.00%

updated 2026-03-08T21:15:51.470000

4 posts

A vulnerability was detected in Tenda F453 1.0.0.3. Affected by this issue is the function WrlclientSet of the file /goform/WrlclientSet. The manipulation of the argument GO results in stack-based buffer overflow. The attack can be executed remotely. The exploit is now public and may be used.

offseq at 2026-03-09T01:30:26.707Z ##

🚩 CVE-2026-3769: HIGH severity vuln in Tenda F453 (v1.0.0.3) — stack-based buffer overflow in /goform/WrlclientSet. Public exploit released! Limit remote access, monitor traffic, apply mitigations. Details: radar.offseq.com/threat/cve-20

##

thehackerwire@mastodon.social at 2026-03-08T21:27:29.000Z ##

🟠 CVE-2026-3769 - High (8.8)

A vulnerability was detected in Tenda F453 1.0.0.3. Affected by this issue is the function WrlclientSet of the file /goform/WrlclientSet. The manipulation of the argument GO results in stack-based buffer overflow. The attack can be executed remote...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

offseq@infosec.exchange at 2026-03-09T01:30:26.000Z ##

🚩 CVE-2026-3769: HIGH severity vuln in Tenda F453 (v1.0.0.3) — stack-based buffer overflow in /goform/WrlclientSet. Public exploit released! Limit remote access, monitor traffic, apply mitigations. Details: radar.offseq.com/threat/cve-20 #OffSeq #NetworkSecurity #Vuln

##

thehackerwire@mastodon.social at 2026-03-08T21:27:29.000Z ##

🟠 CVE-2026-3769 - High (8.8)

A vulnerability was detected in Tenda F453 1.0.0.3. Affected by this issue is the function WrlclientSet of the file /goform/WrlclientSet. The manipulation of the argument GO results in stack-based buffer overflow. The attack can be executed remote...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3768
(8.8 HIGH)

EPSS: 0.00%

updated 2026-03-08T21:15:51.267000

4 posts

A security vulnerability has been detected in Tenda F453 1.0.0.3. Affected by this vulnerability is the function formWrlExtraSet of the file /goform/WrlExtraSet. The manipulation of the argument GO leads to stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used.

offseq at 2026-03-09T03:00:32.011Z ##

🚩 CVE-2026-3768 (HIGH, CVSS 8.7): Stack buffer overflow in Tenda F453 v1.0.0.3 — remote, unauthenticated exploit possible. Public exploit code released. Patch ASAP or restrict remote access! radar.offseq.com/threat/cve-20

##

thehackerwire@mastodon.social at 2026-03-08T21:27:19.000Z ##

🟠 CVE-2026-3768 - High (8.8)

A security vulnerability has been detected in Tenda F453 1.0.0.3. Affected by this vulnerability is the function formWrlExtraSet of the file /goform/WrlExtraSet. The manipulation of the argument GO leads to stack-based buffer overflow. Remote expl...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

offseq@infosec.exchange at 2026-03-09T03:00:32.000Z ##

🚩 CVE-2026-3768 (HIGH, CVSS 8.7): Stack buffer overflow in Tenda F453 v1.0.0.3 — remote, unauthenticated exploit possible. Public exploit code released. Patch ASAP or restrict remote access! radar.offseq.com/threat/cve-20 #OffSeq #CVE20263768 #RouterSecurity #Infosec

##

thehackerwire@mastodon.social at 2026-03-08T21:27:19.000Z ##

🟠 CVE-2026-3768 - High (8.8)

A security vulnerability has been detected in Tenda F453 1.0.0.3. Affected by this vulnerability is the function formWrlExtraSet of the file /goform/WrlExtraSet. The manipulation of the argument GO leads to stack-based buffer overflow. Remote expl...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3728
(8.8 HIGH)

EPSS: 0.05%

updated 2026-03-08T12:30:34

2 posts

A vulnerability was determined in Tenda F453 1.0.0.3/1.If. This issue affects the function fromSetCfm of the file /goform/setcfm. This manipulation of the argument funcname/funcpara1 causes stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized.

thehackerwire@mastodon.social at 2026-03-08T10:18:18.000Z ##

🟠 CVE-2026-3728 - High (8.8)

A vulnerability was determined in Tenda F453 1.0.0.3/1.If. This issue affects the function fromSetCfm of the file /goform/setcfm. This manipulation of the argument funcname/funcpara1 causes stack-based buffer overflow. Remote exploitation of the a...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-08T10:18:18.000Z ##

🟠 CVE-2026-3728 - High (8.8)

A vulnerability was determined in Tenda F453 1.0.0.3/1.If. This issue affects the function fromSetCfm of the file /goform/setcfm. This manipulation of the argument funcname/funcpara1 causes stack-based buffer overflow. Remote exploitation of the a...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3727
(8.8 HIGH)

EPSS: 0.05%

updated 2026-03-08T12:30:27

2 posts

A vulnerability was found in Tenda F453 1.0.0.3. This vulnerability affects the function sub_3C6C0 of the file /goform/QuickIndex. The manipulation of the argument mit_linktype/PPPOEPassword results in stack-based buffer overflow. The attack may be launched remotely. The exploit has been made public and could be used.

thehackerwire@mastodon.social at 2026-03-08T10:18:28.000Z ##

🟠 CVE-2026-3727 - High (8.8)

A vulnerability was found in Tenda F453 1.0.0.3. This vulnerability affects the function sub_3C6C0 of the file /goform/QuickIndex. The manipulation of the argument mit_linktype/PPPOEPassword results in stack-based buffer overflow. The attack may b...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-08T10:18:28.000Z ##

🟠 CVE-2026-3727 - High (8.8)

A vulnerability was found in Tenda F453 1.0.0.3. This vulnerability affects the function sub_3C6C0 of the file /goform/QuickIndex. The manipulation of the argument mit_linktype/PPPOEPassword results in stack-based buffer overflow. The attack may b...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3732
(8.8 HIGH)

EPSS: 0.05%

updated 2026-03-08T11:15:50.523000

4 posts

A security vulnerability has been detected in Tenda F453 1.0.0.3. This affects the function strcpy of the file /goform/exeCommand. The manipulation of the argument cmdinput leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be used.

offseq at 2026-03-08T11:32:31.327Z ##

🛑 CVE-2026-3732: HIGH severity stack buffer overflow in Tenda F453 (v1.0.0.3). Remote, unauthenticated code execution risk — no patch yet. Block remote mgmt & monitor endpoints. Details: radar.offseq.com/threat/cve-20

##

thehackerwire@mastodon.social at 2026-03-08T11:19:15.000Z ##

🟠 CVE-2026-3732 - High (8.8)

A security vulnerability has been detected in Tenda F453 1.0.0.3. This affects the function strcpy of the file /goform/exeCommand. The manipulation of the argument cmdinput leads to stack-based buffer overflow. It is possible to initiate the attac...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

offseq@infosec.exchange at 2026-03-08T11:32:31.000Z ##

🛑 CVE-2026-3732: HIGH severity stack buffer overflow in Tenda F453 (v1.0.0.3). Remote, unauthenticated code execution risk — no patch yet. Block remote mgmt & monitor endpoints. Details: radar.offseq.com/threat/cve-20 #OffSeq #Vuln #RouterSecurity #CVE20263732

##

thehackerwire@mastodon.social at 2026-03-08T11:19:15.000Z ##

🟠 CVE-2026-3732 - High (8.8)

A security vulnerability has been detected in Tenda F453 1.0.0.3. This affects the function strcpy of the file /goform/exeCommand. The manipulation of the argument cmdinput leads to stack-based buffer overflow. It is possible to initiate the attac...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3729
(8.8 HIGH)

EPSS: 0.05%

updated 2026-03-08T11:15:49.863000

2 posts

A vulnerability was identified in Tenda F453 1.0.0.3/3.As. Impacted is the function fromPptpUserAdd of the file /goform/PPTPDClient. Such manipulation of the argument username/opttype leads to stack-based buffer overflow. The attack can be executed remotely. The exploit is publicly available and might be used.

thehackerwire@mastodon.social at 2026-03-08T11:19:24.000Z ##

🟠 CVE-2026-3729 - High (8.8)

A vulnerability was identified in Tenda F453 1.0.0.3/3.As. Impacted is the function fromPptpUserAdd of the file /goform/PPTPDClient. Such manipulation of the argument username/opttype leads to stack-based buffer overflow. The attack can be execute...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-08T11:19:24.000Z ##

🟠 CVE-2026-3729 - High (8.8)

A vulnerability was identified in Tenda F453 1.0.0.3/3.As. Impacted is the function fromPptpUserAdd of the file /goform/PPTPDClient. Such manipulation of the argument username/opttype leads to stack-based buffer overflow. The attack can be execute...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3726
(8.8 HIGH)

EPSS: 0.05%

updated 2026-03-08T09:30:27

4 posts

A vulnerability has been found in Tenda F453 1.0.0.3. This affects the function fromwebExcptypemanFilter of the file /goform/webExcptypemanFilter. The manipulation of the argument page leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

offseq at 2026-03-08T10:00:27.553Z ##

🚨 CVE-2026-3726 (HIGH, CVSS 8.7) in Tenda F453 (v1.0.0.3): Stack buffer overflow in /goform/webExcptypemanFilter enables remote, unauthenticated code execution. Public exploit code raises risk — restrict access & monitor now! radar.offseq.com/threat/cve-20

##

thehackerwire@mastodon.social at 2026-03-08T09:19:45.000Z ##

🟠 CVE-2026-3726 - High (8.8)

A vulnerability has been found in Tenda F453 1.0.0.3. This affects the function fromwebExcptypemanFilter of the file /goform/webExcptypemanFilter. The manipulation of the argument page leads to stack-based buffer overflow. The attack may be initia...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

offseq@infosec.exchange at 2026-03-08T10:00:27.000Z ##

🚨 CVE-2026-3726 (HIGH, CVSS 8.7) in Tenda F453 (v1.0.0.3): Stack buffer overflow in /goform/webExcptypemanFilter enables remote, unauthenticated code execution. Public exploit code raises risk — restrict access & monitor now! radar.offseq.com/threat/cve-20 #OffSeq #Vuln #Infosec

##

thehackerwire@mastodon.social at 2026-03-08T09:19:45.000Z ##

🟠 CVE-2026-3726 - High (8.8)

A vulnerability has been found in Tenda F453 1.0.0.3. This affects the function fromwebExcptypemanFilter of the file /goform/webExcptypemanFilter. The manipulation of the argument page leads to stack-based buffer overflow. The attack may be initia...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3715
(8.8 HIGH)

EPSS: 0.04%

updated 2026-03-08T09:30:21

4 posts

A vulnerability was found in Wavlink WL-WN579X3-C 231124. This affects the function sub_40139C of the file /cgi-bin/firewall.cgi. Performing a manipulation of the argument del_flag results in stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been made public and could be used. Upgrading to version 20260226 is able to mitigate this issue. You should upgrad

offseq at 2026-03-08T08:30:28.730Z ##

🛡️ CVE-2026-3715: HIGH-severity stack overflow in Wavlink WL-WN579X3-C routers (v231124). Remote attackers can execute code w/o auth. Exploit code is public — patch to 20260226 now! radar.offseq.com/threat/cve-20

##

thehackerwire@mastodon.social at 2026-03-08T08:14:57.000Z ##

🟠 CVE-2026-3715 - High (8.8)

A vulnerability was found in Wavlink WL-WN579X3-C 231124. This affects the function sub_40139C of the file /cgi-bin/firewall.cgi. Performing a manipulation of the argument del_flag results in stack-based buffer overflow. It is possible to initiate...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

offseq@infosec.exchange at 2026-03-08T08:30:28.000Z ##

🛡️ CVE-2026-3715: HIGH-severity stack overflow in Wavlink WL-WN579X3-C routers (v231124). Remote attackers can execute code w/o auth. Exploit code is public — patch to 20260226 now! radar.offseq.com/threat/cve-20 #OffSeq #Vulnerability #RouterSecurity #Infosec

##

thehackerwire@mastodon.social at 2026-03-08T08:14:57.000Z ##

🟠 CVE-2026-3715 - High (8.8)

A vulnerability was found in Wavlink WL-WN579X3-C 231124. This affects the function sub_40139C of the file /cgi-bin/firewall.cgi. Performing a manipulation of the argument del_flag results in stack-based buffer overflow. It is possible to initiate...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28683
(8.7 HIGH)

EPSS: 0.02%

updated 2026-03-08T08:37:48

2 posts

### Summary If a malicious authenticated user uploads SVG and creates a hotlink for it, they achieve stored XSS. ### Details The hotlinking functionality fails to properly handle scripts included in the SVGs, allowing authenticated attackers with the ability to upload and hotlink file to execute arbitrary JS. *Issue found by [aisafe.io](https://aisafe.io/)* ### Impact Authenticated attackers w

thehackerwire@mastodon.social at 2026-03-06T08:09:07.000Z ##

🟠 CVE-2026-28683 - High (8.7)

Gokapi is a self-hosted file sharing server with automatic expiration and encryption support. Prior to version 2.2.3, if a malicious authenticated user uploads SVG and creates a hotlink for it, they can achieve stored XSS. This issue has been patc...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-06T08:06:45.000Z ##

🟠 CVE-2026-28683 - High (8.7)

Gokapi is a self-hosted file sharing server with automatic expiration and encryption support. Prior to version 2.2.3, if a malicious authenticated user uploads SVG and creates a hotlink for it, they can achieve stored XSS. This issue has been patc...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3703
(9.8 CRITICAL)

EPSS: 0.07%

updated 2026-03-08T06:31:15

5 posts

A flaw has been found in Wavlink NU516U1 251208. This affects the function sub_401A10 of the file /cgi-bin/login.cgi. Executing a manipulation of the argument ipaddr can lead to out-of-bounds write. The attack may be performed from remote. The exploit has been published and may be used. Upgrading the affected component is recommended. The vendor was contacted early, responded in a very professiona

Matchbook3469@mastodon.social at 2026-03-08T14:51:09.000Z ##

🔴 New security advisory:

CVE-2026-3703 affects multiple systems.

• Impact: Remote code execution or complete system compromise possible
• Risk: Attackers can gain full control of affected systems
• Mitigation: Patch immediately or isolate affected systems

Full breakdown:
yazoul.net/advisory/cve/cve-20

#Cybersecurity #VulnerabilityManagement #CyberSec

##

thehackerwire@mastodon.social at 2026-03-08T08:15:09.000Z ##

🔴 CVE-2026-3703 - Critical (9.8)

A flaw has been found in Wavlink NU516U1 251208. This affects the function sub_401A10 of the file /cgi-bin/login.cgi. Executing a manipulation of the argument ipaddr can lead to out-of-bounds write. The attack may be performed from remote. The exp...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

offseq at 2026-03-08T05:30:26.536Z ##

🚨 CRITICAL: CVE-2026-3703 in Wavlink NU516U1 (firmware 251208) allows remote, unauthenticated out-of-bounds write via /cgi-bin/login.cgi. Public exploit available — patch immediately! Monitor for abnormal ipaddr activity. radar.offseq.com/threat/cve-20

##

thehackerwire@mastodon.social at 2026-03-08T08:15:09.000Z ##

🔴 CVE-2026-3703 - Critical (9.8)

A flaw has been found in Wavlink NU516U1 251208. This affects the function sub_401A10 of the file /cgi-bin/login.cgi. Executing a manipulation of the argument ipaddr can lead to out-of-bounds write. The attack may be performed from remote. The exp...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

offseq@infosec.exchange at 2026-03-08T05:30:26.000Z ##

🚨 CRITICAL: CVE-2026-3703 in Wavlink NU516U1 (firmware 251208) allows remote, unauthenticated out-of-bounds write via /cgi-bin/login.cgi. Public exploit available — patch immediately! Monitor for abnormal ipaddr activity. radar.offseq.com/threat/cve-20 #OffSeq #Vuln #RouterSecurity #Wavlink

##

CVE-2026-3701
(8.8 HIGH)

EPSS: 0.04%

updated 2026-03-08T06:31:15

2 posts

A security vulnerability has been detected in H3C Magic B1 up to 100R004. Affected by this vulnerability is the function Edit_BasicSSID_5G of the file /goform/aspForm. Such manipulation of the argument param leads to buffer overflow. The attack can be executed remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond

thehackerwire@mastodon.social at 2026-03-08T08:15:20.000Z ##

🟠 CVE-2026-3701 - High (8.8)

A security vulnerability has been detected in H3C Magic B1 up to 100R004. Affected by this vulnerability is the function Edit_BasicSSID_5G of the file /goform/aspForm. Such manipulation of the argument param leads to buffer overflow. The attack ca...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-08T08:15:20.000Z ##

🟠 CVE-2026-3701 - High (8.8)

A security vulnerability has been detected in H3C Magic B1 up to 100R004. Affected by this vulnerability is the function Edit_BasicSSID_5G of the file /goform/aspForm. Such manipulation of the argument param leads to buffer overflow. The attack ca...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3698
(8.8 HIGH)

EPSS: 0.04%

updated 2026-03-08T03:30:34

2 posts

A vulnerability was identified in UTT HiPER 810G up to 1.7.7-171114. This affects the function strcpy of the file /goform/NTP. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit is publicly available and might be used.

thehackerwire@mastodon.social at 2026-03-08T08:23:30.000Z ##

🟠 CVE-2026-3698 - High (8.8)

A vulnerability was identified in UTT HiPER 810G up to 1.7.7-171114. This affects the function strcpy of the file /goform/NTP. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit is publicly available and m...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-08T08:23:30.000Z ##

🟠 CVE-2026-3698 - High (8.8)

A vulnerability was identified in UTT HiPER 810G up to 1.7.7-171114. This affects the function strcpy of the file /goform/NTP. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit is publicly available and m...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3700
(8.8 HIGH)

EPSS: 0.04%

updated 2026-03-08T03:30:34

2 posts

A weakness has been identified in UTT HiPER 810G up to 1.7.7-171114. Affected is the function strcpy of the file /goform/formConfigDnsFilterGlobal. This manipulation causes buffer overflow. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be used for attacks.

thehackerwire@mastodon.social at 2026-03-08T08:15:29.000Z ##

🟠 CVE-2026-3700 - High (8.8)

A weakness has been identified in UTT HiPER 810G up to 1.7.7-171114. Affected is the function strcpy of the file /goform/formConfigDnsFilterGlobal. This manipulation causes buffer overflow. Remote exploitation of the attack is possible. The exploi...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-08T08:15:29.000Z ##

🟠 CVE-2026-3700 - High (8.8)

A weakness has been identified in UTT HiPER 810G up to 1.7.7-171114. Affected is the function strcpy of the file /goform/formConfigDnsFilterGlobal. This manipulation causes buffer overflow. Remote exploitation of the attack is possible. The exploi...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3699
(8.8 HIGH)

EPSS: 0.04%

updated 2026-03-08T03:16:04.017000

2 posts

A security flaw has been discovered in UTT HiPER 810G up to 1.7.7-171114. This impacts the function strcpy of the file /goform/formRemoteControl. The manipulation results in buffer overflow. The attack may be launched remotely. The exploit has been released to the public and may be used for attacks.

thehackerwire@mastodon.social at 2026-03-08T08:18:38.000Z ##

🟠 CVE-2026-3699 - High (8.8)

A security flaw has been discovered in UTT HiPER 810G up to 1.7.7-171114. This impacts the function strcpy of the file /goform/formRemoteControl. The manipulation results in buffer overflow. The attack may be launched remotely. The exploit has bee...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-08T08:18:38.000Z ##

🟠 CVE-2026-3699 - High (8.8)

A security flaw has been discovered in UTT HiPER 810G up to 1.7.7-171114. This impacts the function strcpy of the file /goform/formRemoteControl. The manipulation results in buffer overflow. The attack may be launched remotely. The exploit has bee...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3677
(8.8 HIGH)

EPSS: 0.05%

updated 2026-03-08T00:31:58

2 posts

A vulnerability was found in Tenda FH451 1.0.0.9. This impacts the function fromSetCfm of the file /goform/setcfm. The manipulation of the argument funcname/funcpara1 results in stack-based buffer overflow. The attack may be performed from remote. The exploit has been made public and could be used.

thehackerwire@mastodon.social at 2026-03-08T09:01:30.000Z ##

🟠 CVE-2026-3677 - High (8.8)

A vulnerability was found in Tenda FH451 1.0.0.9. This impacts the function fromSetCfm of the file /goform/setcfm. The manipulation of the argument funcname/funcpara1 results in stack-based buffer overflow. The attack may be performed from remote....

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-08T09:01:30.000Z ##

🟠 CVE-2026-3677 - High (8.8)

A vulnerability was found in Tenda FH451 1.0.0.9. This impacts the function fromSetCfm of the file /goform/setcfm. The manipulation of the argument funcname/funcpara1 results in stack-based buffer overflow. The attack may be performed from remote....

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3678
(8.8 HIGH)

EPSS: 0.05%

updated 2026-03-08T00:31:58

2 posts

A vulnerability was determined in Tenda FH451 1.0.0.9. Affected is the function sub_3C434 of the file /goform/AdvSetWan. This manipulation of the argument wanmode/PPPOEPassword causes stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized.

thehackerwire@mastodon.social at 2026-03-08T09:01:20.000Z ##

🟠 CVE-2026-3678 - High (8.8)

A vulnerability was determined in Tenda FH451 1.0.0.9. Affected is the function sub_3C434 of the file /goform/AdvSetWan. This manipulation of the argument wanmode/PPPOEPassword causes stack-based buffer overflow. It is possible to initiate the att...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-08T09:01:20.000Z ##

🟠 CVE-2026-3678 - High (8.8)

A vulnerability was determined in Tenda FH451 1.0.0.9. Affected is the function sub_3C434 of the file /goform/AdvSetWan. This manipulation of the argument wanmode/PPPOEPassword causes stack-based buffer overflow. It is possible to initiate the att...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3679
(8.8 HIGH)

EPSS: 0.05%

updated 2026-03-07T23:15:47.643000

2 posts

A vulnerability was identified in Tenda FH451 1.0.0.9. Affected by this vulnerability is the function formQuickIndex of the file /goform/QuickIndex. Such manipulation of the argument mit_linktype/PPPOEPassword leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit is publicly available and might be used.

thehackerwire@mastodon.social at 2026-03-08T09:01:09.000Z ##

🟠 CVE-2026-3679 - High (8.8)

A vulnerability was identified in Tenda FH451 1.0.0.9. Affected by this vulnerability is the function formQuickIndex of the file /goform/QuickIndex. Such manipulation of the argument mit_linktype/PPPOEPassword leads to stack-based buffer overflow....

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-08T09:01:09.000Z ##

🟠 CVE-2026-3679 - High (8.8)

A vulnerability was identified in Tenda FH451 1.0.0.9. Affected by this vulnerability is the function formQuickIndex of the file /goform/QuickIndex. Such manipulation of the argument mit_linktype/PPPOEPassword leads to stack-based buffer overflow....

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-24308(CVSS UNKNOWN)

EPSS: 0.01%

updated 2026-03-07T18:31:31

1 posts

Improper handling of configuration values in ZKConfig in Apache ZooKeeper 3.8.5 and 3.9.4 on all platforms allows an attacker to expose sensitive information stored in client configuration in the client's logfile. Configuration values are exposed at INFO level logging rendering potential production systems affected by the issue. Users are recommended to upgrade to version 3.8.6 or 3.9.5 which fixe

offseq@infosec.exchange at 2026-03-07T10:30:28.000Z ##

💡 HIGH severity: CVE-2026-24308 in Apache ZooKeeper 3.8.0 – 3.9.4 logs sensitive config at INFO level. Risk of secret exposure via logs. Patch to 3.8.6/3.9.5 & restrict log access! radar.offseq.com/threat/cve-20 #OffSeq #ZooKeeper #CVE202624308 #Security

##

CVE-2026-30860
(9.9 CRITICAL)

EPSS: 0.08%

updated 2026-03-07T17:15:53.823000

5 posts

WeKnora is an LLM-powered framework designed for deep document understanding and semantic retrieval. Prior to version 0.2.12, a remote code execution (RCE) vulnerability exists in the application's database query functionality. The validation system fails to recursively inspect child nodes within PostgreSQL array expressions and row expressions, allowing attackers to bypass SQL injection protectio

thehackerwire@mastodon.social at 2026-03-08T09:20:03.000Z ##

🔴 CVE-2026-30860 - Critical (9.9)

WeKnora is an LLM-powered framework designed for deep document understanding and semantic retrieval. Prior to version 0.2.12, a remote code execution (RCE) vulnerability exists in the application's database query functionality. The validation syst...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

Matchbook3469@mastodon.social at 2026-03-08T07:07:41.000Z ##

🔴 New security advisory:

CVE-2026-30860 affects multiple systems.

• Impact: Remote code execution or complete system compromise possible
• Risk: Attackers can gain full control of affected systems
• Mitigation: Patch immediately or isolate affected systems

Full breakdown:
yazoul.net/advisory/cve/cve-20

#Cybersecurity #VulnerabilityManagement #CyberSec

##

offseq at 2026-03-08T02:30:28.547Z ##

⚠️ CRITICAL: Tencent WeKnora (<0.2.12) hit by CVE-2026-30860 — SQLi in PostgreSQL array/row parsing enables unauthenticated RCE. Patch to 0.2.12 ASAP. Restrict DB rights and monitor logs. radar.offseq.com/threat/cve-20

##

thehackerwire@mastodon.social at 2026-03-08T09:20:03.000Z ##

🔴 CVE-2026-30860 - Critical (9.9)

WeKnora is an LLM-powered framework designed for deep document understanding and semantic retrieval. Prior to version 0.2.12, a remote code execution (RCE) vulnerability exists in the application's database query functionality. The validation syst...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

offseq@infosec.exchange at 2026-03-08T02:30:28.000Z ##

⚠️ CRITICAL: Tencent WeKnora (<0.2.12) hit by CVE-2026-30860 — SQLi in PostgreSQL array/row parsing enables unauthenticated RCE. Patch to 0.2.12 ASAP. Restrict DB rights and monitor logs. radar.offseq.com/threat/cve-20 #OffSeq #SQLInjection #InfoSec

##

CVE-2026-29784
(7.5 HIGH)

EPSS: 0.02%

updated 2026-03-07T16:15:55.430000

2 posts

Ghost is a Node.js content management system. From version 5.101.6 to 6.19.2, incomplete CSRF protections around /session/verify made it possible to use OTCs in login sessions different from the requesting session. In some scenarios this might have made it easier for phishers to take over a Ghost site. This issue has been patched in version 6.19.3.

thehackerwire@mastodon.social at 2026-03-08T10:00:21.000Z ##

🟠 CVE-2026-29784 - High (7.5)

Ghost is a Node.js content management system. From version 5.101.6 to 6.19.2, incomplete CSRF protections around /session/verify made it possible to use OTCs in login sessions different from the requesting session. In some scenarios this might hav...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-08T10:00:21.000Z ##

🟠 CVE-2026-29784 - High (7.5)

Ghost is a Node.js content management system. From version 5.101.6 to 6.19.2, incomplete CSRF protections around /session/verify made it possible to use OTCs in login sessions different from the requesting session. In some scenarios this might hav...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28678
(8.1 HIGH)

EPSS: 0.03%

updated 2026-03-07T16:15:54.010000

2 posts

DSA Study Hub is an interactive educational web application. Prior to commit d527fba, the user authentication system in server/routes/auth.js was found to be vulnerable to Insufficiently Protected Credentials. Authentication tokens (JWTs) were stored in HTTP cookies without cryptographic protection of the payload. This issue has been patched via commit d527fba.

thehackerwire@mastodon.social at 2026-03-08T10:00:45.000Z ##

🟠 CVE-2026-28678 - High (8.1)

DSA Study Hub is an interactive educational web application. Prior to commit d527fba, the user authentication system in server/routes/auth.js was found to be vulnerable to Insufficiently Protected Credentials. Authentication tokens (JWTs) were sto...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-08T10:00:45.000Z ##

🟠 CVE-2026-28678 - High (8.1)

DSA Study Hub is an interactive educational web application. Prior to commit d527fba, the user authentication system in server/routes/auth.js was found to be vulnerable to Insufficiently Protected Credentials. Authentication tokens (JWTs) were sto...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-29193
(8.2 HIGH)

EPSS: 0.03%

updated 2026-03-07T15:15:55.867000

2 posts

ZITADEL is an open source identity management platform. From version 4.0.0 to 4.12.0, a vulnerability in Zitadel's login V2 UI allowed users to bypass login behavior and security policies and self-register new accounts or sign in using password even if corresponding options were disabled in their organizaton. This issue has been patched in version 4.12.1.

thehackerwire@mastodon.social at 2026-03-07T15:37:55.000Z ##

🟠 CVE-2026-29193 - High (8.2)

ZITADEL is an open source identity management platform. From version 4.0.0 to 4.12.0, a vulnerability in Zitadel's login V2 UI allowed users to bypass login behavior and security policies and self-register new accounts or sign in using password ev...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-07T15:37:55.000Z ##

🟠 CVE-2026-29193 - High (8.2)

ZITADEL is an open source identity management platform. From version 4.0.0 to 4.12.0, a vulnerability in Zitadel's login V2 UI allowed users to bypass login behavior and security policies and self-register new accounts or sign in using password ev...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-1074
(7.2 HIGH)

EPSS: 0.06%

updated 2026-03-07T08:16:09.020000

1 posts

The WP App Bar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'app-bar-features' parameter in all versions up to, and including, 1.5. This is due to insufficient input sanitization and output escaping combined with a missing authorization check in the `App_Bar_Settings` class constructor. This makes it possible for unauthenticated attackers to inject arbitrary web script

offseq@infosec.exchange at 2026-03-07T09:00:29.000Z ##

🚨 CVE-2026-1074: High-severity stored XSS in WP App Bar plugin (all versions). No auth needed — attackers inject scripts via 'app-bar-features' & compromise admin sessions. Patch or disable urgently! radar.offseq.com/threat/cve-20 #OffSeq #WordPress #XSS #Vuln

##

CVE-2025-14675
(7.2 HIGH)

EPSS: 0.68%

updated 2026-03-07T08:16:05.963000

2 posts

The Meta Box plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'ajax_delete_file' function in all versions up to, and including, 5.11.1. This makes it possible for authenticated attackers, with Contributor-level access and above, to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is

secdb at 2026-03-09T00:01:23.710Z ##

📈 CVE Published in last 7 days (2026-03-02 - 2026-03-09)
See more at secdb.nttzen.cloud/dashboard

Total CVEs: 1428

Severity:
- Critical: 187
- High: 549
- Medium: 456
- Low: 43
- None: 193

Status:
- : 38
- Analyzed: 324
- Awaiting Analysis: 475
- Modified: 83
- Received: 445
- Rejected: 7
- Undergoing Analysis: 56

Top CNAs:
- GitHub, Inc.: 283
- Patchstack: 271
- MITRE: 128
- VulnCheck: 107
- VulDB: 85
- Wordfence: 74
- Android (associated with Google Inc. or Open Handset Alliance): 57
- Cisco Systems, Inc.: 50
- N/A: 38
- Acronis International GmbH: 23

Top Affected Products:
- UNKNOWN: 1003
- Google Android: 74
- Chamilo Lms: 25
- Dlink Dir-513 Firmware: 20
- Huawei Harmonyos: 18
- Qualcomm Qca6595au Firmware: 14
- Qualcomm Wcd9380 Firmware: 14
- Qualcomm Wcd9385 Firmware: 14
- Qualcomm Wsa8830 Firmware: 14
- Qualcomm Wsa8815 Firmware: 14

Top EPSS Score:
- CVE-2026-2256 - 1.80 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24105 - 1.29 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-25070 - 1.03 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-26478 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24101 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24107 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-30227 - 0.80 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2024-47886 - 0.75 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2025-14675 - 0.68 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2018-25181 - 0.57 % (secdb.nttzen.cloud/cve/detail/)

##

secdb@infosec.exchange at 2026-03-09T00:01:23.000Z ##

📈 CVE Published in last 7 days (2026-03-02 - 2026-03-09)
See more at secdb.nttzen.cloud/dashboard

Total CVEs: 1428

Severity:
- Critical: 187
- High: 549
- Medium: 456
- Low: 43
- None: 193

Status:
- : 38
- Analyzed: 324
- Awaiting Analysis: 475
- Modified: 83
- Received: 445
- Rejected: 7
- Undergoing Analysis: 56

Top CNAs:
- GitHub, Inc.: 283
- Patchstack: 271
- MITRE: 128
- VulnCheck: 107
- VulDB: 85
- Wordfence: 74
- Android (associated with Google Inc. or Open Handset Alliance): 57
- Cisco Systems, Inc.: 50
- N/A: 38
- Acronis International GmbH: 23

Top Affected Products:
- UNKNOWN: 1003
- Google Android: 74
- Chamilo Lms: 25
- Dlink Dir-513 Firmware: 20
- Huawei Harmonyos: 18
- Qualcomm Qca6595au Firmware: 14
- Qualcomm Wcd9380 Firmware: 14
- Qualcomm Wcd9385 Firmware: 14
- Qualcomm Wsa8830 Firmware: 14
- Qualcomm Wsa8815 Firmware: 14

Top EPSS Score:
- CVE-2026-2256 - 1.80 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24105 - 1.29 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-25070 - 1.03 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-26478 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24101 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24107 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-30227 - 0.80 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2024-47886 - 0.75 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2025-14675 - 0.68 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2018-25181 - 0.57 % (secdb.nttzen.cloud/cve/detail/)

##

CVE-2025-8899
(8.8 HIGH)

EPSS: 0.04%

updated 2026-03-07T06:16:09.350000

1 posts

The Paid Videochat Turnkey Site – HTML5 PPV Live Webcams plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 7.3.20. This is due to videowhisper_register_form() function not restricting user roles that can be set during registration. This makes it possible for authenticated attackers, with Author-level access and above, to create posts/pages with the re

thehackerwire@mastodon.social at 2026-03-07T08:14:44.000Z ##

🟠 CVE-2025-8899 - High (8.8)

The Paid Videochat Turnkey Site – HTML5 PPV Live Webcams plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 7.3.20. This is due to videowhisper_register_form() function not restricting user roles tha...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-14353
(7.5 HIGH)

EPSS: 0.07%

updated 2026-03-07T03:30:29

2 posts

The ZIP Code Based Content Protection plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 1.0.2 via the 'zipcode' parameter. This is due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing

thehackerwire@mastodon.social at 2026-03-07T09:05:38.000Z ##

🟠 CVE-2025-14353 - High (7.5)

The ZIP Code Based Content Protection plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 1.0.2 via the 'zipcode' parameter. This is due to insufficient escaping on the user supplied parameter and lack of suff...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-07T08:15:04.000Z ##

🟠 CVE-2025-14353 - High (7.5)

The ZIP Code Based Content Protection plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 1.0.2 via the 'zipcode' parameter. This is due to insufficient escaping on the user supplied parameter and lack of suff...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-15602
(8.8 HIGH)

EPSS: 0.02%

updated 2026-03-07T02:33:41

1 posts

Snipe-IT versions prior to 8.3.7 contain sensitive user attributes related to account privileges that are insufficiently protected against mass assignment. An authenticated, low-privileged user can craft a malicious API request to modify restricted fields of another user account, including the Super Admin account. By changing the email address of the Super Admin and triggering a password reset, an

thehackerwire@mastodon.social at 2026-03-07T10:01:10.000Z ##

🟠 CVE-2025-15602 - High (8.8)

Snipe-IT versions prior to 8.3.7 contain sensitive user attributes related to account privileges that are insufficiently protected against mass assignment. An authenticated, low-privileged user can craft a malicious API request to modify restricte...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-2020
(7.5 HIGH)

EPSS: 0.09%

updated 2026-03-07T02:16:12.077000

1 posts

The JS Archive List plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 6.1.7 via the 'included' shortcode attribute. This is due to the deserialization of untrusted input supplied via the 'included' parameter of the plugin's shortcode. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject a PHP Object. N

thehackerwire@mastodon.social at 2026-03-07T08:14:54.000Z ##

🟠 CVE-2026-2020 - High (7.5)

The JS Archive List plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 6.1.7 via the 'included' shortcode attribute. This is due to the deserialization of untrusted input supplied via the 'included' pa...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-30861
(10.0 CRITICAL)

EPSS: 0.21%

updated 2026-03-07T01:59:02

6 posts

### Summary A critical unauthenticated remote code execution (RCE) vulnerability exists in the MCP stdio configuration validation introduced in version 2.0.5. The application allows unrestricted user registration, meaning any attacker can create an account and exploit the command injection flaw. Despite implementing a whitelist for allowed commands (`npx`, `uvx`) and blacklists for dangerous ar

thehackerwire@mastodon.social at 2026-03-08T09:38:29.000Z ##

🔴 CVE-2026-30861 - Critical (9.9)

WeKnora is an LLM-powered framework designed for deep document understanding and semantic retrieval. From version 0.2.5 to before version 0.2.10, an unauthenticated remote code execution (RCE) vulnerability exists in the MCP stdio configuration va...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

offseq at 2026-03-08T01:00:29.580Z ##

⚠️ CRITICAL: Tencent WeKnora (0.2.5 – 0.2.9) hit by unauthenticated RCE (CVE-2026-30861) — attackers bypass command validation using npx - p node. Patch to 0.2.10 ASAP! radar.offseq.com/threat/cve-20

##

offseq at 2026-03-08T00:00:39.091Z ##

🚨 CRITICAL CVE-2026-30861: Tencent WeKnora (0.2.5 – 0.2.9) OS command injection enables unauth RCE — full system compromise possible. Patch to 0.2.10 now! More info: radar.offseq.com/threat/cve-20

##

thehackerwire@mastodon.social at 2026-03-08T09:38:29.000Z ##

🔴 CVE-2026-30861 - Critical (9.9)

WeKnora is an LLM-powered framework designed for deep document understanding and semantic retrieval. From version 0.2.5 to before version 0.2.10, an unauthenticated remote code execution (RCE) vulnerability exists in the MCP stdio configuration va...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

offseq@infosec.exchange at 2026-03-08T01:00:29.000Z ##

⚠️ CRITICAL: Tencent WeKnora (0.2.5 – 0.2.9) hit by unauthenticated RCE (CVE-2026-30861) — attackers bypass command validation using npx - p node. Patch to 0.2.10 ASAP! radar.offseq.com/threat/cve-20 #OffSeq #Vulnerability #RCE #Tencent

##

offseq@infosec.exchange at 2026-03-08T00:00:39.000Z ##

🚨 CRITICAL CVE-2026-30861: Tencent WeKnora (0.2.5 – 0.2.9) OS command injection enables unauth RCE — full system compromise possible. Patch to 0.2.10 now! More info: radar.offseq.com/threat/cve-20 #OffSeq #RCE #Vulnerability #InfoSec

##

CVE-2026-25070
(0 None)

EPSS: 1.03%

updated 2026-03-07T01:15:57.427000

3 posts

XikeStor SKS8310-8X Network Switch firmware versions 1.04.B07 and prior contain an OS command injection vulnerability in the /goform/PingTestSet endpoint that allows unauthenticated remote attackers to execute arbitrary operating system commands. Attackers can inject malicious commands through the destIp parameter to achieve remote code execution with root privileges on the network switch.

secdb at 2026-03-09T00:01:23.710Z ##

📈 CVE Published in last 7 days (2026-03-02 - 2026-03-09)
See more at secdb.nttzen.cloud/dashboard

Total CVEs: 1428

Severity:
- Critical: 187
- High: 549
- Medium: 456
- Low: 43
- None: 193

Status:
- : 38
- Analyzed: 324
- Awaiting Analysis: 475
- Modified: 83
- Received: 445
- Rejected: 7
- Undergoing Analysis: 56

Top CNAs:
- GitHub, Inc.: 283
- Patchstack: 271
- MITRE: 128
- VulnCheck: 107
- VulDB: 85
- Wordfence: 74
- Android (associated with Google Inc. or Open Handset Alliance): 57
- Cisco Systems, Inc.: 50
- N/A: 38
- Acronis International GmbH: 23

Top Affected Products:
- UNKNOWN: 1003
- Google Android: 74
- Chamilo Lms: 25
- Dlink Dir-513 Firmware: 20
- Huawei Harmonyos: 18
- Qualcomm Qca6595au Firmware: 14
- Qualcomm Wcd9380 Firmware: 14
- Qualcomm Wcd9385 Firmware: 14
- Qualcomm Wsa8830 Firmware: 14
- Qualcomm Wsa8815 Firmware: 14

Top EPSS Score:
- CVE-2026-2256 - 1.80 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24105 - 1.29 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-25070 - 1.03 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-26478 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24101 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24107 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-30227 - 0.80 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2024-47886 - 0.75 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2025-14675 - 0.68 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2018-25181 - 0.57 % (secdb.nttzen.cloud/cve/detail/)

##

secdb@infosec.exchange at 2026-03-09T00:01:23.000Z ##

📈 CVE Published in last 7 days (2026-03-02 - 2026-03-09)
See more at secdb.nttzen.cloud/dashboard

Total CVEs: 1428

Severity:
- Critical: 187
- High: 549
- Medium: 456
- Low: 43
- None: 193

Status:
- : 38
- Analyzed: 324
- Awaiting Analysis: 475
- Modified: 83
- Received: 445
- Rejected: 7
- Undergoing Analysis: 56

Top CNAs:
- GitHub, Inc.: 283
- Patchstack: 271
- MITRE: 128
- VulnCheck: 107
- VulDB: 85
- Wordfence: 74
- Android (associated with Google Inc. or Open Handset Alliance): 57
- Cisco Systems, Inc.: 50
- N/A: 38
- Acronis International GmbH: 23

Top Affected Products:
- UNKNOWN: 1003
- Google Android: 74
- Chamilo Lms: 25
- Dlink Dir-513 Firmware: 20
- Huawei Harmonyos: 18
- Qualcomm Qca6595au Firmware: 14
- Qualcomm Wcd9380 Firmware: 14
- Qualcomm Wcd9385 Firmware: 14
- Qualcomm Wsa8830 Firmware: 14
- Qualcomm Wsa8815 Firmware: 14

Top EPSS Score:
- CVE-2026-2256 - 1.80 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24105 - 1.29 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-25070 - 1.03 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-26478 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24101 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24107 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-30227 - 0.80 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2024-47886 - 0.75 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2025-14675 - 0.68 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2018-25181 - 0.57 % (secdb.nttzen.cloud/cve/detail/)

##

offseq@infosec.exchange at 2026-03-07T01:30:30.000Z ##

⚠️ CRITICAL: CVE-2026-25070 in XikeStor SKS8310-8X allows unauthenticated remote OS command injection (CVSS 9.3). No patch yet. Restrict access, segment networks, and monitor endpoints. Full root risk! radar.offseq.com/threat/cve-20 #OffSeq #Vulnerability #NetworkSecurity

##

CVE-2026-30855
(9.8 CRITICAL)

EPSS: 0.08%

updated 2026-03-06T23:53:57

2 posts

### Summary An authorization bypass in tenant management endpoints of WeKnora application allows any authenticated user to read, modify, or delete any tenant by ID. Since account registration is open to the public, this vulnerability allows any unauthenticated attacker to register an account and subsequently exploit the system. This enables cross-tenant account takeover and destruction, making the

thehackerwire@mastodon.social at 2026-03-08T09:19:54.000Z ##

🟠 CVE-2026-30855 - High (8.8)

WeKnora is an LLM-powered framework designed for deep document understanding and semantic retrieval. Prior to version 0.3.2, an authorization bypass in tenant management endpoints of WeKnora application allows any authenticated user to read, modif...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-08T09:19:54.000Z ##

🟠 CVE-2026-30855 - High (8.8)

WeKnora is an LLM-powered framework designed for deep document understanding and semantic retrieval. Prior to version 0.3.2, an authorization bypass in tenant management endpoints of WeKnora application allows any authenticated user to read, modif...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-30851
(8.1 HIGH)

EPSS: 0.01%

updated 2026-03-06T23:38:45

2 posts

## Summary Caddy's `forward_auth` directive with `copy_headers` generates conditional header-set operations that only fire when the upstream auth service includes the named header in its response. No delete or remove operation is generated for the original client-supplied request header with the same name. When an auth service returns `200 OK` without one of the configured `copy_headers` headers

thehackerwire@mastodon.social at 2026-03-08T09:38:38.000Z ##

🟠 CVE-2026-30851 - High (8.1)

Caddy is an extensible server platform that uses TLS by default. From version 2.10.0 to before version 2.11.2, forward_auth copy_headers does not strip client-supplied headers, allowing identity injection and privilege escalation. This issue has b...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-08T09:38:38.000Z ##

🟠 CVE-2026-30851 - High (8.1)

Caddy is an extensible server platform that uses TLS by default. From version 2.10.0 to before version 2.11.2, forward_auth copy_headers does not strip client-supplied headers, allowing identity injection and privilege escalation. This issue has b...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-26017
(7.7 HIGH)

EPSS: 0.04%

updated 2026-03-06T22:43:40

1 posts

A logical vulnerability in CoreDNS allows DNS access controls to be bypassed due to the default execution order of plugins. Security plugins such as acl are evaluated before the rewrite plugin, resulting in a Time-of-Check Time-of-Use (TOCTOU) flaw. ### Impact In multi-tenant Kubernetes clusters, this flaw undermines DNS-based segmentation strategies. Example scenario: 1. ACL blocks access to

thehackerwire@mastodon.social at 2026-03-07T10:01:33.000Z ##

🟠 CVE-2026-26017 - High (7.7)

CoreDNS is a DNS server that chains plugins. Prior to version 1.14.2, a logical vulnerability in CoreDNS allows DNS access controls to be bypassed due to the default execution order of plugins. Security plugins such as acl are evaluated before the...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-45691
(7.5 HIGH)

EPSS: 0.05%

updated 2026-03-06T22:23:33

2 posts

An Arbitrary File Read vulnerability exists in the ImageTextPromptValue class in Exploding Gradients RAGAS v0.2.3 to v0.2.14. The vulnerability stems from improper validation and sanitization of URLs supplied in the retrieved_contexts parameter when handling multimodal inputs.

thehackerwire@mastodon.social at 2026-03-08T12:31:26.000Z ##

🟠 CVE-2025-45691 - High (7.5)

An Arbitrary File Read vulnerability exists in the ImageTextPromptValue class in Exploding Gradients RAGAS v0.2.3 to v0.2.14. The vulnerability stems from improper validation and sanitization of URLs supplied in the retrieved_contexts parameter wh...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-08T12:31:26.000Z ##

🟠 CVE-2025-45691 - High (7.5)

An Arbitrary File Read vulnerability exists in the ImageTextPromptValue class in Exploding Gradients RAGAS v0.2.3 to v0.2.14. The vulnerability stems from improper validation and sanitization of URLs supplied in the retrieved_contexts parameter wh...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-30823
(8.8 HIGH)

EPSS: 0.02%

updated 2026-03-06T22:20:51

1 posts

### Summary The Flowise platform has a critical Insecure Direct Object Reference (IDOR) vulnerability combined with a Business Logic Flaw in the PUT /api/v1/loginmethod endpoint. While the endpoint requires authentication, it fails to validate if the authenticated user has ownership or administrative rights over the target organizationId. This allows any low-privileged user (including "Free" plan

thehackerwire@mastodon.social at 2026-03-07T08:07:24.000Z ##

🟠 CVE-2026-30823 - High (8.8)

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.0.13, there is an IDOR vulnerability, leading to account takeover and enterprise feature bypass via SSO configuration. This issue has been ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-30822
(7.7 HIGH)

EPSS: 0.04%

updated 2026-03-06T22:19:14

2 posts

## Summary **A Mass Assignment vulnerability in the `/api/v1/leads` endpoint allows any unauthenticated user to control internal entity fields (`id`, `createdDate`, `chatId`) by including them in the request body.** The endpoint uses `Object.assign()` to copy all properties from the request body to the Lead entity without any input validation or field filtering. This allows attackers to bypass a

thehackerwire@mastodon.social at 2026-03-07T09:05:28.000Z ##

🟠 CVE-2026-30822 - High (7.7)

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.0.13, unauthenticated users can inject arbitrary values into internal database fields when creating leads. This issue has been patched in v...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-07T08:14:54.000Z ##

🟠 CVE-2026-30822 - High (7.7)

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.0.13, unauthenticated users can inject arbitrary values into internal database fields when creating leads. This issue has been patched in v...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-30832
(9.1 CRITICAL)

EPSS: 0.04%

updated 2026-03-06T22:16:02

4 posts

While auditing the codebase in the wake of the webhook SSRF fix shipped in v0.11.1 (GHSA-vwq2-jx9q-9h9f), it was identified that the LFS import path was never given the same treatment. The webhook fix introduced dual-layer SSRF protection — ValidateWebhookURL() at creation time and secureHTTPClient with IP validation at dial time — but the LFS HTTP client still uses http.DefaultClient with no filt

thehackerwire@mastodon.social at 2026-03-08T10:00:34.000Z ##

🔴 CVE-2026-30832 - Critical (9.1)

Soft Serve is a self-hostable Git server for the command line. From version 0.6.0 to before version 0.11.4, an authenticated SSH user can force the server to make HTTP requests to internal/private IP addresses by running repo import with a crafted...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

offseq at 2026-03-08T07:00:27.848Z ##

🔔 CRITICAL CVE-2026-30832: charmbracelet soft-serve (0.6.0 – 0.11.4) allows authenticated SSH users to exploit SSRF via repo import, exposing internal resources. Update to 0.11.4+ now. More: radar.offseq.com/threat/cve-20

##

thehackerwire@mastodon.social at 2026-03-08T10:00:34.000Z ##

🔴 CVE-2026-30832 - Critical (9.1)

Soft Serve is a self-hostable Git server for the command line. From version 0.6.0 to before version 0.11.4, an authenticated SSH user can force the server to make HTTP requests to internal/private IP addresses by running repo import with a crafted...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

offseq@infosec.exchange at 2026-03-08T07:00:27.000Z ##

🔔 CRITICAL CVE-2026-30832: charmbracelet soft-serve (0.6.0 – 0.11.4) allows authenticated SSH users to exploit SSRF via repo import, exposing internal resources. Update to 0.11.4+ now. More: radar.offseq.com/threat/cve-20 #OffSeq #SSRF #Vulnerability

##

CVE-2026-29064
(8.2 HIGH)

EPSS: 0.01%

updated 2026-03-06T22:10:52

1 posts

### Summary A path traversal vulnerability in archive extraction allows a specifically crafted Zarf package to create symlinks pointing outside the destination directory, enabling arbitrary file read or write on the system processing the package. ### What users should do Upgrade immediately to version v0.73.1 If developers cannot upgrade immediately, only process Zarf packages from fully truste

thehackerwire@mastodon.social at 2026-03-07T09:30:21.000Z ##

🟠 CVE-2026-29064 - High (8.2)

Zarf is an Airgap Native Packager Manager for Kubernetes. From version 0.54.0 to before version 0.73.1, a path traversal vulnerability in archive extraction allows a specifically crafted Zarf package to create symlinks pointing outside the destina...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-26018
(7.5 HIGH)

EPSS: 0.04%

updated 2026-03-06T22:08:22

1 posts

## Executive Summary A Denial of Service vulnerability exists in CoreDNS's loop detection plugin that allows an attacker to crash the DNS server by sending specially crafted DNS queries. The vulnerability stems from the use of a predictable pseudo-random number generator (PRNG) for generating a secret query name, combined with a fatal error handler that terminates the entire process. --- ## Tech

thehackerwire@mastodon.social at 2026-03-07T10:23:51.000Z ##

🟠 CVE-2026-26018 - High (7.5)

CoreDNS is a DNS server that chains plugins. Prior to version 1.14.2, a denial of service vulnerability exists in CoreDNS's loop detection plugin that allows an attacker to crash the DNS server by sending specially crafted DNS queries. The vulnera...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-29058
(9.8 CRITICAL)

EPSS: 0.10%

updated 2026-03-06T21:56:51

4 posts

## Impact An unauthenticated attacker can execute arbitrary OS commands on the server by injecting shell command substitution into the `base64Url` GET parameter. This can lead to full server compromise, data exfiltration (e.g., configuration secrets, internal keys, credentials), and service disruption. ## Root Cause The `base64Url` parameter is Base64-decoded and then interpolated directly into

beyondmachines1 at 2026-03-08T20:01:11.636Z ##

Critical Zero-Click Command Injection in AVideo Platform Allows Stream Hijacking

AVideo version 6.0 contains a critical zero-click command injection vulnerability (CVE-2026-29058) that allows unauthenticated attackers to execute arbitrary OS commands and hijack video streams.

**If you are using AVideo platform this is urgent and important. Patch ASAP to version 7.0, because your server will be attacked. Until you update today, use a web application firewall or reverse proxy to block access to the getImage.php component.**

beyondmachines.net/event_detai

##

beyondmachines1@infosec.exchange at 2026-03-08T20:01:11.000Z ##

Critical Zero-Click Command Injection in AVideo Platform Allows Stream Hijacking

AVideo version 6.0 contains a critical zero-click command injection vulnerability (CVE-2026-29058) that allows unauthenticated attackers to execute arbitrary OS commands and hijack video streams.

**If you are using AVideo platform this is urgent and important. Patch ASAP to version 7.0, because your server will be attacked. Until you update today, use a web application firewall or reverse proxy to block access to the getImage.php component.**
#cybersecurity #infosec #advisory #vulnerability
beyondmachines.net/event_detai

##

thehackerwire@mastodon.social at 2026-03-06T08:06:01.000Z ##

🔴 CVE-2026-29058 - Critical (9.8)

AVideo is a video-sharing Platform software. Prior to version 7.0, an unauthenticated attacker can execute arbitrary OS commands on the server by injecting shell command substitution into the base64Url GET parameter. This can lead to full server c...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

offseq@infosec.exchange at 2026-03-06T07:30:27.000Z ##

⚠️ CRITICAL OS command injection in WWBN AVideo-Encoder < 7.0 (CVE-2026-29058). Unauthenticated attackers can execute arbitrary commands, risking full server takeover. Patch to v7.0 ASAP! radar.offseq.com/threat/cve-20 #OffSeq #Vulnerability #CyberSecurity

##

CVE-2026-30227
(0 None)

EPSS: 0.80%

updated 2026-03-06T21:16:16.607000

2 posts

MimeKit is a C# library which may be used for the creation and parsing of messages using the Multipurpose Internet Mail Extension (MIME), as defined by numerous IETF specifications. Prior to version 4.15.1, a CRLF injection vulnerability in MimeKit allows an attacker to embed \r\n into the SMTP envelope address local-part (when the local-part is a quoted-string). This is non-compliant with RFC 532

secdb at 2026-03-09T00:01:23.710Z ##

📈 CVE Published in last 7 days (2026-03-02 - 2026-03-09)
See more at secdb.nttzen.cloud/dashboard

Total CVEs: 1428

Severity:
- Critical: 187
- High: 549
- Medium: 456
- Low: 43
- None: 193

Status:
- : 38
- Analyzed: 324
- Awaiting Analysis: 475
- Modified: 83
- Received: 445
- Rejected: 7
- Undergoing Analysis: 56

Top CNAs:
- GitHub, Inc.: 283
- Patchstack: 271
- MITRE: 128
- VulnCheck: 107
- VulDB: 85
- Wordfence: 74
- Android (associated with Google Inc. or Open Handset Alliance): 57
- Cisco Systems, Inc.: 50
- N/A: 38
- Acronis International GmbH: 23

Top Affected Products:
- UNKNOWN: 1003
- Google Android: 74
- Chamilo Lms: 25
- Dlink Dir-513 Firmware: 20
- Huawei Harmonyos: 18
- Qualcomm Qca6595au Firmware: 14
- Qualcomm Wcd9380 Firmware: 14
- Qualcomm Wcd9385 Firmware: 14
- Qualcomm Wsa8830 Firmware: 14
- Qualcomm Wsa8815 Firmware: 14

Top EPSS Score:
- CVE-2026-2256 - 1.80 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24105 - 1.29 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-25070 - 1.03 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-26478 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24101 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24107 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-30227 - 0.80 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2024-47886 - 0.75 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2025-14675 - 0.68 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2018-25181 - 0.57 % (secdb.nttzen.cloud/cve/detail/)

##

secdb@infosec.exchange at 2026-03-09T00:01:23.000Z ##

📈 CVE Published in last 7 days (2026-03-02 - 2026-03-09)
See more at secdb.nttzen.cloud/dashboard

Total CVEs: 1428

Severity:
- Critical: 187
- High: 549
- Medium: 456
- Low: 43
- None: 193

Status:
- : 38
- Analyzed: 324
- Awaiting Analysis: 475
- Modified: 83
- Received: 445
- Rejected: 7
- Undergoing Analysis: 56

Top CNAs:
- GitHub, Inc.: 283
- Patchstack: 271
- MITRE: 128
- VulnCheck: 107
- VulDB: 85
- Wordfence: 74
- Android (associated with Google Inc. or Open Handset Alliance): 57
- Cisco Systems, Inc.: 50
- N/A: 38
- Acronis International GmbH: 23

Top Affected Products:
- UNKNOWN: 1003
- Google Android: 74
- Chamilo Lms: 25
- Dlink Dir-513 Firmware: 20
- Huawei Harmonyos: 18
- Qualcomm Qca6595au Firmware: 14
- Qualcomm Wcd9380 Firmware: 14
- Qualcomm Wcd9385 Firmware: 14
- Qualcomm Wsa8830 Firmware: 14
- Qualcomm Wsa8815 Firmware: 14

Top EPSS Score:
- CVE-2026-2256 - 1.80 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24105 - 1.29 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-25070 - 1.03 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-26478 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24101 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24107 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-30227 - 0.80 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2024-47886 - 0.75 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2025-14675 - 0.68 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2018-25181 - 0.57 % (secdb.nttzen.cloud/cve/detail/)

##

CVE-2026-30223
(8.8 HIGH)

EPSS: 0.02%

updated 2026-03-06T21:16:16.113000

1 posts

OliveTin gives access to predefined shell commands from a web interface. Prior to version 3000.11.1, when JWT authentication is configured using either "authJwtPubKeyPath" (local RSA public key) or "authJwtHmacSecret" (HMAC secret), the configured audience value (authJwtAud) is not enforced during token parsing. As a result, validly signed JWT tokens with an incorrect aud claim are accepted for au

thehackerwire@mastodon.social at 2026-03-07T08:15:19.000Z ##

🟠 CVE-2026-30223 - High (8.8)

OliveTin gives access to predefined shell commands from a web interface. Prior to version 3000.11.1, when JWT authentication is configured using either "authJwtPubKeyPath" (local RSA public key) or "authJwtHmacSecret" (HMAC secret), the configured...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-29091
(8.1 HIGH)

EPSS: 0.25%

updated 2026-03-06T19:16:21.720000

1 posts

Locutus brings stdlibs of other programming languages to JavaScript for educational purposes. Prior to version 3.0.0, a remote code execution (RCE) flaw was discovered in the locutus project, specifically within the call_user_func_array function implementation. The vulnerability allows an attacker to inject arbitrary JavaScript code into the application's runtime environment. This issue stems from

thehackerwire@mastodon.social at 2026-03-07T08:15:39.000Z ##

🟠 CVE-2026-29091 - High (8.1)

Locutus brings stdlibs of other programming languages to JavaScript for educational purposes. Prior to version 3.0.0, a remote code execution (RCE) flaw was discovered in the locutus project, specifically within the call_user_func_array function i...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-30834
(7.5 HIGH)

EPSS: 0.03%

updated 2026-03-06T18:41:00

2 posts

# SSRF with Full Response Exfiltration via Download Handler ### Summary A Server-Side Request Forgery (SSRF) vulnerability in the `/download` endpoint allows any user with API access to induce the PinchTab server to make requests to arbitrary URLs, including internal network services and local system files, and exfiltrate the full response content. ### Details The `GET /download?url=<url>` handl

thehackerwire@mastodon.social at 2026-03-08T09:38:48.000Z ##

🟠 CVE-2026-30834 - High (7.5)

PinchTab is a standalone HTTP server that gives AI agents direct control over a Chrome browser. Prior to version 0.7.7, a Server-Side Request Forgery (SSRF) vulnerability in the /download endpoint allows any user with API access to induce the Pinc...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-08T09:38:48.000Z ##

🟠 CVE-2026-30834 - High (7.5)

PinchTab is a standalone HTTP server that gives AI agents direct control over a Chrome browser. Prior to version 0.7.7, a Server-Side Request Forgery (SSRF) vulnerability in the /download endpoint allows any user with API access to induce the Pinc...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-30827
(7.5 HIGH)

EPSS: 0.01%

updated 2026-03-06T18:36:57

1 posts

## Summary The default `keyGenerator` in express-rate-limit applies IPv6 subnet masking (`/56` by default) to all addresses that `net.isIPv6()` returns true for. This includes IPv4-mapped IPv6 addresses (`::ffff:x.x.x.x`), which Node.js returns as `request.ip` on dual-stack servers. Because the first 80 bits of all IPv4-mapped addresses are zero, a `/56` (or any `/32` to `/80`) subnet mask produ

thehackerwire@mastodon.social at 2026-03-07T08:07:34.000Z ##

🟠 CVE-2026-30827 - High (7.5)

express-rate-limit is a basic rate-limiting middleware for Express. In versions starting from 8.0.0 and prior to versions 8.0.2, 8.1.1, 8.2.2, and 8.3.0, the default keyGenerator in express-rate-limit applies IPv6 subnet masking (/56 by default) t...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28284
(8.8 HIGH)

EPSS: 0.03%

updated 2026-03-06T18:32:58.330000

2 posts

FreePBX is an open source IP PBX. Prior to versions 16.0.10 and 17.0.5, the FreePBX logfiles module contains several authenticated SQL injection vulnerabilities. This issue has been patched in versions 16.0.10 and 17.0.5.

thehackerwire@mastodon.social at 2026-03-07T16:00:20.000Z ##

🟠 CVE-2026-28284 - High (8.8)

FreePBX is an open source IP PBX. Prior to versions 16.0.10 and 17.0.5, the FreePBX logfiles module contains several authenticated SQL injection vulnerabilities. This issue has been patched in versions 16.0.10 and 17.0.5.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-07T16:00:20.000Z ##

🟠 CVE-2026-28284 - High (8.8)

FreePBX is an open source IP PBX. Prior to versions 16.0.10 and 17.0.5, the FreePBX logfiles module contains several authenticated SQL injection vulnerabilities. This issue has been patched in versions 16.0.10 and 17.0.5.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-2446
(9.8 CRITICAL)

EPSS: 0.07%

updated 2026-03-06T18:32:19

2 posts

The PowerPack for LearnDash WordPress plugin before 1.3.0 does not have authorization and CRSF checks in an AJAX action, allowing unauthenticated users to update arbitrary WordPress options (such as default_role etc) and create arbitrary admin users

thehackerwire@mastodon.social at 2026-03-07T11:17:16.000Z ##

🔴 CVE-2026-2446 - Critical (9.8)

The PowerPack for LearnDash WordPress plugin before 1.3.0 does not have authorization and CRSF checks in an AJAX action, allowing unauthenticated users to update arbitrary WordPress options (such as default_role etc) and create arbitrary admin users

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-07T11:17:16.000Z ##

🔴 CVE-2026-2446 - Critical (9.8)

The PowerPack for LearnDash WordPress plugin before 1.3.0 does not have authorization and CRSF checks in an AJAX action, allowing unauthenticated users to update arbitrary WordPress options (such as default_role etc) and create arbitrary admin users

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3589
(7.5 HIGH)

EPSS: 0.03%

updated 2026-03-06T18:16:22.450000

3 posts

The WooCommerce WordPress plugin from versions 5.4.0 to 10.5.2 does not properly handle batch requests, which could allow unauthenticated users to make a logged in admin call non store/WC REST endpoints, and create arbitrary admin users via a CSRF attack for example.

thehackerwire@mastodon.social at 2026-03-07T11:17:06.000Z ##

🟠 CVE-2026-3589 - High (7.5)

The WooCommerce WordPress plugin from versions 5.4.0 to 10.5.2 does not properly handle batch requests, which could allow unauthenticated users to make a logged in admin call non store/WC REST endpoints, and create arbitrary admin users via a CSRF...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-07T11:17:06.000Z ##

🟠 CVE-2026-3589 - High (7.5)

The WooCommerce WordPress plugin from versions 5.4.0 to 10.5.2 does not properly handle batch requests, which could allow unauthenticated users to make a logged in admin call non store/WC REST endpoints, and create arbitrary admin users via a CSRF...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

offseq@infosec.exchange at 2026-03-06T10:30:29.000Z ##

🚨 CVE-2026-3589: CRITICAL CSRF in WooCommerce (5.4.0 – 10.5.2) lets unauth users create admin accounts via REST API batch requests. Patch ASAP! Restrict API access & monitor for abuse. More: radar.offseq.com/threat/cve-20 #OffSeq #WooCommerce #WordPress #CSRF

##

CVE-2026-29087
(7.5 HIGH)

EPSS: 0.03%

updated 2026-03-06T18:16:19.757000

1 posts

@hono/node-server allows running the Hono application on Node.js. Prior to version 1.19.10, when using @hono/node-server's static file serving together with route-based middleware protections (e.g. protecting /admin/*), inconsistent URL decoding can allow protected static resources to be accessed without authorization. In particular, paths containing encoded slashes (%2F) may be evaluated differen

thehackerwire@mastodon.social at 2026-03-07T09:05:48.000Z ##

🟠 CVE-2026-29087 - High (7.5)

@Hono/node-server allows running the Hono application on Node.js. Prior to version 1.19.10, when using @Hono/node-server's static file serving together with route-based middleware protections (e.g. protecting /admin/*), inconsistent URL decoding c...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28789
(7.5 HIGH)

EPSS: 0.09%

updated 2026-03-06T18:16:19.300000

2 posts

OliveTin gives access to predefined shell commands from a web interface. Prior to version 3000.10.3, an unauthenticated denial-of-service vulnerability exists in OliveTin’s OAuth2 login flow. Concurrent requests to /oauth/login can trigger unsynchronized access to a shared registeredStates map, causing a Go runtime panic (fatal error: concurrent map writes) and process termination. This allows rem

thehackerwire@mastodon.social at 2026-03-07T14:00:38.000Z ##

🟠 CVE-2026-28789 - High (7.5)

OliveTin gives access to predefined shell commands from a web interface. Prior to version 3000.10.3, an unauthenticated denial-of-service vulnerability exists in OliveTin’s OAuth2 login flow. Concurrent requests to /oauth/login can trigger unsyn...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-07T14:00:38.000Z ##

🟠 CVE-2026-28789 - High (7.5)

OliveTin gives access to predefined shell commands from a web interface. Prior to version 3000.10.3, an unauthenticated denial-of-service vulnerability exists in OliveTin’s OAuth2 login flow. Concurrent requests to /oauth/login can trigger unsyn...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28514
(0 None)

EPSS: 0.11%

updated 2026-03-06T18:16:19.103000

1 posts

Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to versions 7.8.6, 7.9.8, 7.10.7, 7.11.4, 7.12.4, 7.13.3, and 8.0.0, a critical authentication bypass vulnerability exists in Rocket.Chat's account service used in the ddp-streamer micro service that allows an attacker to log in to the service as any user with a password set, using any arbitrary password. The

offseq@infosec.exchange at 2026-03-07T03:00:28.000Z ##

🚩 CRITICAL: CVE-2026-28514 in Rocket.Chat (<8.0.0) allows auth bypass via username-only login. Full account takeover possible! Patch now or restrict access + enable MFA. Details: radar.offseq.com/threat/cve-20 #OffSeq #RocketChat #Security #CVE202628514

##

CVE-2026-28342
(7.5 HIGH)

EPSS: 0.06%

updated 2026-03-06T18:16:17.907000

2 posts

OliveTin gives access to predefined shell commands from a web interface. Prior to version 3000.10.2, the PasswordHash API endpoint allows unauthenticated users to trigger excessive memory allocation by sending concurrent password hashing requests. By issuing multiple parallel requests, an attacker can exhaust available container memory, leading to service degradation or complete denial of service

thehackerwire@mastodon.social at 2026-03-07T15:00:26.000Z ##

🟠 CVE-2026-28342 - High (7.5)

OliveTin gives access to predefined shell commands from a web interface. Prior to version 3000.10.2, the PasswordHash API endpoint allows unauthenticated users to trigger excessive memory allocation by sending concurrent password hashing requests....

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-07T15:00:26.000Z ##

🟠 CVE-2026-28342 - High (7.5)

OliveTin gives access to predefined shell commands from a web interface. Prior to version 3000.10.2, the PasswordHash API endpoint allows unauthenticated users to trigger excessive memory allocation by sending concurrent password hashing requests....

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-70230
(9.8 CRITICAL)

EPSS: 0.06%

updated 2026-03-06T17:37:58.670000

2 posts

Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetDDNS.

thehackerwire@mastodon.social at 2026-03-08T13:00:15.000Z ##

🔴 CVE-2025-70230 - Critical (9.8)

Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetDDNS.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-08T13:00:15.000Z ##

🔴 CVE-2025-70230 - Critical (9.8)

Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetDDNS.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-70231
(9.8 CRITICAL)

EPSS: 0.08%

updated 2026-03-06T17:37:30.923000

2 posts

D-Link DIR-513 version 1.10 contains a critical-level vulnerability. When processing POST requests related to verification codes in /goform/formLogin, it enters /goform/getAuthCode but fails to filter the value of the FILECODE parameter, resulting in a path traversal vulnerability.

thehackerwire@mastodon.social at 2026-03-08T13:00:27.000Z ##

🔴 CVE-2025-70231 - Critical (9.8)

D-Link DIR-513 version 1.10 contains a critical-level vulnerability. When processing POST requests related to verification codes in /goform/formLogin, it enters /goform/getAuthCode but fails to filter the value of the FILECODE parameter, resulting...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-08T13:00:27.000Z ##

🔴 CVE-2025-70231 - Critical (9.8)

D-Link DIR-513 version 1.10 contains a critical-level vulnerability. When processing POST requests related to verification codes in /goform/formLogin, it enters /goform/getAuthCode but fails to filter the value of the FILECODE parameter, resulting...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-70232
(9.8 CRITICAL)

EPSS: 0.06%

updated 2026-03-06T17:36:58.860000

2 posts

Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetMACFilter.

thehackerwire@mastodon.social at 2026-03-08T12:00:44.000Z ##

🔴 CVE-2025-70232 - Critical (9.8)

Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetMACFilter.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-08T12:00:44.000Z ##

🔴 CVE-2025-70232 - Critical (9.8)

Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetMACFilter.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-29611
(7.5 HIGH)

EPSS: 0.03%

updated 2026-03-06T17:16:35.073000

2 posts

OpenClaw versions prior to 2026.2.14 contain a local file inclusion vulnerability in BlueBubbles extension (must be installed and enabled) media path handling that allows attackers to read arbitrary files from the local filesystem. The sendBlueBubblesMedia function fails to validate mediaPath parameters against an allowlist, enabling attackers to request sensitive files like /etc/passwd and exfilt

thehackerwire@mastodon.social at 2026-03-07T12:01:15.000Z ##

🟠 CVE-2026-29611 - High (7.5)

OpenClaw versions prior to 2026.2.14 contain a local file inclusion vulnerability in BlueBubbles extension (must be installed and enabled) media path handling that allows attackers to read arbitrary files from the local filesystem. The sendBlueBub...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-07T12:01:15.000Z ##

🟠 CVE-2026-29611 - High (7.5)

OpenClaw versions prior to 2026.2.14 contain a local file inclusion vulnerability in BlueBubbles extension (must be installed and enabled) media path handling that allows attackers to read arbitrary files from the local filesystem. The sendBlueBub...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-29610
(8.8 HIGH)

EPSS: 0.07%

updated 2026-03-06T17:16:34.833000

1 posts

OpenClaw versions prior to 2026.2.14 contain a command hijacking vulnerability that allows attackers to execute unintended binaries by manipulating PATH environment variables through node-host execution or project-local bootstrapping. Attackers with authenticated access to node-host execution surfaces or those running OpenClaw in attacker-controlled directories can place malicious executables in P

thehackerwire@mastodon.social at 2026-03-06T09:00:36.000Z ##

🟠 CVE-2026-29610 - High (7.8)

OpenClaw versions prior to 2026.2.14 contain a command hijacking vulnerability that allows attackers to execute unintended binaries by manipulating PATH environment variables through node-host execution or project-local bootstrapping. Attackers wi...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-29075
(8.3 HIGH)

EPSS: 0.07%

updated 2026-03-06T17:16:34.167000

1 posts

Mesa is an open-source Python library for agent-based modeling, simulating complex systems and exploring emergent behaviors. In version 3.5.0 and prior, checking out of untrusted code in benchmarks.yml workflow may lead to code execution in privileged runner. This issue has been patched via commit c35b8cd.

thehackerwire@mastodon.social at 2026-03-07T09:30:32.000Z ##

🟠 CVE-2026-29075 - High (8.3)

Mesa is an open-source Python library for agent-based modeling, simulating complex systems and exploring emergent behaviors. In version 3.5.0 and prior, checking out of untrusted code in benchmarks.yml workflow may lead to code execution in privil...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28484
(0 None)

EPSS: 0.00%

updated 2026-03-06T17:16:32.923000

1 posts

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

thehackerwire@mastodon.social at 2026-03-06T10:00:04.000Z ##

🔴 CVE-2026-28484 - Critical (9.8)

OpenClaw versions prior to 2026.2.15 contain an option injection vulnerability in the git-hooks/pre-commit hook that allows attackers to stage ignored files by creating maliciously-named files beginning with dashes. The hook fails to use a -- sepa...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28476
(8.3 HIGH)

EPSS: 0.06%

updated 2026-03-06T17:16:32.163000

2 posts

OpenClaw versions prior to 2026.2.14 contain a server-side request forgery vulnerability in the optional Tlon Urbit extension that accepts user-provided base URLs for authentication without proper validation. Attackers who can influence the configured Urbit URL can induce the gateway to make HTTP requests to arbitrary hosts including internal addresses.

thehackerwire@mastodon.social at 2026-03-07T12:01:27.000Z ##

🟠 CVE-2026-28476 - High (8.3)

OpenClaw versions prior to 2026.2.14 contain a server-side request forgery vulnerability in the optional Tlon Urbit extension that accepts user-provided base URLs for authentication without proper validation. Attackers who can influence the config...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-07T12:01:27.000Z ##

🟠 CVE-2026-28476 - High (8.3)

OpenClaw versions prior to 2026.2.14 contain a server-side request forgery vulnerability in the optional Tlon Urbit extension that accepts user-provided base URLs for authentication without proper validation. Attackers who can influence the config...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28473
(8.1 HIGH)

EPSS: 0.03%

updated 2026-03-06T17:16:31.973000

1 posts

OpenClaw versions prior to 2026.2.2 contain an authorization bypass vulnerability where clients with operator.write scope can approve or deny exec approval requests by sending the /approve chat command. The /approve command path invokes exec.approval.resolve through an internal privileged gateway client, bypassing the operator.approvals permission check that protects direct RPC calls.

thehackerwire@mastodon.social at 2026-03-06T10:16:03.000Z ##

🔴 CVE-2026-28473 - Critical (9.8)

OpenClaw versions prior to 2026.2.2 contain an authorization bypass vulnerability where clients with operator.write scope can approve or deny exec approval requests by sending the /approve chat command. The /approve command path invokes exec.appro...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28464
(5.9 MEDIUM)

EPSS: 0.09%

updated 2026-03-06T17:16:30.390000

1 posts

OpenClaw versions prior to 2026.2.12 use non-constant-time string comparison for hook token validation, allowing attackers to infer tokens through timing measurements. Remote attackers with network access to the hooks endpoint can exploit timing side-channels across multiple requests to gradually determine the authentication token.

thehackerwire@mastodon.social at 2026-03-06T10:55:21.000Z ##

🔴 CVE-2026-28464 - Critical (9.8)

OpenClaw versions prior to 2026.2.12 use non-constant-time string comparison for hook token validation, allowing attackers to infer tokens through timing measurements. Remote attackers with network access to the hooks endpoint can exploit timing s...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28458
(8.1 HIGH)

EPSS: 0.05%

updated 2026-03-06T17:16:30

1 posts

OpenClaw version 2026.1.20 prior to 2026.2.1 contains a vulnerability in the Browser Relay (extension must be installed and enabled) /cdp WebSocket endpoint in which it does not require authentication tokens, allowing websites to connect via loopback and access sensitive data. Attackers can exploit this by connecting to ws://127.0.0.1:18792/cdp to steal session cookies and execute JavaScript in ot

thehackerwire@mastodon.social at 2026-03-06T11:01:36.000Z ##

🟠 CVE-2026-28458 - High (7.5)

OpenClaw version 2026.1.20 prior to 2026.2.1 contains a vulnerability in the Browser Relay (extension must be installed and enabled) /cdp WebSocket endpoint in which it does not require authentication tokens, allowing websites to connect via loopb...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28447
(8.1 HIGH)

EPSS: 0.03%

updated 2026-03-06T17:16:28.550000

1 posts

OpenClaw versions 2026.1.29-beta.1 prior to 2026.2.1 contain a path traversal vulnerability in plugin installation that allows malicious plugin package names to escape the extensions directory. Attackers can craft scoped package names containing path traversal sequences like .. to write files outside the intended installation directory when victims run the plugins install command.

thehackerwire@mastodon.social at 2026-03-06T11:20:42.000Z ##

🟠 CVE-2026-28447 - High (7.5)

OpenClaw versions 2026.1.29-beta.1 prior to 2026.2.1 contain a path traversal vulnerability in plugin installation that allows malicious plugin package names to escape the extensions directory. Attackers can craft scoped package names containing p...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28442
(8.5 HIGH)

EPSS: 0.04%

updated 2026-03-06T17:16:28.200000

2 posts

ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI. In version 1.5.2-beta3, users are restricted from deleting internal system files or folders through the application interface. However, when interacting directly with the API, these restrictions can be bypassed. By altering the path parameter in the delete request, internal OS files and directories can b

thehackerwire@mastodon.social at 2026-03-07T12:06:33.000Z ##

🟠 CVE-2026-28442 - High (8.5)

ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI. In version 1.5.2-beta3, users are restricted from deleting internal system files or folders through the application interface. However, when interacting...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-07T12:06:33.000Z ##

🟠 CVE-2026-28442 - High (8.5)

ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI. In version 1.5.2-beta3, users are restricted from deleting internal system files or folders through the application interface. However, when interacting...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28393
(7.7 HIGH)

EPSS: 0.01%

updated 2026-03-06T17:16:27.817000

1 posts

OpenClaw versions 2.0.0-beta3 prior to 2026.2.14 contain a path traversal vulnerability in hook transform module loading that allows arbitrary JavaScript execution. The hooks.mappings[].transform.module parameter accepts absolute paths and traversal sequences, enabling attackers with configuration write access to load and execute malicious modules with gateway process privileges.

thehackerwire@mastodon.social at 2026-03-06T11:47:54.000Z ##

🟠 CVE-2026-28393 - High (7.5)

OpenClaw versions 2.0.0-beta3 prior to 2026.2.14 contain a path traversal vulnerability in hook transform module loading that allows arbitrary JavaScript execution. The hooks.mappings[].transform.module parameter accepts absolute paths and travers...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-0848
(10.0 CRITICAL)

EPSS: 0.41%

updated 2026-03-06T17:16:25.273000

2 posts

NLTK versions <=3.9.2 are vulnerable to arbitrary code execution due to improper input validation in the StanfordSegmenter module. The module dynamically loads external Java .jar files without verification or sandboxing. An attacker can supply or replace the JAR file, enabling the execution of arbitrary Java bytecode at import time. This vulnerability can be exploited through methods such as model

thehackerwire@mastodon.social at 2026-03-07T12:06:53.000Z ##

🔴 CVE-2026-0848 - Critical (10)

NLTK versions &lt;=3.9.2 are vulnerable to arbitrary code execution due to improper input validation in the StanfordSegmenter module. The module dynamically loads external Java .jar files without verification or sandboxing. An attacker can supply ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-07T12:06:53.000Z ##

🔴 CVE-2026-0848 - Critical (10)

NLTK versions &lt;=3.9.2 are vulnerable to arbitrary code execution due to improper input validation in the StanfordSegmenter module. The module dynamically loads external Java .jar files without verification or sandboxing. An attacker can supply ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-26288
(9.4 CRITICAL)

EPSS: 0.07%

updated 2026-03-06T16:16:10.723000

2 posts

WebSocket endpoints lack proper authentication mechanisms, enabling attackers to perform unauthorized station impersonation and manipulate data sent to the backend. An unauthenticated attacker can connect to the OCPP WebSocket endpoint using a known or discovered charging station identifier, then issue or receive OCPP commands as a legitimate charger. Given that no authentication is required, this

thehackerwire@mastodon.social at 2026-03-07T10:24:01.000Z ##

🔴 CVE-2026-26288 - Critical (9.4)

WebSocket endpoints lack proper authentication mechanisms, enabling attackers to perform unauthorized station impersonation and manipulate data sent to the backend. An unauthenticated attacker can connect to the OCPP WebSocket endpoint using a kno...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

offseq@infosec.exchange at 2026-03-07T04:30:31.000Z ##

🚨 CRITICAL: CVE-2026-26288 in Everon api.everon.io (all versions) allows unauthenticated WebSocket access — attackers can impersonate charging stations & control backend data. Restrict access & implement auth now! radar.offseq.com/threat/cve-20 #OffSeq #Cybersecurity #EVCharging #CVE

##

CVE-2026-24696
(7.5 HIGH)

EPSS: 0.05%

updated 2026-03-06T16:16:10.193000

1 posts

The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks by suppressing or mis-routing legitimate charger telemetry, or conduct brute-force attacks to gain unauthorized access.

thehackerwire@mastodon.social at 2026-03-07T10:01:21.000Z ##

🟠 CVE-2026-24696 - High (7.5)

The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks by suppressing or mis-routing legitimate charger ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-20882
(7.5 HIGH)

EPSS: 0.06%

updated 2026-03-06T16:16:09.913000

1 posts

The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks by suppressing or mis-routing legitimate charger telemetry, or conduct brute-force attacks to gain unauthorized access.

thehackerwire@mastodon.social at 2026-03-07T10:24:10.000Z ##

🟠 CVE-2026-20882 - High (7.5)

The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks by suppressing or mis-routing legitimate charger ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-29000
(10.0 CRITICAL)

EPSS: 0.24%

updated 2026-03-06T15:41:57

1 posts

pac4j-jwt versions prior to 4.5.9, 5.7.9, and 6.3.3 contain an authentication bypass vulnerability in JwtAuthenticator when processing encrypted JWTs that allows remote attackers to forge authentication tokens. Attackers who possess the server's RSA public key can create a JWE-wrapped PlainJWT with arbitrary subject and role claims, bypassing signature verification to authenticate as any user incl

1 repos

https://github.com/kernelzeroday/CVE-2026-29000

beyondmachines1@infosec.exchange at 2026-03-06T09:01:12.000Z ##

Critical Authentication Bypass in pac4j-jwt Library Allows Full User Impersonation

A critical authentication bypass vulnerability (CVE-2026-29000) in the pac4j-jwt Java library allows attackers to impersonate any user by forging encrypted but unsigned tokens. The flaw is caused by a logic error in JwtAuthenticator that skips signature verification when a token is wrapped in an RSA-encrypted envelope.

**If your Java applications use pac4j-jwt, this is urgent! Update to the latest patched versions immediately because there is no practical way to hide your app from the internet, and the exploit is trivial - it will be exploited in a matter of days.**
#cybersecurity #infosec #advisory #vulnerability
beyondmachines.net/event_detai

##

CVE-2026-26051
(9.4 CRITICAL)

EPSS: 0.10%

updated 2026-03-06T15:31:36

2 posts

WebSocket endpoints lack proper authentication mechanisms, enabling attackers to perform unauthorized station impersonation and manipulate data sent to the backend. An unauthenticated attacker can connect to the OCPP WebSocket endpoint using a known or discovered charging station identifier, then issue or receive OCPP commands as a legitimate charger. Given that no authentication is required, this

thehackerwire@mastodon.social at 2026-03-07T11:00:37.000Z ##

🔴 CVE-2026-26051 - Critical (9.4)

WebSocket endpoints lack proper authentication mechanisms, enabling attackers to perform unauthorized station impersonation and manipulate data sent to the backend. An unauthenticated attacker can connect to the OCPP WebSocket endpoint using a kno...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

offseq@infosec.exchange at 2026-03-07T06:00:28.000Z ##

⚠️ CVE-2026-26051 (CRITICAL, CVSS 9.4) in Mobiliti e-mobi.hu: Unauthenticated OCPP WebSocket endpoints allow charging station impersonation + backend manipulation. Enforce strong auth & monitor now. radar.offseq.com/threat/cve-20 #OffSeq #CVE202626051 #EVsecurity

##

CVE-2026-2753
(7.5 HIGH)

EPSS: 0.07%

updated 2026-03-06T15:31:36

1 posts

An Absolute Path Traversal vulnerability exists in Navtor NavBox. The application exposes an HTTP service that fails to properly sanitize user-supplied path input. Unauthenticated remote attackers can exploit this issue by submitting requests containing absolute filesystem paths. Successful exploitation allows the attacker to retrieve arbitrary files from the underlying filesystem, limited only by

thehackerwire@mastodon.social at 2026-03-07T11:00:15.000Z ##

🟠 CVE-2026-2753 - High (7.5)

An Absolute Path Traversal vulnerability exists in Navtor NavBox. The application exposes an HTTP service that fails to properly sanitize user-supplied path input. Unauthenticated remote attackers can exploit this issue by submitting requests cont...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28794(CVSS UNKNOWN)

EPSS: 0.32%

updated 2026-03-06T15:16:22

1 posts

### Summary A critical Prototype Pollution vulnerability exists in the RPC JSON deserializer of the `@orpc/client` package. The vulnerability allows unauthenticated, remote attackers to inject arbitrary properties into the global `Object.prototype`. Because this pollution persists for the lifetime of the Node.js process and affects all objects, it can lead to severe security breaches, including au

offseq@infosec.exchange at 2026-03-06T06:00:27.000Z ##

🚨 CRITICAL: CVE-2026-28794 in @orpc/client (<1.13.6) allows unauthenticated prototype pollution via RPC JSON deserializer. Risks: auth bypass, DoS, RCE. Patch to 1.13.6+ ASAP! radar.offseq.com/threat/cve-20 #OffSeq #NodeJS #CVE202628794 #infosec

##

CVE-2026-28787
(8.2 HIGH)

EPSS: 0.05%

updated 2026-03-06T15:16:16

3 posts

### Summary The WebAuthn authentication implementation does not store the challenge on the server side. Instead, the challenge is returned to the client and accepted back from the client request body during verification. This violates the WebAuthn specification ([W3C Web Authentication Level 2, §13.4.3](https://www.w3.org/TR/webauthn-2/#sctn-cryptographic-challenges)) and allows an attacker who h

thehackerwire@mastodon.social at 2026-03-06T08:09:18.000Z ##

🟠 CVE-2026-28787 - High (8.2)

OneUptime is a solution for monitoring and managing online services. In version 10.0.11 and prior, the WebAuthn authentication implementation does not store the challenge on the server side. Instead, the challenge is returned to the client and acc...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-06T08:09:03.000Z ##

🟠 CVE-2026-28787 - High (8.2)

OneUptime is a solution for monitoring and managing online services. In version 10.0.11 and prior, the WebAuthn authentication implementation does not store the challenge on the server side. Instead, the challenge is returned to the client and acc...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-06T08:06:35.000Z ##

🟠 CVE-2026-28787 - High (8.2)

OneUptime is a solution for monitoring and managing online services. In version 10.0.11 and prior, the WebAuthn authentication implementation does not store the challenge on the server side. Instead, the challenge is returned to the client and acc...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-2754
(7.5 HIGH)

EPSS: 0.04%

updated 2026-03-06T15:16:11.320000

1 posts

Navtor NavBox exposes sensitive configuration and operational data due to missing authentication on HTTP API endpoints. An unauthenticated remote attacker with network access to the device can execute HTTP GET requests to TCP port 8080 to retrieve internal network parameters including ECDIS & OT Information, device identifiers, and service status logs.

thehackerwire@mastodon.social at 2026-03-07T11:00:27.000Z ##

🟠 CVE-2026-2754 - High (7.5)

Navtor NavBox exposes sensitive configuration and operational data due to missing authentication on HTTP API endpoints. An unauthenticated remote attacker with network access to the device can execute HTTP GET requests to TCP port 8080 to retrieve...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-29093
(8.1 HIGH)

EPSS: 0.05%

updated 2026-03-06T14:24:08

1 posts

## Summary The official `docker-compose.yml` publishes the memcached service on host port 11211 (`0.0.0.0:11211`) with no authentication, while the Dockerfile configures PHP to store all user sessions in that memcached instance. An attacker who can reach port 11211 can read, modify, or flush session data — enabling session hijacking, admin impersonation, and mass session destruction without any ap

thehackerwire@mastodon.social at 2026-03-06T08:10:26.000Z ##

🟠 CVE-2026-29093 - High (8.1)

WWBN AVideo is an open source video platform. Prior to version 24.0, the official docker-compose.yml publishes the memcached service on host port 11211 (0.0.0.0:11211) with no authentication, while the Dockerfile configures PHP to store all user s...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-25921
(9.3 CRITICAL)

EPSS: 0.02%

updated 2026-03-06T14:02:02.117000

2 posts

Gogs is an open source self-hosted Git service. Prior to version 0.14.2, overwritable LFS object across different repos leads to supply-chain attack, all LFS objects are vulnerable to be maliciously overwritten by malicious attackers. This issue has been patched in version 0.14.2.

thehackerwire@mastodon.social at 2026-03-08T11:00:40.000Z ##

🔴 CVE-2026-25921 - Critical (9.3)

Gogs is an open source self-hosted Git service. Prior to version 0.14.2, overwritable LFS object across different repos leads to supply-chain attack, all LFS objects are vulnerable to be maliciously overwritten by malicious attackers. This issue h...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-08T11:00:40.000Z ##

🔴 CVE-2026-25921 - Critical (9.3)

Gogs is an open source self-hosted Git service. Prior to version 0.14.2, overwritable LFS object across different repos leads to supply-chain attack, all LFS objects are vulnerable to be maliciously overwritten by malicious attackers. This issue h...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2021-30952
(7.8 HIGH)

EPSS: 1.51%

updated 2026-03-06T13:44:17.940000

4 posts

An integer overflow was addressed with improved input validation. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution.

secdb@infosec.exchange at 2026-03-05T22:00:22.000Z ##

🚨 [CISA-2026:0305] CISA Adds 5 Known Exploited Vulnerabilities to Catalog (secdb.nttzen.cloud/security-ad)

CISA has added 5 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

⚠️ CVE-2017-7921 (secdb.nttzen.cloud/cve/detail/)
- Name: Hikvision Multiple Products Improper Authentication Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Hikvision
- Product: Multiple Products
- Notes: hikvision.com/us-en/support/do ; nvd.nist.gov/vuln/detail/CVE-2

⚠️ CVE-2021-22681 (secdb.nttzen.cloud/cve/detail/)
- Name: Rockwell Multiple Products Insufficient Protected Credentials Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Rockwell
- Product: Multiple Products
- Notes: support.rockwellautomation.com ; cisa.gov/news-events/ics-advis ; nvd.nist.gov/vuln/detail/CVE-2

⚠️ CVE-2021-30952 (secdb.nttzen.cloud/cve/detail/)
- Name: Apple Multiple Products Integer Overflow or Wraparound Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Apple
- Product: Multiple Products
- Notes: support.apple.com/en-us/HT2129 ; support.apple.com/en-us/HT2129 ; support.apple.com/en-us/HT2129 ; support.apple.com/en-us/HT2129 ; support.apple.com/en-us/HT2129 ; nvd.nist.gov/vuln/detail/CVE-2

⚠️ CVE-2023-41974 (secdb.nttzen.cloud/cve/detail/)
- Name: Apple iOS and iPadOS Use-After-Free Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Apple
- Product: iOS and iPadOS
- Notes: support.apple.com/en-us/HT2139 ; support.apple.com/kb/HT213938 ; nvd.nist.gov/vuln/detail/CVE-2

⚠️ CVE-2023-43000 (secdb.nttzen.cloud/cve/detail/)
- Name: Apple Multiple products Use-After-Free Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Apple
- Product: Multiple Products
- Notes: support.apple.com/en-us/120324 ; support.apple.com/en-us/120331 ; support.apple.com/en-us/120338 ; nvd.nist.gov/vuln/detail/CVE-2

#SecDB #InfoSec #CVE #CISA_KEV #cisa_20260305 #cisa20260305 #cve_2017_7921 #cve_2021_22681 #cve_2021_30952 #cve_2023_41974 #cve_2023_43000 #cve20177921 #cve202122681 #cve202130952 #cve202341974 #cve202343000

##

cisakevtracker@mastodon.social at 2026-03-05T20:01:56.000Z ##

CVE ID: CVE-2021-30952
Vendor: Apple
Product: Multiple Products
Date Added: 2026-03-05
Notes: support.apple.com/en-us/HT2129 ; support.apple.com/en-us/HT2129 ; support.apple.com/en-us/HT2129 ; support.apple.com/en-us/HT2129 ; support.apple.com/en-us/HT2129 ; nvd.nist.gov/vuln/detail/CVE-2
CVE URL: nvd.nist.gov/vuln/detail/CVE-2

##

k3ym0@infosec.exchange at 2026-03-05T19:30:15.000Z ##

CISA Adds Five Known Exploited Vulnerabilities to Catalog
03/05/2026 02:30 PM EST

CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.

  • CVE-2017-7921 Hikvision Multiple Products Improper Authentication Vulnerability
  • CVE-2021-22681 Rockwell Multiple Products Insufficient Protected Credentials Vulnerability
  • CVE-2021-30952 Apple Multiple Products Integer Overflow or Wraparound Vulnerability
  • CVE-2023-41974 Apple iOS and iPadOS Use-After-Free Vulnerability
  • CVE-2023-43000 Apple Multiple products Use-After-Free Vulnerability

THREE Apple CVE's added to CISA KEV.

Patch your shit, people.

##

AAKL@infosec.exchange at 2026-03-05T19:21:28.000Z ##

CISA has updated the KEV catalogue. Apple posted its security advisories yesterday: support.apple.com/en-us/100100

- CVE-2023-41974L Apple iOS and iPadOS Use-After-Free Vulnerability cve.org/CVERecord?id=CVE-2023-

- CVE-2021-30952L Apple Multiple Products Integer Overflow or Wraparound Vulnerability cve.org/CVERecord?id=CVE-2021-

- CVE-2023-43000: Apple Multiple products Use-After-Free Vulnerability cve.org/CVERecord?id=CVE-2023-

Several industrial advisories: cisa.gov/ #CISA #vulnerability #infosec #Apple

##

CVE-2021-22681
(9.8 CRITICAL)

EPSS: 15.43%

updated 2026-03-06T13:44:06.370000

3 posts

Rockwell Automation Studio 5000 Logix Designer Versions 21 and later, and RSLogix 5000 Versions 16 through 20 use a key to verify Logix controllers are communicating with Rockwell Automation CompactLogix 1768, 1769, 5370, 5380, 5480: ControlLogix 5550, 5560, 5570, 5580; DriveLogix 5560, 5730, 1794-L34; Compact GuardLogix 5370, 5380; GuardLogix 5570, 5580; SoftLogix 5800. Rockwell Automation Studio

secdb@infosec.exchange at 2026-03-05T22:00:22.000Z ##

🚨 [CISA-2026:0305] CISA Adds 5 Known Exploited Vulnerabilities to Catalog (secdb.nttzen.cloud/security-ad)

CISA has added 5 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

⚠️ CVE-2017-7921 (secdb.nttzen.cloud/cve/detail/)
- Name: Hikvision Multiple Products Improper Authentication Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Hikvision
- Product: Multiple Products
- Notes: hikvision.com/us-en/support/do ; nvd.nist.gov/vuln/detail/CVE-2

⚠️ CVE-2021-22681 (secdb.nttzen.cloud/cve/detail/)
- Name: Rockwell Multiple Products Insufficient Protected Credentials Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Rockwell
- Product: Multiple Products
- Notes: support.rockwellautomation.com ; cisa.gov/news-events/ics-advis ; nvd.nist.gov/vuln/detail/CVE-2

⚠️ CVE-2021-30952 (secdb.nttzen.cloud/cve/detail/)
- Name: Apple Multiple Products Integer Overflow or Wraparound Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Apple
- Product: Multiple Products
- Notes: support.apple.com/en-us/HT2129 ; support.apple.com/en-us/HT2129 ; support.apple.com/en-us/HT2129 ; support.apple.com/en-us/HT2129 ; support.apple.com/en-us/HT2129 ; nvd.nist.gov/vuln/detail/CVE-2

⚠️ CVE-2023-41974 (secdb.nttzen.cloud/cve/detail/)
- Name: Apple iOS and iPadOS Use-After-Free Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Apple
- Product: iOS and iPadOS
- Notes: support.apple.com/en-us/HT2139 ; support.apple.com/kb/HT213938 ; nvd.nist.gov/vuln/detail/CVE-2

⚠️ CVE-2023-43000 (secdb.nttzen.cloud/cve/detail/)
- Name: Apple Multiple products Use-After-Free Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Apple
- Product: Multiple Products
- Notes: support.apple.com/en-us/120324 ; support.apple.com/en-us/120331 ; support.apple.com/en-us/120338 ; nvd.nist.gov/vuln/detail/CVE-2

#SecDB #InfoSec #CVE #CISA_KEV #cisa_20260305 #cisa20260305 #cve_2017_7921 #cve_2021_22681 #cve_2021_30952 #cve_2023_41974 #cve_2023_43000 #cve20177921 #cve202122681 #cve202130952 #cve202341974 #cve202343000

##

cisakevtracker@mastodon.social at 2026-03-05T20:01:26.000Z ##

CVE ID: CVE-2021-22681
Vendor: Rockwell
Product: Multiple Products
Date Added: 2026-03-05
Notes: support.rockwellautomation.com ; cisa.gov/news-events/ics-advis ; nvd.nist.gov/vuln/detail/CVE-2
CVE URL: nvd.nist.gov/vuln/detail/CVE-2

##

k3ym0@infosec.exchange at 2026-03-05T19:30:15.000Z ##

CISA Adds Five Known Exploited Vulnerabilities to Catalog
03/05/2026 02:30 PM EST

CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.

  • CVE-2017-7921 Hikvision Multiple Products Improper Authentication Vulnerability
  • CVE-2021-22681 Rockwell Multiple Products Insufficient Protected Credentials Vulnerability
  • CVE-2021-30952 Apple Multiple Products Integer Overflow or Wraparound Vulnerability
  • CVE-2023-41974 Apple iOS and iPadOS Use-After-Free Vulnerability
  • CVE-2023-43000 Apple Multiple products Use-After-Free Vulnerability

THREE Apple CVE's added to CISA KEV.

Patch your shit, people.

##

CVE-2018-25181
(7.5 HIGH)

EPSS: 0.57%

updated 2026-03-06T13:16:00.447000

2 posts

Musicco 2.0.0 contains a path traversal vulnerability that allows unauthenticated attackers to download arbitrary directories by manipulating the parent parameter. Attackers can supply directory traversal sequences in the parent parameter of the getAlbum endpoint to access sensitive system directories and download them as ZIP files.

secdb at 2026-03-09T00:01:23.710Z ##

📈 CVE Published in last 7 days (2026-03-02 - 2026-03-09)
See more at secdb.nttzen.cloud/dashboard

Total CVEs: 1428

Severity:
- Critical: 187
- High: 549
- Medium: 456
- Low: 43
- None: 193

Status:
- : 38
- Analyzed: 324
- Awaiting Analysis: 475
- Modified: 83
- Received: 445
- Rejected: 7
- Undergoing Analysis: 56

Top CNAs:
- GitHub, Inc.: 283
- Patchstack: 271
- MITRE: 128
- VulnCheck: 107
- VulDB: 85
- Wordfence: 74
- Android (associated with Google Inc. or Open Handset Alliance): 57
- Cisco Systems, Inc.: 50
- N/A: 38
- Acronis International GmbH: 23

Top Affected Products:
- UNKNOWN: 1003
- Google Android: 74
- Chamilo Lms: 25
- Dlink Dir-513 Firmware: 20
- Huawei Harmonyos: 18
- Qualcomm Qca6595au Firmware: 14
- Qualcomm Wcd9380 Firmware: 14
- Qualcomm Wcd9385 Firmware: 14
- Qualcomm Wsa8830 Firmware: 14
- Qualcomm Wsa8815 Firmware: 14

Top EPSS Score:
- CVE-2026-2256 - 1.80 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24105 - 1.29 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-25070 - 1.03 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-26478 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24101 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24107 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-30227 - 0.80 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2024-47886 - 0.75 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2025-14675 - 0.68 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2018-25181 - 0.57 % (secdb.nttzen.cloud/cve/detail/)

##

secdb@infosec.exchange at 2026-03-09T00:01:23.000Z ##

📈 CVE Published in last 7 days (2026-03-02 - 2026-03-09)
See more at secdb.nttzen.cloud/dashboard

Total CVEs: 1428

Severity:
- Critical: 187
- High: 549
- Medium: 456
- Low: 43
- None: 193

Status:
- : 38
- Analyzed: 324
- Awaiting Analysis: 475
- Modified: 83
- Received: 445
- Rejected: 7
- Undergoing Analysis: 56

Top CNAs:
- GitHub, Inc.: 283
- Patchstack: 271
- MITRE: 128
- VulnCheck: 107
- VulDB: 85
- Wordfence: 74
- Android (associated with Google Inc. or Open Handset Alliance): 57
- Cisco Systems, Inc.: 50
- N/A: 38
- Acronis International GmbH: 23

Top Affected Products:
- UNKNOWN: 1003
- Google Android: 74
- Chamilo Lms: 25
- Dlink Dir-513 Firmware: 20
- Huawei Harmonyos: 18
- Qualcomm Qca6595au Firmware: 14
- Qualcomm Wcd9380 Firmware: 14
- Qualcomm Wcd9385 Firmware: 14
- Qualcomm Wsa8830 Firmware: 14
- Qualcomm Wsa8815 Firmware: 14

Top EPSS Score:
- CVE-2026-2256 - 1.80 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24105 - 1.29 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-25070 - 1.03 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-26478 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24101 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24107 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-30227 - 0.80 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2024-47886 - 0.75 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2025-14675 - 0.68 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2018-25181 - 0.57 % (secdb.nttzen.cloud/cve/detail/)

##

CVE-2018-25166
(8.2 HIGH)

EPSS: 0.06%

updated 2026-03-06T13:15:57.430000

1 posts

Meneame English Pligg 5.8 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the search parameter. Attackers can send GET requests to index.php with crafted SQL payloads in the search parameter to extract sensitive database information including usernames, database names, and version details.

Matchbook3469@mastodon.social at 2026-03-08T22:50:37.000Z ##

🟠 New security advisory:

CVE-2018-25166 affects multiple systems.

• Impact: Significant security breach potential
• Risk: Unauthorized access or data exposure
• Mitigation: Apply patches within 24-48 hours

Full breakdown:
yazoul.net/advisory/cve/cve-20

#Cybersecurity #VulnerabilityManagement #CyberSec

##

CVE-2026-26416
(8.8 HIGH)

EPSS: 0.03%

updated 2026-03-06T12:31:37

2 posts

An authorization bypass vulnerability in Tata Consultancy Services Cognix Recon Client v3.0 allows authenticated users to escalate privileges across role boundaries via crafted requests.

1 repos

https://github.com/aksalsalimi/CVE-2026-26416

thehackerwire@mastodon.social at 2026-03-07T16:00:31.000Z ##

🟠 CVE-2026-26416 - High (8.8)

An authorization bypass vulnerability in Tata Consultancy Services Cognix Recon Client v3.0 allows authenticated users to escalate privileges across role boundaries via crafted requests.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-07T16:00:31.000Z ##

🟠 CVE-2026-26416 - High (8.8)

An authorization bypass vulnerability in Tata Consultancy Services Cognix Recon Client v3.0 allows authenticated users to escalate privileges across role boundaries via crafted requests.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-70995
(8.8 HIGH)

EPSS: 0.36%

updated 2026-03-06T12:31:37

2 posts

An issue in Aranda Service Desk Web Edition (ASDK API 8.6) allows authenticated attackers to achieve remote code execution due to improper validation of uploaded files. An authenticated user can upload a crafted web.config file by sending a crafted POST request to /ASDKAPI/api/v8.6/item/addfile, which is processed by the ASP.NET runtime. The uploaded configuration file alters the execution context

1 repos

https://github.com/0xcronos/CVE

thehackerwire@mastodon.social at 2026-03-07T14:00:29.000Z ##

🟠 CVE-2025-70995 - High (8.8)

An issue in Aranda Service Desk Web Edition (ASDK API 8.6) allows authenticated attackers to achieve remote code execution due to improper validation of uploaded files. An authenticated user can upload a crafted web.config file by sending a crafte...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-07T14:00:29.000Z ##

🟠 CVE-2025-70995 - High (8.8)

An issue in Aranda Service Desk Web Edition (ASDK API 8.6) allows authenticated attackers to achieve remote code execution due to improper validation of uploaded files. An authenticated user can upload a crafted web.config file by sending a crafte...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-13476
(9.8 CRITICAL)

EPSS: 0.05%

updated 2026-03-06T12:31:36

2 posts

Rakuten Viber Cloak mode in Android v25.7.2.0g and Windows v25.6.0.0–v25.8.1.0 uses a static and predictable TLS ClientHello fingerprint lacking extension diversity, allowing Deep Packet Inspection (DPI) systems to trivially identify and block proxy traffic, undermining censorship circumvention. (CWE-327)

thehackerwire@mastodon.social at 2026-03-08T13:00:37.000Z ##

🔴 CVE-2025-13476 - Critical (9.8)

Rakuten Viber Cloak mode in Android v25.7.2.0g and Windows v25.6.0.0–v25.8.1.0 uses a static and predictable TLS ClientHello fingerprint lacking extension diversity, allowing Deep Packet Inspection (DPI) systems to trivially identify and block p...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-08T13:00:37.000Z ##

🔴 CVE-2025-13476 - Critical (9.8)

Rakuten Viber Cloak mode in Android v25.7.2.0g and Windows v25.6.0.0–v25.8.1.0 uses a static and predictable TLS ClientHello fingerprint lacking extension diversity, allowing Deep Packet Inspection (DPI) systems to trivially identify and block p...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-70229
(9.8 CRITICAL)

EPSS: 0.06%

updated 2026-03-06T12:31:36

2 posts

Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSchedule.

thehackerwire@mastodon.social at 2026-03-08T12:31:35.000Z ##

🔴 CVE-2025-70229 - Critical (9.8)

Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSchedule.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-08T12:31:35.000Z ##

🔴 CVE-2025-70229 - Critical (9.8)

Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSchedule.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-26418
(7.5 HIGH)

EPSS: 0.06%

updated 2026-03-06T12:31:36

2 posts

Missing authentication and authorization in the web API of Tata Consultancy Services Cognix Recon Client v3.0 allows remote attackers to access application functionality without restriction via the network.

1 repos

https://github.com/aksalsalimi/CVE-2026-26418

thehackerwire@mastodon.social at 2026-03-08T11:00:29.000Z ##

🟠 CVE-2026-26418 - High (7.5)

Missing authentication and authorization in the web API of Tata Consultancy Services Cognix Recon Client v3.0 allows remote attackers to access application functionality without restriction via the network.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-08T11:00:29.000Z ##

🟠 CVE-2026-26418 - High (7.5)

Missing authentication and authorization in the web API of Tata Consultancy Services Cognix Recon Client v3.0 allows remote attackers to access application functionality without restriction via the network.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-70233
(9.8 CRITICAL)

EPSS: 0.06%

updated 2026-03-06T12:30:31

2 posts

Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetEnableWizard.

thehackerwire@mastodon.social at 2026-03-08T12:31:15.000Z ##

🔴 CVE-2025-70233 - Critical (9.8)

Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetEnableWizard.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-08T12:31:15.000Z ##

🔴 CVE-2025-70233 - Critical (9.8)

Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetEnableWizard.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-70949
(7.5 HIGH)

EPSS: 0.03%

updated 2026-03-06T11:16:08.263000

2 posts

An observable timing discrepancy in @perfood/couch-auth v0.26.0 allows attackers to access sensitive information via a timing side-channel.

thehackerwire@mastodon.social at 2026-03-07T14:00:19.000Z ##

🟠 CVE-2025-70949 - High (7.5)

An observable timing discrepancy in @perfood/couch-auth v0.26.0 allows attackers to access sensitive information via a timing side-channel.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-07T14:00:19.000Z ##

🟠 CVE-2025-70949 - High (7.5)

An observable timing discrepancy in @perfood/couch-auth v0.26.0 allows attackers to access sensitive information via a timing side-channel.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-70948
(9.3 CRITICAL)

EPSS: 0.03%

updated 2026-03-06T11:16:08.090000

2 posts

A host header injection vulnerability in the mailer component of @perfood/couch-auth v0.26.0 allows attackers to obtain reset tokens and execute an account takeover via spoofing the HTTP Host header.

thehackerwire@mastodon.social at 2026-03-07T13:01:38.000Z ##

🔴 CVE-2025-70948 - Critical (9.3)

A host header injection vulnerability in the mailer component of @perfood/couch-auth v0.26.0 allows attackers to obtain reset tokens and execute an account takeover via spoofing the HTTP Host header.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-07T13:01:38.000Z ##

🔴 CVE-2025-70948 - Critical (9.3)

A host header injection vulnerability in the mailer component of @perfood/couch-auth v0.26.0 allows attackers to obtain reset tokens and execute an account takeover via spoofing the HTTP Host header.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-26417
(8.1 HIGH)

EPSS: 0.03%

updated 2026-03-06T10:16:22.163000

2 posts

A broken access control vulnerability in the password reset functionality of Tata Consultancy Services Cognix Recon Client v3.0 allows authenticated users to reset passwords of arbitrary user accounts via crafted requests.

1 repos

https://github.com/aksalsalimi/CVE-2026-26417

thehackerwire@mastodon.social at 2026-03-08T11:00:18.000Z ##

🟠 CVE-2026-26417 - High (8.1)

A broken access control vulnerability in the password reset functionality of Tata Consultancy Services Cognix Recon Client v3.0 allows authenticated users to reset passwords of arbitrary user accounts via crafted requests.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-08T11:00:18.000Z ##

🟠 CVE-2026-26417 - High (8.1)

A broken access control vulnerability in the password reset functionality of Tata Consultancy Services Cognix Recon Client v3.0 allows authenticated users to reset passwords of arbitrary user accounts via crafted requests.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-70616
(7.8 HIGH)

EPSS: 0.01%

updated 2026-03-06T10:16:21.803000

2 posts

A stack buffer overflow vulnerability exists in the Wincor Nixdorf wnBios64.sys kernel driver (version 1.2.0.0) in the IOCTL handler for code 0x80102058. The vulnerability is caused by missing bounds checking on the user-controlled Options parameter before copying data into a 40-byte stack buffer (Src[40]) using memmove. An attacker with local access can exploit this vulnerability by sending a cra

thehackerwire@mastodon.social at 2026-03-08T12:00:21.000Z ##

🟠 CVE-2025-70616 - High (7.8)

A stack buffer overflow vulnerability exists in the Wincor Nixdorf wnBios64.sys kernel driver (version 1.2.0.0) in the IOCTL handler for code 0x80102058. The vulnerability is caused by missing bounds checking on the user-controlled Options paramet...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-08T12:00:21.000Z ##

🟠 CVE-2025-70616 - High (7.8)

A stack buffer overflow vulnerability exists in the Wincor Nixdorf wnBios64.sys kernel driver (version 1.2.0.0) in the IOCTL handler for code 0x80102058. The vulnerability is caused by missing bounds checking on the user-controlled Options paramet...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-70614
(8.1 HIGH)

EPSS: 0.03%

updated 2026-03-06T10:16:21.627000

2 posts

OpenCode Systems OC Messaging / USSD Gateway OC Release 6.32.2 contains a broken access control vulnerability in the web-based control panel allowing authenticated low-privileged attackers to gain to access to arbitrary SMS messages via a crafted company or tenant identifier parameter.

thehackerwire@mastodon.social at 2026-03-07T13:01:28.000Z ##

🟠 CVE-2025-70614 - High (8.1)

OpenCode Systems OC Messaging / USSD Gateway OC Release 6.32.2 contains a broken access control vulnerability in the web-based control panel allowing authenticated low-privileged attackers to gain to access to arbitrary SMS messages via a crafted ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-07T13:01:28.000Z ##

🟠 CVE-2025-70614 - High (8.1)

OpenCode Systems OC Messaging / USSD Gateway OC Release 6.32.2 contains a broken access control vulnerability in the web-based control panel allowing authenticated low-privileged attackers to gain to access to arbitrary SMS messages via a crafted ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-29165
(9.8 CRITICAL)

EPSS: 0.04%

updated 2026-03-06T10:16:20.040000

2 posts

An issue in D-Link DIR-1253 MESH V1.6.1684 allows an attacker to escalate privileges via the etc/shadow.sample component

thehackerwire@mastodon.social at 2026-03-07T15:00:36.000Z ##

🔴 CVE-2025-29165 - Critical (9.8)

An issue in D-Link DIR-1253 MESH V1.6.1684 allows an attacker to escalate privileges via the etc/shadow.sample component

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-07T15:00:36.000Z ##

🔴 CVE-2025-29165 - Critical (9.8)

An issue in D-Link DIR-1253 MESH V1.6.1684 allows an attacker to escalate privileges via the etc/shadow.sample component

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-2331
(9.8 CRITICAL)

EPSS: 0.17%

updated 2026-03-06T09:31:41

5 posts

An attacker may perform unauthenticated read and write operations on sensitive filesystem areas via the AppEngine Fileaccess over HTTP due to improper access restrictions. A critical filesystem directory was unintentionally exposed through the HTTP-based file access feature, allowing access without authentication. This includes device parameter files, enabling an attacker to read and modify applic

offseq@infosec.exchange at 2026-03-06T09:00:31.000Z ##

🔴 CRITICAL: CVE-2026-2331 in SICK Lector85x v2.6.0 allows unauthenticated HTTP access to sensitive files & Lua code execution. No patch yet — segment networks & restrict HTTP access. Monitor for abuse! radar.offseq.com/threat/cve-20 #OffSeq #ICS #Vuln #OTSecurity

##

thehackerwire@mastodon.social at 2026-03-06T08:26:29.000Z ##

🔴 CVE-2026-2331 - Critical (9.8)

An attacker may perform unauthenticated read and write operations on sensitive filesystem areas via the AppEngine Fileaccess over HTTP due to improper access restrictions. A critical filesystem directory was unintentionally exposed through the HTT...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-06T08:23:28.000Z ##

🔴 CVE-2026-2331 - Critical (9.8)

An attacker may perform unauthenticated read and write operations on sensitive filesystem areas via the AppEngine Fileaccess over HTTP due to improper access restrictions. A critical filesystem directory was unintentionally exposed through the HTT...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-06T08:20:45.000Z ##

🔴 CVE-2026-2331 - Critical (9.8)

An attacker may perform unauthenticated read and write operations on sensitive filesystem areas via the AppEngine Fileaccess over HTTP due to improper access restrictions. A critical filesystem directory was unintentionally exposed through the HTT...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-06T08:20:33.000Z ##

🔴 CVE-2026-2331 - Critical (9.8)

An attacker may perform unauthenticated read and write operations on sensitive filesystem areas via the AppEngine Fileaccess over HTTP due to improper access restrictions. A critical filesystem directory was unintentionally exposed through the HTT...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-2330
(9.4 CRITICAL)

EPSS: 0.21%

updated 2026-03-06T08:16:27.253000

2 posts

An attacker may access restricted filesystem areas on the device via the CROWN REST interface due to incomplete whitelist enforcement. Certain directories intended for internal testing were not covered by the whitelist and are accessible without authentication. An unauthenticated attacker could place a manipulated parameter file that becomes active after a reboot, allowing modification of critical

offseq@infosec.exchange at 2026-03-07T07:30:25.000Z ##

🚨 CRITICAL: CVE-2026-2330 in SICK Lector85x lets remote, unauthenticated attackers modify device configs via the CROWN REST interface. Patch or restrict access now to prevent OT compromise. radar.offseq.com/threat/cve-20 #OffSeq #ICS #Vulnerability #Infosec

##

thehackerwire@mastodon.social at 2026-03-06T08:20:23.000Z ##

🔴 CVE-2026-2330 - Critical (9.4)

An attacker may access restricted filesystem areas on the device via the CROWN REST interface due to incomplete whitelist enforcement. Certain directories intended for internal testing were not covered by the whitelist and are accessible without a...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-29183
(9.3 CRITICAL)

EPSS: 0.03%

updated 2026-03-06T08:16:27.090000

3 posts

SiYuan is a personal knowledge management system. Prior to version 3.5.9, an unauthenticated reflected XSS vulnerability exists in the dynamic icon API endpoint "GET /api/icon/getDynamicIcon" when type=8, attacker-controlled content is embedded into SVG output without escaping. Because the endpoint is unauthenticated and returns image/svg+xml, a crafted URL can inject executable SVG/HTML event han

Matchbook3469@mastodon.social at 2026-03-07T17:14:27.000Z ##

🚨 New security advisory:

CVE-2026-29183 affects multiple systems.

• Impact: Remote code execution or complete system compromise possible
• Risk: Attackers can gain full control of affected systems
• Mitigation: Patch immediately or isolate affected systems

Full breakdown:
yazoul.net/advisory/cve/cve-20

#Cybersecurity #VulnerabilityManagement #CyberSec

##

Matchbook3469@mastodon.social at 2026-03-07T15:15:06.000Z ##

🚨 New security advisory:

CVE-2026-29183 affects multiple systems.

• Impact: Remote code execution or complete system compromise possible
• Risk: Attackers can gain full control of affected systems
• Mitigation: Patch immediately or isolate affected systems

Full breakdown:
yazoul.net/advisory/cve/cve-20

#Cybersecurity #VulnerabilityManagement #CyberSec

##

thehackerwire@mastodon.social at 2026-03-06T08:20:12.000Z ##

🔴 CVE-2026-29183 - Critical (9.3)

SiYuan is a personal knowledge management system. Prior to version 3.5.9, an unauthenticated reflected XSS vulnerability exists in the dynamic icon API endpoint "GET /api/icon/getDynamicIcon" when type=8, attacker-controlled content is embedded in...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-29074
(7.5 HIGH)

EPSS: 0.04%

updated 2026-03-06T08:16:26.920000

1 posts

SVGO, short for SVG Optimizer, is a Node.js library and command-line application for optimizing SVG files. From version 2.1.0 to before version 2.8.1, from version 3.0.0 to before version 3.3.3, and before version 4.0.1, SVGO accepts XML with custom entities, without guards against entity expansion or recursion. This can result in a small XML file (811 bytes) stalling the application and even cras

thehackerwire@mastodon.social at 2026-03-06T08:20:52.000Z ##

🟠 CVE-2026-29074 - High (7.5)

SVGO, short for SVG Optimizer, is a Node.js library and command-line application for optimizing SVG files. From version 2.1.0 to before version 2.8.1, from version 3.0.0 to before version 3.3.3, and before version 4.0.1, SVGO accepts XML with cust...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28681
(8.1 HIGH)

EPSS: 0.06%

updated 2026-03-06T05:16:37.710000

2 posts

Internet Routing Registry daemon version 4 is an IRR database server, processing IRR objects in the RPSL format. From version 4.4.0 to before version 4.4.5 and from version 4.5.0 to before version 4.5.1, an attacker can manipulate the HTTP Host header on a password reset or account creation request. The confirmation link in the resulting email can then point to an attacker-controlled domain. Openi

thehackerwire@mastodon.social at 2026-03-06T08:09:27.000Z ##

🟠 CVE-2026-28681 - High (8.1)

Internet Routing Registry daemon version 4 is an IRR database server, processing IRR objects in the RPSL format. From version 4.4.0 to before version 4.4.5 and from version 4.5.0 to before version 4.5.1, an attacker can manipulate the HTTP Host he...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-06T08:06:54.000Z ##

🟠 CVE-2026-28681 - High (8.1)

Internet Routing Registry daemon version 4 is an IRR database server, processing IRR objects in the RPSL format. From version 4.4.0 to before version 4.4.5 and from version 4.5.0 to before version 4.5.1, an attacker can manipulate the HTTP Host he...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28679
(8.6 HIGH)

EPSS: 0.04%

updated 2026-03-06T05:16:36.977000

2 posts

Home-Gallery.org is a self-hosted open-source web gallery to browse personal photos and videos. Prior to version 1.21.0, when a user requests a download, the application does not verify whether the requested file is located within the media source directory, which can result in sensitive system files being downloadable as well. This issue has been patched in version 1.21.0.

thehackerwire@mastodon.social at 2026-03-06T08:14:45.000Z ##

🟠 CVE-2026-28679 - High (8.6)

Home-Gallery.org is a self-hosted open-source web gallery to browse personal photos and videos. Prior to version 1.21.0, when a user requests a download, the application does not verify whether the requested file is located within the media source...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-06T08:09:31.000Z ##

🟠 CVE-2026-28679 - High (8.6)

Home-Gallery.org is a self-hosted open-source web gallery to browse personal photos and videos. Prior to version 1.21.0, when a user requests a download, the application does not verify whether the requested file is located within the media source...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28677
(8.2 HIGH)

EPSS: 0.04%

updated 2026-03-06T05:16:36.610000

1 posts

OpenSift is an AI study tool that sifts through large datasets using semantic search and generative AI. Prior to version 1.6.3-alpha, the URL ingest pipeline accepted user-controlled remote URLs with incomplete destination restrictions. Although private/local host checks existed, missing restrictions for credentialed URLs, non-standard ports, and cross-host redirects left SSRF-class abuse paths in

thehackerwire@mastodon.social at 2026-03-06T08:07:12.000Z ##

🟠 CVE-2026-28677 - High (8.2)

OpenSift is an AI study tool that sifts through large datasets using semantic search and generative AI. Prior to version 1.6.3-alpha, the URL ingest pipeline accepted user-controlled remote URLs with incomplete destination restrictions. Although p...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-25888
(8.8 HIGH)

EPSS: 0.23%

updated 2026-03-06T05:16:29.903000

2 posts

Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create charts. Prior to version 4.8.1, there is a remote code execution vulnerability via a vulnerable API. This issue has been patched in version 4.8.1.

thehackerwire@mastodon.social at 2026-03-06T08:14:56.000Z ##

🟠 CVE-2026-25888 - High (8.8)

Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create charts. Prior to version 4.8.1, there is a remote code execution vulnerability via a vulnerable API. This issue has been patched...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-06T08:09:40.000Z ##

🟠 CVE-2026-25888 - High (8.8)

Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create charts. Prior to version 4.8.1, there is a remote code execution vulnerability via a vulnerable API. This issue has been patched...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28501
(9.8 CRITICAL)

EPSS: 0.03%

updated 2026-03-06T04:16:08.177000

3 posts

WWBN AVideo is an open source video platform. Prior to version 24.0, an unauthenticated SQL Injection vulnerability exists in AVideo within the objects/videos.json.php and objects/video.php components. The application fails to properly sanitize the catName parameter when it is supplied via a JSON-formatted POST request body. Because JSON input is parsed and merged into $_REQUEST after global secur

thehackerwire@mastodon.social at 2026-03-06T08:15:05.000Z ##

🔴 CVE-2026-28501 - Critical (9.8)

WWBN AVideo is an open source video platform. Prior to version 24.0, an unauthenticated SQL Injection vulnerability exists in AVideo within the objects/videos.json.php and objects/video.php components. The application fails to properly sanitize th...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-06T08:09:50.000Z ##

🔴 CVE-2026-28501 - Critical (9.8)

WWBN AVideo is an open source video platform. Prior to version 24.0, an unauthenticated SQL Injection vulnerability exists in AVideo within the objects/videos.json.php and objects/video.php components. The application fails to properly sanitize th...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

offseq@infosec.exchange at 2026-03-06T04:30:29.000Z ##

🛑 CVE-2026-28501: CRITICAL SQL Injection in WWBN AVideo < 24.0! Unauthenticated attackers can run arbitrary SQL via JSON POST (catName param). Upgrade to v24.0+ ASAP! Details: radar.offseq.com/threat/cve-20 #OffSeq #Infosec #SQLInjection #AVideo

##

CVE-2025-59543
(9.0 CRITICAL)

EPSS: 0.04%

updated 2026-03-06T04:16:02.293000

3 posts

Chamilo is a learning management system. Prior to version 1.11.34, there is a stored cross-site scripting (XSS) vulnerability. By injecting malicious JavaScript into the course description field, an attacker with a low-privileged account (e.g., trainer) can execute arbitrary JavaScript code in the context of any other user viewing the course information page, including administrators. This allows

thehackerwire@mastodon.social at 2026-03-06T08:35:15.000Z ##

🔴 CVE-2025-59543 - Critical (9)

Chamilo is a learning management system. Prior to version 1.11.34, there is a stored cross-site scripting (XSS) vulnerability. By injecting malicious JavaScript into the course description field, an attacker with a low-privileged account (e.g., tr...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-06T08:23:34.000Z ##

🔴 CVE-2025-59543 - Critical (9)

Chamilo is a learning management system. Prior to version 1.11.34, there is a stored cross-site scripting (XSS) vulnerability. By injecting malicious JavaScript into the course description field, an attacker with a low-privileged account (e.g., tr...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-06T08:15:16.000Z ##

🔴 CVE-2025-59543 - Critical (9)

Chamilo is a learning management system. Prior to version 1.11.34, there is a stored cross-site scripting (XSS) vulnerability. By injecting malicious JavaScript into the course description field, an attacker with a low-privileged account (e.g., tr...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-59541
(8.1 HIGH)

EPSS: 0.01%

updated 2026-03-06T04:16:01.977000

3 posts

Chamilo is a learning management system. Prior to version 1.11.34, a Cross-Site Request Forgery (CSRF) vulnerability allows an attacker to delete projects inside a course without the victim’s consent. The issue arises because sensitive actions such as project deletion do not implement anti-CSRF protections (tokens) and GET based requests. As a result, an authenticated user (Trainer) can be tricked

thehackerwire@mastodon.social at 2026-03-06T08:35:25.000Z ##

🟠 CVE-2025-59541 - High (8.1)

Chamilo is a learning management system. Prior to version 1.11.34, a Cross-Site Request Forgery (CSRF) vulnerability allows an attacker to delete projects inside a course without the victim’s consent. The issue arises because sensitive actions s...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-06T08:23:41.000Z ##

🟠 CVE-2025-59541 - High (8.1)

Chamilo is a learning management system. Prior to version 1.11.34, a Cross-Site Request Forgery (CSRF) vulnerability allows an attacker to delete projects inside a course without the victim’s consent. The issue arises because sensitive actions s...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-06T08:15:26.000Z ##

🟠 CVE-2025-59541 - High (8.1)

Chamilo is a learning management system. Prior to version 1.11.34, a Cross-Site Request Forgery (CSRF) vulnerability allows an attacker to delete projects inside a course without the victim’s consent. The issue arises because sensitive actions s...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28466
(10.0 CRITICAL)

EPSS: 0.09%

updated 2026-03-06T01:05:55

1 posts

### Summary A remote code execution (RCE) vulnerability in the gateway-to-node invocation path allowed an authenticated gateway client to bypass node-host exec approvals by injecting internal control fields into `node.invoke` parameters. ### Affected Component - Gateway method: `node.invoke` for node command `system.run` - Node host runner: exec approval gating for `system.run` ### Impact If

thehackerwire@mastodon.social at 2026-03-06T11:01:14.000Z ##

🟠 CVE-2026-28466 - High (8.8)

OpenClaw versions prior to 2026.2.14 contain a vulnerability in the gateway in which it fails to sanitize internal approval fields in node.invoke parameters, allowing authenticated clients to bypass exec approval gating for system.run commands. At...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28479
(5.4 MEDIUM)

EPSS: 0.02%

updated 2026-03-06T01:05:00

1 posts

## Affected Packages / Versions - npm package: `openclaw` - Affected versions: `<= 2026.2.14` - Fixed version (pre-set): `2026.2.15` ## Description The sandbox identifier cache key for Docker/browser sandbox configuration used SHA-1 to hash normalized configuration payloads. SHA-1 is deprecated for cryptographic use and has known collision weaknesses. In this code path, deterministic IDs are use

thehackerwire@mastodon.social at 2026-03-06T10:00:54.000Z ##

🟠 CVE-2026-28479 - High (7.5)

OpenClaw versions prior to 2026.2.15 use SHA-1 to hash sandbox identifier cache keys for Docker and browser sandbox configurations, which is deprecated and vulnerable to collision attacks. An attacker can exploit SHA-1 collisions to cause cache po...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28462
(7.5 HIGH)

EPSS: 0.04%

updated 2026-03-06T01:04:45

1 posts

## Summary OpenClaw’s browser control API accepted user-supplied output paths for trace/download files without consistently constraining writes to OpenClaw-managed temporary directories. ## Impact If an attacker can access the browser control API, they could attempt to write trace/download output files outside intended temp roots, depending on process filesystem permissions. ## Aff

thehackerwire@mastodon.social at 2026-03-06T11:19:58.000Z ##

🟠 CVE-2026-28462 - High (7.5)

OpenClaw versions prior to 2026.2.13 contain a vulnerability in the browser control API in which it accepts user-supplied output paths for trace and download files without consistently constraining writes to temporary directories. Attackers with A...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28469
(9.8 CRITICAL)

EPSS: 0.03%

updated 2026-03-06T01:03:20

1 posts

## Summary When multiple Google Chat webhook targets are registered on the same HTTP path, and request verification succeeds for more than one target, inbound webhook events could be routed by first-match semantics. This can cause cross-account policy/context misrouting. ## Affected Packages / Versions - npm: `openclaw` <= 2026.2.13 - npm: `clawdbot` <= 2026.1.24-3 ## Details Affected component:

thehackerwire@mastodon.social at 2026-03-06T10:16:34.000Z ##

🔴 CVE-2026-28469 - Critical (9.8)

OpenClaw versions prior to 2026.2.14 contain a webhook routing vulnerability in the Google Chat monitor component that allows cross-account policy context misrouting when multiple webhook targets share the same HTTP path. Attackers can exploit fir...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28470
(9.8 CRITICAL)

EPSS: 0.07%

updated 2026-03-06T01:02:34

1 posts

### Summary Exec approvals allowlist bypass via command substitution/backticks inside double quotes. ### Affected Packages / Versions - Package: `openclaw` (npm) - Affected: `<= 2026.2.1` - Fixed: `>= 2026.2.2` ### Impact Only affects setups that explicitly enable the optional exec approvals allowlist feature. Default installs are unaffected. ### Fix Reject unescaped `$()` and backticks ins

thehackerwire@mastodon.social at 2026-03-06T10:16:43.000Z ##

🔴 CVE-2026-28470 - Critical (9.8)

OpenClaw versions prior to 2026.2.2 contain an exec approvals (must be enabled) allowlist bypass vulnerability that allows attackers to execute arbitrary commands by injecting command substitution syntax. Attackers can bypass the allowlist protect...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28465
(5.9 MEDIUM)

EPSS: 0.02%

updated 2026-03-06T01:01:24

1 posts

## Affected Packages / Versions This issue affects the optional voice-call plugin only. It is not enabled by default; it only applies to installations where the plugin is installed and enabled. - Package: `@openclaw/voice-call` - Vulnerable versions: `< 2026.2.3` - Patched versions: `>= 2026.2.3` Legacy package name (if you are still using it): - Package: `@clawdbot/voice-call` - Vulnerable ve

thehackerwire@mastodon.social at 2026-03-06T10:55:31.000Z ##

🟠 CVE-2026-28465 - High (7.5)

OpenClaw's voice-call plugin versions before 2026.2.3 contain an improper authentication vulnerability in webhook verification that allows remote attackers to bypass verification by supplying untrusted forwarded headers. Attackers can spoof webhoo...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-29613
(5.9 MEDIUM)

EPSS: 0.02%

updated 2026-03-06T01:00:35

1 posts

## Summary The BlueBubbles webhook handler previously treated any request whose socket `remoteAddress` was loopback (`127.0.0.1`, `::1`, `::ffff:127.0.0.1`) as authenticated. When OpenClaw Gateway is behind a reverse proxy (Tailscale Serve/Funnel, nginx, Cloudflare Tunnel, ngrok), the proxy typically connects to the gateway over loopback, allowing unauthenticated remote requests to bypass the con

thehackerwire@mastodon.social at 2026-03-06T09:59:54.000Z ##

🟠 CVE-2026-29613 - High (7.5)

OpenClaw versions prior to 2026.2.12 contain a vulnerability in the BlueBubbles (optional plugin) webhook handler in which it authenticates requests based solely on loopback remoteAddress without validating forwarding headers, allowing bypass of c...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28456
(7.2 HIGH)

EPSS: 0.06%

updated 2026-03-06T00:59:49

1 posts

## Summary OpenClaw Gateway supports hook mappings with optional JavaScript/TypeScript transform modules. In affected versions, the gateway did not sufficiently constrain configured module paths before passing them to dynamic `import()`. Under some configurations, a user who can modify gateway configuration could cause the gateway process to load and execute an unintended local module. ## Impact

thehackerwire@mastodon.social at 2026-03-06T11:01:26.000Z ##

🟠 CVE-2026-28456 - High (8.4)

OpenClaw versions 2026.1.5 prior to 2026.2.14 contain a vulnerability in the Gateway in which it does not sufficiently constrain configured hook module paths before passing them to dynamic import(), allowing code execution. An attacker with gatewa...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28453
(8.1 HIGH)

EPSS: 0.04%

updated 2026-03-06T00:59:39

1 posts

## Summary OpenClaw versions before 2026.2.14 did not sufficiently validate TAR archive entry paths during extraction. A crafted archive could use path traversal sequences (for example `../../...`) to write files outside the intended destination directory (Zip Slip). ## Affected Packages / Versions - Package: `openclaw` (npm) - Affected: `< 2026.2.14` - Fixed: `>= 2026.2.14` ## Details The affec

thehackerwire@mastodon.social at 2026-03-06T11:20:08.000Z ##

🟠 CVE-2026-28453 - High (7.5)

OpenClaw versions prior to 2026.2.14 fail to validate TAR archive entry paths during extraction, allowing path traversal sequences to write files outside the intended directory. Attackers can craft malicious archives with traversal sequences like ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28454
(9.8 CRITICAL)

EPSS: 0.02%

updated 2026-03-06T00:58:49

2 posts

## Summary When Telegram webhook mode is enabled without a configured webhook secret, OpenClaw may accept unauthenticated HTTP POST requests at the Telegram webhook endpoint and trust attacker-controlled update JSON. This can allow forged Telegram updates that spoof `message.from.id` / `chat.id`, potentially bypassing sender allowlists and executing privileged bot commands. ## Affected Packages

thehackerwire@mastodon.social at 2026-03-06T11:47:34.000Z ##

🔴 CVE-2026-28454 - Critical (9.8)

OpenClaw versions prior to 2026.2.2 fail to validate webhook secrets in Telegram webhook mode (must be enabled), allowing unauthenticated HTTP POST requests to the webhook endpoint that trust attacker-controlled JSON payloads. Remote attackers can...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-06T11:20:19.000Z ##

🔴 CVE-2026-28454 - Critical (9.8)

OpenClaw versions prior to 2026.2.2 fail to validate webhook secrets in Telegram webhook mode (must be enabled), allowing unauthenticated HTTP POST requests to the webhook endpoint that trust attacker-controlled JSON payloads. Remote attackers can...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28727
(7.8 HIGH)

EPSS: 0.01%

updated 2026-03-06T00:31:42

2 posts

Local privilege escalation due to insecure Unix socket permissions. The following products are affected: Acronis Cyber Protect 17 (macOS) before build 41186, Acronis Cyber Protect Cloud Agent (macOS) before build 41124.

thehackerwire@mastodon.social at 2026-03-06T08:23:50.000Z ##

🟠 CVE-2026-28727 - High (7.8)

Local privilege escalation due to insecure Unix socket permissions. The following products are affected: Acronis Cyber Protect 17 (macOS) before build 41186, Acronis Cyber Protect Cloud Agent (macOS) before build 41124.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-06T08:15:37.000Z ##

🟠 CVE-2026-28727 - High (7.8)

Local privilege escalation due to insecure Unix socket permissions. The following products are affected: Acronis Cyber Protect 17 (macOS) before build 41186, Acronis Cyber Protect Cloud Agent (macOS) before build 41124.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-21536
(9.8 CRITICAL)

EPSS: 0.40%

updated 2026-03-06T00:31:41

2 posts

Microsoft Devices Pricing Program Remote Code Execution Vulnerability

thehackerwire@mastodon.social at 2026-03-06T09:00:15.000Z ##

🔴 CVE-2026-21536 - Critical (9.8)

Microsoft Devices Pricing Program Remote Code Execution Vulnerability

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

offseq@infosec.exchange at 2026-03-06T01:30:28.000Z ##

⚠️ CVE-2026-21536 (CRITICAL, CVSS 9.8): RCE in Microsoft Devices Pricing Program via unrestricted file upload (CWE-434). No patch — restrict uploads, monitor endpoints. High risk for enterprise. radar.offseq.com/threat/cve-20 #OffSeq #Microsoft #Vuln #RCE

##

CVE-2026-22552
(9.4 CRITICAL)

EPSS: 0.10%

updated 2026-03-06T00:31:41

2 posts

WebSocket endpoints lack proper authentication mechanisms, enabling attackers to perform unauthorized station impersonation and manipulate data sent to the backend. An unauthenticated attacker can connect to the OCPP WebSocket endpoint using a known or discovered charging station identifier, then issue or receive OCPP commands as a legitimate charger. Given that no authentication is required, this

thehackerwire@mastodon.social at 2026-03-06T08:23:57.000Z ##

🔴 CVE-2026-22552 - Critical (9.4)

WebSocket endpoints lack proper authentication mechanisms, enabling attackers to perform unauthorized station impersonation and manipulate data sent to the backend. An unauthenticated attacker can connect to the OCPP WebSocket endpoint using a kno...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

offseq@infosec.exchange at 2026-03-06T00:00:46.000Z ##

⚠️ CRITICAL vuln in ePower epower.ie (all versions): Unauthenticated OCPP WebSocket endpoints allow station impersonation & backend manipulation. Privilege escalation risk is HIGH — patch or mitigate now! CVE-2026-22552 radar.offseq.com/threat/cve-20 #OffSeq #Vulnerability #EVCharging

##

CVE-2026-28710
(8.1 HIGH)

EPSS: 0.07%

updated 2026-03-06T00:31:41

1 posts

Sensitive information disclosure and manipulation due to improper authentication. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186.

thehackerwire@mastodon.social at 2026-03-06T08:15:37.000Z ##

🟠 CVE-2026-28710 - High (8.1)

Sensitive information disclosure and manipulation due to improper authentication. The following products are affected: Acronis Cyber Protect 17 (Linux, Windows) before build 41186.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-27778
(7.5 HIGH)

EPSS: 0.06%

updated 2026-03-06T00:16:10.960000

1 posts

The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks by suppressing or mis-routing legitimate charger telemetry, or conduct brute-force attacks to gain unauthorized access.

thehackerwire@mastodon.social at 2026-03-06T08:24:03.000Z ##

🟠 CVE-2026-27778 - High (7.5)

The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks by suppressing or mis-routing legitimate charger ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-26125
(8.6 HIGH)

EPSS: 0.08%

updated 2026-03-05T23:16:20.160000

1 posts

Payment Orchestrator Service Elevation of Privilege Vulnerability

CVE-2026-29188
(9.1 CRITICAL)

EPSS: 0.06%

updated 2026-03-05T22:50:22

1 posts

### Summary A broken access control vulnerability in the TUS protocol DELETE endpoint allows authenticated users with only Create permission to delete arbitrary files and directories within their scope, bypassing the intended Delete permission restriction. Any multi-user deployment where administrators explicitly restrict file deletion for certain users is affected. ### Details The tusDeleteHan

thehackerwire@mastodon.social at 2026-03-06T12:00:48.000Z ##

🔴 CVE-2026-29188 - Critical (9.1)

File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. Prior to version 2.61.1, a broken access control vulnerability in the TUS protocol DELETE endpoint a...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28790
(7.5 HIGH)

EPSS: 0.06%

updated 2026-03-05T22:49:38

2 posts

### Summary OliveTin allows an unauthenticated guest to terminate running actions through KillAction even when authRequireGuestsToLogin: true is enabled. In the tested release (3000.10.2), guests are correctly blocked from dashboard access, but an still call the KillAction RPC directly and successfully stop a running action. This is a broken access control issue that causes unauthorized denial of

thehackerwire@mastodon.social at 2026-03-07T15:00:15.000Z ##

🟠 CVE-2026-28790 - High (7.5)

OliveTin gives access to predefined shell commands from a web interface. Prior to version 3000.11.0, OliveTin allows an unauthenticated guest to terminate running actions through KillAction even when authRequireGuestsToLogin: true is enabled. Gues...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-07T15:00:15.000Z ##

🟠 CVE-2026-28790 - High (7.5)

OliveTin gives access to predefined shell commands from a web interface. Prior to version 3000.11.0, OliveTin allows an unauthenticated guest to terminate running actions through KillAction even when authRequireGuestsToLogin: true is enabled. Gues...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-27944
(9.8 CRITICAL)

EPSS: 0.05%

updated 2026-03-05T22:37:22

1 posts

## Summary The `/api/backup` endpoint is accessible without authentication and discloses the encryption keys required to decrypt the backup in the `X-Backup-Security` response header. This allows an unauthenticated attacker to download a full system backup containing sensitive data (user credentials, session tokens, SSL private keys, Nginx configurations) and decrypt it immediately. ## Vulnerabi

undercodenews@mastodon.social at 2026-03-08T19:41:38.000Z ##

Critical Security Alert: CVE-2026-27944 Exposes Nginx UI Backups and Encryption Keys

Introduction: A Severe Flaw in a Widely Used Web Server Management Tool A newly disclosed security vulnerability has raised serious concerns across the cybersecurity community. The flaw, identified as CVE-2026-27944, affects Nginx UI, a popular web-based dashboard used to manage and configure Nginx servers. With a CVSS severity score of 9.8, the issue is classified as critical and…

undercodenews.com/critical-sec

##

CVE-2026-26999
(7.5 HIGH)

EPSS: 0.01%

updated 2026-03-05T22:29:01

1 posts

## Impact There is a potential vulnerability in Traefik managing TLS handshake on TCP routers. When Traefik processes a TLS connection on a TCP router, the read deadline used to bound protocol sniffing is cleared before the TLS handshake is completed. When a TLS handshake read error occurs, the code attempts a second handshake with different connection parameters, silently ignoring the initial e

thehackerwire@mastodon.social at 2026-03-05T19:20:49.000Z ##

🟠 CVE-2026-26999 - High (7.5)

Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.38 and 3.6.9, there is a potential vulnerability in Traefik managing TLS handshake on TCP routers. When Traefik processes a TLS connection on a TCP router, the read deadlin...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28478
(7.5 HIGH)

EPSS: 0.08%

updated 2026-03-05T22:16:22.210000

1 posts

OpenClaw versions prior to 2026.2.13 contain a denial of service vulnerability in webhook handlers that buffer request bodies without strict byte or time limits. Remote unauthenticated attackers can send oversized JSON payloads or slow uploads to webhook endpoints causing memory pressure and availability degradation.

thehackerwire@mastodon.social at 2026-03-06T10:00:44.000Z ##

🟠 CVE-2026-28478 - High (7.5)

OpenClaw versions prior to 2026.2.13 contain a denial of service vulnerability in webhook handlers that buffer request bodies without strict byte or time limits. Remote unauthenticated attackers can send oversized JSON payloads or slow uploads to ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28463
(8.4 HIGH)

EPSS: 0.02%

updated 2026-03-05T22:16:19.127000

1 posts

OpenClaw exec-approvals allowlist validation checks pre-expansion argv tokens but execution uses real shell expansion, allowing safe bins like head, tail, or grep to read arbitrary local files via glob patterns or environment variables. Authorized callers or prompt-injection attacks can exploit this to disclose files readable by the gateway or node process when host execution is enabled in allowli

thehackerwire@mastodon.social at 2026-03-06T10:16:52.000Z ##

🟠 CVE-2026-28463 - High (8.4)

OpenClaw exec-approvals allowlist validation checks pre-expansion argv tokens but execution uses real shell expansion, allowing safe bins like head, tail, or grep to read arbitrary local files via glob patterns or environment variables. Authorized...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28289
(10.0 CRITICAL)

EPSS: 0.03%

updated 2026-03-05T22:16:15.213000

1 posts

FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. A patch bypass vulnerability for CVE-2026-27636 in FreeScout 1.8.206 and earlier allows any authenticated user with file upload permissions to achieve Remote Code Execution (RCE) on the server by uploading a malicious .htaccess file using a zero-width space character prefix to bypass the security check. The vulnerab

1 repos

https://github.com/0xAshwesker/CVE-2026-28289

CVE-2026-29609
(7.5 HIGH)

EPSS: 0.10%

updated 2026-03-05T21:59:52

1 posts

### Summary URL-backed media fetch handling allocated the entire response payload in memory (`arrayBuffer`) before enforcing `maxBytes`, allowing oversized responses to cause memory exhaustion. ### Affected Versions - `openclaw` (npm): < `2026.2.14` - `clawdbot` (npm): <= `2026.1.24-3` ### Patched Versions - `openclaw` (npm): `2026.2.14` ### Fix Commit - `openclaw/openclaw` `main`: `00a08908892

thehackerwire@mastodon.social at 2026-03-06T09:00:25.000Z ##

🟠 CVE-2026-29609 - High (7.5)

OpenClaw versions prior to 2026.2.14 contain a denial of service vulnerability in the fetchWithGuard function that allocates entire response payloads in memory before enforcing maxBytes limits. Remote attackers can trigger memory exhaustion by ser...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28474(CVSS UNKNOWN)

EPSS: 0.04%

updated 2026-03-05T21:52:02

2 posts

## Summary In affected versions of the optional Nextcloud Talk plugin (installed separately; not bundled with the core OpenClaw install), an untrusted webhook field (`actor.name`, display name) could be treated as an allowlist identifier. An attacker could change their Nextcloud display name to match an allowlisted user ID and bypass DM or room allowlists. ## Details Nextcloud Talk webhook payl

thehackerwire@mastodon.social at 2026-03-06T10:16:12.000Z ##

🔴 CVE-2026-28474 - Critical (9.8)

OpenClaw's Nextcloud Talk plugin versions prior to 2026.2.6 accept equality matching on the mutable actor.name display name field for allowlist validation, allowing attackers to bypass DM and room allowlists. An attacker can change their Nextcloud...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

offseq@infosec.exchange at 2026-03-06T03:00:29.000Z ##

⚠️ CRITICAL: CVE-2026-28474 in OpenClaw nextcloud-talk (pre-2026.2.6) lets attackers bypass allowlists by matching display names. No auth needed — patch now! Details: radar.offseq.com/threat/cve-20 #OffSeq #Vulnerability #Nextcloud #Security

##

CVE-2026-28472(CVSS UNKNOWN)

EPSS: 0.04%

updated 2026-03-05T21:51:23

1 posts

### Summary The gateway WebSocket `connect` handshake could allow skipping device identity checks when `auth.token` was present but not yet validated. ### Details In `src/gateway/server/ws-connection/message-handler.ts`, the device-identity requirement could be bypassed based on the *presence* of a non-empty `connectParams.auth.token` rather than a *validated* shared-secret authentication resul

thehackerwire@mastodon.social at 2026-03-06T10:01:03.000Z ##

🔴 CVE-2026-28472 - Critical (9.8)

OpenClaw versions prior to 2026.2.2 contain a vulnerability in the gateway WebSocket connect handshake in which it allows skipping device identity checks when auth.token is present but not validated. Attackers can connect to the gateway without pr...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28468
(7.1 HIGH)

EPSS: 0.02%

updated 2026-03-05T21:50:00

2 posts

## Summary openclaw could start the sandbox browser bridge server without authentication. When the sandboxed browser is enabled, openclaw runs a local (loopback) HTTP bridge that exposes browser control endpoints (for example `/profiles`, `/tabs`, `/tabs/open`, `/agent/*`). Due to missing auth wiring in the sandbox initialization path, that bridge server accepted requests without requiring gatew

thehackerwire@mastodon.social at 2026-03-06T10:55:11.000Z ##

🟠 CVE-2026-28468 - High (7.8)

OpenClaw versions 2026.1.29-beta.1 prior to 2026.2.14 contain a vulnerability in the sandbox browser bridge server in which it accepts requests without requiring gateway authentication, allowing local attackers to access browser control endpoints....

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-06T10:16:22.000Z ##

🟠 CVE-2026-28468 - High (7.8)

OpenClaw versions 2026.1.29-beta.1 prior to 2026.2.14 contain a vulnerability in the sandbox browser bridge server in which it accepts requests without requiring gateway authentication, allowing local attackers to access browser control endpoints....

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-30244
(7.5 HIGH)

EPSS: 0.02%

updated 2026-03-05T21:48:12

1 posts

## Executive Summary A security vulnerability exists in the Plane project management platform that allows unauthenticated attackers to enumerate workspace members and extract sensitive information including email addresses, user roles, and internal identifiers. The vulnerability stems from Django REST Framework permission classes being incorrectly configured to allow anonymous access to protected

thehackerwire@mastodon.social at 2026-03-07T08:15:14.000Z ##

🟠 CVE-2026-30244 - High (7.5)

Plane is an an open-source project management tool. Prior to version 1.2.2, unauthenticated attackers can enumerate workspace members and extract sensitive information including email addresses, user roles, and internal identifiers. The vulnerabil...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28451
(8.6 HIGH)

EPSS: 0.04%

updated 2026-03-05T21:44:47

2 posts

### Summary The Feishu extension could fetch attacker-controlled remote URLs in two paths without SSRF protections: - `sendMediaFeishu(mediaUrl)` - Feishu DocX markdown image URLs (write/append -> image processing) ### Affected versions - `< 2026.2.14` ### Patched versions - `>= 2026.2.14` ### Impact If an attacker can influence tool calls (directly or via prompt injection), they may be able t

thehackerwire@mastodon.social at 2026-03-07T12:01:37.000Z ##

🟠 CVE-2026-28451 - High (8.3)

OpenClaw versions prior to 2026.2.14 contain server-side request forgery vulnerabilities in the Feishu extension that allow attackers to fetch attacker-controlled remote URLs without SSRF protections via sendMediaFeishu function and markdown image...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-07T12:01:37.000Z ##

🟠 CVE-2026-28451 - High (8.3)

OpenClaw versions prior to 2026.2.14 contain server-side request forgery vulnerabilities in the Feishu extension that allow attackers to fetch attacker-controlled remote URLs without SSRF protections via sendMediaFeishu function and markdown image...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-30242
(8.5 HIGH)

EPSS: 0.03%

updated 2026-03-05T21:43:16

1 posts

### Summary The webhook URL validation in `plane/app/serializers/webhook.py` only checks `ip.is_loopback`, allowing attackers with workspace ADMIN role to create webhooks pointing to private/internal network addresses (`10.x.x.x`, `172.16.x.x`, `192.168.x.x`, `169.254.169.254`, etc.). When webhook events fire, the server makes requests to these internal addresses and stores the response — enabling

thehackerwire@mastodon.social at 2026-03-07T08:15:03.000Z ##

🟠 CVE-2026-30242 - High (8.5)

Plane is an an open-source project management tool. Prior to version 1.2.3, the webhook URL validation in plane/app/serializers/webhook.py only checks ip.is_loopback, allowing attackers with workspace ADMIN role to create webhooks pointing to priv...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28446
(9.4 CRITICAL)

EPSS: 0.26%

updated 2026-03-05T21:43:07

1 posts

### Summary An authentication bypass in the optional `voice-call` extension/plugin allowed unapproved or anonymous callers to reach the voice-call agent when inbound policy was set to `allowlist` or `pairing`. Deployments that do not install/enable the `voice-call` extension are not affected. ### Affected Packages / Versions - `openclaw` (npm): `<= 2026.2.1` - Fixed in: `>= 2026.2.2` ### Deta

thehackerwire@mastodon.social at 2026-03-06T11:20:32.000Z ##

🔴 CVE-2026-28446 - Critical (9.8)

OpenClaw versions prior to 2026.2.1 with the voice-call extension installed and enabled contain an authentication bypass vulnerability in inbound allowlist policy validation that accepts empty caller IDs and uses suffix-based matching instead of s...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28392
(4.8 MEDIUM)

EPSS: 0.03%

updated 2026-03-05T21:41:06

2 posts

## Summary When Slack DMs are configured with `dmPolicy=open`, the Slack slash-command handler incorrectly treated any DM sender as command-authorized. This allowed any Slack user who could DM the bot to execute privileged slash commands via DM, bypassing intended allowlist/access-group restrictions. ## Affected Packages / Versions - Package: `openclaw` (npm) - Affected versions: `<= 2026.2.13`

Matchbook3469@mastodon.social at 2026-03-07T13:33:28.000Z ##

🚨 New security advisory:

CVE-2026-28392 affects multiple systems.

• Impact: Remote code execution or complete system compromise possible
• Risk: Attackers can gain full control of affected systems
• Mitigation: Patch immediately or isolate affected systems

Full breakdown:
yazoul.net/advisory/cve/cve-20

#Cybersecurity #VulnerabilityManagement #CyberSec

##

thehackerwire@mastodon.social at 2026-03-06T11:47:44.000Z ##

🔴 CVE-2026-28392 - Critical (9.8)

OpenClaw versions prior to 2026.2.14 contain a privilege escalation vulnerability in the Slack slash-command handler that incorrectly authorizes any direct message sender when dmPolicy is set to open (must be configured). Attackers can execute pri...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28391(CVSS UNKNOWN)

EPSS: 0.05%

updated 2026-03-05T21:40:43

1 posts

### Summary On Windows nodes, exec requests were executed via `cmd.exe /d /s /c <rawCommand>`. In allowlist/approval-gated mode, the allowlist analysis did not model Windows `cmd.exe` parsing and metacharacter behavior. A crafted command string could cause `cmd.exe` to interpret additional operations (for example command chaining via `&`, or expansion via `%...%` / `!...!`) beyond what was allowl

thehackerwire@mastodon.social at 2026-03-06T11:20:52.000Z ##

🔴 CVE-2026-28391 - Critical (9.8)

OpenClaw versions prior to 2026.2.2 fail to properly validate Windows cmd.exe metacharacters in allowlist-gated exec requests, allowing attackers to bypass command approval restrictions. Remote attackers can craft command strings with shell metach...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28115
(9.3 CRITICAL)

EPSS: 0.03%

updated 2026-03-05T21:31:51

1 posts

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in loopus WP Attractive Donations System - Easy Stripe & Paypal donations WP_AttractiveDonationsSystem allows Blind SQL Injection.This issue affects WP Attractive Donations System - Easy Stripe & Paypal donations: from n/a through <= 1.25.

thehackerwire@mastodon.social at 2026-03-05T19:18:46.000Z ##

🔴 CVE-2026-28115 - Critical (9.3)

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in loopus WP Attractive Donations System - Easy Stripe & Paypal donations WP_AttractiveDonationsSystem allows Blind SQL Injection.This issue affects...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2017-7921
(10.0 CRITICAL)

EPSS: 94.27%

updated 2026-03-05T21:31:32

3 posts

An Improper Authentication issue was discovered in Hikvision DS-2CD2xx2F-I Series V5.2.0 build 140721 to V5.4.0 build 160530, DS-2CD2xx0F-I Series V5.2.0 build 140721 to V5.4.0 Build 160401, DS-2CD2xx2FWD Series V5.3.1 build 150410 to V5.4.4 Build 161125, DS-2CD4x2xFWD Series V5.2.0 build 140721 to V5.4.0 Build 160414, DS-2CD4xx5 Series V5.2.0 build 140721 to V5.4.0 Build 160421, DS-2DFx Series V5

Nuclei template

25 repos

https://github.com/D2550/CVE_2017_7921_EXP

https://github.com/JrDw0/CVE-2017-7921-EXP

https://github.com/MartinxMax/BloodCat

https://github.com/aengussong/hikvision_probe

https://github.com/K3ysTr0K3R/CVE-2017-7921-EXPLOIT

https://github.com/KelvinWin10/CVE-2017-7921-rewrite

https://github.com/saaydmr/hikvision-exploiter

https://github.com/MisakaMikato/cve-2017-7921-golang

https://github.com/GabrielAvls/CVE-2017-7921

https://github.com/inj3ction/CVE-2017-7921-EXP

https://github.com/BurnyMcDull/CVE-2017-7921

https://github.com/201646613/CVE-2017-7921

https://github.com/AnonkiGroup/AnonHik

https://github.com/voidsshadows/Hikvision-City-Hunter

https://github.com/p4tq/hikvision_CVE-2017-7921_auth_bypass_config_decryptor

https://github.com/krypton612/hikivision

https://github.com/lastvocher/Hikvision-CVE-2017-7921-decryptor

https://github.com/Wyl-cmd/CVE-2017-7921-Research-Toolkit

https://github.com/jorhelp/Ingram

https://github.com/kooroshsanaei/HikVision-CVE-2017-7921

https://github.com/mverschu/CVE-2017-7921

https://github.com/chrisjd20/hikvision_CVE-2017-7921_auth_bypass_config_decryptor

https://github.com/0xf3d0rq/CVE-2017-7921

https://github.com/b3pwn3d/CVE-2017-7921

https://github.com/yousouf-Tasfin/cve-2017-7921-Mass-Exploit

secdb@infosec.exchange at 2026-03-05T22:00:22.000Z ##

🚨 [CISA-2026:0305] CISA Adds 5 Known Exploited Vulnerabilities to Catalog (secdb.nttzen.cloud/security-ad)

CISA has added 5 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

⚠️ CVE-2017-7921 (secdb.nttzen.cloud/cve/detail/)
- Name: Hikvision Multiple Products Improper Authentication Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Hikvision
- Product: Multiple Products
- Notes: hikvision.com/us-en/support/do ; nvd.nist.gov/vuln/detail/CVE-2

⚠️ CVE-2021-22681 (secdb.nttzen.cloud/cve/detail/)
- Name: Rockwell Multiple Products Insufficient Protected Credentials Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Rockwell
- Product: Multiple Products
- Notes: support.rockwellautomation.com ; cisa.gov/news-events/ics-advis ; nvd.nist.gov/vuln/detail/CVE-2

⚠️ CVE-2021-30952 (secdb.nttzen.cloud/cve/detail/)
- Name: Apple Multiple Products Integer Overflow or Wraparound Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Apple
- Product: Multiple Products
- Notes: support.apple.com/en-us/HT2129 ; support.apple.com/en-us/HT2129 ; support.apple.com/en-us/HT2129 ; support.apple.com/en-us/HT2129 ; support.apple.com/en-us/HT2129 ; nvd.nist.gov/vuln/detail/CVE-2

⚠️ CVE-2023-41974 (secdb.nttzen.cloud/cve/detail/)
- Name: Apple iOS and iPadOS Use-After-Free Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Apple
- Product: iOS and iPadOS
- Notes: support.apple.com/en-us/HT2139 ; support.apple.com/kb/HT213938 ; nvd.nist.gov/vuln/detail/CVE-2

⚠️ CVE-2023-43000 (secdb.nttzen.cloud/cve/detail/)
- Name: Apple Multiple products Use-After-Free Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Apple
- Product: Multiple Products
- Notes: support.apple.com/en-us/120324 ; support.apple.com/en-us/120331 ; support.apple.com/en-us/120338 ; nvd.nist.gov/vuln/detail/CVE-2

#SecDB #InfoSec #CVE #CISA_KEV #cisa_20260305 #cisa20260305 #cve_2017_7921 #cve_2021_22681 #cve_2021_30952 #cve_2023_41974 #cve_2023_43000 #cve20177921 #cve202122681 #cve202130952 #cve202341974 #cve202343000

##

cisakevtracker@mastodon.social at 2026-03-05T20:01:10.000Z ##

CVE ID: CVE-2017-7921
Vendor: Hikvision
Product: Multiple Products
Date Added: 2026-03-05
Notes: hikvision.com/us-en/support/do ; nvd.nist.gov/vuln/detail/CVE-2
CVE URL: nvd.nist.gov/vuln/detail/CVE-2

##

k3ym0@infosec.exchange at 2026-03-05T19:30:15.000Z ##

CISA Adds Five Known Exploited Vulnerabilities to Catalog
03/05/2026 02:30 PM EST

CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.

  • CVE-2017-7921 Hikvision Multiple Products Improper Authentication Vulnerability
  • CVE-2021-22681 Rockwell Multiple Products Insufficient Protected Credentials Vulnerability
  • CVE-2021-30952 Apple Multiple Products Integer Overflow or Wraparound Vulnerability
  • CVE-2023-41974 Apple iOS and iPadOS Use-After-Free Vulnerability
  • CVE-2023-43000 Apple Multiple products Use-After-Free Vulnerability

THREE Apple CVE's added to CISA KEV.

Patch your shit, people.

##

CVE-2026-24457
(9.1 CRITICAL)

EPSS: 0.19%

updated 2026-03-05T21:30:57

3 posts

An unsafe parsing of OpenMQ's configuration, allows a remote attacker to read arbitrary files from a MQ Broker's server. A full exploitation could read unauthorized files of the OpenMQ’s host OS. In some scenarios RCE could be achieved.

thehackerwire@mastodon.social at 2026-03-08T12:00:32.000Z ##

🔴 CVE-2026-24457 - Critical (9.1)

An unsafe parsing of OpenMQ's configuration, allows a remote attacker to read arbitrary files from a MQ Broker's server. A full exploitation could read unauthorized files of the OpenMQ’s host OS. In some scenarios RCE could be achieved.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-08T12:00:32.000Z ##

🔴 CVE-2026-24457 - Critical (9.1)

An unsafe parsing of OpenMQ's configuration, allows a remote attacker to read arbitrary files from a MQ Broker's server. A full exploitation could read unauthorized files of the OpenMQ’s host OS. In some scenarios RCE could be achieved.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-05T19:18:43.000Z ##

🔴 CVE-2026-24457 - Critical (9.1)

An unsafe parsing of OpenMQ's configuration, allows a remote attacker to read arbitrary files from a MQ Broker's server. A full exploitation could read unauthorized files of the OpenMQ’s host OS. In some scenarios RCE could be achieved.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2023-43000
(8.8 HIGH)

EPSS: 0.11%

updated 2026-03-05T21:30:24

4 posts

A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13.5, iOS 16.6 and iPadOS 16.6, Safari 16.6. Processing maliciously crafted web content may lead to memory corruption.

secdb@infosec.exchange at 2026-03-05T22:00:22.000Z ##

🚨 [CISA-2026:0305] CISA Adds 5 Known Exploited Vulnerabilities to Catalog (secdb.nttzen.cloud/security-ad)

CISA has added 5 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

⚠️ CVE-2017-7921 (secdb.nttzen.cloud/cve/detail/)
- Name: Hikvision Multiple Products Improper Authentication Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Hikvision
- Product: Multiple Products
- Notes: hikvision.com/us-en/support/do ; nvd.nist.gov/vuln/detail/CVE-2

⚠️ CVE-2021-22681 (secdb.nttzen.cloud/cve/detail/)
- Name: Rockwell Multiple Products Insufficient Protected Credentials Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Rockwell
- Product: Multiple Products
- Notes: support.rockwellautomation.com ; cisa.gov/news-events/ics-advis ; nvd.nist.gov/vuln/detail/CVE-2

⚠️ CVE-2021-30952 (secdb.nttzen.cloud/cve/detail/)
- Name: Apple Multiple Products Integer Overflow or Wraparound Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Apple
- Product: Multiple Products
- Notes: support.apple.com/en-us/HT2129 ; support.apple.com/en-us/HT2129 ; support.apple.com/en-us/HT2129 ; support.apple.com/en-us/HT2129 ; support.apple.com/en-us/HT2129 ; nvd.nist.gov/vuln/detail/CVE-2

⚠️ CVE-2023-41974 (secdb.nttzen.cloud/cve/detail/)
- Name: Apple iOS and iPadOS Use-After-Free Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Apple
- Product: iOS and iPadOS
- Notes: support.apple.com/en-us/HT2139 ; support.apple.com/kb/HT213938 ; nvd.nist.gov/vuln/detail/CVE-2

⚠️ CVE-2023-43000 (secdb.nttzen.cloud/cve/detail/)
- Name: Apple Multiple products Use-After-Free Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Apple
- Product: Multiple Products
- Notes: support.apple.com/en-us/120324 ; support.apple.com/en-us/120331 ; support.apple.com/en-us/120338 ; nvd.nist.gov/vuln/detail/CVE-2

#SecDB #InfoSec #CVE #CISA_KEV #cisa_20260305 #cisa20260305 #cve_2017_7921 #cve_2021_22681 #cve_2021_30952 #cve_2023_41974 #cve_2023_43000 #cve20177921 #cve202122681 #cve202130952 #cve202341974 #cve202343000

##

cisakevtracker@mastodon.social at 2026-03-05T20:01:41.000Z ##

CVE ID: CVE-2023-43000
Vendor: Apple
Product: Multiple Products
Date Added: 2026-03-05
Notes: support.apple.com/en-us/120324 ; support.apple.com/en-us/120331 ; support.apple.com/en-us/120338 ; nvd.nist.gov/vuln/detail/CVE-2
CVE URL: nvd.nist.gov/vuln/detail/CVE-2

##

k3ym0@infosec.exchange at 2026-03-05T19:30:15.000Z ##

CISA Adds Five Known Exploited Vulnerabilities to Catalog
03/05/2026 02:30 PM EST

CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.

  • CVE-2017-7921 Hikvision Multiple Products Improper Authentication Vulnerability
  • CVE-2021-22681 Rockwell Multiple Products Insufficient Protected Credentials Vulnerability
  • CVE-2021-30952 Apple Multiple Products Integer Overflow or Wraparound Vulnerability
  • CVE-2023-41974 Apple iOS and iPadOS Use-After-Free Vulnerability
  • CVE-2023-43000 Apple Multiple products Use-After-Free Vulnerability

THREE Apple CVE's added to CISA KEV.

Patch your shit, people.

##

AAKL@infosec.exchange at 2026-03-05T19:21:28.000Z ##

CISA has updated the KEV catalogue. Apple posted its security advisories yesterday: support.apple.com/en-us/100100

- CVE-2023-41974L Apple iOS and iPadOS Use-After-Free Vulnerability cve.org/CVERecord?id=CVE-2023-

- CVE-2021-30952L Apple Multiple Products Integer Overflow or Wraparound Vulnerability cve.org/CVERecord?id=CVE-2021-

- CVE-2023-43000: Apple Multiple products Use-After-Free Vulnerability cve.org/CVERecord?id=CVE-2023-

Several industrial advisories: cisa.gov/ #CISA #vulnerability #infosec #Apple

##

CVE-2023-41974
(7.8 HIGH)

EPSS: 0.48%

updated 2026-03-05T21:30:23

4 posts

A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 17 and iPadOS 17. An app may be able to execute arbitrary code with kernel privileges.

secdb@infosec.exchange at 2026-03-05T22:00:22.000Z ##

🚨 [CISA-2026:0305] CISA Adds 5 Known Exploited Vulnerabilities to Catalog (secdb.nttzen.cloud/security-ad)

CISA has added 5 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

⚠️ CVE-2017-7921 (secdb.nttzen.cloud/cve/detail/)
- Name: Hikvision Multiple Products Improper Authentication Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Hikvision
- Product: Multiple Products
- Notes: hikvision.com/us-en/support/do ; nvd.nist.gov/vuln/detail/CVE-2

⚠️ CVE-2021-22681 (secdb.nttzen.cloud/cve/detail/)
- Name: Rockwell Multiple Products Insufficient Protected Credentials Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Rockwell
- Product: Multiple Products
- Notes: support.rockwellautomation.com ; cisa.gov/news-events/ics-advis ; nvd.nist.gov/vuln/detail/CVE-2

⚠️ CVE-2021-30952 (secdb.nttzen.cloud/cve/detail/)
- Name: Apple Multiple Products Integer Overflow or Wraparound Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Apple
- Product: Multiple Products
- Notes: support.apple.com/en-us/HT2129 ; support.apple.com/en-us/HT2129 ; support.apple.com/en-us/HT2129 ; support.apple.com/en-us/HT2129 ; support.apple.com/en-us/HT2129 ; nvd.nist.gov/vuln/detail/CVE-2

⚠️ CVE-2023-41974 (secdb.nttzen.cloud/cve/detail/)
- Name: Apple iOS and iPadOS Use-After-Free Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Apple
- Product: iOS and iPadOS
- Notes: support.apple.com/en-us/HT2139 ; support.apple.com/kb/HT213938 ; nvd.nist.gov/vuln/detail/CVE-2

⚠️ CVE-2023-43000 (secdb.nttzen.cloud/cve/detail/)
- Name: Apple Multiple products Use-After-Free Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Apple
- Product: Multiple Products
- Notes: support.apple.com/en-us/120324 ; support.apple.com/en-us/120331 ; support.apple.com/en-us/120338 ; nvd.nist.gov/vuln/detail/CVE-2

#SecDB #InfoSec #CVE #CISA_KEV #cisa_20260305 #cisa20260305 #cve_2017_7921 #cve_2021_22681 #cve_2021_30952 #cve_2023_41974 #cve_2023_43000 #cve20177921 #cve202122681 #cve202130952 #cve202341974 #cve202343000

##

cisakevtracker@mastodon.social at 2026-03-05T20:02:12.000Z ##

CVE ID: CVE-2023-41974
Vendor: Apple
Product: iOS and iPadOS
Date Added: 2026-03-05
Notes: support.apple.com/en-us/HT2139 ; support.apple.com/kb/HT213938 ; nvd.nist.gov/vuln/detail/CVE-2
CVE URL: nvd.nist.gov/vuln/detail/CVE-2

##

k3ym0@infosec.exchange at 2026-03-05T19:30:15.000Z ##

CISA Adds Five Known Exploited Vulnerabilities to Catalog
03/05/2026 02:30 PM EST

CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.

  • CVE-2017-7921 Hikvision Multiple Products Improper Authentication Vulnerability
  • CVE-2021-22681 Rockwell Multiple Products Insufficient Protected Credentials Vulnerability
  • CVE-2021-30952 Apple Multiple Products Integer Overflow or Wraparound Vulnerability
  • CVE-2023-41974 Apple iOS and iPadOS Use-After-Free Vulnerability
  • CVE-2023-43000 Apple Multiple products Use-After-Free Vulnerability

THREE Apple CVE's added to CISA KEV.

Patch your shit, people.

##

AAKL@infosec.exchange at 2026-03-05T19:21:28.000Z ##

CISA has updated the KEV catalogue. Apple posted its security advisories yesterday: support.apple.com/en-us/100100

- CVE-2023-41974L Apple iOS and iPadOS Use-After-Free Vulnerability cve.org/CVERecord?id=CVE-2023-

- CVE-2021-30952L Apple Multiple Products Integer Overflow or Wraparound Vulnerability cve.org/CVERecord?id=CVE-2021-

- CVE-2023-43000: Apple Multiple products Use-After-Free Vulnerability cve.org/CVERecord?id=CVE-2023-

Several industrial advisories: cisa.gov/ #CISA #vulnerability #infosec #Apple

##

CVE-2026-26478
(9.8 CRITICAL)

EPSS: 0.86%

updated 2026-03-05T18:13:33.993000

2 posts

A shell command injection vulnerability in Mobvoi Tichome Mini smart speaker 012-18853 and 027-58389 allows remote attackers to send a specially crafted UDP datagram and execute arbitrary shell code as the root account.

secdb at 2026-03-09T00:01:23.710Z ##

📈 CVE Published in last 7 days (2026-03-02 - 2026-03-09)
See more at secdb.nttzen.cloud/dashboard

Total CVEs: 1428

Severity:
- Critical: 187
- High: 549
- Medium: 456
- Low: 43
- None: 193

Status:
- : 38
- Analyzed: 324
- Awaiting Analysis: 475
- Modified: 83
- Received: 445
- Rejected: 7
- Undergoing Analysis: 56

Top CNAs:
- GitHub, Inc.: 283
- Patchstack: 271
- MITRE: 128
- VulnCheck: 107
- VulDB: 85
- Wordfence: 74
- Android (associated with Google Inc. or Open Handset Alliance): 57
- Cisco Systems, Inc.: 50
- N/A: 38
- Acronis International GmbH: 23

Top Affected Products:
- UNKNOWN: 1003
- Google Android: 74
- Chamilo Lms: 25
- Dlink Dir-513 Firmware: 20
- Huawei Harmonyos: 18
- Qualcomm Qca6595au Firmware: 14
- Qualcomm Wcd9380 Firmware: 14
- Qualcomm Wcd9385 Firmware: 14
- Qualcomm Wsa8830 Firmware: 14
- Qualcomm Wsa8815 Firmware: 14

Top EPSS Score:
- CVE-2026-2256 - 1.80 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24105 - 1.29 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-25070 - 1.03 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-26478 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24101 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24107 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-30227 - 0.80 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2024-47886 - 0.75 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2025-14675 - 0.68 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2018-25181 - 0.57 % (secdb.nttzen.cloud/cve/detail/)

##

secdb@infosec.exchange at 2026-03-09T00:01:23.000Z ##

📈 CVE Published in last 7 days (2026-03-02 - 2026-03-09)
See more at secdb.nttzen.cloud/dashboard

Total CVEs: 1428

Severity:
- Critical: 187
- High: 549
- Medium: 456
- Low: 43
- None: 193

Status:
- : 38
- Analyzed: 324
- Awaiting Analysis: 475
- Modified: 83
- Received: 445
- Rejected: 7
- Undergoing Analysis: 56

Top CNAs:
- GitHub, Inc.: 283
- Patchstack: 271
- MITRE: 128
- VulnCheck: 107
- VulDB: 85
- Wordfence: 74
- Android (associated with Google Inc. or Open Handset Alliance): 57
- Cisco Systems, Inc.: 50
- N/A: 38
- Acronis International GmbH: 23

Top Affected Products:
- UNKNOWN: 1003
- Google Android: 74
- Chamilo Lms: 25
- Dlink Dir-513 Firmware: 20
- Huawei Harmonyos: 18
- Qualcomm Qca6595au Firmware: 14
- Qualcomm Wcd9380 Firmware: 14
- Qualcomm Wcd9385 Firmware: 14
- Qualcomm Wsa8830 Firmware: 14
- Qualcomm Wsa8815 Firmware: 14

Top EPSS Score:
- CVE-2026-2256 - 1.80 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24105 - 1.29 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-25070 - 1.03 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-26478 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24101 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24107 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-30227 - 0.80 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2024-47886 - 0.75 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2025-14675 - 0.68 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2018-25181 - 0.57 % (secdb.nttzen.cloud/cve/detail/)

##

CVE-2026-29186
(7.7 HIGH)

EPSS: 0.07%

updated 2026-03-05T00:12:09

2 posts

### Impact This is a configuration bypass vulnerability that enables arbitrary code execution. The `@backstage/plugin-techdocs-node` package uses an allowlist to filter dangerous MkDocs configuration keys during the documentation build process. A gap in this allowlist allows attackers to craft an `mkdocs.yml` that causes arbitrary Python code execution, completely bypassing TechDocs' security co

thehackerwire@mastodon.social at 2026-03-07T15:17:00.000Z ##

🟠 CVE-2026-29186 - High (7.7)

Backstage is an open framework for building developer portals. Prior to version 1.14.3, this is a configuration bypass vulnerability that enables arbitrary code execution. The @backstage/plugin-techdocs-node package uses an allowlist to filter dan...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-07T15:17:00.000Z ##

🟠 CVE-2026-29186 - High (7.7)

Backstage is an open framework for building developer portals. Prior to version 1.14.3, this is a configuration bypass vulnerability that enables arbitrary code execution. The @backstage/plugin-techdocs-node package uses an allowlist to filter dan...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-29192
(7.7 HIGH)

EPSS: 0.03%

updated 2026-03-04T22:53:44

2 posts

### Summary A vulnerability in Zitadel's login V2 interface was discovered, allowing for possible account takeover. ### Impact Zitadel allows organization administrators to change the default redirect URI for their organization. This setting enables them to redirect users to an arbitrary location after they log in. Due to missing restrictions and improper handling, malicious javascrtipt code c

thehackerwire@mastodon.social at 2026-03-07T15:37:46.000Z ##

🟠 CVE-2026-29192 - High (7.7)

ZITADEL is an open source identity management platform. From version 4.0.0 to 4.11.1, a vulnerability in Zitadel's login V2 interface was discovered that allowed a possible account takeover via Default URI Redirect. This issue has been patched in ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-07T15:37:46.000Z ##

🟠 CVE-2026-29192 - High (7.7)

ZITADEL is an open source identity management platform. From version 4.0.0 to 4.11.1, a vulnerability in Zitadel's login V2 interface was discovered that allowed a possible account takeover via Default URI Redirect. This issue has been patched in ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-29191
(9.3 CRITICAL)

EPSS: 0.03%

updated 2026-03-04T22:47:09

2 posts

### Summary A vulnerability was discovered in Zitadel's login V2 interface that allowed a possible account takeover. ### Impact Zitadel exposes an HTTP endpoint named /saml-post. This endpoint is used for handling requests to SAML IdPs and accepts two HTTP GET parameters: url and id. When these parameters are supplied, users’ browsers auto-submit an HTTP POST request to the provided url paramet

thehackerwire@mastodon.social at 2026-03-07T15:37:36.000Z ##

🔴 CVE-2026-29191 - Critical (9.3)

ZITADEL is an open source identity management platform. From version 4.0.0 to 4.11.1, a vulnerability in Zitadel's login V2 interface was discovered that allowed a possible account takeover via XSS in /saml-post Endpoint. This issue has been patch...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-07T15:37:36.000Z ##

🔴 CVE-2026-29191 - Critical (9.3)

ZITADEL is an open source identity management platform. From version 4.0.0 to 4.11.1, a vulnerability in Zitadel's login V2 interface was discovered that allowed a possible account takeover via XSS in /saml-post Endpoint. This issue has been patch...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-2256
(6.5 MEDIUM)

EPSS: 2.31%

updated 2026-03-03T21:52:29.877000

2 posts

A command injection vulnerability in ModelScope's ms-agent versions v1.6.0rc1 and earlier exists, allowing an attacker to execute arbitrary operating system commands through crafted prompt-derived input.

1 repos

https://github.com/Itamar-Yochpaz/CVE-2026-2256-PoC

secdb at 2026-03-09T00:01:23.710Z ##

📈 CVE Published in last 7 days (2026-03-02 - 2026-03-09)
See more at secdb.nttzen.cloud/dashboard

Total CVEs: 1428

Severity:
- Critical: 187
- High: 549
- Medium: 456
- Low: 43
- None: 193

Status:
- : 38
- Analyzed: 324
- Awaiting Analysis: 475
- Modified: 83
- Received: 445
- Rejected: 7
- Undergoing Analysis: 56

Top CNAs:
- GitHub, Inc.: 283
- Patchstack: 271
- MITRE: 128
- VulnCheck: 107
- VulDB: 85
- Wordfence: 74
- Android (associated with Google Inc. or Open Handset Alliance): 57
- Cisco Systems, Inc.: 50
- N/A: 38
- Acronis International GmbH: 23

Top Affected Products:
- UNKNOWN: 1003
- Google Android: 74
- Chamilo Lms: 25
- Dlink Dir-513 Firmware: 20
- Huawei Harmonyos: 18
- Qualcomm Qca6595au Firmware: 14
- Qualcomm Wcd9380 Firmware: 14
- Qualcomm Wcd9385 Firmware: 14
- Qualcomm Wsa8830 Firmware: 14
- Qualcomm Wsa8815 Firmware: 14

Top EPSS Score:
- CVE-2026-2256 - 1.80 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24105 - 1.29 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-25070 - 1.03 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-26478 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24101 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24107 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-30227 - 0.80 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2024-47886 - 0.75 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2025-14675 - 0.68 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2018-25181 - 0.57 % (secdb.nttzen.cloud/cve/detail/)

##

secdb@infosec.exchange at 2026-03-09T00:01:23.000Z ##

📈 CVE Published in last 7 days (2026-03-02 - 2026-03-09)
See more at secdb.nttzen.cloud/dashboard

Total CVEs: 1428

Severity:
- Critical: 187
- High: 549
- Medium: 456
- Low: 43
- None: 193

Status:
- : 38
- Analyzed: 324
- Awaiting Analysis: 475
- Modified: 83
- Received: 445
- Rejected: 7
- Undergoing Analysis: 56

Top CNAs:
- GitHub, Inc.: 283
- Patchstack: 271
- MITRE: 128
- VulnCheck: 107
- VulDB: 85
- Wordfence: 74
- Android (associated with Google Inc. or Open Handset Alliance): 57
- Cisco Systems, Inc.: 50
- N/A: 38
- Acronis International GmbH: 23

Top Affected Products:
- UNKNOWN: 1003
- Google Android: 74
- Chamilo Lms: 25
- Dlink Dir-513 Firmware: 20
- Huawei Harmonyos: 18
- Qualcomm Qca6595au Firmware: 14
- Qualcomm Wcd9380 Firmware: 14
- Qualcomm Wcd9385 Firmware: 14
- Qualcomm Wsa8830 Firmware: 14
- Qualcomm Wsa8815 Firmware: 14

Top EPSS Score:
- CVE-2026-2256 - 1.80 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24105 - 1.29 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-25070 - 1.03 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-26478 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24101 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24107 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-30227 - 0.80 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2024-47886 - 0.75 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2025-14675 - 0.68 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2018-25181 - 0.57 % (secdb.nttzen.cloud/cve/detail/)

##

CVE-2026-24101
(9.8 CRITICAL)

EPSS: 1.13%

updated 2026-03-03T19:44:19.120000

2 posts

An issue was discovered in goform/formSetIptv in Tenda AC15V1.0 V15.03.05.18_multi. When the condition is met, `s1_1` will be passed into sub_B0488, concatenated into `doSystemCmd`. The value of s1_1 is not validated, potentially leading to a command injection vulnerability.

secdb at 2026-03-09T00:01:23.710Z ##

📈 CVE Published in last 7 days (2026-03-02 - 2026-03-09)
See more at secdb.nttzen.cloud/dashboard

Total CVEs: 1428

Severity:
- Critical: 187
- High: 549
- Medium: 456
- Low: 43
- None: 193

Status:
- : 38
- Analyzed: 324
- Awaiting Analysis: 475
- Modified: 83
- Received: 445
- Rejected: 7
- Undergoing Analysis: 56

Top CNAs:
- GitHub, Inc.: 283
- Patchstack: 271
- MITRE: 128
- VulnCheck: 107
- VulDB: 85
- Wordfence: 74
- Android (associated with Google Inc. or Open Handset Alliance): 57
- Cisco Systems, Inc.: 50
- N/A: 38
- Acronis International GmbH: 23

Top Affected Products:
- UNKNOWN: 1003
- Google Android: 74
- Chamilo Lms: 25
- Dlink Dir-513 Firmware: 20
- Huawei Harmonyos: 18
- Qualcomm Qca6595au Firmware: 14
- Qualcomm Wcd9380 Firmware: 14
- Qualcomm Wcd9385 Firmware: 14
- Qualcomm Wsa8830 Firmware: 14
- Qualcomm Wsa8815 Firmware: 14

Top EPSS Score:
- CVE-2026-2256 - 1.80 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24105 - 1.29 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-25070 - 1.03 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-26478 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24101 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24107 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-30227 - 0.80 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2024-47886 - 0.75 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2025-14675 - 0.68 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2018-25181 - 0.57 % (secdb.nttzen.cloud/cve/detail/)

##

secdb@infosec.exchange at 2026-03-09T00:01:23.000Z ##

📈 CVE Published in last 7 days (2026-03-02 - 2026-03-09)
See more at secdb.nttzen.cloud/dashboard

Total CVEs: 1428

Severity:
- Critical: 187
- High: 549
- Medium: 456
- Low: 43
- None: 193

Status:
- : 38
- Analyzed: 324
- Awaiting Analysis: 475
- Modified: 83
- Received: 445
- Rejected: 7
- Undergoing Analysis: 56

Top CNAs:
- GitHub, Inc.: 283
- Patchstack: 271
- MITRE: 128
- VulnCheck: 107
- VulDB: 85
- Wordfence: 74
- Android (associated with Google Inc. or Open Handset Alliance): 57
- Cisco Systems, Inc.: 50
- N/A: 38
- Acronis International GmbH: 23

Top Affected Products:
- UNKNOWN: 1003
- Google Android: 74
- Chamilo Lms: 25
- Dlink Dir-513 Firmware: 20
- Huawei Harmonyos: 18
- Qualcomm Qca6595au Firmware: 14
- Qualcomm Wcd9380 Firmware: 14
- Qualcomm Wcd9385 Firmware: 14
- Qualcomm Wsa8830 Firmware: 14
- Qualcomm Wsa8815 Firmware: 14

Top EPSS Score:
- CVE-2026-2256 - 1.80 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24105 - 1.29 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-25070 - 1.03 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-26478 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24101 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24107 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-30227 - 0.80 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2024-47886 - 0.75 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2025-14675 - 0.68 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2018-25181 - 0.57 % (secdb.nttzen.cloud/cve/detail/)

##

CVE-2024-47886
(7.2 HIGH)

EPSS: 0.89%

updated 2026-03-03T19:11:21.227000

2 posts

Chamilo is a learning management system. Chamillo is affected by a post-authentication phar unserialize which leads to a remote code execution (RCE) within versions 1.11.12 to 1.11.26. By abusing multiple supported features from the virtualization plugin vchamilo, the vulnerability allows an administrator to execute arbitrary code on the server. This issue has been patched in version 1.11.26.

secdb at 2026-03-09T00:01:23.710Z ##

📈 CVE Published in last 7 days (2026-03-02 - 2026-03-09)
See more at secdb.nttzen.cloud/dashboard

Total CVEs: 1428

Severity:
- Critical: 187
- High: 549
- Medium: 456
- Low: 43
- None: 193

Status:
- : 38
- Analyzed: 324
- Awaiting Analysis: 475
- Modified: 83
- Received: 445
- Rejected: 7
- Undergoing Analysis: 56

Top CNAs:
- GitHub, Inc.: 283
- Patchstack: 271
- MITRE: 128
- VulnCheck: 107
- VulDB: 85
- Wordfence: 74
- Android (associated with Google Inc. or Open Handset Alliance): 57
- Cisco Systems, Inc.: 50
- N/A: 38
- Acronis International GmbH: 23

Top Affected Products:
- UNKNOWN: 1003
- Google Android: 74
- Chamilo Lms: 25
- Dlink Dir-513 Firmware: 20
- Huawei Harmonyos: 18
- Qualcomm Qca6595au Firmware: 14
- Qualcomm Wcd9380 Firmware: 14
- Qualcomm Wcd9385 Firmware: 14
- Qualcomm Wsa8830 Firmware: 14
- Qualcomm Wsa8815 Firmware: 14

Top EPSS Score:
- CVE-2026-2256 - 1.80 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24105 - 1.29 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-25070 - 1.03 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-26478 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24101 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24107 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-30227 - 0.80 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2024-47886 - 0.75 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2025-14675 - 0.68 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2018-25181 - 0.57 % (secdb.nttzen.cloud/cve/detail/)

##

secdb@infosec.exchange at 2026-03-09T00:01:23.000Z ##

📈 CVE Published in last 7 days (2026-03-02 - 2026-03-09)
See more at secdb.nttzen.cloud/dashboard

Total CVEs: 1428

Severity:
- Critical: 187
- High: 549
- Medium: 456
- Low: 43
- None: 193

Status:
- : 38
- Analyzed: 324
- Awaiting Analysis: 475
- Modified: 83
- Received: 445
- Rejected: 7
- Undergoing Analysis: 56

Top CNAs:
- GitHub, Inc.: 283
- Patchstack: 271
- MITRE: 128
- VulnCheck: 107
- VulDB: 85
- Wordfence: 74
- Android (associated with Google Inc. or Open Handset Alliance): 57
- Cisco Systems, Inc.: 50
- N/A: 38
- Acronis International GmbH: 23

Top Affected Products:
- UNKNOWN: 1003
- Google Android: 74
- Chamilo Lms: 25
- Dlink Dir-513 Firmware: 20
- Huawei Harmonyos: 18
- Qualcomm Qca6595au Firmware: 14
- Qualcomm Wcd9380 Firmware: 14
- Qualcomm Wcd9385 Firmware: 14
- Qualcomm Wsa8830 Firmware: 14
- Qualcomm Wsa8815 Firmware: 14

Top EPSS Score:
- CVE-2026-2256 - 1.80 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24105 - 1.29 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-25070 - 1.03 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-26478 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24101 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24107 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-30227 - 0.80 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2024-47886 - 0.75 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2025-14675 - 0.68 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2018-25181 - 0.57 % (secdb.nttzen.cloud/cve/detail/)

##

CVE-2026-24107
(9.8 CRITICAL)

EPSS: 1.13%

updated 2026-03-03T15:55:11.547000

2 posts

An issue was discovered in Tenda W20E V4.0br_V15.11.0.6. Failure to validate the value of `usbPartitionName`, which is directly used in `doSystemCmd`, may lead to critical command injection vulnerabilities.

secdb at 2026-03-09T00:01:23.710Z ##

📈 CVE Published in last 7 days (2026-03-02 - 2026-03-09)
See more at secdb.nttzen.cloud/dashboard

Total CVEs: 1428

Severity:
- Critical: 187
- High: 549
- Medium: 456
- Low: 43
- None: 193

Status:
- : 38
- Analyzed: 324
- Awaiting Analysis: 475
- Modified: 83
- Received: 445
- Rejected: 7
- Undergoing Analysis: 56

Top CNAs:
- GitHub, Inc.: 283
- Patchstack: 271
- MITRE: 128
- VulnCheck: 107
- VulDB: 85
- Wordfence: 74
- Android (associated with Google Inc. or Open Handset Alliance): 57
- Cisco Systems, Inc.: 50
- N/A: 38
- Acronis International GmbH: 23

Top Affected Products:
- UNKNOWN: 1003
- Google Android: 74
- Chamilo Lms: 25
- Dlink Dir-513 Firmware: 20
- Huawei Harmonyos: 18
- Qualcomm Qca6595au Firmware: 14
- Qualcomm Wcd9380 Firmware: 14
- Qualcomm Wcd9385 Firmware: 14
- Qualcomm Wsa8830 Firmware: 14
- Qualcomm Wsa8815 Firmware: 14

Top EPSS Score:
- CVE-2026-2256 - 1.80 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24105 - 1.29 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-25070 - 1.03 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-26478 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24101 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24107 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-30227 - 0.80 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2024-47886 - 0.75 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2025-14675 - 0.68 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2018-25181 - 0.57 % (secdb.nttzen.cloud/cve/detail/)

##

secdb@infosec.exchange at 2026-03-09T00:01:23.000Z ##

📈 CVE Published in last 7 days (2026-03-02 - 2026-03-09)
See more at secdb.nttzen.cloud/dashboard

Total CVEs: 1428

Severity:
- Critical: 187
- High: 549
- Medium: 456
- Low: 43
- None: 193

Status:
- : 38
- Analyzed: 324
- Awaiting Analysis: 475
- Modified: 83
- Received: 445
- Rejected: 7
- Undergoing Analysis: 56

Top CNAs:
- GitHub, Inc.: 283
- Patchstack: 271
- MITRE: 128
- VulnCheck: 107
- VulDB: 85
- Wordfence: 74
- Android (associated with Google Inc. or Open Handset Alliance): 57
- Cisco Systems, Inc.: 50
- N/A: 38
- Acronis International GmbH: 23

Top Affected Products:
- UNKNOWN: 1003
- Google Android: 74
- Chamilo Lms: 25
- Dlink Dir-513 Firmware: 20
- Huawei Harmonyos: 18
- Qualcomm Qca6595au Firmware: 14
- Qualcomm Wcd9380 Firmware: 14
- Qualcomm Wcd9385 Firmware: 14
- Qualcomm Wsa8830 Firmware: 14
- Qualcomm Wsa8815 Firmware: 14

Top EPSS Score:
- CVE-2026-2256 - 1.80 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24105 - 1.29 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-25070 - 1.03 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-26478 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24101 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24107 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-30227 - 0.80 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2024-47886 - 0.75 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2025-14675 - 0.68 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2018-25181 - 0.57 % (secdb.nttzen.cloud/cve/detail/)

##

CVE-2026-24105
(9.8 CRITICAL)

EPSS: 1.69%

updated 2026-03-03T15:31:37

2 posts

An issue was discovered in goform/formsetUsbUnload in Tenda AC15V1.0 V15.03.05.18_multi. The value of `v1` was not checked, potentially leading to a command injection vulnerability if injected into doSystemCmd.

secdb at 2026-03-09T00:01:23.710Z ##

📈 CVE Published in last 7 days (2026-03-02 - 2026-03-09)
See more at secdb.nttzen.cloud/dashboard

Total CVEs: 1428

Severity:
- Critical: 187
- High: 549
- Medium: 456
- Low: 43
- None: 193

Status:
- : 38
- Analyzed: 324
- Awaiting Analysis: 475
- Modified: 83
- Received: 445
- Rejected: 7
- Undergoing Analysis: 56

Top CNAs:
- GitHub, Inc.: 283
- Patchstack: 271
- MITRE: 128
- VulnCheck: 107
- VulDB: 85
- Wordfence: 74
- Android (associated with Google Inc. or Open Handset Alliance): 57
- Cisco Systems, Inc.: 50
- N/A: 38
- Acronis International GmbH: 23

Top Affected Products:
- UNKNOWN: 1003
- Google Android: 74
- Chamilo Lms: 25
- Dlink Dir-513 Firmware: 20
- Huawei Harmonyos: 18
- Qualcomm Qca6595au Firmware: 14
- Qualcomm Wcd9380 Firmware: 14
- Qualcomm Wcd9385 Firmware: 14
- Qualcomm Wsa8830 Firmware: 14
- Qualcomm Wsa8815 Firmware: 14

Top EPSS Score:
- CVE-2026-2256 - 1.80 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24105 - 1.29 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-25070 - 1.03 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-26478 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24101 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24107 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-30227 - 0.80 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2024-47886 - 0.75 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2025-14675 - 0.68 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2018-25181 - 0.57 % (secdb.nttzen.cloud/cve/detail/)

##

secdb@infosec.exchange at 2026-03-09T00:01:23.000Z ##

📈 CVE Published in last 7 days (2026-03-02 - 2026-03-09)
See more at secdb.nttzen.cloud/dashboard

Total CVEs: 1428

Severity:
- Critical: 187
- High: 549
- Medium: 456
- Low: 43
- None: 193

Status:
- : 38
- Analyzed: 324
- Awaiting Analysis: 475
- Modified: 83
- Received: 445
- Rejected: 7
- Undergoing Analysis: 56

Top CNAs:
- GitHub, Inc.: 283
- Patchstack: 271
- MITRE: 128
- VulnCheck: 107
- VulDB: 85
- Wordfence: 74
- Android (associated with Google Inc. or Open Handset Alliance): 57
- Cisco Systems, Inc.: 50
- N/A: 38
- Acronis International GmbH: 23

Top Affected Products:
- UNKNOWN: 1003
- Google Android: 74
- Chamilo Lms: 25
- Dlink Dir-513 Firmware: 20
- Huawei Harmonyos: 18
- Qualcomm Qca6595au Firmware: 14
- Qualcomm Wcd9380 Firmware: 14
- Qualcomm Wcd9385 Firmware: 14
- Qualcomm Wsa8830 Firmware: 14
- Qualcomm Wsa8815 Firmware: 14

Top EPSS Score:
- CVE-2026-2256 - 1.80 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24105 - 1.29 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-25070 - 1.03 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-26478 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24101 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24107 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-30227 - 0.80 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2024-47886 - 0.75 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2025-14675 - 0.68 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2018-25181 - 0.57 % (secdb.nttzen.cloud/cve/detail/)

##

CVE-2026-1492
(9.8 CRITICAL)

EPSS: 0.07%

updated 2026-03-03T06:31:14

2 posts

The User Registration & Membership – Custom Registration Form Builder, Custom Login Form, User Profile, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to improper privilege management in all versions up to, and including, 5.1.2. This is due to the plugin accepting a user-supplied role during membership registration without properly enforcing a server-side allowlist. Thi

1 repos

https://github.com/dreamboyim66-boop/CVE-2026-1492-POC

benzogaga33@mamot.fr at 2026-03-06T10:40:03.000Z ##

WordPress – CVE-2026-1492 : une faille dans un plugin permet de devenir admin très facilement it-connect.fr/wordpress-cve-20 #ActuCybersécurité #Cybersécurité #Vulnérabilité #Wordpress

##

jbz@indieweb.social at 2026-03-05T19:55:01.000Z ##

⚠️ WordPress membership plugin bug exploited to create admin accounts

「 The security vulnerability is tracked as CVE-2026-1492 and received a critical severity rating of 9.8. Because the plugin accepts a user-supplied role during membership registration, hackers can create administrator accounts without authentication 」

bleepingcomputer.com/news/secu

#wordpress #cybersecurity

##

CVE-2026-23600
(0 None)

EPSS: 0.24%

updated 2026-03-02T20:29:29.330000

1 posts

A remote authentication bypass vulnerability  exists in HPE AutoPass License Server (APLS).

undercodenews@mastodon.social at 2026-03-08T07:02:28.000Z ##

Critical Authentication Bypass Discovered in HPE AutoPass License Server (CVE-2026-23600)

Introduction Enterprise infrastructure often depends on licensing servers to manage software authorization across networks. These systems rarely attract the same attention as application servers or databases, yet they hold powerful administrative capabilities. When vulnerabilities appear in such infrastructure, attackers can potentially gain a foothold that affects entire…

undercodenews.com/critical-aut

##

CVE-2026-20127
(10.0 CRITICAL)

EPSS: 2.60%

updated 2026-02-26T16:20:02.187000

1 posts

A vulnerability in the peering authentication in Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an unauthenticated, remote attacker to bypass authentication and obtain administrative privileges on an affected system. This vulnerability exists because the peering authentication mechanism in an affected system is n

6 repos

https://github.com/zerozenxlabs/CVE-2026-20127---Cisco-SD-WAN-Preauth-RCE

https://github.com/leemuun/CVE-2026-20127

https://github.com/BugFor-Pings/CVE-2026-20127_EXP

https://github.com/yonathanpy/CVE-2026-20127-Cisco-SD-WAN-Preauth-RCE

https://github.com/abrahamsurf/sdwan-scanner-CVE-2026-20127

https://github.com/bluefalconink/cisa-ed-26-03-tracker

cyclone@infosec.exchange at 2026-03-05T19:42:37.000Z ##

Cisco Catalyst SD-WAN CVSS 10.0 zero-day (CVE-2026-20127) has been actively exploited, with attackers gaining admin access.

Full technical breakdown: forum.hashpwn.net/post/10802

#cisco #sdwan #cvss10 #cve202620127 #exploit #cybersecurity #infosec #news #hashpwn

##

CVE-2026-2441
(8.8 HIGH)

EPSS: 0.14%

updated 2026-02-23T13:24:55.920000

2 posts

Use after free in CSS in Google Chrome prior to 145.0.7632.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

8 repos

https://github.com/fartlover37/CVE-2026-2441-PoC

https://github.com/NetVanguard-cmd/CVE-2026-2441

https://github.com/theemperorspath/CVE-2026-2441-PoC

https://github.com/D3b0j33t/CVE-2026-2441-PoC

https://github.com/b1gchoi/CVE-2026-2441_POC

https://github.com/atiilla/CVE-2026-2441_PoC

https://github.com/washingtonmaister/CVE-2026-2441

https://github.com/huseyinstif/CVE-2026-2441-PoC

mastokukei@social.josko.org at 2026-03-08T09:02:19.000Z ##

– Upcoming eye-level camera glasses for AI-powered visual understanding via Galaxy phones.
- **Neo-Luddite attacks on data centers** – U.S. activists destroying AI/data center equipment, causing billion-dollar damages.
- **Accenture AI adoption mandate** – Employees penalized for not using AI tools, raising ethical concerns.
- **CSS zero-day vulnerability (CVE-2026-2441)** – Chrome exploit via manipulated CSS files.
- **Baikonur Launch Pad restoration** – Progress MS-33 ISS [2/14]

##

kazuhito@vivaldi.net at 2026-03-08T08:52:14.000Z ##

They Hacked the CSS: Inside Chrome’s First Zero-Day of 2026 (CVE-2026–2441) infosecwriteups.com/they-hacke

##

CVE-2026-25253
(8.8 HIGH)

EPSS: 0.05%

updated 2026-02-02T23:41:06

7 posts

## Summary The Control UI trusts `gatewayUrl` from the query string without validation and auto-connects on load, sending the stored gateway token in the WebSocket connect payload. Clicking a crafted link or visiting a malicious site can send the token to an attacker-controlled server. The attacker can then connect to the victim's local gateway, modify config (sandbox, tool policies), and invoke

6 repos

https://github.com/ethiack/moltbot-1click-rce

https://github.com/FrigateCaptain/openclaw_vulnerabilities_and_solutions

https://github.com/Ckokoski/moatbot-security

https://github.com/Joseph19820124/openclaw-vuln-report

https://github.com/adibirzu/openclaw-security-monitor

https://github.com/al4n4n/CVE-2026-25253-research

TiamatEnity@mastodon.social at 2026-03-08T15:12:12.000Z ##

🚨 SECURITY ALERT: 42,089 OpenClaw AI instances exposed with critical RCE vulnerability (CVE-2026-25253, CVSS 8.8).

93% lack authentication. 1.5M API tokens compromised. One-click shell access via malicious websites.

Full analysis + protection strategies:
dev.to/tiamatenity/your-ai-ass

#infosec #privacy #cybersecurity #ai

##

TiamatEnity@mastodon.social at 2026-03-08T11:53:47.000Z ##

🚨 Every AI conversation is a data breach.

42,000+ OpenClaw instances exposing credentials. 1.5M API tokens leaked. CVE-2026-25253: one-click RCE.

TIAMAT Privacy Proxy: Scrub PII before it reaches OpenAI/Anthropic/Groq. User IP stays hidden. 20% margin routing.

Privacy is infrastructure now. tiamat.live

#InfoSec #Privacy #Cybersecurity #OpenClaw

##

TiamatEnity@mastodon.social at 2026-03-08T08:36:09.000Z ##

🚨 **OpenClaw: The Largest AI Security Incident in Sovereign AI History**

42,000+ exposed instances. 93% with critical auth bypass. 1.5M leaked API tokens.

**CVE-2026-25253:** One-click RCE via WebSocket token hijacking.

Our investigation exposed 341 malicious skills in ClawHub. 36.82% of scanned skills have security flaws.

Full analysis: tiamat.live/research

#infosec #cybersecurity #ai

##

TiamatEnity@mastodon.social at 2026-03-08T05:48:42.000Z ##

🔒 OPENCLAW SECURITY DISASTER + PRIVACY PROXY SOLUTION

OpenClaw: 42K exposed instances, CVE-2026-25253 (RCE), 1.5M tokens leaked, 341 malicious skills.

Even patched OpenClaw leaks sensitive data: Users send PII to Claude/ChatGPT, providers keep logs forever.

Privacy Proxy scrubs PII before proxying → zero provider logs, zero data exfiltration risk.

Deploy now: tiamat.live

#infosec #privacy #security #cves

##

TiamatEnity@mastodon.social at 2026-03-07T15:57:11.000Z ##

The OpenClaw AI security crisis:

42,000+ exposed instances, 93% auth bypass
CVE-2026-25253 (CVSS 8.8): one malicious link = shell RCE via WebSocket hijack
1.5M API tokens leaked (Moltbook breach)
341 malicious skills in official marketplace
36.82% flaw rate across all ClawHub skills

New coined terms:
→ One-Click Compromise
→ The Skill Poisoning Problem
→ The Sovereign AI Paradox

Sovereignty ≠ security.

tiamat.live

#privacy #infosec #ai #cybersecurity #openclaw

##

TiamatEnity@mastodon.social at 2026-03-08T15:12:12.000Z ##

🚨 SECURITY ALERT: 42,089 OpenClaw AI instances exposed with critical RCE vulnerability (CVE-2026-25253, CVSS 8.8).

93% lack authentication. 1.5M API tokens compromised. One-click shell access via malicious websites.

Full analysis + protection strategies:
dev.to/tiamatenity/your-ai-ass

#infosec #privacy #cybersecurity #ai

##

TiamatEnity@mastodon.social at 2026-03-07T15:57:11.000Z ##

The OpenClaw AI security crisis:

42,000+ exposed instances, 93% auth bypass
CVE-2026-25253 (CVSS 8.8): one malicious link = shell RCE via WebSocket hijack
1.5M API tokens leaked (Moltbook breach)
341 malicious skills in official marketplace
36.82% flaw rate across all ClawHub skills

New coined terms:
→ One-Click Compromise
→ The Skill Poisoning Problem
→ The Sovereign AI Paradox

Sovereignty ≠ security.

tiamat.live

#privacy #infosec #ai #cybersecurity #openclaw

##

CVE-2025-38617
(4.7 MEDIUM)

EPSS: 0.00%

updated 2026-01-07T18:30:21

1 posts

In the Linux kernel, the following vulnerability has been resolved: net/packet: fix a race in packet_set_ring() and packet_notifier() When packet_set_ring() releases po->bind_lock, another thread can run packet_notifier() and process an NETDEV_UP event. This race and the fix are both similar to that of commit 15fe076edea7 ("net/packet: fix a race in packet_bind() and packet_notifier()"). There

_r_netsec@infosec.exchange at 2026-03-06T22:43:05.000Z ##

A Race Within A Race: Exploiting CVE-2025-38617 in Linux Packet Sockets blog.calif.io/p/a-race-within-

##

CVE-2025-14500
(9.8 CRITICAL)

EPSS: 1.29%

updated 2025-12-24T00:30:27

1 posts

IceWarp14 X-File-Operation Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IceWarp. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the X-File-Operation header. The issue results from the lack of proper validation of a user-supplied

beyondmachines1@infosec.exchange at 2026-03-05T20:01:11.000Z ##

Critical Unauthenticated RCE Vulnerability in IceWarp Leaves 1,200 Servers Exposed

IceWarp patched a critical unauthenticated remote code execution vulnerability (CVE-2025-14500) that allows attackers to run commands with system privileges via a malicious HTTP header. Over 1,200 servers remain exposed, posing a significant risk to corporate communication data and internal network security.

**If you are using IceWarp, this is important. Unauthenticated attackers can take full control of your entire mail server without needing a password. Apply the latest IceWarp security updates to close this vulnerability. If possible, isolate the platform from the internet.**
#cybersecurity #infosec #advisory #vulnerability
beyondmachines.net/event_detai

##

CVE-2025-55182
(10.0 CRITICAL)

EPSS: 66.27%

updated 2025-12-10T02:00:02.557000

1 posts

A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1.1, and 19.2.0 including the following packages: react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. The vulnerable code unsafely deserializes payloads from HTTP requests to Server Function endpoints.

Nuclei template

100 repos

https://github.com/ZihxS/check-react-rce-cve-2025-55182

https://github.com/Faithtiannn/CVE-2025-55182

https://github.com/BlackTechX011/React2Shell

https://github.com/RuoJi6/CVE-2025-55182-RCE-shell

https://github.com/zack0x01/CVE-2025-55182-advanced-scanner-

https://github.com/BankkRoll/Quickcheck-CVE-2025-55182-React-and-CVE-2025-66478-Next.js

https://github.com/freeqaz/react2shell

https://github.com/ejpir/CVE-2025-55182-bypass

https://github.com/subhdotsol/CVE-2025-55182

https://github.com/AdityaBhatt3010/React2Shell-CVE-2025-55182

https://github.com/whiteov3rflow/CVE-2025-55182-poc

https://github.com/Spritualkb/CVE-2025-55182-exp

https://github.com/emredavut/CVE-2025-55182

https://github.com/Tiger-Foxx/exploit-react-CVE-2025-55182

https://github.com/assetnote/react2shell-scanner

https://github.com/yanoshercohen/React2Shell_CVE-2025-55182

https://github.com/jf0x3a/CVE-2025-55182-exploit

https://github.com/kondukto-io/vulnerable-next-js-poc

https://github.com/CirqueiraDev/MassExploit-CVE-2025-55182

https://github.com/Cillian-Collins/CVE-2025-55182

https://github.com/Cr4at0r/Next.js-RCE-Scanner-BurpSuite-Extension-

https://github.com/zr0n/react2shell

https://github.com/mrknow001/RSC_Detector

https://github.com/santihabib/CVE-2025-55182-analysis

https://github.com/sho-luv/React2Shell

https://github.com/vijay-shirhatti/RSC-Detect-CVE-2025-55182

https://github.com/l4rm4nd/CVE-2025-55182

https://github.com/websecuritylabs/React2Shell-Library

https://github.com/gensecaihq/react2shell-scanner

https://github.com/hoosin/CVE-2025-55182

https://github.com/ynsmroztas/NextRce

https://github.com/sickwell/CVE-2025-55182

https://github.com/Chocapikk/CVE-2025-55182

https://github.com/xalgord/React2Shell

https://github.com/kavienanj/CVE-2025-55182

https://github.com/sudo-Yangziran/CVE-2025-55182POC

https://github.com/shyambhanushali/React2Shell

https://github.com/Pizz33/CVE-2025-55182-burpscanner

https://github.com/jctommasi/react2shellVulnApp

https://github.com/AliHzSec/CVE-2025-55182

https://github.com/pyroxenites/Nextjs_RCE_Exploit_Tool

https://github.com/keklick1337/CVE-2025-55182-golang-PoC

https://github.com/dwisiswant0/CVE-2025-55182

https://github.com/shamo0/react2shell-PoC

https://github.com/timsonner/React2Shell-CVE-2025-55182

https://github.com/alfazhossain/CVE-2025-55182-Exploiter

https://github.com/nehkark/CVE-2025-55182

https://github.com/StealthMoud/CVE-2025-55182-Scanner

https://github.com/theman001/CVE-2025-55182

https://github.com/theori-io/reactguard

https://github.com/Updatelap/CVE-2025-55182

https://github.com/msanft/CVE-2025-55182

https://github.com/fatguru/CVE-2025-55182-scanner

https://github.com/CymulateResearch/React2Shell-Scanner

https://github.com/hualy13/CVE-2025-55182

https://github.com/kOaDT/poc-cve-2025-55182

https://github.com/EynaExp/CVE-2025-55182-POC

https://github.com/hackersatyamrastogi/react2shell-ultimate

https://github.com/xcanwin/CVE-2025-55182-React-RCE

https://github.com/M4xSec/CVE-2025-55182-React2Shell-RCE-Shell

https://github.com/MemerGamer/CVE-2025-55182

https://github.com/alptexans/RSC-Detect-CVE-2025-55182

https://github.com/tobiasGuta/Next.js-RSC-RCE-Scanner-Burp-Suite-Extension

https://github.com/ThemeHackers/CVE-2025-55182

https://github.com/chrahman/react2shell-CVE-2025-55182-full-rce-script

https://github.com/aliclub0x00/CVE-2025-55182-POC-NEXTJS

https://github.com/Rsatan/Next.js-Exploit-Tool

https://github.com/rix4uni/CVE-2025-55182

https://github.com/MuhammadWaseem29/React2Shell_Rce-cve-2025-55182

https://github.com/xkillbit/cve-2025-55182-scanner

https://github.com/zack0x01/vuln-app-CVE-2025-55182

https://github.com/pax-k/react2shell-CVE-2025-55182-full-rce-script

https://github.com/VeilVulp/RscScan-cve-2025-55182

https://github.com/AdityaBhatt3010/React2Shell-CVE-2025-55182-The-Deserialization-Bug-That-Broke-the-Web

https://github.com/logesh-GIT001/CVE-2025-55182

https://github.com/zzhorc/CVE-2025-55182

https://github.com/sumanrox/rschunter

https://github.com/surajhacx/react2shellpoc

https://github.com/Dh4v4l8/CVE-2025-55182-poc-tool

https://github.com/c0rydoras/CVE-2025-55182

https://github.com/MoLeft/React2Shell-Toolbox

https://github.com/songsanggggg/CVE-2025-55182

https://github.com/im-ezboy/CVE-2025-55182-zoomeye

https://github.com/cybertechajju/R2C-CVE-2025-55182-66478

https://github.com/heiheishushu/rsc_detect_CVE-2025-55182

https://github.com/RavinduRathnayaka/CVE-2025-55182-PoC

https://github.com/GelukCrab/React-Server-Components-RCE

https://github.com/lachlan2k/React2Shell-CVE-2025-55182-original-poc

https://github.com/techgaun/cve-2025-55182-scanner

https://github.com/LemonTeatw1/CVE-2025-55182-exploit

https://github.com/Syrins/CVE-2025-55182-React2Shell-RCE

https://github.com/Security-Phoenix-demo/react2shell-scanner-rce-react-next-CVE-2025-55182-CVE-2025-66478

https://github.com/BeichenDream/CVE-2025-55182-GodzillaMemoryShell

https://github.com/vulncheck-oss/cve-2025-55182

https://github.com/ejpir/CVE-2025-55182-research

https://github.com/alsaut1/react2shell-lab

https://github.com/momika233/CVE-2025-55182-bypass

https://github.com/MrR0b0t19/CVE-2025-55182-shellinteractive

https://github.com/anuththara2007-W/CVE-2025-55182-Exploit-extension

https://github.com/acheong08/CVE-2025-55182-poc

CVE-2025-10959
(6.3 MEDIUM)

EPSS: 0.20%

updated 2025-09-25T18:30:45

1 posts

A vulnerability has been found in Wavlink NU516U1 M16U1_V240425. The affected element is the function sub_401778 of the file /cgi-bin/firewall.cgi. Such manipulation of the argument dmz_flag leads to command injection. The attack can be executed remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any wa

EUVD_Bot@mastodon.social at 2026-03-08T05:00:07.000Z ##

🚨 EUVD-2026-10208

📊 Score: 5.1/10 (CVSS v3.1)
📦 Product: NU516U1
🏢 Vendor: WAVLINK
📅 Updated: 2026-03-08

📝 A vulnerability has been found in Wavlink NU516U1 251208. This vulnerability affects the function sub_405B2C of the file /cgi-bin/firewall.cgi of the component Incomplete Fix CVE-2025-10959. The manipulation leads to command injection. It is possible to init...

🔗 euvd.enisa.europa.eu/vulnerabi

#cybersecurity #infosec #euvd #cve #vulnerability

##

CVE-2023-38545
(9.8 CRITICAL)

EPSS: 26.25%

updated 2025-02-13T18:33:03

2 posts

This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. When curl is asked to pass along the host name to the SOCKS5 proxy to allow that to resolve the address instead of it getting done by curl itself, the maximum length that host name can be is 255 bytes. If the host name is detected to be longer, curl switches to local name resolving and instead passes on the resolved

9 repos

https://github.com/vanigori/CVE-2023-38545-sample

https://github.com/imfht/CVE-2023-38545

https://github.com/bcdannyboy/CVE-2023-38545

https://github.com/d0rb/CVE-2023-38545

https://github.com/dbrugman/CVE-2023-38545-POC

https://github.com/UTsweetyfish/CVE-2023-38545

https://github.com/Yang-Shun-Yu/CVE-2023-38545

https://github.com/fatmo666/CVE-2023-38545-libcurl-SOCKS5-heap-buffer-overflow

https://github.com/nphuang/NS-Project-2024-Spring

bagder@mastodon.social at 2026-03-07T22:14:19.000Z ##

@spinnyspinlock we've only had two severity HIGH CVEs in #curl within the last five years, both of them were C mistakes: curl.se/docs/CVE-2023-38545.ht and curl.se/docs/CVE-2021-22901.ht

##

bagder@mastodon.social at 2026-03-07T22:14:19.000Z ##

@spinnyspinlock we've only had two severity HIGH CVEs in #curl within the last five years, both of them were C mistakes: curl.se/docs/CVE-2023-38545.ht and curl.se/docs/CVE-2021-22901.ht

##

CVE-2024-36694
(8.1 HIGH)

EPSS: 0.59%

updated 2024-12-18T22:03:16

1 posts

A Server-Side Template Injection (SSTI) vulnerability in the Theme Editor Function of openCart project v4.0.2.3 allows attackers to execute arbitrary code via injecting a crafted payload.

EUVD_Bot@mastodon.social at 2026-03-08T08:01:12.000Z ##

🚨 EUVD-2026-10220

📊 Score: 5.1/10 (CVSS v3.1)
📦 Product: Opencart
📅 Updated: 2026-03-08

📝 A vulnerability has been found in OpenCart 4.0.2.3. Affected by this issue is the function Save of the file admin/controller/design/template.php of the component Incomplete Fix CVE-2024-36694. Such manipulation leads to improper neutralization of special elements used in a t...

🔗 euvd.enisa.europa.eu/vulnerabi

#cybersecurity #infosec #euvd #cve #vulnerability

##

CVE-2021-22901
(8.1 HIGH)

EPSS: 0.34%

updated 2024-11-21T05:50:52.580000

4 posts

curl 7.75.0 through 7.76.1 suffers from a use-after-free vulnerability resulting in already freed memory being used when a TLS 1.3 session ticket arrives over a connection. A malicious server can use this in rare unfortunate circumstances to potentially reach remote code execution in the client. When libcurl at run-time sets up support for TLS 1.3 session tickets on a connection using OpenSSL, it

spinnyspinlock at 2026-03-07T22:30:52.778Z ##

@bagder CVE-2021-22901 was exactly the kind of interesting vulnerability I wanted to see, thank you! well done on the good security track record too :)

##

bagder@mastodon.social at 2026-03-07T22:14:19.000Z ##

@spinnyspinlock we've only had two severity HIGH CVEs in #curl within the last five years, both of them were C mistakes: curl.se/docs/CVE-2023-38545.ht and curl.se/docs/CVE-2021-22901.ht

##

spinnyspinlock@infosec.exchange at 2026-03-07T22:30:52.000Z ##

@bagder CVE-2021-22901 was exactly the kind of interesting vulnerability I wanted to see, thank you! well done on the good security track record too :)

##

bagder@mastodon.social at 2026-03-07T22:14:19.000Z ##

@spinnyspinlock we've only had two severity HIGH CVEs in #curl within the last five years, both of them were C mistakes: curl.se/docs/CVE-2023-38545.ht and curl.se/docs/CVE-2021-22901.ht

##

CVE-2026-29779
(0 None)

EPSS: 0.03%

2 posts

N/A

thehackerwire@mastodon.social at 2026-03-08T10:18:37.000Z ##

🟠 CVE-2026-29779 - High (7.5)

UptimeFlare is a serverless uptime monitoring & status page solution, powered by Cloudflare Workers. Prior to commit 377a596, configuration file uptime.config.ts exports both pageConfig (safe for client use) and workerConfig (server-only, contains...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-08T10:18:37.000Z ##

🟠 CVE-2026-29779 - High (7.5)

UptimeFlare is a serverless uptime monitoring & status page solution, powered by Cloudflare Workers. Prior to commit 377a596, configuration file uptime.config.ts exports both pageConfig (safe for client use) and workerConfig (server-only, contains...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-30863
(0 None)

EPSS: 0.07%

2 posts

N/A

1 repos

https://github.com/Worthes/CVE-2026-30863-Exploit

offseq at 2026-03-08T04:00:28.835Z ##

🚨 CRITICAL: parse-server (<8.6.10, <9.5.0-alpha.11) has CWE-287 improper authentication (CVE-2026-30863). JWT audience check skipped by default; attackers can impersonate users. Patch or set audience now. radar.offseq.com/threat/cve-20

##

offseq@infosec.exchange at 2026-03-08T04:00:28.000Z ##

🚨 CRITICAL: parse-server (<8.6.10, <9.5.0-alpha.11) has CWE-287 improper authentication (CVE-2026-30863). JWT audience check skipped by default; attackers can impersonate users. Patch or set audience now. radar.offseq.com/threat/cve-20 #OffSeq #CVE202630863 #ParseServer #infosec

##

CVE-2026-28210
(0 None)

EPSS: 0.05%

2 posts

N/A

thehackerwire@mastodon.social at 2026-03-07T15:39:35.000Z ##

🟠 CVE-2026-28210 - High (8.8)

FreePBX is an open source IP PBX. Prior to versions 16.0.49 and 17.0.7, FreePBX module cdr (Call Data Record) is vulnerable to SQL query injection. This issue has been patched in versions 16.0.49 and 17.0.7.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-07T15:39:35.000Z ##

🟠 CVE-2026-28210 - High (8.8)

FreePBX is an open source IP PBX. Prior to versions 16.0.49 and 17.0.7, FreePBX module cdr (Call Data Record) is vulnerable to SQL query injection. This issue has been patched in versions 16.0.49 and 17.0.7.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28287
(0 None)

EPSS: 0.11%

2 posts

N/A

thehackerwire@mastodon.social at 2026-03-07T15:39:25.000Z ##

🟠 CVE-2026-28287 - High (8.8)

FreePBX is an open source IP PBX. From versions 16.0.17.2 to before 16.0.20 and from version 17.0.2.4 to before 17.0.5, multiple command injection vulnerabilities exist in the recordings module. This issue has been patched in versions 16.0.20 and ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-07T15:39:25.000Z ##

🟠 CVE-2026-28287 - High (8.8)

FreePBX is an open source IP PBX. From versions 16.0.17.2 to before 16.0.20 and from version 17.0.2.4 to before 17.0.5, multiple command injection vulnerabilities exist in the recordings module. This issue has been patched in versions 16.0.20 and ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-29067
(0 None)

EPSS: 0.01%

2 posts

N/A

thehackerwire@mastodon.social at 2026-03-07T15:39:14.000Z ##

🟠 CVE-2026-29067 - High (8.1)

ZITADEL is an open source identity management platform. From version 4.0.0-rc.1 to 4.7.0, a potential vulnerability exists in ZITADEL's password reset mechanism in login V2. ZITADEL utilizes the Forwarded or X-Forwarded-Host header from incoming r...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-07T15:39:14.000Z ##

🟠 CVE-2026-29067 - High (8.1)

ZITADEL is an open source identity management platform. From version 4.0.0-rc.1 to 4.7.0, a potential vulnerability exists in ZITADEL's password reset mechanism in login V2. ZITADEL utilizes the Forwarded or X-Forwarded-Host header from incoming r...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-55208
(0 None)

EPSS: 0.05%

2 posts

N/A

thehackerwire@mastodon.social at 2026-03-07T13:01:18.000Z ##

🔴 CVE-2025-55208 - Critical (9)

Chamilo is a learning management system. Versions prior to 1.11.34 have a Stored XSS through insecure file uploads in `Social Networks`. Through it, a low-privilege user can execute arbitrary code in the admin user inbox, allowing takeover of the ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-07T13:01:18.000Z ##

🔴 CVE-2025-55208 - Critical (9)

Chamilo is a learning management system. Versions prior to 1.11.34 have a Stored XSS through insecure file uploads in `Social Networks`. Through it, a low-privilege user can execute arbitrary code in the admin user inbox, allowing takeover of the ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28405
(0 None)

EPSS: 0.04%

2 posts

N/A

thehackerwire@mastodon.social at 2026-03-07T12:06:44.000Z ##

🟠 CVE-2026-28405 - High (8)

MarkUs is a web application for the submission and grading of student assignments. Prior to version 2.9.1, the courses//assignments//submissions/html_content route reads the contents of a student-submitted file and renders them without sanitizatio...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-07T12:06:44.000Z ##

🟠 CVE-2026-28405 - High (8)

MarkUs is a web application for the submission and grading of student assignments. Prior to version 2.9.1, the courses//assignments//submissions/html_content route reads the contents of a student-submitted file and renders them without sanitizatio...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-29089
(0 None)

EPSS: 0.01%

1 posts

N/A

thehackerwire@mastodon.social at 2026-03-07T09:30:12.000Z ##

🟠 CVE-2026-29089 - High (8.8)

TimescaleDB is a time-series database for high-performance real-time analytics packaged as a Postgres extension. From version 2.23.0 to 2.25.1, PostgreSQL uses the search_path setting to locate unqualified database objects (tables, functions, oper...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-29789
(0 None)

EPSS: 0.05%

2 posts

N/A

thehackerwire@mastodon.social at 2026-03-07T08:15:28.000Z ##

🔴 CVE-2026-29789 - Critical (9.9)

Vito is a self-hosted web application that helps manage servers and deploy PHP applications into production servers. Prior to version 3.20.3, a missing authorization check in workflow site-creation actions allows an authenticated attacker with wor...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

offseq@infosec.exchange at 2026-03-07T00:00:42.000Z ##

🚨 CVE-2026-29789 (CRITICAL, CVSS 10): vitodeploy vito <3.20.3 has missing auth checks in workflow site-creation. Attackers with workflow write can act across projects. Patch to 3.20.3+ now! radar.offseq.com/threat/cve-20 #OffSeq #Vulnerability #PatchTuesday

##

CVE-2026-30840
(0 None)

EPSS: 0.04%

1 posts

N/A

thehackerwire@mastodon.social at 2026-03-07T08:07:15.000Z ##

🟠 CVE-2026-30840 - High (8.8)

Wallos is an open-source, self-hostable personal subscription tracker. Prior to version 4.6.2, there is a server-side request forgery vulnerability in notification testers. This issue has been patched in version 4.6.2.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-14297
(0 None)

EPSS: 0.00%

1 posts

N/A

CVE-2026-28485
(0 None)

EPSS: 0.06%

1 posts

N/A

thehackerwire@mastodon.social at 2026-03-06T10:00:16.000Z ##

🟠 CVE-2026-28485 - High (8.4)

OpenClaw versions 2026.1.5 prior to 2026.2.12 fail to enforce mandatory authentication on the /agent/act browser-control HTTP route, allowing unauthorized local callers to invoke privileged operations. Remote attackers on the local network or loca...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-55289
(0 None)

EPSS: 0.05%

1 posts

N/A

thehackerwire@mastodon.social at 2026-03-06T08:15:27.000Z ##

🟠 CVE-2025-55289 - High (8.8)

Chamilo is a learning management system. Prior to version 1.11.34, there is a stored XSS vulnerability in Chamilo LMS (Verison 1.11.32) allows an attacker to inject arbitrary JavaScript into the platform’s social network and internal messaging f...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-59542
(0 None)

EPSS: 0.04%

1 posts

N/A

thehackerwire@mastodon.social at 2026-03-06T08:15:16.000Z ##

🔴 CVE-2025-59542 - Critical (9)

Chamilo is a learning management system. Prior to version 1.11.34, there is a stored cross-site scripting (XSS) vulnerability. By injecting malicious JavaScript into the course learning path Settings field, an attacker with a low-privileged accoun...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-29041
(0 None)

EPSS: 0.24%

1 posts

N/A

1 repos

https://github.com/celeboy711-hue/CVE-2026-29041

thehackerwire@mastodon.social at 2026-03-06T08:10:16.000Z ##

🟠 CVE-2026-29041 - High (8.8)

Chamilo is a learning management system. Prior to version 1.11.34, Chamilo LMS is affected by an authenticated remote code execution vulnerability caused by improper validation of uploaded files. The application relies solely on MIME-type verifica...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28429
(0 None)

EPSS: 0.36%

1 posts

N/A

thehackerwire@mastodon.social at 2026-03-06T08:09:37.000Z ##

🟠 CVE-2026-28429 - High (7.5)

Talishar is a fan-made Flesh and Blood project. Prior to commit 6be3871, a Path Traversal vulnerability was identified in the gameName parameter. While the application's primary entry points implement input validation, the ParseGamestate.php compo...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28676
(0 None)

EPSS: 0.05%

1 posts

N/A

thehackerwire@mastodon.social at 2026-03-06T08:07:02.000Z ##

🟠 CVE-2026-28676 - High (8.8)

OpenSift is an AI study tool that sifts through large datasets using semantic search and generative AI. Prior to version 1.6.3-alpha, multiple storage helpers used path construction patterns that did not uniformly enforce base-directory containmen...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28680
(0 None)

EPSS: 0.03%

1 posts

N/A

thehackerwire@mastodon.social at 2026-03-06T08:06:53.000Z ##

🔴 CVE-2026-28680 - Critical (9.3)

Ghostfolio is an open source wealth management software. Prior to version 2.245.0, an attacker can exploit the manual asset import feature to perform a full-read SSRF, allowing them to exfiltrate sensitive cloud metadata (IMDS) or probe internal n...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-27884
(0 None)

EPSS: 0.03%

1 posts

N/A

obivan@infosec.exchange at 2026-03-05T21:51:32.000Z ##

NetExec vulnerable to arbitrary file write via path traversal in spider_plus module nvd.nist.gov/vuln/detail/cve-2

##

Visit counter For Websites