##
Updated at UTC 2026-07-09T00:00:09.929870
| CVE | CVSS | EPSS | Posts | Repos | Nuclei | Updated | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-43499 | 7.8 | 0.12% | 3 | 2 | 2026-07-08T23:16:54.523000 | In the Linux kernel, the following vulnerability has been resolved: rtmutex: Us | |
| CVE-2026-14896 | 4.2 | 0.00% | 1 | 0 | 2026-07-08T21:30:37 | HashiCorp Nomad and Nomad Enterprise are vulnerable to a cross-namespace authori | |
| CVE-2026-14891 | 8.7 | 0.00% | 1 | 0 | 2026-07-08T21:30:37 | HashiCorp Nomad and Nomad Enterprise are vulnerable to a sandbox escape in the D | |
| CVE-2026-0288 | None | 0.00% | 2 | 0 | 2026-07-08T21:30:37 | Multiple buffer overflow vulnerabilities in the User-ID Terminal Server Agent (T | |
| CVE-2026-6896 | 8.7 | 0.00% | 2 | 0 | 2026-07-08T21:16:55.097000 | GitLab has remediated an issue in GitLab EE affecting all versions from 13.11 be | |
| CVE-2026-60105 | 8.6 | 0.00% | 2 | 0 | 2026-07-08T21:16:54.813000 | Monsta FTP before 2.14.5 contains a server-side request forgery vulnerability in | |
| CVE-2026-58525 | 8.2 | 0.00% | 2 | 0 | 2026-07-08T21:16:54.300000 | Improper access control in Microsoft Edge (Chromium-based) allows an unauthorize | |
| CVE-2026-58210 | 7.5 | 0.00% | 1 | 0 | 2026-07-08T20:16:53.950000 | NATS Server is a high-performance server for NATS.io, the cloud and edge native | |
| CVE-2026-53481 | 9.8 | 0.63% | 1 | 0 | 2026-07-08T19:57:35.883000 | Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release ver | |
| CVE-2026-33264 | 9.8 | 1.09% | 1 | 0 | 2026-07-08T19:37:10.507000 | A bug in `BaseSerialization.deserialize()` allowed unrestricted `import_string() | |
| CVE-2026-11405 | 9.8 | 0.24% | 5 | 1 | 2026-07-08T15:32:52 | The web server binary /bin/httpd contains a hidden backdoor authentication mecha | |
| CVE-2026-58480 | 9.8 | 0.00% | 1 | 0 | 2026-07-08T15:28:15.630000 | Blocksy Companion Pro plugin for WordPress before 2.1.47 contains an unauthentic | |
| CVE-2026-58473 | 9.1 | 0.37% | 1 | 0 | 2026-07-08T15:16:31.800000 | Cognee before 1.2.0 contains an improper access control vulnerability that allow | |
| CVE-2026-12378 | 8.1 | 0.23% | 1 | 0 | 2026-07-08T14:56:35.950000 | The Appointment Booking Calendar Plugin and Scheduling Plugin WordPress plugin | |
| CVE-2026-48908 | 9.8 | 1.43% | 4 | 7 | 2026-07-08T13:57:42.590000 | A vulnerability in SP Page Builder for Joomla allows unauthenticated users to up | |
| CVE-2026-9695 | 9.8 | 0.33% | 1 | 0 | 2026-07-08T09:31:48 | An Improper Authentication vulnerability affecting DELMIA Apriso from Release 20 | |
| CVE-2026-53359 | 0 | 0.18% | 12 | 4 | 2026-07-08T05:16:27.990000 | In the Linux kernel, the following vulnerability has been resolved: KVM: x86: F | |
| CVE-2026-60002 | 7.7 | 0.25% | 2 | 0 | 2026-07-08T03:30:33 | ssh in OpenSSH before 10.4 can have a use-after-free when a server changes its h | |
| CVE-2026-56843 | 9.9 | 0.34% | 1 | 0 | 2026-07-08T03:30:33 | Incorrect authorization in the XML-RPC API of WebPros Plesk before 18.0.78.4 all | |
| CVE-2026-55255 | 8.4 | 0.44% | 4 | 1 | 2026-07-07T22:14:37 | ## Summary Insecure Direct Object Reference (IDOR) vulnerability in `/api/v1/re | |
| CVE-2026-40139 | 9.8 | 0.65% | 1 | 0 | 2026-07-07T21:32:34 | A critical pre-authentication vulnerability exists in the authentication subsyst | |
| CVE-2026-48282 | 10.0 | 3.20% | 11 | 2 | template | 2026-07-07T21:32:33 | ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Improper Limi |
| CVE-2026-56290 | 9.8 | 0.74% | 4 | 3 | 2026-07-07T21:32:33 | The Joomla extension Page Builder CK is vulnerable to an unauthenticated arbitra | |
| CVE-2026-40140 | 7.5 | 0.56% | 1 | 0 | 2026-07-07T21:32:33 | BeyondTrust Remote Support and Privileged Remote Access contain a high-severity | |
| CVE-2026-40138 | 8.1 | 0.42% | 2 | 0 | 2026-07-07T16:16:38.780000 | A critical pre-authentication vulnerability exists in the authentication subsyst | |
| CVE-2026-12375 | 9.8 | 0.30% | 1 | 0 | 2026-07-07T15:33:58 | The uncanny-automator-pro WordPress plugin before 7.3.0.6 was distributed with m | |
| CVE-2026-4375 | 9.0 | 0.25% | 1 | 0 | 2026-07-07T15:33:58 | The DoLeads Integrator WordPress plugin through 0.65, wp2epub WordPress plugin t | |
| CVE-2026-53913 | 9.8 | 0.57% | 1 | 0 | 2026-07-07T15:33:54 | Improper Authentication, Missing Authentication for Critical Function, Not Faili | |
| CVE-2026-42143 | 8.8 | 0.43% | 1 | 0 | 2026-07-07T15:16:46.463000 | Coolify is an open-source and self-hostable tool for managing servers, applicati | |
| CVE-2026-34048 | 9.9 | 0.40% | 1 | 0 | 2026-07-07T15:16:43.953000 | Coolify is an open-source and self-hostable tool for managing servers, applicati | |
| CVE-2026-57981 | 8.8 | 0.56% | 1 | 0 | 2026-07-07T15:12:44.373000 | Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacke | |
| CVE-2026-58299 | 7.5 | 0.27% | 1 | 0 | 2026-07-07T14:42:37.003000 | Time-of-check time-of-use (toctou) race condition in Microsoft Edge for Android | |
| CVE-2026-57974 | 8.8 | 0.56% | 1 | 0 | 2026-07-07T13:43:32.083000 | Integer overflow or wraparound in Microsoft Edge (Chromium-based) allows an unau | |
| CVE-2026-57986 | 7.5 | 0.43% | 1 | 0 | 2026-07-07T12:50:49.980000 | Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacke | |
| CVE-2026-58289 | 9.0 | 0.44% | 1 | 0 | 2026-07-07T12:40:04.297000 | Access of resource using incompatible type ('type confusion') in Microsoft Edge | |
| CVE-2026-58292 | 7.5 | 0.28% | 1 | 0 | 2026-07-07T12:37:27.530000 | Improper input validation in Microsoft Edge (Chromium-based) allows an unauthori | |
| CVE-2026-14345 | 9.8 | 0.74% | 1 | 0 | 2026-07-07T06:31:27 | The WPFunnels β Funnel Builder for WooCommerce with Checkout & One Click Upsell | |
| CVE-2026-58286 | 8.1 | 0.31% | 1 | 0 | 2026-07-07T04:17:55.037000 | Improper access control in Microsoft Edge (Chromium-based) allows an unauthorize | |
| CVE-2026-43865 | 8.1 | 0.80% | 1 | 0 | 2026-07-06T21:30:36 | Deserialization of Untrusted Data vulnerability in Apache Camel Hazelcast compon | |
| CVE-2026-22555 | 8.1 | 0.30% | 1 | 0 | 2026-07-06T21:16:54.240000 | Gitea versions before 1.26.0 allow API users to fork a repository into an organi | |
| CVE-2025-71347 | 8.1 | 0.45% | 1 | 0 | 2026-07-06T21:16:52.797000 | picklescan before 0.0.33 fails to detect malicious pickle files using numpy.f2py | |
| CVE-2026-55075 | 7.4 | 0.48% | 1 | 0 | 2026-07-06T20:52:16 | ### Summary Two flaws in Coder's OIDC login chained into account takeover: emai | |
| CVE-2026-14637 | 8.2 | 0.60% | 1 | 0 | 2026-07-06T20:16:30.450000 | A security vulnerability has been detected in kirilkirkov Ecommerce-CodeIgniter- | |
| CVE-2026-4967 | 7.5 | 0.40% | 1 | 0 | 2026-07-06T19:46:08.807000 | In IMS, there is a possible out of bounds read due to a missing bounds check. Th | |
| CVE-2026-58282 | 8.1 | 0.31% | 1 | 0 | 2026-07-06T19:17:59.803000 | Improper access control in Microsoft Edge (Chromium-based) allows an unauthorize | |
| CVE-2026-14803 | 6.5 | 0.33% | 1 | 0 | 2026-07-06T19:16:59.597000 | Mojo::JSON versions before 9.47 for Perl allow memory exhaustion via unbounded r | |
| CVE-2026-14535 | 8.8 | 0.30% | 1 | 0 | 2026-07-06T18:55:20.287000 | In Trail of Bits fickling versions up to and including 0.1.11, the UnsafeImports | |
| CVE-2026-12686 | 0 | 0.31% | 1 | 0 | 2026-07-06T18:41:46.210000 | An authenticated user could manipulate a company ID parameter in a POST request | |
| CVE-2026-4321 | 9.8 | 0.27% | 1 | 0 | 2026-07-06T18:16:46.247000 | Improper neutralization of special elements used in an SQL command ('SQL injecti | |
| CVE-2026-12250 | 7.9 | 0.11% | 1 | 0 | 2026-07-06T18:16:45.163000 | Invocation of process using visible sensitive information vulnerability in TUBIT | |
| CVE-2026-14570 | 7.5 | 0.51% | 1 | 0 | 2026-07-06T18:16:45.163000 | Crypt::DSA versions before 1.22 for Perl draw the DSA signing nonce and private | |
| CVE-2026-14327 | 7.5 | 0.46% | 1 | 0 | 2026-07-06T18:02:49.450000 | The AR for WordPress plugin for WordPress is vulnerable to Directory Traversal i | |
| CVE-2026-14807 | 9.8 | 0.46% | 1 | 0 | 2026-07-06T09:30:37 | ERP App developed by PROG MIS has a Use of Hard-coded Credentials vulnerability, | |
| CVE-2026-14808 | 9.8 | 0.51% | 1 | 0 | 2026-07-06T09:30:37 | Prog Management System developed by PROG MIS has a Exposure of Sensitive Inf | |
| CVE-2026-59510 | None | 0.37% | 1 | 0 | 2026-07-05T18:30:56 | AIL Framework contains a path traversal vulnerability in its PDF object handling | |
| CVE-2026-9085 | 8.8 | 0.10% | 1 | 0 | 2026-07-05T15:30:34 | Incorrect Permission Assignment for Critical Resource, Improper Access Control v | |
| CVE-2026-6509 | 7.8 | 0.10% | 1 | 0 | 2026-07-05T15:30:34 | Missing Authorization vulnerability in TUBITAK BILGEM Software Technologies Rese | |
| CVE-2026-59509 | None | 0.35% | 1 | 0 | 2026-07-05T15:30:33 | An unauthenticated improper input validation vulnerability in the POST /fetch_cv | |
| CVE-2026-14751 | 6.3 | 0.20% | 1 | 0 | 2026-07-05T15:30:33 | A weakness has been identified in mjperpinosa stumasy up to 327d1b0f2915ba79d7ef | |
| CVE-2026-14738 | 3.7 | 0.21% | 1 | 0 | 2026-07-05T12:30:30 | A security flaw has been discovered in exo-explore exo up to 1.0.71. Affected is | |
| CVE-2026-14721 | 8.8 | 0.45% | 2 | 0 | 2026-07-05T09:30:24 | A vulnerability has been found in UTT HiPER 1250GW up to 3.2.7-210907-180535. Th | |
| CVE-2026-14781 | 4.8 | 0.20% | 1 | 0 | 2026-07-05T09:30:23 | A flaw exists in the org.keycloak.broker.oidc package where the OIDC broker inco | |
| CVE-2026-14703 | 6.3 | 0.20% | 1 | 0 | 2026-07-05T06:30:33 | A vulnerability has been found in itsourcecode Hospital Management System 1.0. A | |
| CVE-2026-14691 | 6.3 | 0.24% | 1 | 0 | 2026-07-05T03:32:41 | A security vulnerability has been detected in SourceCodester Multi-Vendor Online | |
| CVE-2026-14534 | 8.8 | 0.33% | 1 | 0 | 2026-07-04T15:30:24 | Trail of Bits fickling versions up to and including 0.1.10 do not include the Py | |
| CVE-2026-53360 | 0 | 0.27% | 1 | 1 | 2026-07-04T12:17:01.880000 | In the Linux kernel, the following vulnerability has been resolved: KVM: SEV: R | |
| CVE-2026-46242 | 7.8 | 0.12% | 11 | 2 | 2026-07-04T12:16:57.160000 | In the Linux kernel, the following vulnerability has been resolved: eventpoll: | |
| CVE-2025-71343 | 8.1 | 0.30% | 1 | 0 | 2026-07-04T03:31:09 | picklescan before 0.0.30 fails to detect malicious pickle files that exploit lib | |
| CVE-2026-54424 | 8.4 | 0.24% | 1 | 1 | 2026-07-04T03:31:08 | An Incorrect Use of Privileged APIs vulnerability in Unity Parsec on Windows hos | |
| CVE-2025-71353 | 8.1 | 0.30% | 1 | 0 | 2026-07-04T03:31:08 | picklescan before 0.0.28 fails to detect malicious pickle files that exploit tor | |
| CVE-2025-71345 | 8.1 | 0.43% | 1 | 0 | 2026-07-04T03:31:08 | picklescan before 0.0.30 fails to detect malicious pickle files that invoke torc | |
| CVE-2026-56645 | 8.8 | 0.56% | 1 | 0 | 2026-07-03T21:31:47 | Heap-based buffer overflow in Microsoft Edge (Chromium-based) allows an unauthor | |
| CVE-2026-57985 | 7.6 | 0.48% | 1 | 0 | 2026-07-03T21:31:47 | Improper input validation in Microsoft Edge (Chromium-based) allows an unauthori | |
| CVE-2026-58283 | 8.1 | 0.33% | 1 | 0 | 2026-07-03T21:31:47 | Access of resource using incompatible type ('type confusion') in Microsoft Edge | |
| CVE-2026-58276 | 7.5 | 0.43% | 1 | 0 | 2026-07-03T21:31:47 | Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacke | |
| CVE-2026-58290 | 7.5 | 0.25% | 1 | 0 | 2026-07-03T21:31:47 | Access of resource using incompatible type ('type confusion') in Microsoft Edge | |
| CVE-2026-58288 | 8.3 | 0.44% | 1 | 0 | 2026-07-03T21:31:47 | Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacke | |
| CVE-2026-58287 | 8.3 | 0.44% | 1 | 0 | 2026-07-03T21:31:47 | Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacke | |
| CVE-2026-58285 | 8.3 | 0.44% | 1 | 0 | 2026-07-03T21:31:47 | Access of resource using incompatible type ('type confusion') in Microsoft Edge | |
| CVE-2026-58284 | 8.3 | 0.40% | 1 | 0 | 2026-07-03T21:31:47 | Improper authorization in Microsoft Edge (Chromium-based) allows an unauthorized | |
| CVE-2026-58294 | 7.5 | 0.34% | 1 | 0 | 2026-07-03T21:31:47 | Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacke | |
| CVE-2026-58293 | 8.1 | 0.44% | 1 | 0 | 2026-07-03T21:31:47 | External control of file name or path in Microsoft Edge (Chromium-based) allows | |
| CVE-2026-57975 | 7.5 | 0.43% | 1 | 0 | 2026-07-03T21:31:46 | Access of resource using incompatible type ('type confusion') in Microsoft Edge | |
| CVE-2026-58295 | 8.3 | 0.37% | 1 | 0 | 2026-07-03T21:31:41 | Access of resource using incompatible type ('type confusion') in Microsoft Edge | |
| CVE-2026-12481 | 8.8 | 0.40% | 1 | 0 | 2026-07-03T21:31:40 | A vulnerability in keras-team/keras version 3.14.0 allows for arbitrary code exe | |
| CVE-2026-57992 | 7.5 | 0.43% | 1 | 0 | 2026-07-03T21:31:40 | Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacke | |
| CVE-2026-57984 | 7.5 | 0.43% | 1 | 0 | 2026-07-03T21:31:39 | Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacke | |
| CVE-2026-57983 | 8.7 | 0.46% | 1 | 0 | 2026-07-03T21:31:39 | Improper authorization in Microsoft Edge (Chromium-based) allows an unauthorized | |
| CVE-2026-14544 | 9.8 | 0.51% | 1 | 0 | 2026-07-03T09:31:35 | A flaw was found in HPLIP (HP Linux Imaging and Printing Software). This vulnera | |
| CVE-2026-14352 | 7.5 | 0.47% | 1 | 0 | 2026-07-03T06:32:11 | The AR for WooCommerce plugin for WordPress is vulnerable to Directory Traversal | |
| CVE-2026-9725 | 9.1 | 0.74% | 1 | 0 | 2026-07-03T06:32:11 | The Printcart Web to Print Product Designer for WooCommerce plugin for WordPress | |
| CVE-2026-13768 | 10.0 | 0.56% | 1 | 1 | 2026-07-03T00:32:02 | Gardyn devices expose a privileged iothubowner key. Access to this key will allo | |
| CVE-2026-13368 | None | 0.65% | 1 | 0 | 2026-07-03T00:31:57 | WatchGuard Fireware OS contains a race condition leading to a use-after-free vul | |
| CVE-2026-41106 | 9.3 | 0.53% | 1 | 0 | 2026-07-03T00:31:53 | Url redirection to untrusted site ('open redirect') in M365 Copilot allows an un | |
| CVE-2026-57517 | 9.8 | 0.59% | 1 | 1 | 2026-07-02T20:17:04.450000 | Control Web Panel before 0.9.8.1225 contains a blind SQL injection vulnerability | |
| CVE-2026-13773 | 6.0 | 3.42% | 1 | 0 | 2026-07-02T18:26:29.023000 | IBM WebSphere Extreme Scale 8.6.1.0 through 8.6.1.6 Approximately 50 generated C | |
| CVE-2026-50746 | 10.0 | 0.83% | 3 | 0 | 2026-07-02T15:32:12 | A malicious actor with access to the network could exploit an Improper Access Co | |
| CVE-2026-10104 | 4.4 | 0.26% | 1 | 1 | 2026-07-02T12:31:02 | The Product Video Gallery for Woocommerce plugin for WordPress is vulnerable to | |
| CVE-2026-43503 | 8.8 | 0.14% | 1 | 8 | 2026-07-02T12:17:20.070000 | In the Linux kernel, the following vulnerability has been resolved: net: skbuff | |
| CVE-2026-45659 | 8.8 | 3.22% | 2 | 4 | 2026-07-02T12:16:47.143000 | Deserialization of untrusted data in Microsoft Office SharePoint allows an autho | |
| CVE-2026-58457 | 9.8 | 1.67% | 1 | 0 | 2026-07-01T21:36:26 | Shenzhen Aitemi M300 Wi-Fi Repeater (hardware model MT02) contains an unauthenti | |
| CVE-2026-10539 | 9.0 | 0.24% | 1 | 0 | 2026-07-01T19:59:44.537000 | A Control-M/Server communication command does not sufficiently filter or sanitiz | |
| CVE-2026-58452 | 8.8 | 2.42% | 1 | 0 | 2026-07-01T18:32:05 | JAIOTlink C492A-W6 Wi-Fi IP cameras running firmware 4.8.30.57701411 contain an | |
| CVE-2026-58453 | 9.8 | 1.69% | 1 | 0 | 2026-07-01T18:32:04 | JAIOTlink C492A-W6 Wi-Fi IP cameras running firmware 4.8.30.57701411 contain a h | |
| CVE-2026-20191 | 7.5 | 0.76% | 1 | 0 | 2026-07-01T18:31:59 | A vulnerability in Cisco Catalyst Center could allow an unauthenticated, remote | |
| CVE-2026-56413 | 10.0 | 3.08% | 1 | 0 | 2026-07-01T18:17:31.553000 | Storage Concentrator (SC & SCVM) contains a command injection vulnerability in t | |
| CVE-2026-8451 | 7.5 | 0.50% | 3 | 5 | 2026-07-01T15:52:58.800000 | Insufficient input validation inΒ NetScaler ADC and NetScaler GatewayΒ leading to | |
| CVE-2026-6688 | 7.6 | 0.21% | 1 | 0 | 2026-07-01T15:35:28 | FatFs R0.16 and earlier contains a downstream-caller vulnerability pattern assoc | |
| CVE-2026-13602 | None | 0.24% | 1 | 0 | 2026-07-01T15:35:27 | We found a chain of combining multiple weaknesses in the product that could allo | |
| CVE-2026-6682 | 7.6 | 0.21% | 1 | 0 | 2026-07-01T15:35:27 | In FatFS R0.16 and earlier contains a FAT32 integer overflow bug in mount_volume | |
| CVE-2026-56415 | 10.0 | 3.07% | 1 | 0 | 2026-07-01T00:34:43 | Storage Concentrator (SC & SCVM) contains a command injection vulnerability with | |
| CVE-2026-56700 | 9.8 | 1.68% | 1 | 0 | 2026-07-01T00:34:43 | Grav CMS before 2.0.0-beta.2 contains multiple code-execution vulnerabilities. T | |
| CVE-2026-11712 | 9.3 | 0.22% | 1 | 0 | 2026-06-30T21:31:52 | IBM WebSphere Application Server 9.0, and 8.5 is affected by a cross-site script | |
| CVE-2026-8037 | 9.6 | 29.64% | 1 | 1 | template | 2026-06-30T15:30:32 | OS Command Injection Remote Code Execution Vulnerability in API in Progress ADC |
| CVE-2026-8631 | 9.8 | 1.33% | 1 | 0 | 2026-06-30T03:36:46 | A potential security vulnerability has been identified in the HP Linux Imaging a | |
| CVE-2026-23111 | 7.8 | 0.34% | 1 | 8 | 2026-06-30T03:36:36 | In the Linux kernel, the following vulnerability has been resolved: netfilter: | |
| CVE-2026-56782 | 9.8 | 3.02% | 1 | 2 | template | 2026-06-29T20:17:39.907000 | Gorse before 0.5.10 contains an authentication bypass vulnerability in the /api/ |
| CVE-2026-13545 | 8.8 | 2.71% | 1 | 0 | 2026-06-29T09:30:32 | A vulnerability has been found in D-Link DCS-935L 1.10.01. This affects the func | |
| CVE-2026-50548 | 9.8 | 0.64% | 1 | 0 | 2026-06-26T16:51:25.290000 | Cursor is a code editor built for programming with AI. Prior to 3.0, Cursor runs | |
| CVE-2026-57589 | 7.4 | 0.12% | 13 | 0 | 2026-06-26T05:16:31.673000 | sys/kern/sysv_sem.c in OpenBSD through 7.9 has a use-after-free allowing local p | |
| CVE-2026-53111 | None | 0.18% | 1 | 0 | 2026-06-24T18:32:50 | In the Linux kernel, the following vulnerability has been resolved: bpf: test_r | |
| CVE-2026-39999 | 9.1 | 0.39% | 1 | 0 | 2026-06-23T15:32:31 | Authentication Bypass by Spoofing vulnerability in Apache APISIX. The attacker | |
| CVE-2026-20181 | 9.1 | 0.75% | 1 | 0 | 2026-06-17T18:36:07 | A vulnerability in Cisco ISE and ISE-PIC could allow an authenticated, remote at | |
| CVE-2026-20190 | 7.5 | 0.41% | 1 | 0 | 2026-06-17T18:36:07 | A vulnerability in Cisco ISE and ISE-PIC could allow an unauthenticated, remote | |
| CVE-2026-28737 | 8.7 | 0.34% | 1 | 0 | 2026-06-17T18:10:20 | ## Summary Me again. Gitea's built-in 3D file viewer (powered by Online3DViewe | |
| CVE-2026-26128 | 7.8 | 0.45% | 1 | 2 | 2026-06-17T10:25:46.367000 | Improper authentication in Windows SMB Server allows an authorized attacker to e | |
| CVE-2024-30326 | 7.8 | 0.91% | 2 | 0 | 2026-06-17T07:26:44.557000 | Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability. | |
| CVE-2024-26582 | 7.8 | 0.25% | 1 | 0 | 2026-06-17T07:17:49.183000 | In the Linux kernel, the following vulnerability has been resolved: net: tls: f | |
| CVE-2026-26231 | 8.5 | 0.29% | 1 | 0 | 2026-06-16T23:41:03 | ## Summary Any authenticated low-privilege user with read access to a repositor | |
| CVE-2026-28699 | 8.1 | 0.57% | 1 | 1 | 2026-06-16T23:40:35 | ### Summary Gitea fails to enforce OAuth2 access token scopes when the token is | |
| CVE-2026-28744 | 8.1 | 0.34% | 1 | 0 | 2026-06-16T23:38:13 | ### Summary Gitea v1.26.1 enforces repository-scoped access-token permissions on | |
| CVE-2026-48062 | 9.8 | 0.00% | 1 | 0 | 2026-06-11T17:16:09 | ### Impact The `ext_in` upload validation rule checked the MIME-derived guessed | |
| CVE-2026-43456 | 7.8 | 0.16% | 2 | 0 | 2026-05-20T18:32:38 | In the Linux kernel, the following vulnerability has been resolved: bonding: fi | |
| CVE-2026-33112 | 8.8 | 2.11% | 1 | 0 | 2026-05-12T18:30:49 | Deserialization of untrusted data in Microsoft Office SharePoint allows an autho | |
| CVE-2025-3248 | None | 99.97% | 4 | 27 | template | 2025-11-05T20:12:46 | Langflow versions prior to 1.3.0 are susceptible to code injection in the /api/v |
| CVE-2026-45367 | 0 | 0.00% | 1 | 0 | N/A | ||
| CVE-2026-45309 | 0 | 0.00% | 1 | 0 | N/A | ||
| CVE-2026-33697 | 0 | 0.06% | 1 | 0 | N/A | ||
| CVE-2026-54161 | 0 | 0.00% | 1 | 1 | N/A | ||
| CVE-2026-20896 | 0 | 0.78% | 4 | 3 | N/A | ||
| CVE-2026-14380 | 0 | 0.24% | 1 | 0 | N/A | ||
| CVE-2026-54234 | 0 | 0.34% | 1 | 0 | N/A | ||
| CVE-2026-57155 | 0 | 0.00% | 1 | 0 | N/A | ||
| CVE-2026-12943 | 0 | 0.00% | 1 | 0 | N/A | ||
| CVE-2026-34168 | 0 | 0.40% | 1 | 0 | N/A | ||
| CVE-2026-34152 | 0 | 0.37% | 1 | 0 | N/A | ||
| CVE-2026-42200 | 0 | 0.54% | 1 | 0 | N/A | ||
| CVE-2026-34158 | 0 | 0.36% | 1 | 0 | N/A | ||
| CVE-2026-54060 | 0 | 0.36% | 1 | 0 | N/A | ||
| CVE-2026-34037 | 0 | 0.25% | 1 | 0 | N/A | ||
| CVE-2026-12184 | 0 | 0.00% | 1 | 0 | N/A | ||
| CVE-2026-14355 | 0 | 0.28% | 1 | 0 | N/A | ||
| CVE-2026-49429 | 0 | 0.00% | 1 | 0 | N/A | ||
| CVE-2026-49422 | 0 | 0.00% | 1 | 0 | N/A | ||
| CVE-2026-49420 | 0 | 0.00% | 1 | 0 | N/A | ||
| CVE-2026-52747 | 0 | 0.00% | 1 | 0 | N/A | ||
| CVE-2026-27771 | 0 | 40.74% | 2 | 2 | template | N/A | |
| CVE-2026-10054 | 0 | 0.16% | 1 | 0 | N/A | ||
| CVE-2026-22874 | 0 | 0.46% | 1 | 2 | N/A | ||
| CVE-2026-58426 | 0 | 0.18% | 1 | 0 | N/A | ||
| CVE-2026-58424 | 0 | 0.20% | 1 | 0 | N/A | ||
| CVE-2026-58423 | 0 | 0.31% | 1 | 0 | N/A |
updated 2026-07-08T23:16:54.523000
3 posts
2 repos
Here's your weekly batch of Linux local privilege escalation vulnerabilities:
CVE-2026-43499 "GhostLock"
https://nebusec.ai/research/ionstack-part-2/
CVE-2026-46242 "Bad Epoll"
https://github.com/J-jaeyoung/bad-epoll
Enjoy! βοΈ
##Here's your weekly batch of Linux local privilege escalation vulnerabilities:
CVE-2026-43499 "GhostLock"
https://nebusec.ai/research/ionstack-part-2/
CVE-2026-46242 "Bad Epoll"
https://github.com/J-jaeyoung/bad-epoll
Enjoy! βοΈ
##Researchers disclosed GhostLock (CVE-2026-43499) with public PoC code. The 15-year Linux kernel bug enables privilege escalation and container escape.
#GhostLock #CVE202643499 #LinuxKernel #PrivilegeEscalation #ContainerEscape #InfoSec
https://securityonline.info/ghostlock-cve-2026-43499/?utm_source=mastodon&utm_medium=jetpack_social
##updated 2026-07-08T21:30:37
1 posts
π New release Β· Nomad ent-changelog-1.11.8
SECURITY:
β’ docker: Enforce allowed_modes or allow_privileged requirement to set host namespace modes in task. This is CVE-2026-14891. [GH-28190]
β’ docker: Fixed a bug where docker tasks could use a symlink to bypass the plugin configuration for volumes.enabled=false. This is CVE-2026-14896. [GH-28177]
β’ dynamic host volumes: Fixed a bug where users with ho...
Check and self-host it β https://selfhost.directory/project/nomad#update-3342038
##updated 2026-07-08T21:30:37
1 posts
π New release Β· Nomad ent-changelog-1.11.8
SECURITY:
β’ docker: Enforce allowed_modes or allow_privileged requirement to set host namespace modes in task. This is CVE-2026-14891. [GH-28190]
β’ docker: Fixed a bug where docker tasks could use a symlink to bypass the plugin configuration for volumes.enabled=false. This is CVE-2026-14896. [GH-28177]
β’ dynamic host volumes: Fixed a bug where users with ho...
Check and self-host it β https://selfhost.directory/project/nomad#update-3342038
##updated 2026-07-08T21:30:37
2 posts
Broadcom has a long list of advisories today, addressing at least two critical vulnerabilities https://support.broadcom.com/web/ecx/security-advisory
Palo Alto:
CRITICAL: CVE-2026-0288 PAN-OS: Buffer Overflow Vulnerabilities in User-ID Terminal Server Agent https://security.paloaltonetworks.com/CVE-2026-0288
Dell: Security Update for Dell Networking Products for Multiple Vulnerabilities https://www.dell.com/support/kbdoc/en-us/000362452/dsa-2025-250-security-update-for-dell-networking-products-for-multiple-vulnerabilities #Broascom #infosec #vulnerability #Dell #Intel
##Broadcom has a long list of advisories today, addressing at least two critical vulnerabilities https://support.broadcom.com/web/ecx/security-advisory
Palo Alto:
CRITICAL: CVE-2026-0288 PAN-OS: Buffer Overflow Vulnerabilities in User-ID Terminal Server Agent https://security.paloaltonetworks.com/CVE-2026-0288
Dell: Security Update for Dell Networking Products for Multiple Vulnerabilities https://www.dell.com/support/kbdoc/en-us/000362452/dsa-2025-250-security-update-for-dell-networking-products-for-multiple-vulnerabilities #Broascom #infosec #vulnerability #Dell #Intel
##updated 2026-07-08T21:16:55.097000
2 posts
π CVE-2026-6896 - High (8.7)
GitLab has remediated an issue in GitLab EE affecting all versions from 13.11 before 18.11.7, 19.0 before 19.0.4, and 19.1 before 19.1.2 that under certain conditions could have allowed an authenticated user with developer-role permissions to exec...
π https://www.thehackerwire.com/vulnerability/CVE-2026-6896/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##π CVE-2026-6896 - High (8.7)
GitLab has remediated an issue in GitLab EE affecting all versions from 13.11 before 18.11.7, 19.0 before 19.0.4, and 19.1 before 19.1.2 that under certain conditions could have allowed an authenticated user with developer-role permissions to exec...
π https://www.thehackerwire.com/vulnerability/CVE-2026-6896/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-08T21:16:54.813000
2 posts
π CVE-2026-60105 - High (8.6)
Monsta FTP before 2.14.5 contains a server-side request forgery vulnerability in the fetchRemoteFile action caused by an incomplete IP blocklist check in the isBlockedIP() function, which fails to detect embedded IPv4 addresses within IPv4-mapped ...
π https://www.thehackerwire.com/vulnerability/CVE-2026-60105/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##π CVE-2026-60105 - High (8.6)
Monsta FTP before 2.14.5 contains a server-side request forgery vulnerability in the fetchRemoteFile action caused by an incomplete IP blocklist check in the isBlockedIP() function, which fails to detect embedded IPv4 addresses within IPv4-mapped ...
π https://www.thehackerwire.com/vulnerability/CVE-2026-60105/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-08T21:16:54.300000
2 posts
π CVE-2026-58525 - High (8.2)
Improper access control in Microsoft Edge (Chromium-based) allows an unauthorized attacker to bypass a security feature over a network.
π https://www.thehackerwire.com/vulnerability/CVE-2026-58525/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##π CVE-2026-58525 - High (8.2)
Improper access control in Microsoft Edge (Chromium-based) allows an unauthorized attacker to bypass a security feature over a network.
π https://www.thehackerwire.com/vulnerability/CVE-2026-58525/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-08T20:16:53.950000
1 posts
CVE-2026-58210 - High severity supply chain risk in Nats Server. Unauthenticated MQTT clients can exhaust memory via incomplete CONNECT packets. CVSS 7.5. Update to 2.14.3 or 2.12.12 immediately. #CVE #Nats #infosec
##updated 2026-07-08T19:57:35.883000
1 posts
Dell PowerProtect Data Domain is affected by CRITICAL path traversal (CVE-2026-53481, CVSS 9.8). Remote, unauthenticated attackers can gain full system control. No patch yet β monitor Dell advisories. https://radar.offseq.com/threat/cve-2026-53481-cwe-22-improper-limitation-of-a-pat-89b94eec9af59b79 #OffSeq #Dell #CVE202653481 #infosec
##updated 2026-07-08T19:37:10.507000
1 posts
CVE-2026-33264: Apache Airflow <3.3.0 has a CRITICAL deserialization flaw. DAG authors can trigger remote code execution on Scheduler/API Server. Upgrade to 3.3.0+ and restrict allowed_deserialization_classes. Details: https://radar.offseq.com/threat/cve-2026-33264-cwe-502-deserialization-of-untruste-8bbc1aa55d6c3415 #OffSeq #Airflow #Infosec #CVE202633264
##updated 2026-07-08T15:32:52
5 posts
1 repos
Hidden backdoor in Tenda routers goes unpatched as company ignores warnings from cybersecurity researchers β Chinese company's firmware allows admin access without a password
CERT/CC has disclosed a critical authentication backdoor affecting multiple Tenda router firmware versions. Tracked as CVE-2026-11405, the flaw grants full administrator access without valid credentials, and no vendor patch is currently available after CERT failed to reach Tenda.
#hardware
https://www.tomshardware.com/tech-industry/cyber-security/hidden-backdoor-found-in-tenda-routers-goes-unpatched-despite-warnings-from-cybersecurity-researchers-affected-firmware-allows-admin-access-without-a-password
Hidden backdoor in Tenda routers goes unpatched as company ignores warnings from cybersecurity researchers β Chinese company's firmware allows admin access without a password
CERT/CC has disclosed a critical authentication backdoor affecting multiple Tenda router firmware versions. Tracked as CVE-2026-11405, the flaw grants full administrator access without valid credentials, and no vendor patch is currently available after CERT failed to reach Tenda.
#hardware
https://www.tomshardware.com/tech-industry/cyber-security/hidden-backdoor-found-in-tenda-routers-goes-unpatched-despite-warnings-from-cybersecurity-researchers-affected-firmware-allows-admin-access-without-a-password
@tugatech Γ© preciso avisar as pessoas disto: https://discourse.ifin.network/t/cve-2026-11405-multiple-tenda-routers-have-an-admin-backdoor/646
##βΌοΈ New Dark Web Informer Blog Post!
Title: When the Password Check Fails, You're In: The Hidden Admin Backdoor in Tenda Router Firmware (CVE-2026-11405)
##CVE-2026-11405 is a Tenda authentication backdoor. It allows full administrative access without valid credentials. Protect your network with these steps.
#CVE202611405 #Tenda #AuthenticationBackdoor #CyberSecurity #RouterSecurity
##updated 2026-07-08T15:28:15.630000
1 posts
Blocksy Companion Pro <2.1.47 has a CRITICAL unauthenticated file upload flaw (CVE-2026-58480). Attackers can bypass extension checks and achieve remote code execution via crafted filenames. Patch ASAP. https://radar.offseq.com/threat/cve-2026-58480-unrestricted-upload-of-file-with-da-329cbb8c3408e021 #OffSeq #CVE202658480 #WordPress #Vuln
##updated 2026-07-08T15:16:31.800000
1 posts
topoteretes cognee (<1.2.0) is affected by CVE-2026-58473 (CRITICAL, CVSS 9.3): improper access control lets unauth attackers overwrite LLM provider config & exfiltrate sensitive data. Restrict endpoint, monitor configs. https://radar.offseq.com/threat/cve-2026-58473-missing-authorization-in-topoterete-619eb25f0ae3e3eb #OffSeq #CVE #Infosec
##updated 2026-07-08T14:56:35.950000
1 posts
CRITICAL: CVE-2026-12378 β Deserialization of untrusted data in Appointment Booking Calendar & Scheduling Plugins (<=1.1.28) for WordPress. Unauthenticated attackers may achieve RCE. Restrict plugin use & monitor for patches. https://radar.offseq.com/threat/cve-2026-12378-cwe-502-deserialization-of-untruste-7e251cce3409b39a #OffSeq #WordPress #Vuln #RCE
##updated 2026-07-08T13:57:42.590000
4 posts
7 repos
https://github.com/bayu06802/CVE-2026-48908
https://github.com/Jenderal92/CVE-2026-48908
https://github.com/ayiezola/CVE-2026-48908
https://github.com/papageo75/CVE-2026-48908-PoC
https://github.com/gagaltotal/CVE-2026-48908-SP-Page-Builder-Joomla
CRITICAL vulnerabilities in Adobe ColdFusion (CVE-2026-48282), Langflow (CVE-2026-55255), Joomla SP Page Builder (CVE-2026-48908), & Page Builder CK (CVE-2026-56290) are being actively exploited for remote code execution & backdoors. Patch ASAP! https://radar.offseq.com/threat/cisa-urges-immediate-patching-of-exploited-coldfus-c7b23bd787139571 #OffSeq #CyberSec #CVE
##π¨ [CISA-2026:0707] CISA Adds 3 Known Exploited Vulnerabilities to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0707)
CISA has added 3 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.
β οΈ CVE-2026-48908 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-48908)
- Name: JoomShaper SP Page Builder Unrestricted Upload of File with Dangerous Type Vulnerability
- Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISAβs BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISAβs βForensics Triage Requirementsβ (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: JoomShaper
- Product: SP Page Builder
- Notes: https://extensions.joomla.org/extension/sp-page-builder/ ; BOD 26-04: https://www.cisa.gov/news-events/directives/bod-26-04-prioritizing-security-updates-based-risk ; Forensics Triage Requirements: https://www.cisa.gov/news-events/directives/bod-26-04-implementation-guidance-prioritizing-security-updates-based-risk ; https://nvd.nist.gov/vuln/detail/CVE-2026-48908
β οΈ CVE-2026-55255 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-55255)
- Name: Langflow Authorization Bypass Through User-Controlled Key Vulnerability
- Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISAβs BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISAβs βForensics Triage Requirementsβ (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Langflow
- Product: Langflow
- Notes: https://github.com/langflow-ai/langflow/security/advisories/GHSA-qrpv-q767-xqq2 ; BOD 26-04: https://www.cisa.gov/news-events/directives/bod-26-04-prioritizing-security-updates-based-risk ; Forensics Triage Requirements: https://www.cisa.gov/news-events/directives/bod-26-04-implementation-guidance-prioritizing-security-updates-based-risk ; https://nvd.nist.gov/vuln/detail/CVE-2026-55255
β οΈ CVE-2026-56290 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-56290)
- Name: Joomlack Page Builder Improper Access Control Vulnerability
- Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISAβs BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISAβs βForensics Triage Requirementsβ (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Joomlack
- Product: Page Builder
- Notes: https://www.joomlack.fr/en/joomla-extensions/page-builder-ck ; BOD 26-04: https://www.cisa.gov/news-events/directives/bod-26-04-prioritizing-security-updates-based-risk ; Forensics Triage Requirements: https://www.cisa.gov/news-events/directives/bod-26-04-implementation-guidance-prioritizing-security-updates-based-risk ; https://nvd.nist.gov/vuln/detail/CVE-2026-56290
#ZEN #SecDB #InfoSec #CVE #CISA_KEV #cisa_20260707 #cisa20260707 #cve_2026_48908 #cve_2026_55255 #cve_2026_56290 #cve202648908 #cve202655255 #cve202656290
##CVE ID: CVE-2026-48908
Vendor: JoomShaper
Product: SP Page Builder
Date Added: 2026-07-07
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2026-48908
CISA has updated the KEV catalogue.
- CVE-2026-56290: Joomlack Page Builder Improper Access Control Vulnerability https://www.cve.org/CVERecord?id=CVE-2026-56290
- CVE-2026-55255: Langflow Authorization Bypass Through User-Controlled Key Vulnerability https://www.cve.org/CVERecord?id=CVE-2026-55255
- CVE-2026-48908: JoomShaper SP Page Builder Unrestricted Upload of File with Dangerous Type Vulnerability https://www.cve.org/CVERecord?id=CVE-2026-48908
Several industrial vulnerabilities: https://www.cisa.gov/ #infosec #vulnerability #CISA
##updated 2026-07-08T09:31:48
1 posts
CVE-2026-9695: CRITICAL improper authentication vuln in DELMIA Apriso (2020 β 2026). Allows unauthenticated privileged access β no patch yet. Restrict server access & monitor for anomalies. Details: https://radar.offseq.com/threat/cve-2026-9695-cwe-287-improper-authentication-in-d-f67e224c65e69eb9 #OffSeq #CVE20269695 #SCADA #Infosec
##updated 2026-07-08T05:16:27.990000
12 posts
4 repos
https://github.com/HORKimhab/CVE-2026-53359
https://github.com/chuzhongyun/CVE-2026-53359-Kernel-Fix
Januscape CVE-2026-53359 KVM Vulnerability
##Januscape Flaw in Linux KVMβs MMU Code Enables VM Escape on Intel and AMD
A newly disclosed Linux kernel vulnerability, CVE-2026-53359, dubbed Januscape, has exposed a critical weakness in the Linux Kernel-based Virtual...
ποΈ [Thecyberexpress] https://link.is.it/a1LDMj
##Januscape (CVE-2026-53359) Guest-to-Host Escape in KVM/x86 https://github.com/V4bel/Januscape
##Januscape: Guest-to-Host Escape in KVM/x86 [CVE-2026-53359]
Link: https://github.com/V4bel/Januscape
Discussion: https://news.ycombinator.com/item?id=48807908
β οΈ CRITICAL: 16-Year-Old Linux KVM Flaw Lets Guest VMs Escape to Host on Intel and AMD x86 Systems
A 16-year-old use-after-free vulnerability in Linux KVM (CVE-2026-53359) allows guest VMs to escape to the host kernel and potentially achieve full code execution on Intel and AMD x86 systems. Exploitation requires root inside the guest and nested virtualization enabled. An unreleased exploit reporβ¦
##Januscape: Guest-to-Host Escape in KVM/x86 [CVE-2026-53359]
Link: https://github.com/V4bel/Januscape
Discussion: https://news.ycombinator.com/item?id=48807908
Januscape: Guest-to-Host Escape in KVM/x86 [CVE-2026-53359] - https://github.com/V4bel/Januscape
##Januscape: Guest-to-Host Escape in KVM/x86 [CVE-2026-53359]
https://github.com/V4bel/Januscape
Comments: https://news.ycombinator.com/item?id=48807908
#HackerNews #Januscape #KVM #CVE-2026-53359 #virtualization #security #exploits
##Januscape: Guest-to-Host Escape in KVM/x86 [CVE-2026-53359]
##βΌοΈ New Dark Web Informer Blog Post!
Title: A Long-Lived KVM Bug Resurfaces: Shadow Paging Use-After-Free in the Linux Kernel (CVE-2026-53359)
##Researchers disclosed a PoC for the Januscape KVM escape (CVE-2026-53359). This use-after-free KVM bug impacts public clouds, allowing host panics and LPE.
##Oh, goodie. KVM Guest-to-Host escape
"Januscape (CVE-2026-53359)" -- https://github.com/V4bel/Januscape
##updated 2026-07-08T03:30:33
2 posts
OpenSSH 10.4 ships eight security fixes, including a client use-after-free (CVE-2026-60002) plus SFTP and SCP path bugs. Update now.
##OpenSSH 10.4 ships eight security fixes, including a client use-after-free (CVE-2026-60002) plus SFTP and SCP path bugs. Update now.
##updated 2026-07-08T03:30:33
1 posts
CVE-2026-56843 (CRITICAL, CVSS 9.9): WebPros Plesk <18.0.78.4 has insufficient auth in XML-RPC API, letting low-privileged users access other tenantsβ cleartext FTP creds & run code as them. Restrict API access & monitor. https://radar.offseq.com/threat/cve-2026-56843-cwe-522-insufficiently-protected-cr-45d7ae62ed3d3640 #OffSeq #Infosec #Plesk
##updated 2026-07-07T22:14:37
4 posts
1 repos
CRITICAL vulnerabilities in Adobe ColdFusion (CVE-2026-48282), Langflow (CVE-2026-55255), Joomla SP Page Builder (CVE-2026-48908), & Page Builder CK (CVE-2026-56290) are being actively exploited for remote code execution & backdoors. Patch ASAP! https://radar.offseq.com/threat/cisa-urges-immediate-patching-of-exploited-coldfus-c7b23bd787139571 #OffSeq #CyberSec #CVE
##π¨ [CISA-2026:0707] CISA Adds 3 Known Exploited Vulnerabilities to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0707)
CISA has added 3 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.
β οΈ CVE-2026-48908 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-48908)
- Name: JoomShaper SP Page Builder Unrestricted Upload of File with Dangerous Type Vulnerability
- Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISAβs BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISAβs βForensics Triage Requirementsβ (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: JoomShaper
- Product: SP Page Builder
- Notes: https://extensions.joomla.org/extension/sp-page-builder/ ; BOD 26-04: https://www.cisa.gov/news-events/directives/bod-26-04-prioritizing-security-updates-based-risk ; Forensics Triage Requirements: https://www.cisa.gov/news-events/directives/bod-26-04-implementation-guidance-prioritizing-security-updates-based-risk ; https://nvd.nist.gov/vuln/detail/CVE-2026-48908
β οΈ CVE-2026-55255 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-55255)
- Name: Langflow Authorization Bypass Through User-Controlled Key Vulnerability
- Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISAβs BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISAβs βForensics Triage Requirementsβ (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Langflow
- Product: Langflow
- Notes: https://github.com/langflow-ai/langflow/security/advisories/GHSA-qrpv-q767-xqq2 ; BOD 26-04: https://www.cisa.gov/news-events/directives/bod-26-04-prioritizing-security-updates-based-risk ; Forensics Triage Requirements: https://www.cisa.gov/news-events/directives/bod-26-04-implementation-guidance-prioritizing-security-updates-based-risk ; https://nvd.nist.gov/vuln/detail/CVE-2026-55255
β οΈ CVE-2026-56290 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-56290)
- Name: Joomlack Page Builder Improper Access Control Vulnerability
- Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISAβs BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISAβs βForensics Triage Requirementsβ (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Joomlack
- Product: Page Builder
- Notes: https://www.joomlack.fr/en/joomla-extensions/page-builder-ck ; BOD 26-04: https://www.cisa.gov/news-events/directives/bod-26-04-prioritizing-security-updates-based-risk ; Forensics Triage Requirements: https://www.cisa.gov/news-events/directives/bod-26-04-implementation-guidance-prioritizing-security-updates-based-risk ; https://nvd.nist.gov/vuln/detail/CVE-2026-56290
#ZEN #SecDB #InfoSec #CVE #CISA_KEV #cisa_20260707 #cisa20260707 #cve_2026_48908 #cve_2026_55255 #cve_2026_56290 #cve202648908 #cve202655255 #cve202656290
##CVE ID: CVE-2026-55255
Vendor: Langflow
Product: Langflow
Date Added: 2026-07-07
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2026-55255
CISA has updated the KEV catalogue.
- CVE-2026-56290: Joomlack Page Builder Improper Access Control Vulnerability https://www.cve.org/CVERecord?id=CVE-2026-56290
- CVE-2026-55255: Langflow Authorization Bypass Through User-Controlled Key Vulnerability https://www.cve.org/CVERecord?id=CVE-2026-55255
- CVE-2026-48908: JoomShaper SP Page Builder Unrestricted Upload of File with Dangerous Type Vulnerability https://www.cve.org/CVERecord?id=CVE-2026-48908
Several industrial vulnerabilities: https://www.cisa.gov/ #infosec #vulnerability #CISA
##updated 2026-07-07T21:32:34
1 posts
BeyondTrust patched a critical pre-authentication vulnerability (CVE-2026-40138, CVE-2026-40139, CVE-2026-40140). Update Remote Support instances now.
#BeyondTrust #Vulnerability #CVE202640138 #CyberSecurity #RemoteSupport
##updated 2026-07-07T21:32:33
11 posts
2 repos
https://github.com/imbas007/CVE-2026-48282
https://github.com/g0thamRabb1t/cve-2026-48282-coldfusion-rds-detection
π΅ THREAT INTELLIGENCE
CISA Adds 4 Actively Exploited Adobe, Joomla, and Langflow Flaws to KEV
Vulnerability | CRITICAL
CVEs: CVE-2026-48282
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added four security flaws to its Known Exploited Vulnerabilities (KEV)...
Full analysis:
https://www.yazoul.net/news/article/cisa-adds-4-actively-exploited-adobe-joomla-and-langflow-flaws-to-kev
CRITICAL vulnerabilities in Adobe ColdFusion (CVE-2026-48282), Langflow (CVE-2026-55255), Joomla SP Page Builder (CVE-2026-48908), & Page Builder CK (CVE-2026-56290) are being actively exploited for remote code execution & backdoors. Patch ASAP! https://radar.offseq.com/threat/cisa-urges-immediate-patching-of-exploited-coldfus-c7b23bd787139571 #OffSeq #CyberSec #CVE
##Recent events include heightened geopolitical tensions as the U.S. launched strikes on Iran following attacks in the Strait of Hormuz, pushing oil prices higher. In cybersecurity, Sysdig reported the first end-to-end AI agent ransomware attack, dubbed "JADEPUFFER." Additionally, CISA issued a warning regarding active exploitation of a critical Adobe ColdFusion vulnerability (CVE-2026-48282).
##Poc for CVE-2026-48282, a path traversal vulnerability in Adobe ColdFusion's Remote Development Service (RDS) https://github.com/imbas007/CVE-2026-48282
##π¨ CVE-2026-48282: PoC Path traversal vulnerability in Adobe ColdFusion's Remote Development Service (RDS) with a CVSS score of 10.0
##CVE ID: CVE-2026-48282
Vendor: Adobe
Product: ColdFusion
Date Added: 2026-07-07
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2026-48282
Geopolitical: The NATO Summit commenced in Ankara on July 7, addressing defense spending and new air power deals. Ukraine executed long-range drone strikes on Russia's Omsk refinery on July 7. Cybersecurity: A critical Adobe ColdFusion vulnerability (CVE-2026-48282) is being actively exploited. A Linux 'Bad Epoll' root exploit (CVE-2026-46242) has also been publicly released. Technology: The UN Global Dialogue on AI Governance started July 6 in Geneva. Microsoft announced 4,800 job cuts, notably affecting its Xbox division, on July 6.
##"Attackers are now exploiting a maximum-severity Adobe ColdFusion vulnerability tracked as CVE-2026-48282, according to vulnerability intelligence company KEVIntel.β
##βΌοΈ New Dark Web Informer Blog Post!
Title: Adobe ColdFusion flaw CVE-2026-48282 is now being Exploited in the Wild
Link: https://darkwebinformer.com/adobe-coldfusion-flaw-cve-2026-48282-is-now-being-exploited-in-the-wild/
##Adobe ColdFusion estΓ‘ sob ataque informΓ‘tico devido a uma vulnerabilidade classificada com o grau mΓ‘ximo de severidade, identificada como CVE-2026-48282. A plataforma de desenvolvimento web estΓ‘ a ser explorada ativamente por agentes maliciosos.
##Max severity Adobe ColdFusion flaw now exploited in attacks
Attackers are now exploiting a maximum-severity Adobe ColdFusion vulnerability tracked as CVE-2026-48282, the Canadian Center for Cyber Security...
ποΈ [Bleepingcomputer] https://link.is.it/dtvaMC
##updated 2026-07-07T21:32:33
4 posts
3 repos
https://github.com/sagsooz/PageBuilderCK-CVE-2026-56290-Exploit
CRITICAL vulnerabilities in Adobe ColdFusion (CVE-2026-48282), Langflow (CVE-2026-55255), Joomla SP Page Builder (CVE-2026-48908), & Page Builder CK (CVE-2026-56290) are being actively exploited for remote code execution & backdoors. Patch ASAP! https://radar.offseq.com/threat/cisa-urges-immediate-patching-of-exploited-coldfus-c7b23bd787139571 #OffSeq #CyberSec #CVE
##π¨ [CISA-2026:0707] CISA Adds 3 Known Exploited Vulnerabilities to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0707)
CISA has added 3 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.
β οΈ CVE-2026-48908 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-48908)
- Name: JoomShaper SP Page Builder Unrestricted Upload of File with Dangerous Type Vulnerability
- Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISAβs BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISAβs βForensics Triage Requirementsβ (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: JoomShaper
- Product: SP Page Builder
- Notes: https://extensions.joomla.org/extension/sp-page-builder/ ; BOD 26-04: https://www.cisa.gov/news-events/directives/bod-26-04-prioritizing-security-updates-based-risk ; Forensics Triage Requirements: https://www.cisa.gov/news-events/directives/bod-26-04-implementation-guidance-prioritizing-security-updates-based-risk ; https://nvd.nist.gov/vuln/detail/CVE-2026-48908
β οΈ CVE-2026-55255 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-55255)
- Name: Langflow Authorization Bypass Through User-Controlled Key Vulnerability
- Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISAβs BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISAβs βForensics Triage Requirementsβ (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Langflow
- Product: Langflow
- Notes: https://github.com/langflow-ai/langflow/security/advisories/GHSA-qrpv-q767-xqq2 ; BOD 26-04: https://www.cisa.gov/news-events/directives/bod-26-04-prioritizing-security-updates-based-risk ; Forensics Triage Requirements: https://www.cisa.gov/news-events/directives/bod-26-04-implementation-guidance-prioritizing-security-updates-based-risk ; https://nvd.nist.gov/vuln/detail/CVE-2026-55255
β οΈ CVE-2026-56290 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-56290)
- Name: Joomlack Page Builder Improper Access Control Vulnerability
- Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISAβs BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISAβs βForensics Triage Requirementsβ (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Joomlack
- Product: Page Builder
- Notes: https://www.joomlack.fr/en/joomla-extensions/page-builder-ck ; BOD 26-04: https://www.cisa.gov/news-events/directives/bod-26-04-prioritizing-security-updates-based-risk ; Forensics Triage Requirements: https://www.cisa.gov/news-events/directives/bod-26-04-implementation-guidance-prioritizing-security-updates-based-risk ; https://nvd.nist.gov/vuln/detail/CVE-2026-56290
#ZEN #SecDB #InfoSec #CVE #CISA_KEV #cisa_20260707 #cisa20260707 #cve_2026_48908 #cve_2026_55255 #cve_2026_56290 #cve202648908 #cve202655255 #cve202656290
##CVE ID: CVE-2026-56290
Vendor: Joomlack
Product: Page Builder
Date Added: 2026-07-07
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2026-56290
CISA has updated the KEV catalogue.
- CVE-2026-56290: Joomlack Page Builder Improper Access Control Vulnerability https://www.cve.org/CVERecord?id=CVE-2026-56290
- CVE-2026-55255: Langflow Authorization Bypass Through User-Controlled Key Vulnerability https://www.cve.org/CVERecord?id=CVE-2026-55255
- CVE-2026-48908: JoomShaper SP Page Builder Unrestricted Upload of File with Dangerous Type Vulnerability https://www.cve.org/CVERecord?id=CVE-2026-48908
Several industrial vulnerabilities: https://www.cisa.gov/ #infosec #vulnerability #CISA
##updated 2026-07-07T21:32:33
1 posts
BeyondTrust patched a critical pre-authentication vulnerability (CVE-2026-40138, CVE-2026-40139, CVE-2026-40140). Update Remote Support instances now.
#BeyondTrust #Vulnerability #CVE202640138 #CyberSecurity #RemoteSupport
##updated 2026-07-07T16:16:38.780000
2 posts
βΌοΈ New Dark Web Informer Blog Post!
Title: Pre-Auth Access-Control Bypass in BeyondTrust Remote Support and PRA (CVE-2026-40138)
##BeyondTrust patched a critical pre-authentication vulnerability (CVE-2026-40138, CVE-2026-40139, CVE-2026-40140). Update Remote Support instances now.
#BeyondTrust #Vulnerability #CVE202640138 #CyberSecurity #RemoteSupport
##updated 2026-07-07T15:33:58
1 posts
CVE-2026-12375 (CRITICAL): uncanny-automator-pro v7.3.0.5 distributed with a hidden backdoor due to vendor supply chain compromise. Attackers can gain admin access & exfiltrate secrets. Remove/disable this version now. https://radar.offseq.com/threat/cve-2026-12375-cwe-912-hidden-functionality-in-unc-f847b0208ffd2506 #OffSeq #WordPress #SupplyChain
##updated 2026-07-07T15:33:58
1 posts
CVE-2026-4375: CRITICAL code injection (CWE-94) in DoLeads Integrator & wp2epub WordPress plugins β€0.65 allows RCE by unauthorized users. No patch yet β restrict plugin installs & monitor for changes. https://radar.offseq.com/threat/cve-2026-4375-cwe-94-improper-control-of-generatio-71c36276dd5a5ffb #OffSeq #WordPress #CVE20264375
##updated 2026-07-07T15:33:54
1 posts
CVE-2026-53913 | CRITICAL | Apache Camel Keycloak: Default KeycloakSecurityPolicy skips token verification, enabling unauthenticated access and possible RCE on 4.15.0 β 4.18.2 & 4.19.0 β 4.20.x. Upgrade to 4.21.0/4.18.3. https://radar.offseq.com/threat/cve-2026-53913-cwe-287-improper-authentication-in--29482412e19e3f00 #OffSeq #ApacheCamel #CVE202653913
##updated 2026-07-07T15:16:46.463000
1 posts
π CVE-2026-42143 - High (8.8)
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, user-controlled persistent volume names are interpolated into shell commands executed on managed servers without escaping ...
π https://www.thehackerwire.com/vulnerability/CVE-2026-42143/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-07T15:16:43.953000
1 posts
CVE-2026-34048 (CRITICAL, CVSS 9.9): improper auth in coollabsio Coolify (<4.0.0-beta.471) lets low-priv users execute commands via terminal websockets. Update to 4.0.0-beta.471 ASAP. https://radar.offseq.com/threat/cve-2026-34048-cwe-285-improper-authorization-in-c-485c49c27b765944 #OffSeq #Coolify #CVE202634048 #infosec
##updated 2026-07-07T15:12:44.373000
1 posts
π CVE-2026-57981 - High (8.8)
Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.
π https://www.thehackerwire.com/vulnerability/CVE-2026-57981/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-07T14:42:37.003000
1 posts
π CVE-2026-58299 - High (7.5)
Time-of-check time-of-use (toctou) race condition in Microsoft Edge for Android allows an unauthorized attacker to execute code over a network.
π https://www.thehackerwire.com/vulnerability/CVE-2026-58299/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-07T13:43:32.083000
1 posts
π CVE-2026-57974 - High (8.8)
Integer overflow or wraparound in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.
π https://www.thehackerwire.com/vulnerability/CVE-2026-57974/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-07T12:50:49.980000
1 posts
π CVE-2026-57986 - High (7.5)
Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.
π https://www.thehackerwire.com/vulnerability/CVE-2026-57986/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-07T12:40:04.297000
1 posts
π΄ CVE-2026-58289 - Critical (9)
Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.
π https://www.thehackerwire.com/vulnerability/CVE-2026-58289/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-07T12:37:27.530000
1 posts
π CVE-2026-58292 - High (7.5)
Improper input validation in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.
π https://www.thehackerwire.com/vulnerability/CVE-2026-58292/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-07T06:31:27
1 posts
π΄ CVE-2026-14345 - Critical (9.8)
The WPFunnels β Funnel Builder for WooCommerce with Checkout & One Click Upsell plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 3.12.7 via the 'postData' parameter parameter. This is due to unsan...
π https://www.thehackerwire.com/vulnerability/CVE-2026-14345/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-07T04:17:55.037000
1 posts
π CVE-2026-58286 - High (8.1)
Improper access control in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.
π https://www.thehackerwire.com/vulnerability/CVE-2026-58286/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-06T21:30:36
1 posts
CVE-2026-43865 (CRITICAL): Apache Camel Hazelcast component deserializes untrusted data by default, enabling RCE if attacker accesses the cluster. Patch: 4.21.0, 4.18.3, or 4.14.8. Harden configs if upgrade isn't possible. https://radar.offseq.com/threat/cve-2026-43865-cwe-502-deserialization-of-untruste-d2e34a1a7ce10b73 #OffSeq #CVE #ApacheCamel
##updated 2026-07-06T21:16:54.240000
1 posts
π CVE-2026-22555 - High (8.1)
Gitea versions before 1.26.0 allow API users to fork a repository into an organization without first passing the CanCreateOrgRepo check, which can expose organization secrets.
π https://www.thehackerwire.com/vulnerability/CVE-2026-22555/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-06T21:16:52.797000
1 posts
π CVE-2025-71347 - High (8.1)
picklescan before 0.0.33 fails to detect malicious pickle files using numpy.f2py.crackfortran.param_eval function in reduce methods, allowing attackers to bypass security checks. Remote attackers can embed undetected code in pickle files that exec...
π https://www.thehackerwire.com/vulnerability/CVE-2025-71347/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-06T20:52:16
1 posts
CVE-2026-55075 - Authentication Bypass in Coder. OIDC login flaws enable account takeover. CVSS 7.4. Update to patched versions immediately. #CVE #Coder #infosec
##updated 2026-07-06T20:16:30.450000
1 posts
π CVE-2026-14637 - High (8.2)
A security vulnerability has been detected in kirilkirkov Ecommerce-CodeIgniter-Bootstrap up to 13fd582aaf49aeab7438acc0fc3eb973a1f5e6a7. The affected element is the function getCartItems in the library application/libraries/ShoppingCart.php. The ...
π https://www.thehackerwire.com/vulnerability/CVE-2026-14637/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-06T19:46:08.807000
1 posts
π CVE-2026-4967 - High (7.5)
In IMS, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed.
π https://www.thehackerwire.com/vulnerability/CVE-2026-4967/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-06T19:17:59.803000
1 posts
π CVE-2026-58282 - High (8.1)
Improper access control in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.
π https://www.thehackerwire.com/vulnerability/CVE-2026-58282/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-06T19:16:59.597000
1 posts
CVE-2026-14803: HIGH severity vuln in Mojo::JSON <9.47 β pure-Perl decoder allows uncontrolled recursion. Apps may face DoS if Cpanel::JSON::XS isnβt enabled. Install XS module or limit JSON depth. https://radar.offseq.com/threat/cve-2026-14803-cwe-674-uncontrolled-recursion-in-s-622d5e94b9c3bd9b #OffSeq #infosec #Perl #DoS
##updated 2026-07-06T18:55:20.287000
1 posts
π CVE-2026-14535 - High (8.8)
In Trail of Bits fickling versions up to and including 0.1.11, the UnsafeImportsML analysis pass unconditionally calls AnalysisContext.shorten_code(node) on every import node it inspects, regardless of whether the import is flagged as unsafe. This...
π https://www.thehackerwire.com/vulnerability/CVE-2026-14535/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-06T18:41:46.210000
1 posts
Adiss Biloop v6.1.1: CRITICAL CVE-2026-12686 enables authenticated users to bypass authorization via manipulated company ID, exposing cross-tenant data. Monitor logs and limit exposure while awaiting patch. https://radar.offseq.com/threat/cve-2026-12686-cwe-639-authorization-bypass-throug-3166bcbbfec7c2c9 #OffSeq #CVE202612686 #infosec #vuln
##updated 2026-07-06T18:16:46.247000
1 posts
π΄ CVE-2026-4321 - Critical (9.8)
Improper neutralization of special elements used in an SQL command ('SQL injection') vulnerability in Raera - Ankara Web Design and Digital Advertising Agency Destekz allows SQL Injection.
This issue affects Destekz: through 02062026. NOTE: The ...
π https://www.thehackerwire.com/vulnerability/CVE-2026-4321/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-06T18:16:45.163000
1 posts
π CVE-2026-12250 - High (7.9)
Invocation of process using visible sensitive information vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus Domain Joiner allows Excavation.
This issue affects Pardus Domain Joiner: from 0.5.2 before 0.5.4.
π https://www.thehackerwire.com/vulnerability/CVE-2026-12250/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-06T18:16:45.163000
1 posts
CVE-2026-14570: HIGH severity in TIMLEGGE Crypt::DSA (<1.22) β insufficiently random values in DSA signing allow attackers to recover private keys using lattice attacks. Replace all affected keys and upgrade to 1.22+. https://radar.offseq.com/threat/cve-2026-14570-cwe-330-use-of-insufficiently-rando-539cd2ae349f5a7a #OffSeq #Vuln #Perl #Crypto
##updated 2026-07-06T18:02:49.450000
1 posts
π CVE-2026-14327 - High (7.5)
The AR for WordPress plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 8.40 via the 'file' parameter parameter. This makes it possible for unauthenticated attackers to read the contents of arbitrary fi...
π https://www.thehackerwire.com/vulnerability/CVE-2026-14327/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-06T09:30:37
1 posts
CVE-2026-14807: CRITICAL hard-coded credentials in PROG MIS ERP App allow unauthenticated remote access to source code & DB creds. No patch available β restrict access & monitor activity. CVSS 9.3 https://radar.offseq.com/threat/cve-2026-14807-cwe-798-use-of-hard-coded-credentia-f736ee8ed603a6fe #OffSeq #CVE202614807 #ERP #infosec
##updated 2026-07-06T09:30:37
1 posts
PROG MIS Prog Management System hit with CRITICAL vuln (CVE-2026-14808): unauthenticated attackers can access DB user & password. No patch yet β limit access & monitor systems. Details: https://radar.offseq.com/threat/cve-2026-14808-cwe-497-exposure-of-sensitive-syste-326a6d8e79a35bf1 #OffSeq #CVE202614808 #Vuln #InfoSec
##updated 2026-07-05T18:30:56
1 posts
CVE-2026-59510: ail-framework β€6.9.0 has a HIGH path traversal flaw ποΈ. Authenticated attackers can access sensitive files outside the PDF dir. Restrict PDF ops access & monitor activity. Patch when released. https://radar.offseq.com/threat/cve-2026-59510-cwe-22-improper-limitation-of-a-pat-adb7f29895187030 #OffSeq #vulnerability #pathtraversal
##updated 2026-07-05T15:30:34
1 posts
π CVE-2026-9085 - High (8.8)
Incorrect Permission Assignment for Critical Resource, Improper Access Control vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus-Parental-Control allows DNS Spoofing.
This issue affects Pardus-Parental-Control: from ...
π https://www.thehackerwire.com/vulnerability/CVE-2026-9085/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-05T15:30:34
1 posts
π CVE-2026-6509 - High (7.8)
Missing Authorization vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus Update allows Privilege Escalation.
This issue affects Pardus Update: from <=0.6.3 before 0.6.6.
π https://www.thehackerwire.com/vulnerability/CVE-2026-6509/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-05T15:30:33
1 posts
CVE-2026-59509 (CRITICAL): cve-search POST /fetch_cve_data allows unauth'd access to arbitrary MongoDB collections, exposing admin creds for offline cracking. Restrict endpoint, monitor activity, check vendor updates. https://radar.offseq.com/threat/ghsa-3fmp-59v6-4qw2-ddbb46f84ba1bbe2 #OffSeq #infosec #CVE202659509
##updated 2026-07-05T15:30:33
1 posts
SQL injection (MEDIUM, CVE-2026-14751) in mjperpinosa stumasy: All versions at risk via Notes_controller::search_scratch_data. No patch yet, public exploit exists. Sanitize field_name & restrict access. Details: https://radar.offseq.com/threat/cve-2026-14751-sql-injection-in-mjperpinosa-stumas-6dc8c79135cda9b5 #OffSeq #SQLInjection #Vulnerability #AppSec
##updated 2026-07-05T12:30:30
1 posts
CVE-2026-14738 (MEDIUM, CVSS 6.3) impacts exo-explore exo β€1.0.71. Weak hash in Vision Feature Cache, remote exploit released, high complexity. Patch pending. Review deployments & monitor for updates. https://radar.offseq.com/threat/cve-2026-14738-use-of-weak-hash-in-exo-explore-exo-d776a3211767a5cf #OffSeq #Vulnerability #CVE202614738 #Infosec
##updated 2026-07-05T09:30:24
2 posts
UTT HiPER 1250GW (v3.2.7-210907-180535) hit by HIGH severity stack buffer overflow (CVE-2026-14721). Remote code execution possible via 'ssid' in /goform/ConfigWirelessBase_5g. No patch β restrict access. https://radar.offseq.com/threat/cve-2026-14721-stack-based-buffer-overflow-in-utt--61b09d8093b25eb2 #OffSeq #CVE #Infosec #NetSec
##π CVE-2026-14721 - High (8.8)
A vulnerability has been found in UTT HiPER 1250GW up to 3.2.7-210907-180535. This affects an unknown function of the file /goform/ConfigWirelessBase_5g of the component Web Endpoint. The manipulation of the argument ssid leads to stack-based buff...
π https://www.thehackerwire.com/vulnerability/CVE-2026-14721/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-05T09:30:23
1 posts
CVE-2026-14781 (MEDIUM): Red Hat Build of Keycloak flaw in OIDC broker email_verified claim sync. If trustEmail=true & userinfo enabled, attacker can mark emails as verified. Review config & monitor fixes. https://radar.offseq.com/threat/cve-2026-14781-improper-validation-of-consistency--d19be74f7ead5808 #OffSeq #Keycloak #Vuln #IAM
##updated 2026-07-05T06:30:33
1 posts
SQL injection (MEDIUM severity) found in itsourcecode Hospital Management System 1.0 via 'editid' in /patientorder.php (CVE-2026-14703). No patch yet β enforce input validation & parameterized queries. https://radar.offseq.com/threat/cve-2026-14703-sql-injection-in-itsourcecode-hospi-f942c28e535ca531 #OffSeq #SQLInjection #Vuln #HealthcareIT
##updated 2026-07-05T03:32:41
1 posts
CVE-2026-14691 (MEDIUM): SourceCodester Multi-Vendor Online Grocery Management System 1.0 is vulnerable to remote code injection via update_settings_info in SystemSettings.php. Exploit is public. Monitor & restrict access until fix released. https://radar.offseq.com/threat/cve-2026-14691-code-injection-in-sourcecodester-mu-dfa4f0d89d3ba2d7 #OffSeq #Vuln #AppSec
##updated 2026-07-04T15:30:24
1 posts
π CVE-2026-14534 - High (8.8)
Trail of Bits fickling versions up to and including 0.1.10 do not include the Python standard library modules _posixsubprocess, site, and atexit in the UNSAFE_IMPORTS denylist (fickle.py). Because these modules are absent from the denylist, fickli...
π https://www.thehackerwire.com/vulnerability/CVE-2026-14534/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-04T12:17:01.880000
1 posts
1 repos
CVE-2026-53360: Linux kernel KVM SEV-SNP HIGH vuln allows SEV-SNP guests OOB read/write on host heap memory π§. Heap corruption & info leaks possible. Patch status unclear β avoid untrusted guests & check advisories. https://radar.offseq.com/threat/ghsa-4pq2-jh73-g3hw-1f03f05c22f6fb26 #OffSeq #Linux #Vuln
##updated 2026-07-04T12:16:57.160000
11 posts
2 repos
Here's your weekly batch of Linux local privilege escalation vulnerabilities:
CVE-2026-43499 "GhostLock"
https://nebusec.ai/research/ionstack-part-2/
CVE-2026-46242 "Bad Epoll"
https://github.com/J-jaeyoung/bad-epoll
Enjoy! βοΈ
##Here's your weekly batch of Linux local privilege escalation vulnerabilities:
CVE-2026-43499 "GhostLock"
https://nebusec.ai/research/ionstack-part-2/
CVE-2026-46242 "Bad Epoll"
https://github.com/J-jaeyoung/bad-epoll
Enjoy! βοΈ
##π° New 'Bad Epoll' Linux Kernel Zero-Day (CVE-2026-46242) Grants Full Root Access
π¨ CRITICAL ZERO-DAY: 'Bad Epoll' (CVE-2026-46242) in Linux Kernel allows any local user to gain full root access. The use-after-free bug affects servers, desktops & Android. PoC exists. Patch immediately! π§π₯ #Linux #CyberSecurity #ZeroDay #Infosec
π cyber[.]netsecops[.]io
##Geopolitical: The NATO Summit commenced in Ankara on July 7, addressing defense spending and new air power deals. Ukraine executed long-range drone strikes on Russia's Omsk refinery on July 7. Cybersecurity: A critical Adobe ColdFusion vulnerability (CVE-2026-48282) is being actively exploited. A Linux 'Bad Epoll' root exploit (CVE-2026-46242) has also been publicly released. Technology: The UN Global Dialogue on AI Governance started July 6 in Geneva. Microsoft announced 4,800 job cuts, notably affecting its Xbox division, on July 6.
##β οΈ CRITICAL: Proof-of-Concept Exploit Released for Linux βBad Epollβ Root Access Vulnerability
A public proof-of-concept exploit is now available for CVE-2026-46242, a race-condition use-after-free bug in the Linux kernel epoll facility that allows unprivileged local processes to escalate to root. This affects kernel versions 6.4 and newer, including Android devices. Any system running vulneβ¦
##The new Linux kernel threat that outsmarted AI: Bad Epoll! π¨
Discover the deep technical mechanics of CVE-2026-46242, how it escapes Chrome's sandbox to gain root, and its critical impact on Android/Linux systems. π
π https://denizhalil.com/2026/07/06/bad-epoll-cve-2026-46242-linux-kernel-flaw/
##π° New 'Bad Epoll' Linux Kernel Zero-Day (CVE-2026-46242) Grants Full Root Access
π¨ CRITICAL ZERO-DAY: 'Bad Epoll' (CVE-2026-46242) in Linux Kernel allows any local user to gain full root access. The use-after-free bug affects servers, desktops & Android. PoC exists. Patch immediately! π§π₯ #Linux #CyberSecurity #ZeroDay #Infosec
π cyber[.]netsecops[.]io
##A critical Bad Epoll vulnerability (CVE-2026-46242) allows local users to gain root access on Linux and Android devices. Patch your systems immediately.
#LinuxSecurity #BadEpoll #CyberSecurity #ZeroDay #CVE202646242
https://meterpreter.org/bad-epoll-vulnerability/?utm_source=mastodon&utm_medium=jetpack_social
##Here's a summary of the latest geopolitical, technology, and cybersecurity news:
Geopolitics: Russian President Putin and U.S. President Trump held a 90-minute call on July 4th. Russia claims to have captured Kostyantynivka in eastern Donetsk, Ukraine.
Technology: Grok 4.5 has entered private beta at SpaceX/Tesla. Meta plans to rent out its AI computing power. Micron is expanding high-bandwidth memory (HBM) production in Japan. Five Eyes alliance warns AI-fueled cyberattacks are "months away."
Cybersecurity: A critical "Bad Epoll" Linux kernel flaw (CVE-2026-46242) allows root access on Linux/Android. AI-automated JadePuffer ransomware has been detected. Lazarus Group is pushing 108 malicious packages.
https://thecybersecguru.com/exploits/cve-2026-46242-bad-epoll-linux-vulnerability/
##Bad Epoll (CVE-2026-46242) https://lobste.rs/s/drf6my #linux #security
https://github.com/J-jaeyoung/bad-epoll
updated 2026-07-04T03:31:09
1 posts
π CVE-2025-71343 - High (8.1)
picklescan before 0.0.30 fails to detect malicious pickle files that exploit lib2to3.pgen2.pgen.ParserGenerator.make_label function in the reduce method. Attackers can craft malicious pickle files with embedded code that evades detection but execu...
π https://www.thehackerwire.com/vulnerability/CVE-2025-71343/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-04T03:31:08
1 posts
1 repos
π CVE-2026-54424 - High (8.4)
An Incorrect Use of Privileged APIs vulnerability in Unity Parsec on Windows hosts leads to a potential Elevation of Privilege. This issue affects Parsec through v2026-05-04.0. The patched version is Parsec for Windows version 150-104a. A user ca...
π https://www.thehackerwire.com/vulnerability/CVE-2026-54424/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-04T03:31:08
1 posts
π CVE-2025-71353 - High (8.1)
picklescan before 0.0.28 fails to detect malicious pickle files that exploit torch._dynamo.guards.GuardBuilder.get function in reduce methods. Attackers can craft pickle files with embedded code that evades picklescan detection and executes arbitr...
π https://www.thehackerwire.com/vulnerability/CVE-2025-71353/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-04T03:31:08
1 posts
π CVE-2025-71345 - High (8.1)
picklescan before 0.0.30 fails to detect malicious pickle files that invoke torch.utils.bottleneck.__main__.run_autograd_prof function. Attackers can embed undetected code in pickle files that executes during deserialization, enabling remote code ...
π https://www.thehackerwire.com/vulnerability/CVE-2025-71345/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-03T21:31:47
1 posts
π CVE-2026-56645 - High (8.8)
Heap-based buffer overflow in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.
π https://www.thehackerwire.com/vulnerability/CVE-2026-56645/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-03T21:31:47
1 posts
π CVE-2026-57985 - High (7.6)
Improper input validation in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.
π https://www.thehackerwire.com/vulnerability/CVE-2026-57985/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-03T21:31:47
1 posts
π CVE-2026-58283 - High (8.1)
Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.
π https://www.thehackerwire.com/vulnerability/CVE-2026-58283/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-03T21:31:47
1 posts
π CVE-2026-58276 - High (7.5)
Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.
π https://www.thehackerwire.com/vulnerability/CVE-2026-58276/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-03T21:31:47
1 posts
π CVE-2026-58290 - High (7.5)
Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.
π https://www.thehackerwire.com/vulnerability/CVE-2026-58290/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-03T21:31:47
1 posts
π CVE-2026-58288 - High (8.3)
Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.
π https://www.thehackerwire.com/vulnerability/CVE-2026-58288/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-03T21:31:47
1 posts
π CVE-2026-58287 - High (8.3)
Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.
π https://www.thehackerwire.com/vulnerability/CVE-2026-58287/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-03T21:31:47
1 posts
π CVE-2026-58285 - High (8.3)
Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.
π https://www.thehackerwire.com/vulnerability/CVE-2026-58285/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-03T21:31:47
1 posts
π CVE-2026-58284 - High (8.3)
Improper authorization in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.
π https://www.thehackerwire.com/vulnerability/CVE-2026-58284/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-03T21:31:47
1 posts
π CVE-2026-58294 - High (7.5)
Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.
π https://www.thehackerwire.com/vulnerability/CVE-2026-58294/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-03T21:31:47
1 posts
π CVE-2026-58293 - High (8.1)
External control of file name or path in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.
π https://www.thehackerwire.com/vulnerability/CVE-2026-58293/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-03T21:31:46
1 posts
π CVE-2026-57975 - High (7.5)
Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.
π https://www.thehackerwire.com/vulnerability/CVE-2026-57975/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-03T21:31:41
1 posts
π CVE-2026-58295 - High (8.3)
Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to bypass a security feature over a network.
π https://www.thehackerwire.com/vulnerability/CVE-2026-58295/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-03T21:31:40
1 posts
π CVE-2026-12481 - High (8.8)
A vulnerability in keras-team/keras version 3.14.0 allows for arbitrary code execution due to improper handling of deserialization in the `Lambda` layer. Specifically, the `_raise_for_lambda_deserialization()` function fails to enforce the safe-mo...
π https://www.thehackerwire.com/vulnerability/CVE-2026-12481/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-03T21:31:40
1 posts
π CVE-2026-57992 - High (7.5)
Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.
π https://www.thehackerwire.com/vulnerability/CVE-2026-57992/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-03T21:31:39
1 posts
π CVE-2026-57984 - High (7.5)
Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.
π https://www.thehackerwire.com/vulnerability/CVE-2026-57984/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-03T21:31:39
1 posts
π CVE-2026-57983 - High (8.7)
Improper authorization in Microsoft Edge (Chromium-based) allows an unauthorized attacker to bypass a security feature over a network.
π https://www.thehackerwire.com/vulnerability/CVE-2026-57983/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-03T09:31:35
1 posts
π΄ CVE-2026-14544 - Critical (9.8)
A flaw was found in HPLIP (HP Linux Imaging and Printing Software). This vulnerability, an incomplete fix for CVE-2026-8631, may allow a remote attacker to escalate privileges or achieve arbitrary code execution. This can occur through an integer ...
π https://www.thehackerwire.com/vulnerability/CVE-2026-14544/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-03T06:32:11
1 posts
π CVE-2026-14352 - High (7.5)
The AR for WooCommerce plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 8.40 via the 'file' parameter parameter. This makes it possible for unauthenticated attackers to read the contents of arbitrary ...
π https://www.thehackerwire.com/vulnerability/CVE-2026-14352/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-03T06:32:11
1 posts
π΄ CVE-2026-9725 - Critical (9.1)
The Printcart Web to Print Product Designer for WooCommerce plugin for WordPress is vulnerable to Arbitrary File Deletion in versions up to, and including, 2.5.2 This is due to insufficient path validation in the store_design_data() function, whic...
π https://www.thehackerwire.com/vulnerability/CVE-2026-9725/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-03T00:32:02
1 posts
1 repos
π΄ CVE-2026-13768 - Critical (10)
Gardyn devices expose a privileged iothubowner key. Access to this key will allow a malicious user to invoke an IoTHub Registry Manager function which returns connection information for all Gardyn Home Kit and Studio devices. Access to this key al...
π https://www.thehackerwire.com/vulnerability/CVE-2026-13768/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-03T00:31:57
1 posts
WatchGuard Patches Third Critical IKEv2 RCE in Firebox Appliances
WatchGuard patched a critical pre-authentication RCE vulnerability (CVE-2026-13368) in Firebox appliances. The vulnerability allows unauthenticated attackers to gain administrative control. Legacy T15 and T35 models currently do not have a patch.
**If you use WatchGuard Firebox firewalls, read the advisory in detail. Plan a very quick update to Fireware OS 2026.2.1 or 12.12.1. If you run legacy T15/T35 models, disable external LDAP authentication for IKEv2 as a temporary fix, and if you're on version 11.x, migrate to supported hardware since no patch is coming.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/watchguard-patches-third-critical-ikev2-rce-in-firebox-appliances-l-z-o-j-u/gD2P6Ple2L
updated 2026-07-03T00:31:53
1 posts
π΄ CVE-2026-41106 - Critical (9.3)
Url redirection to untrusted site ('open redirect') in M365 Copilot allows an unauthorized attacker to elevate privileges over a network.
π https://www.thehackerwire.com/vulnerability/CVE-2026-41106/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-02T20:17:04.450000
1 posts
1 repos
O Control Web Panel sofre uma falha crΓtica que exige atualizaΓ§Γ£o urgente nos servidores. A vulnerabilidade CVE-2026-57517 permite a execuΓ§Γ£o remota de cΓ³digo sem autenticaΓ§Γ£o prΓ©via. π¨
##updated 2026-07-02T18:26:29.023000
1 posts
π CVE Published in last 7 days (2026-06-29 - 2026-06-29)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs:
Severity:
- Critical: 195
- High: 612
- Medium: 729
- Low: 114
- None: 230
Status:
- UNKNOWN: 68
- Analyzed: 534
- Awaiting Analysis: 109
- Deferred: 568
- Modified: 39
- Received: 443
- Rejected: 6
- Undergoing Analysis: 113
CISA KEVs:
- CISA-2026:0629 (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0629)
- CISA-2026:0701 (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0701)
Top CNAs:
- Chrome: 434
- VulnCheck: 177
- VulDB: 162
- Patchstack: 125
- Wordfence: 96
- GitHub, Inc.: 81
- N/A: 68
- Microsoft Corporation: 49
- IBM Corporation: 43
- Gitea Limited: 40
Top Affected Products:
- UNKNOWN: 1234
- Google Chrome: 401
- Geovision Inc. Geowebplayer: 16
- Imagemagick: 13
- Langflow: 11
- Nvidia Nemo Megatron Bridge: 11
- Adobe Coldfusion: 10
- Uvnc Ultravnc: 9
- Apache Activemq: 9
- Ibm Websphere Application Server: 8
Top EPSS Score:
- CVE-2026-27771 - 40.74 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-27771)
- CVE-2026-13773 - 3.41 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-13773)
- CVE-2026-56413 - 3.08 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-56413)
- CVE-2026-56415 - 3.07 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-56415)
- CVE-2026-56782 - 3.02 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-56782)
- CVE-2026-13545 - 2.71 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-13545)
- CVE-2026-58452 - 2.42 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-58452)
- CVE-2026-58453 - 1.69 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-58453)
- CVE-2026-56700 - 1.68 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-56700)
- CVE-2026-58457 - 1.67 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-58457)
updated 2026-07-02T15:32:12
3 posts
The CVE-2026-50746 vulnerability affects UniFi Connect Application (versions 3.4.16 and earlier), a management software suite that Ubiquiti customers can use to automate and manage commercial building operations. https://www.bleepingcomputer.com/news/security/ubiquiti-warns-of-new-max-severity-unifi-os-vulnerability/
##CRITICAL: Ubiquiti UniFi OS hit by 7 flaws, incl. CVE-2026-50746 (command injection) in UniFi Connect β€3.4.16. Exploitable w/ network access, no user interaction. Update to 3.4.20+ ASAP. No in-the-wild exploits yet. https://radar.offseq.com/threat/ubiquiti-warns-of-new-max-severity-unifi-os-vulner-d14602d3f7d74505 #OffSeq #Ubiquiti #Infosec #CVE202650746
##Ubiquiti's UniFi security advisory 066 patches 25 flaws, including a critical command injection (CVE-2026-50746) scoring 10.0. Update your devices now.
#Ubiquiti #UniFi #UniFiOS #UniFiProtect #CommandInjection #CyberSecurity
##updated 2026-07-02T12:31:02
1 posts
1 repos
π¨ CVE-2026-10104 PoC published
GitHub: https://github.com/Ravi-lk/CVE-2026-10104-POC
A PoC is available for an authenticated stored XSS issue in Product Video Gallery for WooCommerce.
The flaw affects older versions of the WordPress plugin and can allow JavaScript execution on public product pages after a user with product-editing access injects the payload.
Fixed in 1.5.1.9.
##updated 2026-07-02T12:17:20.070000
1 posts
8 repos
https://github.com/douglasmun/pagecache-lpe-containment-kit
https://github.com/entra1337/DirtyClone
https://github.com/sec0x/CVE-2026-43503
https://github.com/SecureWithUmer/CVE-2026-43503
https://github.com/gl1tch0x1/DirtyClone
https://github.com/aexdyhaxor/CVE-2026-43503-DirtyClone
Dirty Clone β kolejny sposΓ³b na roota pod Linuksem
Nie tak dawno pisaliΕmy o serii podatnoΕci Dirty Frag wystΔpujΔ cych w wiΔkszoΕci nowoczesnych dystrybucji Linuksa. I choΔ mogΕoby siΔ wydawaΔ, ΕΌe deweloperzy naprawili bΕΔdy, to najnowsze badania pokazujΔ , ΕΌe problem nie zostaΕ jednak wyeliminowany. W jΔ drze pozostaΕa bowiem niezaΕatana luka, ktΓ³rΔ badacze z JFrog ochrzcili mianem Dirty Clone (CVE-2026-43503). Podobnie...
#AktualnoΕci #Eskalacja #Hacking #Kernel #Linux #LocalRoot #Lpe #PageCache
https://sekurak.pl/dirty-clone-kolejny-sposob-na-roota-pod-linuksem/
##updated 2026-07-02T12:16:47.143000
2 posts
4 repos
https://github.com/mistbarbarianspot/CVE-2026-45659-SharePoint-RCE
https://github.com/amnsecurity/CVE-2026-45659-SharePoint-RCE
Here's a brief on recent geopolitical, technology, and cybersecurity developments:
Geopolitically, Russia claims control of Kostyantynivka in Ukraine, and Presidents Putin and Trump discussed Ukraine ahead of the upcoming NATO summit. In technology, Amazon launched its satellite internet service to compete with Starlink, and Alibaba banned Anthropic AI usage amidst a data dispute. Cybersecurity noted a US government entity paid $1 million in a data-theft extortion, while a critical SharePoint RCE (CVE-2026-45659) is actively exploited. AI-powered phishing and scams are also targeting the World Cup 2026.
##Geopolitical: US-Iran talks paused for funeral (July 4-5, 2026). Ukraine's Zelenskiy and Trump discussed the Russia-Ukraine war.
Technology: SK Telecom plans a 15GW AI data center in Asia (July 5, 2026). OpenAI reportedly eyes US government equity.
Cybersecurity: CISA urged patching an actively exploited SharePoint RCE (CVE-2026-45659) by July 4, 2026. Ransomware attacks typically spike during US holidays. A Homeland Security network (HSIN) breach was reported.
##updated 2026-07-01T21:36:26
1 posts
π CVE Published in last 7 days (2026-06-29 - 2026-06-29)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs:
Severity:
- Critical: 195
- High: 612
- Medium: 729
- Low: 114
- None: 230
Status:
- UNKNOWN: 68
- Analyzed: 534
- Awaiting Analysis: 109
- Deferred: 568
- Modified: 39
- Received: 443
- Rejected: 6
- Undergoing Analysis: 113
CISA KEVs:
- CISA-2026:0629 (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0629)
- CISA-2026:0701 (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0701)
Top CNAs:
- Chrome: 434
- VulnCheck: 177
- VulDB: 162
- Patchstack: 125
- Wordfence: 96
- GitHub, Inc.: 81
- N/A: 68
- Microsoft Corporation: 49
- IBM Corporation: 43
- Gitea Limited: 40
Top Affected Products:
- UNKNOWN: 1234
- Google Chrome: 401
- Geovision Inc. Geowebplayer: 16
- Imagemagick: 13
- Langflow: 11
- Nvidia Nemo Megatron Bridge: 11
- Adobe Coldfusion: 10
- Uvnc Ultravnc: 9
- Apache Activemq: 9
- Ibm Websphere Application Server: 8
Top EPSS Score:
- CVE-2026-27771 - 40.74 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-27771)
- CVE-2026-13773 - 3.41 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-13773)
- CVE-2026-56413 - 3.08 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-56413)
- CVE-2026-56415 - 3.07 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-56415)
- CVE-2026-56782 - 3.02 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-56782)
- CVE-2026-13545 - 2.71 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-13545)
- CVE-2026-58452 - 2.42 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-58452)
- CVE-2026-58453 - 1.69 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-58453)
- CVE-2026-56700 - 1.68 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-56700)
- CVE-2026-58457 - 1.67 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-58457)
updated 2026-07-01T19:59:44.537000
1 posts
BMC patches Control-M command injection flaw CVE-2026-10539, an unauthenticated remote command injection bug rated CVSS 9.5.
##updated 2026-07-01T18:32:05
1 posts
π CVE Published in last 7 days (2026-06-29 - 2026-06-29)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs:
Severity:
- Critical: 195
- High: 612
- Medium: 729
- Low: 114
- None: 230
Status:
- UNKNOWN: 68
- Analyzed: 534
- Awaiting Analysis: 109
- Deferred: 568
- Modified: 39
- Received: 443
- Rejected: 6
- Undergoing Analysis: 113
CISA KEVs:
- CISA-2026:0629 (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0629)
- CISA-2026:0701 (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0701)
Top CNAs:
- Chrome: 434
- VulnCheck: 177
- VulDB: 162
- Patchstack: 125
- Wordfence: 96
- GitHub, Inc.: 81
- N/A: 68
- Microsoft Corporation: 49
- IBM Corporation: 43
- Gitea Limited: 40
Top Affected Products:
- UNKNOWN: 1234
- Google Chrome: 401
- Geovision Inc. Geowebplayer: 16
- Imagemagick: 13
- Langflow: 11
- Nvidia Nemo Megatron Bridge: 11
- Adobe Coldfusion: 10
- Uvnc Ultravnc: 9
- Apache Activemq: 9
- Ibm Websphere Application Server: 8
Top EPSS Score:
- CVE-2026-27771 - 40.74 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-27771)
- CVE-2026-13773 - 3.41 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-13773)
- CVE-2026-56413 - 3.08 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-56413)
- CVE-2026-56415 - 3.07 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-56415)
- CVE-2026-56782 - 3.02 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-56782)
- CVE-2026-13545 - 2.71 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-13545)
- CVE-2026-58452 - 2.42 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-58452)
- CVE-2026-58453 - 1.69 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-58453)
- CVE-2026-56700 - 1.68 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-56700)
- CVE-2026-58457 - 1.67 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-58457)
updated 2026-07-01T18:32:04
1 posts
π CVE Published in last 7 days (2026-06-29 - 2026-06-29)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs:
Severity:
- Critical: 195
- High: 612
- Medium: 729
- Low: 114
- None: 230
Status:
- UNKNOWN: 68
- Analyzed: 534
- Awaiting Analysis: 109
- Deferred: 568
- Modified: 39
- Received: 443
- Rejected: 6
- Undergoing Analysis: 113
CISA KEVs:
- CISA-2026:0629 (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0629)
- CISA-2026:0701 (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0701)
Top CNAs:
- Chrome: 434
- VulnCheck: 177
- VulDB: 162
- Patchstack: 125
- Wordfence: 96
- GitHub, Inc.: 81
- N/A: 68
- Microsoft Corporation: 49
- IBM Corporation: 43
- Gitea Limited: 40
Top Affected Products:
- UNKNOWN: 1234
- Google Chrome: 401
- Geovision Inc. Geowebplayer: 16
- Imagemagick: 13
- Langflow: 11
- Nvidia Nemo Megatron Bridge: 11
- Adobe Coldfusion: 10
- Uvnc Ultravnc: 9
- Apache Activemq: 9
- Ibm Websphere Application Server: 8
Top EPSS Score:
- CVE-2026-27771 - 40.74 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-27771)
- CVE-2026-13773 - 3.41 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-13773)
- CVE-2026-56413 - 3.08 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-56413)
- CVE-2026-56415 - 3.07 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-56415)
- CVE-2026-56782 - 3.02 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-56782)
- CVE-2026-13545 - 2.71 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-13545)
- CVE-2026-58452 - 2.42 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-58452)
- CVE-2026-58453 - 1.69 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-58453)
- CVE-2026-56700 - 1.68 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-56700)
- CVE-2026-58457 - 1.67 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-58457)
updated 2026-07-01T18:31:59
1 posts
At least Cisco is undeterred by the news slump over the long July 4 holiday. This is a new advisory:
High-severity CVE-2026-20191: Cisco Catalyst Center Arbitrary File Read Vulnerability https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-catc-file-read-wLH2vf8X @TalosSecurity #infosec #Cisco #vulnerability
##updated 2026-07-01T18:17:31.553000
1 posts
π CVE Published in last 7 days (2026-06-29 - 2026-06-29)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs:
Severity:
- Critical: 195
- High: 612
- Medium: 729
- Low: 114
- None: 230
Status:
- UNKNOWN: 68
- Analyzed: 534
- Awaiting Analysis: 109
- Deferred: 568
- Modified: 39
- Received: 443
- Rejected: 6
- Undergoing Analysis: 113
CISA KEVs:
- CISA-2026:0629 (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0629)
- CISA-2026:0701 (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0701)
Top CNAs:
- Chrome: 434
- VulnCheck: 177
- VulDB: 162
- Patchstack: 125
- Wordfence: 96
- GitHub, Inc.: 81
- N/A: 68
- Microsoft Corporation: 49
- IBM Corporation: 43
- Gitea Limited: 40
Top Affected Products:
- UNKNOWN: 1234
- Google Chrome: 401
- Geovision Inc. Geowebplayer: 16
- Imagemagick: 13
- Langflow: 11
- Nvidia Nemo Megatron Bridge: 11
- Adobe Coldfusion: 10
- Uvnc Ultravnc: 9
- Apache Activemq: 9
- Ibm Websphere Application Server: 8
Top EPSS Score:
- CVE-2026-27771 - 40.74 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-27771)
- CVE-2026-13773 - 3.41 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-13773)
- CVE-2026-56413 - 3.08 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-56413)
- CVE-2026-56415 - 3.07 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-56415)
- CVE-2026-56782 - 3.02 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-56782)
- CVE-2026-13545 - 2.71 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-13545)
- CVE-2026-58452 - 2.42 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-58452)
- CVE-2026-58453 - 1.69 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-58453)
- CVE-2026-56700 - 1.68 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-56700)
- CVE-2026-58457 - 1.67 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-58457)
updated 2026-07-01T15:52:58.800000
3 posts
5 repos
https://github.com/derekpreston81/CVE_ADC_IOC_2026
https://github.com/attarwahyup/Netscaler-CVE-2026-8451
https://github.com/watchtowrlabs/watchTowr-vs-Netscaler-CVE-2026-8451
CitrixBleed To Infinity And Beyond (Citrix NetScaler Pre-Auth Memory Overread CVE-2026-8451) https://labs.watchtowr.com/citrixbleed-to-infinity-and-beyond-citrix-netscaler-pre-auth-memory-overread-cve-2026-8451/
##CitrixBleed To Infinity And Beyond (Citrix NetScaler Pre-Auth Memory Overread CVE-2026-8451) https://labs.watchtowr.com/citrixbleed-to-infinity-and-beyond-citrix-netscaler-pre-auth-memory-overread-cve-2026-8451/
##CitrixBleed To Infinity And Beyond (Citrix NetScaler Pre-Auth Memory Overread CVE-2026-8451) https://labs.watchtowr.com/citrixbleed-to-infinity-and-beyond-citrix-netscaler-pre-auth-memory-overread-cve-2026-8451/
##updated 2026-07-01T15:35:28
1 posts
π€ Researchers at runZero say AI-assisted testing found 7 security flaws in the FatFs FAT/exFAT filesystem library (CVE-2026-6682 to CVE-2026-6688), potentially exposing millions of embedded devices via malicious USB drives/SD cardsβand sometimes OTA update paths. ππ https://cyberinsider.com/ai-helps-find-flaws-in-fatfs-library-used-in-millions-of-devices/ #cybersecurity #IoT #vulnerabilities #embedded
##updated 2026-07-01T15:35:27
1 posts
New pretix vulnerabilities include a critical session takeover chain (CVE-2026-13602) and an SSRF API key leak. Update to 2026.5.3 now.
#pretix #SessionTakeover #SSRF #CyberSecurity #CVE202613602 #CVE202613603
https://securityonline.info/pretix-vulnerabilities/?utm_source=mastodon&utm_medium=jetpack_social
##updated 2026-07-01T15:35:27
1 posts
π€ Researchers at runZero say AI-assisted testing found 7 security flaws in the FatFs FAT/exFAT filesystem library (CVE-2026-6682 to CVE-2026-6688), potentially exposing millions of embedded devices via malicious USB drives/SD cardsβand sometimes OTA update paths. ππ https://cyberinsider.com/ai-helps-find-flaws-in-fatfs-library-used-in-millions-of-devices/ #cybersecurity #IoT #vulnerabilities #embedded
##updated 2026-07-01T00:34:43
1 posts
π CVE Published in last 7 days (2026-06-29 - 2026-06-29)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs:
Severity:
- Critical: 195
- High: 612
- Medium: 729
- Low: 114
- None: 230
Status:
- UNKNOWN: 68
- Analyzed: 534
- Awaiting Analysis: 109
- Deferred: 568
- Modified: 39
- Received: 443
- Rejected: 6
- Undergoing Analysis: 113
CISA KEVs:
- CISA-2026:0629 (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0629)
- CISA-2026:0701 (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0701)
Top CNAs:
- Chrome: 434
- VulnCheck: 177
- VulDB: 162
- Patchstack: 125
- Wordfence: 96
- GitHub, Inc.: 81
- N/A: 68
- Microsoft Corporation: 49
- IBM Corporation: 43
- Gitea Limited: 40
Top Affected Products:
- UNKNOWN: 1234
- Google Chrome: 401
- Geovision Inc. Geowebplayer: 16
- Imagemagick: 13
- Langflow: 11
- Nvidia Nemo Megatron Bridge: 11
- Adobe Coldfusion: 10
- Uvnc Ultravnc: 9
- Apache Activemq: 9
- Ibm Websphere Application Server: 8
Top EPSS Score:
- CVE-2026-27771 - 40.74 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-27771)
- CVE-2026-13773 - 3.41 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-13773)
- CVE-2026-56413 - 3.08 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-56413)
- CVE-2026-56415 - 3.07 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-56415)
- CVE-2026-56782 - 3.02 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-56782)
- CVE-2026-13545 - 2.71 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-13545)
- CVE-2026-58452 - 2.42 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-58452)
- CVE-2026-58453 - 1.69 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-58453)
- CVE-2026-56700 - 1.68 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-56700)
- CVE-2026-58457 - 1.67 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-58457)
updated 2026-07-01T00:34:43
1 posts
π CVE Published in last 7 days (2026-06-29 - 2026-06-29)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs:
Severity:
- Critical: 195
- High: 612
- Medium: 729
- Low: 114
- None: 230
Status:
- UNKNOWN: 68
- Analyzed: 534
- Awaiting Analysis: 109
- Deferred: 568
- Modified: 39
- Received: 443
- Rejected: 6
- Undergoing Analysis: 113
CISA KEVs:
- CISA-2026:0629 (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0629)
- CISA-2026:0701 (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0701)
Top CNAs:
- Chrome: 434
- VulnCheck: 177
- VulDB: 162
- Patchstack: 125
- Wordfence: 96
- GitHub, Inc.: 81
- N/A: 68
- Microsoft Corporation: 49
- IBM Corporation: 43
- Gitea Limited: 40
Top Affected Products:
- UNKNOWN: 1234
- Google Chrome: 401
- Geovision Inc. Geowebplayer: 16
- Imagemagick: 13
- Langflow: 11
- Nvidia Nemo Megatron Bridge: 11
- Adobe Coldfusion: 10
- Uvnc Ultravnc: 9
- Apache Activemq: 9
- Ibm Websphere Application Server: 8
Top EPSS Score:
- CVE-2026-27771 - 40.74 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-27771)
- CVE-2026-13773 - 3.41 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-13773)
- CVE-2026-56413 - 3.08 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-56413)
- CVE-2026-56415 - 3.07 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-56415)
- CVE-2026-56782 - 3.02 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-56782)
- CVE-2026-13545 - 2.71 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-13545)
- CVE-2026-58452 - 2.42 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-58452)
- CVE-2026-58453 - 1.69 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-58453)
- CVE-2026-56700 - 1.68 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-56700)
- CVE-2026-58457 - 1.67 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-58457)
updated 2026-06-30T21:31:52
1 posts
IBM WebSphere vulnerabilities like CVE-2026-11712 expose servers to severe XSS and path traversal attacks. Patch systems immediately.
##updated 2026-06-30T15:30:32
1 posts
1 repos
Enterprise Tech In, Shell Out (Progress Kemp LoadMaster Uninitialized Heap to Pre-Auth RCE CVE-2026-8037) https://labs.watchtowr.com/enterprise-tech-in-shell-out-progress-kemp-loadmaster-uninitialized-heap-to-pre-auth-rce-cve-2026-8037/
##updated 2026-06-30T03:36:46
1 posts
π΄ CVE-2026-14544 - Critical (9.8)
A flaw was found in HPLIP (HP Linux Imaging and Printing Software). This vulnerability, an incomplete fix for CVE-2026-8631, may allow a remote attacker to escalate privileges or achieve arbitrary code execution. This can occur through an integer ...
π https://www.thehackerwire.com/vulnerability/CVE-2026-14544/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-06-30T03:36:36
1 posts
8 repos
https://github.com/0xBlackash/CVE-2026-23111
https://github.com/vrtlbob/Linux-Kernel-Vulnerabilities-CVE-2026-23111
https://github.com/HORKimhab/CVE-2026-23111
https://github.com/bakano98/cve-2026-23111-poc
https://github.com/ishankaru/CVE-2026-23111-nftables-lab
https://github.com/seguridadentrerios/CVE-2026-23111
Root-Zugriff durch einen Linux-Kernel-Bug: Ein einzelnes falsch gesetztes Ausrufezeichen in Nftables (CVE-2026-23111) negierte eine Bedingung und ΓΆffnete eine Use-after-free-LΓΌcke. Angreifer mit einfachen Rechten kΓΆnnen Code als Root ausfΓΌhren. Patch seit Feb. 2026. ππ§ https://www.golem.de/news/root-zugriff-moeglich-falsch-gesetztes-zeichen-reisst-luecke-in-den-linux-kernel-2607-210595.html #Linux #Security #CVE #Nftables
##updated 2026-06-29T20:17:39.907000
1 posts
2 repos
π CVE Published in last 7 days (2026-06-29 - 2026-06-29)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs:
Severity:
- Critical: 195
- High: 612
- Medium: 729
- Low: 114
- None: 230
Status:
- UNKNOWN: 68
- Analyzed: 534
- Awaiting Analysis: 109
- Deferred: 568
- Modified: 39
- Received: 443
- Rejected: 6
- Undergoing Analysis: 113
CISA KEVs:
- CISA-2026:0629 (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0629)
- CISA-2026:0701 (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0701)
Top CNAs:
- Chrome: 434
- VulnCheck: 177
- VulDB: 162
- Patchstack: 125
- Wordfence: 96
- GitHub, Inc.: 81
- N/A: 68
- Microsoft Corporation: 49
- IBM Corporation: 43
- Gitea Limited: 40
Top Affected Products:
- UNKNOWN: 1234
- Google Chrome: 401
- Geovision Inc. Geowebplayer: 16
- Imagemagick: 13
- Langflow: 11
- Nvidia Nemo Megatron Bridge: 11
- Adobe Coldfusion: 10
- Uvnc Ultravnc: 9
- Apache Activemq: 9
- Ibm Websphere Application Server: 8
Top EPSS Score:
- CVE-2026-27771 - 40.74 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-27771)
- CVE-2026-13773 - 3.41 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-13773)
- CVE-2026-56413 - 3.08 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-56413)
- CVE-2026-56415 - 3.07 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-56415)
- CVE-2026-56782 - 3.02 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-56782)
- CVE-2026-13545 - 2.71 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-13545)
- CVE-2026-58452 - 2.42 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-58452)
- CVE-2026-58453 - 1.69 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-58453)
- CVE-2026-56700 - 1.68 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-56700)
- CVE-2026-58457 - 1.67 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-58457)
updated 2026-06-29T09:30:32
1 posts
π CVE Published in last 7 days (2026-06-29 - 2026-06-29)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs:
Severity:
- Critical: 195
- High: 612
- Medium: 729
- Low: 114
- None: 230
Status:
- UNKNOWN: 68
- Analyzed: 534
- Awaiting Analysis: 109
- Deferred: 568
- Modified: 39
- Received: 443
- Rejected: 6
- Undergoing Analysis: 113
CISA KEVs:
- CISA-2026:0629 (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0629)
- CISA-2026:0701 (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0701)
Top CNAs:
- Chrome: 434
- VulnCheck: 177
- VulDB: 162
- Patchstack: 125
- Wordfence: 96
- GitHub, Inc.: 81
- N/A: 68
- Microsoft Corporation: 49
- IBM Corporation: 43
- Gitea Limited: 40
Top Affected Products:
- UNKNOWN: 1234
- Google Chrome: 401
- Geovision Inc. Geowebplayer: 16
- Imagemagick: 13
- Langflow: 11
- Nvidia Nemo Megatron Bridge: 11
- Adobe Coldfusion: 10
- Uvnc Ultravnc: 9
- Apache Activemq: 9
- Ibm Websphere Application Server: 8
Top EPSS Score:
- CVE-2026-27771 - 40.74 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-27771)
- CVE-2026-13773 - 3.41 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-13773)
- CVE-2026-56413 - 3.08 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-56413)
- CVE-2026-56415 - 3.07 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-56415)
- CVE-2026-56782 - 3.02 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-56782)
- CVE-2026-13545 - 2.71 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-13545)
- CVE-2026-58452 - 2.42 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-58452)
- CVE-2026-58453 - 1.69 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-58453)
- CVE-2026-56700 - 1.68 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-56700)
- CVE-2026-58457 - 1.67 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-58457)
updated 2026-06-26T16:51:25.290000
1 posts
Discover the new Cursor IDE RCE vulnerability called DuneSlide. This critical sandbox escape flaw assigned CVE-2026-50548 threatens developer environments.
##updated 2026-06-26T05:16:31.673000
13 posts
OpenBSD has a use-after-free allowing local privilege escalation to root: https://nvd.nist.gov/vuln/detail/cve-2026-57589
Discussion: http://news.ycombinator.com/item?id=48831658
##π° Today's Top 20 Hacker News Stories (Sorted by Score) π°
----------------------------------------
π Title: Decoding the obfuscated bash script on a Uniqlo t-shirt
π URL: https://tris.sherliker.net/blog/obfuscated-self-evaluating-bash-script-by-cdn-akamai-being-supplied-to-consumers-via-retail-stores/
π Score: [1103]
π¬ Discussion: https://news.ycombinator.com/item?id=48829312
----------------------------------------
π Title: GitLost: We Tricked GitHub's AI Agent into Leaking Private Repos
π URL: https://noma.security/blog/gitlost-how-we-tricked-githubs-ai-agent-into-leaking-private-repos/
π Score: [461]
π¬ Discussion: https://news.ycombinator.com/item?id=48827858
----------------------------------------
π Title: Chatto is now Open Source
π URL: https://www.hmans.dev/blog/chatto-is-open-source
π Score: [378]
π¬ Discussion: https://news.ycombinator.com/item?id=48833116
----------------------------------------
π Title: GPTβLive
π URL: https://openai.com/index/introducing-gpt-live/
π Score: [336]
π¬ Discussion: https://news.ycombinator.com/item?id=48834405
----------------------------------------
π Title: Tenda firmware (multiple versions) contains hidden authentication backdoor
π URL: https://kb.cert.org/vuls/id/213560
π Score: [326]
π¬ Discussion: https://news.ycombinator.com/item?id=48825749
----------------------------------------
π Title: How to Build a Minimal ZFS NAS Without Synology, QNAP, TrueNAS (2024)
π URL: https://neil.computer/notes/how-to-setup-minimal-zfs-nas-without-truenas/
π Score: [313]
π¬ Discussion: https://news.ycombinator.com/item?id=48827325
----------------------------------------
π Title: EVE Online's Carbon engine is now open source: Fenris Creations explains why
π URL: https://www.gamesindustry.biz/eve-onlines-carbon-engine-is-now-open-source-fenris-creations-explains-why
π Score: [309]
π¬ Discussion: https://news.ycombinator.com/item?id=48780387
----------------------------------------
π Title: Structure and Interpretation of Computer Programs Video Lectures (1986)
π URL: https://ocw.mit.edu/courses/6-001-structure-and-interpretation-of-computer-programs-spring-2005/video_galleries/video-lectures/
π Score: [305]
π¬ Discussion: https://news.ycombinator.com/item?id=48825664
----------------------------------------
π Title: Mistral's Robostral Navigate: a state of the art robotics navigation model
π URL: https://mistral.ai/news/robostral-navigate/
π Score: [299]
π¬ Discussion: https://news.ycombinator.com/item?id=48832212
----------------------------------------
π Title: Apple to increase spend with Broadcom to produce billions more U.S. chips
π URL: https://www.apple.com/newsroom/2026/07/apple-to-increase-spend-with-broadcom-to-produce-billions-more-us-chips/
π Score: [248]
π¬ Discussion: https://news.ycombinator.com/item?id=48830565
----------------------------------------
π Title: TypeScript 7
π URL: https://devblogs.microsoft.com/typescript/announcing-typescript-7-0/
π Score: [199]
π¬ Discussion: https://news.ycombinator.com/item?id=48833715
----------------------------------------
π Title: OpenBSD has a use-after-free allowing local privilege escalation to root
π URL: https://nvd.nist.gov/vuln/detail/cve-2026-57589
π Score: [174]
π¬ Discussion: https://news.ycombinator.com/item?id=48831658
----------------------------------------
π Title: Cloudflare Meerkat - Globally distributed consensus
π URL: https://blog.cloudflare.com/meerkat-introduction/
π Score: [157]
π¬ Discussion: https://news.ycombinator.com/item?id=48831565
----------------------------------------
π Title: Grok 4.5
π URL: https://x.ai/news/grok-4-5
π Score: [152]
π¬ Discussion: https://news.ycombinator.com/item?id=48835111
----------------------------------------
π Title: EU now one step away from reviving private message scanning rules
π URL: https://cyberinsider.com/eu-now-one-step-away-from-reviving-private-message-scanning-rules/
π Score: [133]
π¬ Discussion: https://news.ycombinator.com/item?id=48834296
----------------------------------------
π Title: SWE-1.7 Reach Near GPT 5.5 and Opus Intelligence
π URL: https://cognition.com/blog/swe-1-7
π Score: [130]
π¬ Discussion: https://news.ycombinator.com/item?id=48833866
----------------------------------------
π Title: Japan's Hayabusa2 probe to conduct flyby of Torifune asteroid
π URL: https://www3.nhk.or.jp/nhkworld/en/news/20260705_01/
π Score: [128]
π¬ Discussion: https://news.ycombinator.com/item?id=48792980
----------------------------------------
π Title: Geosql: A Claude/Codex skill for geospatial data
π URL: https://github.com/dekart-xyz/geosql
π Score: [107]
π¬ Discussion: https://news.ycombinator.com/item?id=48829242
----------------------------------------
π Title: Show HN: Follow London Trains in 3D
π URL: https://ride.nexttrain.london/
π Score: [94]
π¬ Discussion: https://news.ycombinator.com/item?id=48786455
----------------------------------------
π Title: NoiseLang: Where N = 5 is a Dirac delta
π URL: https://manualmeida.dev/articles/noiselang/
π Score: [89]
π¬ Discussion: https://news.ycombinator.com/item?id=48803791
----------------------------------------
OpenBSD has a use-after-free allowing local privilege escalation to root
Link: https://nvd.nist.gov/vuln/detail/cve-2026-57589
Discussion: https://news.ycombinator.com/item?id=48831658
OpenBSD has a use-after-free allowing local privilege escalation to root
Link: https://nvd.nist.gov/vuln/detail/cve-2026-57589
Comments: https://news.ycombinator.com/item?id=48831658
OpenBSD has a use-after-free allowing local privilege escalation to root
Link: https://nvd.nist.gov/vuln/detail/cve-2026-57589
Discussion: https://news.ycombinator.com/item?id=48831658
OpenBSD has a use-after-free allowing local privilege escalation to root
Link: https://nvd.nist.gov/vuln/detail/cve-2026-57589
Discussion: https://news.ycombinator.com/item?id=48831658
OpenBSD has a use-after-free allowing local privilege escalation to root
Link: https://nvd.nist.gov/vuln/detail/cve-2026-57589
Comments: https://news.ycombinator.com/item?id=48831658
OpenBSD has a use-after-free allowing local privilege escalation to root
Link: https://nvd.nist.gov/vuln/detail/cve-2026-57589
Discussion: https://news.ycombinator.com/item?id=48831658
OpenBSD has a use-after-free allowing local privilege escalation to root - https://nvd.nist.gov/vuln/detail/cve-2026-57589
##Oh, joy! π A riveting tale of OpenBSD's latest "oopsie-daisy" moment, where users can magically escalate privilegesβbecause who doesn't love a good #security blunder? Meanwhile, the article itself is a masterpiece of accessibility: blocked by Cloudflare like a bouncer at a club for nerds. π΅οΈββοΈπ
https://nvd.nist.gov/vuln/detail/cve-2026-57589 #OpenBSD #Blunder #Accessibility #Issues #HackerNews #PrivilegeEscalation #HackerNews #ngated
OpenBSD has a use-after-free allowing local privilege escalation to root
https://nvd.nist.gov/vuln/detail/cve-2026-57589
Comments: https://news.ycombinator.com/item?id=48831658
#HackerNews #OpenBSD #UseAfterFree #PrivilegeEscalation #Cybersecurity #Vulnerability #CVE-2026-57589
##OpenBSD has a use-after-free allowing local privilege escalation to root
##OpenBSD through 7.9 has a use-after-free allowing local privilege escalation to root (CVE-2026-57589) https://lobste.rs/s/7hmu0w #openbsd #security
https://nvd.nist.gov/vuln/detail/cve-2026-57589
updated 2026-06-24T18:32:50
1 posts
π‘οΈ Linux rocked by CVE-2026-53111: a single faulty character leads to a use-after-free flaw that can help unprivileged users evade sandbox defensesβand escalate to root. Researchers say the February kernel fix has been backported to major distros. #Linux #Security https://arstechnica.com/security/2026/06/a-single-errant-character-in-the-linux-kernel-allows-attacker-to-gain-root/
##updated 2026-06-23T15:32:31
1 posts
APISIX authentication bypass CVE-2026-39999 lets attackers forge JWTs via algorithm confusion. APISIX 3.16.0 is affected; upgrade to 3.16.1.
#APISIX #ApacheAPISIX #JWT #AuthBypass #InfoSec
https://securityonline.info/apisix-jwt-auth-bypass/?utm_source=mastodon&utm_medium=jetpack_social
##updated 2026-06-17T18:36:07
1 posts
If you missed this yesterday, Cisco posted this advisory on a critical vulnerability that was first published in June.
CRITICAL: CVE-2026-20181 and CVE-2026-20190: Cisco Identity Services Engine Remote Code Execution and Information Disclosure Vulnerabilities https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-multi-G5WP8vv @TalosSecurity
More: https://sec.cloudapps.cisco.com/security/center/publicationListing.x #Cisco #infosec #vulnerability
##updated 2026-06-17T18:36:07
1 posts
If you missed this yesterday, Cisco posted this advisory on a critical vulnerability that was first published in June.
CRITICAL: CVE-2026-20181 and CVE-2026-20190: Cisco Identity Services Engine Remote Code Execution and Information Disclosure Vulnerabilities https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-multi-G5WP8vv @TalosSecurity
More: https://sec.cloudapps.cisco.com/security/center/publicationListing.x #Cisco #infosec #vulnerability
##updated 2026-06-17T18:10:20
1 posts
π CVE-2026-28737 - High (8.7)
Gitea versions from 1.25.0 before 1.26.0 allow stored cross-site scripting through the extensionsRequired field in glTF files rendered by the 3D file viewer.
π https://www.thehackerwire.com/vulnerability/CVE-2026-28737/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-06-17T10:25:46.367000
1 posts
2 repos
Synacktiv publicly disclosed a Kerberos reflection bypass, CVE-2026-26128, with PoC exploit code. It yields SYSTEM on most Windows builds. Patch now.
##updated 2026-06-17T07:26:44.557000
2 posts
βΌοΈ New Dark Web Informer Blog Post!
Title: Foxit PDF Reader RCE Flaw CVE-2024-30326 Highlights PDF Attack Surface
Link: https://darkwebinformer.com/foxit-pdf-reader-rce-flaw-cve-2024-30326-highlights-pdf-attack-surface/
##βΌοΈ New Dark Web Informer Blog Post!
Title: Foxit PDF Reader RCE Flaw CVE-2024-30326 Highlights PDF Attack Surface
Link: https://darkwebinformer.com/foxit-pdf-reader-rce-flaw-cve-2024-30326-highlights-pdf-attack-surface/
##updated 2026-06-17T07:17:49.183000
1 posts
A Linux kernel vulnerability (CVE-2024-26582) has a public PoC that turns a TLS use-after-free into a root shell. Details and exploit are out.
#Linux #KernelSecurity #CVE202426582 #UseAfterFree #CyberSecurity
##updated 2026-06-16T23:41:03
1 posts
π CVE-2026-26231 - High (8.5)
Gitea versions up to and including 1.26.1 allow the Allow edits from maintainers permission path to authorize commits to repositories that the user can read but should not be able to write.
π https://www.thehackerwire.com/vulnerability/CVE-2026-26231/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-06-16T23:40:35
1 posts
1 repos
π CVE-2026-28699 - High (8.1)
Gitea versions up to and including 1.26.1 allow OAuth2 access token scope enforcement to be bypassed through HTTP Basic authentication.
π https://www.thehackerwire.com/vulnerability/CVE-2026-28699/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-06-16T23:38:13
1 posts
π CVE-2026-28744 - High (8.1)
Gitea versions up to and including 1.26.1 allow Git smart HTTP requests authenticated with bearer tokens to bypass repository token scope checks.
π https://www.thehackerwire.com/vulnerability/CVE-2026-28744/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-06-11T17:16:09
1 posts
β οΈ CVE-2026-48062: CodeIgniter4 RCE Risk
CodeIgniter4 has a critical ext_in upload validation bypass with a CVSS 9.8 severity score.
Under unsafe upload configurations, a malicious file may bypass extension checks and potentially lead to remote code execution.
FOFA reports 14,862 matching CodeIgniter results over the past year.
Risk conditions:
β’ User-controlled uploads
β’ ext_in used for validation
β’ Original filenames preserved
β’ Uploads stored in a web-accessible path
β’ Script execution allowed in that directory
Patch: upgrade to CodeIgniter4 4.7.3+
FOFA Query: app="CodeIgniter"
FOFA Link: https://en.fofa.info/result?qbase64=YXBwPSJDb2RlSWduaXRlciI=
Search results are not confirmed vulnerable hosts. Validate before taking action.
##updated 2026-05-20T18:32:38
2 posts
Reporting a 19+ Years Hidden Linux Kernel Zero-Day for Google kernelCTF: CVE-2026-43456 https://lobste.rs/s/txjns0 #linux #networking #security
https://gmo-cybersecurity.com/blog/19-years-hidden-80000-rewarded-reporting-a-linux-kernel-zero-day-for-google-kernelctf/
https://thecybersecguru.com/exploits/cve-2026-43456-linux-kernel-zero-day/
##updated 2026-05-12T18:30:49
1 posts
A SharePoint remote code execution flaw (CVE-2026-33112) is now public with full details and PoC. A low-privilege user can run code. Patch now.
##updated 2025-11-05T20:12:46
4 posts
27 repos
https://github.com/xuemian168/CVE-2025-3248
https://github.com/imbas007/CVE-2025-3248
https://github.com/Kiraly07/Demo_CVE-2025-3248
https://github.com/EQSTLab/CVE-2025-3248
https://github.com/12-test-12/CVE-2025-3248
https://github.com/tiemio/RCE-CVE-2025-3248
https://github.com/bambooqj/cve-2025-3248
https://github.com/ill-deed/Langflow-CVE-2025-3248-Multi-target
https://github.com/verylazytech/CVE-2025-3248
https://github.com/vigilante-1337/CVE-2025-3248
https://github.com/peiqiF4ck/WebFrameworkTools-5.5-enhance
https://github.com/0-d3y/langflow-rce-exploit
https://github.com/r0otk3r/CVE-2025-3248
https://github.com/dennisec/CVE-2025-3248
https://github.com/wand3rlust/CVE-2025-3248
https://github.com/PuddinCat/CVE-2025-3248-POC
https://github.com/0xgh057r3c0n/CVE-2025-3248
https://github.com/b0ySie7e/CVE-2025-3248-POC
https://github.com/min8282/CVE-2025-3248
https://github.com/zapstiko/CVE-2025-3248
https://github.com/get-xor/coreweave-demo-2026-05
https://github.com/Praison001/CVE-2025-3248
https://github.com/Vip3rLi0n/CVE-2025-3248
https://github.com/ynsmroztas/CVE-2025-3248-Langflow-RCE
https://github.com/drackyjr/cve-2025-3248-exploit
CVE-2025-3248 - Changed to Known Ransomware Status
Langflow Missing Authentication VulnerabilityVendor: LangflowProduct: LangflowLangflow contains a missing authentication vulnerability in the /api/v1/validate/code endpoint that allows a remote, unauthenticated attacker to execute arbitrary code via crafted HTTP requests.Status changed from Unknown to Known for ransomware campaign usage.Flip detected on: July 07, 2026 at 15:00:35 UTCDate Addedhttps://nvd.nist.gov/vuln/detail/CVE-2025-3248
##β οΈ CRITICAL: Sysdig clocks first documented case of agentic ransomware
JadePuffer deployed the first documented end-to-end agentic ransomware attack in June 2026, using AI agents to autonomously conduct reconnaissance, steal credentials, move laterally, and encrypt systems. The attack exploited CVE-2025-3248 in Langflow and targeted MySQL and Alibaba Nacos instances.β¦
##We're here! AI Agent executed automated Ransomware operation.
JadePuffer used an autonomous AI agent for reconnaissance on the target, to steal credentials, move laterally, establish persistence, escalate privileges, and to encrypt data.
WHOA! βThe operation also adapted in real time, retrying failed steps within refined parameters. In one sequence, it went from a failed login to a working fix in 31 seconds,β
NIST CVE (CVE-2025-3248) posted here: https://nvd.nist.gov/vuln/detail/CVE-2025-3248 #JadePuffer #Ransomware #Security #Hackers #NIST_CVE #CVE2025_3248 #AgenticThreatActors #AI #AIAgents #CyberAttack #CyberSecurity #LLMs #MySQL #PostgreSQL #CVE #JadePuffer
##----------------
π― AI
===================
Sysdig Threat Research Team documented what they assess as the first case of agentic ransomware, an operation dubbed JADEPUFFER. The entire extortion campaign, from initial access to destructive database encryption, was driven by a large language model rather than a human operator.
Initial Access and Vulnerability
JADEPUFFER gained entry through CVE-2025-3248, a missing-authentication flaw in Langflow's code validation endpoint that allows unauthenticated Python execution. Langflow, an open-source framework for building LLM-driven applications, is frequently exposed on the internet with weak network controls and often holds API keys and cloud credentials.
Attack Chain Analysis
The operation unfolded across two distinct targets: the internet-facing Langflow instance and a separate production database server, the true objective.
Phase 1 on the Langflow instance:
1. Reconnaissance: The LLM enumerated the host (id, uname -a, hostname, network interfaces, running processes) and swept for secrets in parallel: LLM provider API keys (OpenAI, Anthropic, DeepSeek, Gemini), cloud credentials (AWS, GCP, Azure, and Chinese providers: ALIBABA_, ALIYUN_, TENCENT_, HUAWEI_), cryptocurrency wallets and seed phrases, and database credentials.
2. Local data looting: Dumped Langflow's backing Postgres database, harvested stored credentials and API keys, staged output locally, reviewed it, then deleted staging files.
3. Internal lateral discovery: Scanned the internal address space for databases, object storage, secret stores, and service-discovery endpoints, probing with default credentials.
4. MinIO enumeration: Probed minio.internal:9000 and 127.0.0.1:9000 for the S3-compatible object store.
What Makes This Different
Two characteristics distinguish JADEPUFFER from conventional ransomware:
1. Self-narrating payloads: The LLM-generated code contained natural language reasoning, target prioritization, and detailed annotations. Human operators rarely embed this kind of commentary. The payloads documented their own decision-making process.
2. Real-time adaptation: When a step failed, the LLM refined its approach and retried within seconds. In one observed sequence, it went from a failed authentication attempt to a corrected working login in 31 seconds.
Detection Considerations
β’ Patch Langflow instances against CVE-2025-3248 immediately
β’ Do not expose Langflow to the internet without authentication and network controls
β’ Monitor for credential-sweeping patterns targeting LLM API keys and cloud credentials in parallel
β’ Treat self-annotating scripts as a potential indicator of LLM-generated payloads
β’ The "first documented case" assessment comes from Sysdig TRT alone; independent verification is recommended
πΉ JADEPUFFER #Ransomware #AI #LLM #CVE_2025_3248
π Source: https://www.sysdig.com/blog/jadepuffer-agentic-ransomware-for-automated-database-extortion
##π¨ EUVD-2026-42440
π Score: 7.5/10 (CVSS v3.1)
π¦ Product: org.hl7.fhir.core
π’ Vendor: hapifhir
π
Updated: 2026-07-08
π HAPI FHIR is a complete implementation of the HL7 FHIR standard for healthcare interoperability in Java. Prior to 6.9.10, the fix for CVE-2026-45367 incompletely patched the DSTU2 module, leaving FHIRPathEngine.matches() in org.hl7.fhir.dstu2/util...
π https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-42440
##π¨ EUVD-2026-42400
π Score: 5.9/10 (CVSS v3.1)
π¦ Product: asyncssh
π’ Vendor: ronf
π
Updated: 2026-07-08
π AsyncSSH is a Python package which provides an asynchronous client and server implementation of the SSHv2 protocol on top of the Python asyncio framework. Version 2.23.0 contains an incomplete fix for CVE-2026-45309 in SSHServerConfig._set_tokens that blocks /...
π https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-42400
##The high-severity Attested TLS vulnerability CVE-2026-33697 allows attackers to relay traffic and compromise secure cloud environments.
#AttestedTLS #CVE202633697 #CloudSecurity #Cryptography #Vulnerability
##A Network UPS Tools RCE (CVE-2026-54161) lets a malicious upsd trigger upsmon command injection as root. No patch exists yet, so mitigate now.
#NetworkUPSTools #NUT #upsmon #CommandInjection #RCE #CVE202654161 #CyberSecurity
https://securityonline.info/network-ups-tools-rce/?utm_source=mastodon&utm_medium=jetpack_social
##4 posts
3 repos
https://github.com/szybnev/cve-2026-20896-gitea-poc
CRITICAL: Gitea Docker (<1.26.3) is vulnerable to auth bypass (CVE-2026-20896) β attackers can access repos & secrets by spoofing a username header. Actively exploited! Patch to 1.26.3+ & restrict access now. https://radar.offseq.com/threat/critical-gitea-flaw-under-active-exploitation-rese-c58d67a324be5e40 #OffSeq #Gitea #Vuln #Infosec
##π¨ Critical Gitea flaw CVE-2026-20896 is being probed in the wild
Researchers warn that attackers are targeting a critical Gitea Docker image flaw that can allow authentication bypass with a single HTTP header.
The issue affects official Gitea Docker images up to 1.26.2 when reverse-proxy authentication is enabled.
The vulnerable default trusted any source IP as a reverse proxy, meaning an attacker who could reach the containerβs HTTP port could spoof X-WEBAUTH-USER and impersonate a known or guessable user.
Gitea patched the issue in 1.26.3 / 1.26.4, and a public PoC/checker is now available.
Sysdig says the first in-the-wild probing was seen 13 days after disclosure.
Observed IP: 159[.]26[.]98[.]241
##Gitea Docker Images Vulnerable to Critical Authentication Bypass, Already Attacked
Gitea patched a critical authentication bypass vulnerability (CVE-2026-20896) in its Docker images that allows attackers to impersonate any user with a single HTTP header. The flaw is being exploited in the wild.
**If you self-host Gitea, first make sure it's isolated from the internet and reachable only from trusted networks, then update to version 1.26.3 or later ASAP. If you can't update immediately, edit your app.ini to change REVERSE_PROXY_TRUSTED_PROXIES from * to your actual reverse proxy's specific IP address, and rotate all credentials and secrets stored in your repositories.**
#cybersecurity #infosec #attack #activeexploit
https://beyondmachines.net/event_details/gitea-docker-images-vulnerable-to-critical-authentication-bypass-already-attacked-c-9-8-p-p/gD2P6Ple2L
π΄ CVE-2026-20896 - Critical (9.8)
Gitea Docker image versions up to and including 1.26.2 use REVERSE_PROXY_TRUSTED_PROXIES=* by default, allowing any source IP to impersonate a user when reverse-proxy authentication headers such as X-WEBAUTH-USER are enabled.
π https://www.thehackerwire.com/vulnerability/CVE-2026-20896/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##CVE-2026-14380 | CRITICAL eval injection in HMBRAND DBI <1.650 lets attackers execute arbitrary Perl code via Profile. Remote code exec possible with exposed DBI::Gofer/ProxyServer. Restrict access & monitor for patches. https://radar.offseq.com/threat/cve-2026-14380-cwe-95-improper-neutralization-of-d-632b564b1d788778 #OffSeq #Perl #Security
##CVE-2026-54234 - High-severity DoS in vLLM. Multi-request speculative decoding triggers out-of-vocabulary token crash. CVSS 7.5. No patch yet - update to v0.24.0+ immediately. #CVE #vLLM #infosec
##OPNsense Patches Critical Root Vulnerability in GeoIP Alias Importer
OPNsense released critical security updates to fix a root remote code execution vulnerability (CVE-2026-57155) in its GeoIP alias importer. The update also patches several other flaws including XPath injection and stored cross-site scripting.
**Make sure your OPNsense firewall's management interface is isolated from the internet and reachable only from trusted networks, since even a low-level user with alias-editing rights can exploit this flaw. Update to OPNsense 26.1.11 or 26.4.1p1 ASAP. If you can't update immediately, lock down management access and limit alias-editing permissions to trusted administrators only.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/opnsense-patches-critical-root-vulnerability-in-geoip-alias-importer-3-g-d-c-z/gD2P6Ple2L
A critical IBM Power HMC vulnerability (CVE-2026-12943) allows unauthenticated attackers to execute commands. Patch your systems immediately.
#IBMPowerHMC #Vulnerability #CyberSecurity #CVE202612943 #Infosec
##π CVE-2026-34168 - High (8.8)
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, the LocalPersistentVolume.name field is interpolated directly into docker volume shell commands without shell argument esc...
π https://www.thehackerwire.com/vulnerability/CVE-2026-34168/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##π CVE-2026-34152 - High (8.8)
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, pre-deployment and post-deployment commands are single-quote escaped but then sent through SSH heredoc transport that pres...
π https://www.thehackerwire.com/vulnerability/CVE-2026-34152/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##π CVE-2026-42200 - High (8.8)
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.474, PostgreSQL initialization script (generate_init_scripts() method in app/Actions/Database/StartPostgresql.php) filename han...
π https://www.thehackerwire.com/vulnerability/CVE-2026-42200/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##π CVE-2026-34158 - High (8.8)
Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.469, the executeInDocker() helper wraps user-controlled commands in single quotes without escaping embedded single quotes. Atta...
π https://www.thehackerwire.com/vulnerability/CVE-2026-34158/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##CVE-2026-54060 - Supply chain attack in Pillow Python imaging library. FontFile.compile() bypasses decompression bomb check, enabling excessive memory allocation. CVSS 7.5. Update to Pillow 12.3.0 immediately. #CVE #infosec #Python
##CVE-2026-34037: CRITICAL auth bypass in coollabsio coolify (=4.0.0-beta.464). Privileged users can clone resources into other teams, risking cross-tenant data exposure. Fix: upgrade to 4.0.0-beta.464. https://radar.offseq.com/threat/cve-2026-34037-cwe-639-authorization-bypass-throug-4bc62cd3de2ba764 #OffSeq #Vuln #coolify #Infosec
##Two PHP flaws are patched. CVE-2026-12184 is a PHP remote DoS that crashes PHP-FPM, and CVE-2026-14355 causes memory corruption. Update PHP now.
#PHP #RemoteDoS #DoS #PHPFPM #CyberSecurity #Vulnerability #InfoSec
##Two PHP flaws are patched. CVE-2026-12184 is a PHP remote DoS that crashes PHP-FPM, and CVE-2026-14355 causes memory corruption. Update PHP now.
#PHP #RemoteDoS #DoS #PHPFPM #CyberSecurity #Vulnerability #InfoSec
##Recent FreeBSD security advisories detail severe flaws like CVE-2026-49420, CVE-2026-49429, and CVE-2026-49422. Patch immediately to stop attacks.
##Recent FreeBSD security advisories detail severe flaws like CVE-2026-49420, CVE-2026-49429, and CVE-2026-49422. Patch immediately to stop attacks.
##Recent FreeBSD security advisories detail severe flaws like CVE-2026-49420, CVE-2026-49429, and CVE-2026-49422. Patch immediately to stop attacks.
##Two ModSecurity vulnerabilities let attackers slip past WAF rules via a multipart parser bug (CVE-2026-52747). Update to ModSecurity v3.0.16 now.
#ModSecurity #WAF #WAFBypass #OWASP #CVE202652747 #CVE202652761 #Vulnerability
##2 posts
2 repos
π CVE Published in last 7 days (2026-06-29 - 2026-06-29)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs:
Severity:
- Critical: 195
- High: 612
- Medium: 729
- Low: 114
- None: 230
Status:
- UNKNOWN: 68
- Analyzed: 534
- Awaiting Analysis: 109
- Deferred: 568
- Modified: 39
- Received: 443
- Rejected: 6
- Undergoing Analysis: 113
CISA KEVs:
- CISA-2026:0629 (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0629)
- CISA-2026:0701 (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0701)
Top CNAs:
- Chrome: 434
- VulnCheck: 177
- VulDB: 162
- Patchstack: 125
- Wordfence: 96
- GitHub, Inc.: 81
- N/A: 68
- Microsoft Corporation: 49
- IBM Corporation: 43
- Gitea Limited: 40
Top Affected Products:
- UNKNOWN: 1234
- Google Chrome: 401
- Geovision Inc. Geowebplayer: 16
- Imagemagick: 13
- Langflow: 11
- Nvidia Nemo Megatron Bridge: 11
- Adobe Coldfusion: 10
- Uvnc Ultravnc: 9
- Apache Activemq: 9
- Ibm Websphere Application Server: 8
Top EPSS Score:
- CVE-2026-27771 - 40.74 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-27771)
- CVE-2026-13773 - 3.41 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-13773)
- CVE-2026-56413 - 3.08 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-56413)
- CVE-2026-56415 - 3.07 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-56415)
- CVE-2026-56782 - 3.02 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-56782)
- CVE-2026-13545 - 2.71 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-13545)
- CVE-2026-58452 - 2.42 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-58452)
- CVE-2026-58453 - 1.69 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-58453)
- CVE-2026-56700 - 1.68 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-56700)
- CVE-2026-58457 - 1.67 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-58457)
π CVE-2026-27771 - High (8.2)
Gitea versions up to and including 1.26.1 have insufficient permission checks for Composer package source links, which can expose private or internal package source information.
π https://www.thehackerwire.com/vulnerability/CVE-2026-27771/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##π CVE-2026-10054 - High (8.8)
In affected versions of Eclipse Theia (1.8.1 and later), the browser backend exposes privileged terminal RPC over WebSocket (/services/shell-terminal, /services/terminals/:id) without service-level authentication.
WebSocket origin validation i...
π https://www.thehackerwire.com/vulnerability/CVE-2026-10054/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##1 posts
2 repos
https://github.com/M8seven/cve-2026-22874-gitea-ssrf-allowlist
π΄ CVE-2026-22874 - Critical (9.6)
Gitea versions up to and including 1.26.2 have incomplete SSRF protection in webhook and migration allow-list filtering.
π https://www.thehackerwire.com/vulnerability/CVE-2026-22874/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##π΄ CVE-2026-58426 - Critical (9.6)
Gitea Actions Artifacts V4 signed URL HMAC ambiguity allows cross-repository artifact read and cross-task upload-state write
π https://www.thehackerwire.com/vulnerability/CVE-2026-58426/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##π CVE-2026-58424 - High (8.9)
Permanent Fork PR Workflow Approval Gate Bypass
π https://www.thehackerwire.com/vulnerability/CVE-2026-58424/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##π CVE-2026-58423 - High (7.7)
LFS authentication bypass via malformed SSH sub-verb allows unauthorized read access to private repositories
π https://www.thehackerwire.com/vulnerability/CVE-2026-58423/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##