## Updated at UTC 2026-05-27T05:03:45.585144

Access data as JSON

CVE CVSS EPSS Posts Repos Nuclei Updated Description
CVE-2026-48962 0 0.00% 2 0 2026-05-27T04:16:31.333000 IO::Compress versions before 2.220 for Perl can execute arbitrary code in File::
CVE-2026-49017 None 0.00% 2 0 2026-05-27T03:30:36 In OpenStack Swift before 2.36.2 and 2.37.2, s3api middleware enters an infinite
CVE-2026-9632 8.8 0.00% 2 0 2026-05-27T02:16:36.067000 A flaw has been found in UTT HiPER 1250GW up to 3.2.7-210907-180535. Affected by
CVE-2026-9631 8.8 0.00% 2 0 2026-05-27T02:16:35.907000 A vulnerability was detected in UTT HiPER 1250GW up to 3.2.7-210907-180535. Affe
CVE-2026-9628 8.8 0.00% 2 0 2026-05-27T02:16:35.747000 A weakness has been identified in UTT HiPER 1200GW up to 2.5.3-170306. Affected
CVE-2026-9627 8.8 0.00% 2 0 2026-05-27T02:16:35.583000 A security flaw has been discovered in UTT HiPER 1200GW up to 2.5.3-170306. This
CVE-2026-9207 8.8 0.00% 2 0 2026-05-27T02:16:35.130000 Tanium addressed an unauthorized code execution vulnerability in Connect.
CVE-2026-48689 9.8 0.00% 1 0 2026-05-27T02:16:33.807000 FastNetMon Community Edition through 1.2.9 contains an off-by-one heap-based buf
CVE-2025-43306 7.8 0.00% 2 0 2026-05-27T02:16:32.963000 A logic issue was addressed with improved checks. This issue is fixed in macOS S
CVE-2026-42013 8.2 0.00% 2 0 2026-05-27T00:31:34 A flaw was found in gnutls. When validating certificates, an oversized Subject A
CVE-2026-5260 8.2 0.00% 2 0 2026-05-27T00:31:34 A flaw was found in libgnutls. A remote attacker, by sending an extremely short
CVE-2026-9312 None 0.00% 2 0 2026-05-27T00:31:29 A server-side request forgery (SSRF) vulnerability was identified in GitHub Ente
CVE-2026-44966 8.3 0.00% 2 0 2026-05-26T22:16:43.293000 Velocity.js is a JavaScript implementation of the Apache Velocity template engin
CVE-2026-44900 8.1 0.00% 2 0 2026-05-26T22:16:42.873000 epa4all-client is the Java Client for epa4all / ePA 3.0 in the Telematik Infrast
CVE-2026-43988 7.5 0.00% 2 0 2026-05-26T22:16:42.303000 Vanetza is an open-source implementation of the ETSI C-ITS protocol suite. In 26
CVE-2026-48686 9.8 0.00% 1 0 2026-05-26T21:32:56 FastNetMon Community Edition through 1.2.9 contains a stack-based buffer overflo
CVE-2026-5426 7.5 0.08% 1 1 2026-05-26T21:32:41 Hard-coded ASP.NET/IIS machineKey value in Digital Knowledge KnowledgeDeliver de
CVE-2026-9642 9.8 0.00% 2 0 2026-05-26T21:32:08 There is a mitigation bypass / (incomplete fix) for CVE-2025-62582 (Unauthentica
CVE-2026-8676 8.8 0.00% 2 0 2026-05-26T21:32:07 An attacker is able to downgrade the security of a Bluetooth LE connection by de
CVE-2026-8854 7.5 0.00% 2 0 2026-05-26T20:27:32.703000 IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service via the optional
CVE-2026-48172 9.8 0.01% 6 2 2026-05-26T20:19:13.460000 LiteSpeed User-End cPanel Plugin before 2.4.5 allows privilege escalation (possi
CVE-2026-25104 7.8 0.01% 2 0 2026-05-26T20:16:40.787000 MediaArea MediaInfoLib LXF parsing heap-based buffer overflow vulnerability
CVE-2026-44469 7.8 0.01% 1 0 2026-05-26T20:00:24.897000 The affected product extracts installation files to a temporary directory with i
CVE-2026-9058 0 0.04% 2 0 2026-05-26T19:59:22.323000 Szafir SDK returns a success status code from the cryptographic digital signatur
CVE-2026-45247 9.8 0.00% 1 0 2026-05-26T19:50:21.747000 Mirasvit Full Page Cache Warmer for Magento 2 before version 1.11.12 contains a
CVE-2026-42774 9.3 0.03% 1 0 2026-05-26T19:31:20.323000 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti
CVE-2026-42497 0 0.02% 1 0 2026-05-26T19:21:53.013000 Archive::Tar versions before 3.08 for Perl extract hardlinks to attacker control
CVE-2025-1782 9.9 0.00% 1 0 2026-05-26T19:08:15.080000 In HylaFAX Enterprise Web Interface and AvantFAX, the language form element is n
CVE-2026-7374 9.9 0.00% 1 0 2026-05-26T19:08:15.080000 A flaw was found in KubeVirt's virt-handler component. This vulnerability allows
CVE-2026-5222 0 0.04% 2 0 2026-05-26T19:08:15.080000 Cargo between 1.68 and 1.96 incorrectly normalized the URLs of third-party regis
CVE-2026-5223 0 0.04% 3 0 2026-05-26T19:08:15.080000 Cargo incorrectly handled symlinks inside of crate tarballs downloaded from thir
CVE-2026-8620 7.5 0.00% 2 0 2026-05-26T19:06:14.330000 IBM Web Server Plug-ins for WebSphere Application Server and WebSphere Liberty 8
CVE-2026-9435 9.8 0.89% 1 0 2026-05-26T18:59:55.850000 A vulnerability was detected in Totolink A8000RU 7.1cu.643_b20200521. The affect
CVE-2026-9434 9.8 0.89% 1 0 2026-05-26T18:59:55.850000 A security vulnerability has been detected in Totolink A8000RU 7.1cu.643_b202005
CVE-2026-7454 7.8 0.00% 2 0 2026-05-26T18:31:59 A maliciously crafted WRL file, when parsed through Autodesk 3ds Max, can force
CVE-2026-8855 8.1 0.00% 2 0 2026-05-26T18:31:59 IBM HTTP Server 8.5, and 9.0 is vulnerable to remote code execution and denial o
CVE-2026-9170 7.5 0.00% 2 0 2026-05-26T18:31:51 IBM Web Server Plug-ins for WebSphere Application Server and WebSphere Liberty 8
CVE-2026-8856 7.7 0.00% 2 0 2026-05-26T18:31:51 IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service in configuration
CVE-2026-25112 7.8 0.00% 1 0 2026-05-26T18:31:42 A high-severity vulnerability in the deployment of Genetec RabbitMQ that allows
CVE-2026-9496 7.5 0.04% 1 0 2026-05-26T15:33:18 Versions of the package pacote from 11.2.7 are vulnerable to Denial of Service (
CVE-2026-46368 8.8 0.00% 1 0 2026-05-26T15:32:17 luci-app-https-dns-proxy through 2025.12.29-5 — an optional LuCI web UI add-on f
CVE-2026-4480 8.5 0.00% 1 0 2026-05-26T15:32:17 A flaw was found in the Samba printing subsystem. Samba passes the client-contro
CVE-2026-48131 8.1 0.00% 1 0 2026-05-26T15:32:16 The VPN service may mishandle an unexpected IKE fragment value received on the I
CVE-2026-9543 9.8 0.00% 1 0 2026-05-26T15:32:16 A vulnerability has been found in Totolink N300RH 6.1c.1353_B20190305. Affected
CVE-2026-44468 7.8 0.01% 1 0 2026-05-26T13:31:03 The affected product creates a directory with insecure default permissions durin
CVE-2026-8047 7.5 0.07% 1 0 2026-05-26T13:31:02 The affected products perform improper length checking when parsing incoming HTT
CVE-2026-8046 8.1 0.10% 1 0 2026-05-26T13:31:02 The affected products insufficiently verify authorization when deleting user acc
CVE-2026-42773 9.3 0.03% 1 0 2026-05-26T13:30:58 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti
CVE-2026-39661 7.5 0.11% 1 0 2026-05-26T13:30:57 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP
CVE-2026-25713 7.8 0.01% 1 0 2026-05-26T13:30:56 MediaArea MediaInfoLib ID3v2 parsing heap buffer overflow vulnerability
CVE-2026-9478 9.8 0.89% 1 0 2026-05-26T13:30:56 A weakness has been identified in Totolink A8000RU 7.1cu.643_b20200521. Impacted
CVE-2026-42496 None 0.02% 1 0 2026-05-26T13:30:54 Archive::Tar versions before 3.08 for Perl extract symlinks with attacker contro
CVE-2026-9436 9.8 0.94% 1 0 2026-05-26T13:30:46 A flaw has been found in Totolink A8000RU 7.1cu.643_b20200521. The impacted elem
CVE-2026-9404 9.8 0.89% 1 0 2026-05-26T13:30:41 A vulnerability was identified in Totolink A8000RU 7.1cu.643_b20200521. This aff
CVE-2026-45659 8.8 0.50% 2 1 2026-05-26T13:30:30 Deserialization of untrusted data in Microsoft Office SharePoint allows an autho
CVE-2026-45250 7.8 0.01% 2 1 2026-05-22T08:16:14.847000 The setcred(2) system call is only available to privileged users. However, befo
CVE-2010-0249 8.8 88.68% 2 0 2026-05-21T12:57:01.463000 Use-after-free vulnerability in Microsoft Internet Explorer 6, 6 SP1, 7, and 8 o
CVE-2026-9082 6.5 17.33% 3 7 template 2026-05-20T21:32:36 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti
CVE-2026-41091 7.8 5.94% 2 2 2026-05-20T18:31:35 Improper link resolution before file access ('link following') in Microsoft Defe
CVE-2026-42096 None 0.04% 1 1 2026-05-19T15:31:29 Sparx Pro Cloud Server is vulnerable to Broken Access Control within communicati
CVE-2026-45829 0 0.17% 1 2 2026-05-19T14:16:46.977000 A pre-authentication, code injection vulnerability in version 1.0.0 or later of
CVE-2026-45298 8.6 0.00% 2 0 2026-05-18T16:41:41 ## Summary In a default dozzle deploy (the documented quickstart, no `DOZZLE_AU
CVE-2026-45574 8.1 0.00% 2 0 2026-05-15T18:29:32 ### Impact An attacker on the network path between the ePA service and the Konne
CVE-2026-41089 9.8 0.13% 1 0 2026-05-15T15:42:17.907000 Stack-based buffer overflow in Windows Netlogon allows an unauthorized attacker
CVE-2026-6637 8.8 0.04% 1 0 2026-05-14T15:31:59 Stack buffer overflow in PostgreSQL module "refint" allows an unprivileged datab
CVE-2026-0265 None 0.03% 1 2 2026-05-13T18:31:07 An authentication bypass vulnerability in Palo Alto Networks PAN-OS® software en
CVE-2026-28952 7.5 0.02% 7 0 2026-05-13T14:08:26.420000 An integer overflow was addressed with improved input validation. This issue is
CVE-2026-28910 3.3 0.01% 1 0 2026-05-13T00:49:16 This issue was addressed with improved permissions checking. This issue is fixed
CVE-2026-26980 9.4 63.49% 4 3 template 2026-05-12T13:31:01 ### Impact A SQL injection vulnerability existed in Ghost's Content API that al
CVE-2026-44895 None 0.00% 2 0 2026-05-09T00:10:30 ## SSE Transport Has No Authentication and Wildcard CORS, Exposing All 86 GitLab
CVE-2026-44843 8.2 0.00% 2 0 2026-05-08T23:07:34 LangChain contains older runtime code paths that deserialize run inputs, run out
CVE-2026-26928 None 0.01% 2 0 2026-04-02T15:31:40 SzafirHost downloads necessary files in the context of the initiating web page. 
CVE-2025-15284 3.7 0.07% 1 0 2026-02-26T19:57:11.663000 Improper Input Validation vulnerability in qs (parse modules) allows HTTP DoS.Th
CVE-2026-3172 8.1 0.06% 1 0 2026-02-25T21:31:25 Buffer overflow in parallel HNSW index build in pgvector 0.6.0 through 0.8.1 all
CVE-2025-62582 9.8 0.03% 3 0 2026-01-20T16:58:23.900000 Delta Electronics DIAView has multiple vulnerabilities.
CVE-2025-20286 9.9 0.18% 1 0 2025-06-04T18:30:58 A vulnerability in Amazon Web Services (AWS), Microsoft Azure, and Oracle Cloud
CVE-2025-46273 9.8 0.58% 1 0 2025-04-25T00:32:07 UNI-NMS-Lite uses hard-coded credentials that could allow an unauthenticated at
CVE-2025-27740 8.8 0.80% 1 0 2025-04-08T18:35:03 Weak authentication in Windows Active Directory Certificate Services allows an a
CVE-2021-21735 None 0.17% 1 1 2023-01-29T05:06:59 A ZTE product has an information leak vulnerability. Due to improper permission
CVE-2026-44905 0 0.00% 2 0 N/A
CVE-2025-70103 0 0.00% 2 0 N/A
CVE-2026-43935 0 0.00% 1 0 N/A
CVE-2026-33636 0 0.04% 1 0 N/A
CVE-2026-33416 0 0.02% 1 0 N/A
CVE-2026-40172 0 0.01% 1 0 N/A

CVE-2026-48962
(0 None)

EPSS: 0.00%

updated 2026-05-27T04:16:31.333000

2 posts

IO::Compress versions before 2.220 for Perl can execute arbitrary code in File::GlobMapper via an attacker-controlled output glob. _parseOutputGlob() wraps the caller-supplied output glob string in double quotes and stores it in the parser state; _getFiles() then runs the stored expression through eval STRING. A literal double quote in the output glob closes the dquote wrapper, and the characters

offseq at 2026-05-27T04:30:27.293Z ##

⚠️ HIGH severity: CVE-2026-48962 in PMQS IO::Compress (Perl <2.220) enables eval injection via crafted glob strings. Arbitrary Perl code may execute with process privileges. Restrict untrusted input & monitor for patches. radar.offseq.com/threat/cve-20

##
offseq@infosec.exchange at 2026-05-27T04:30:27.000Z ##

⚠️ HIGH severity: CVE-2026-48962 in PMQS IO::Compress (Perl <2.220) enables eval injection via crafted glob strings. Arbitrary Perl code may execute with process privileges. Restrict untrusted input & monitor for patches. radar.offseq.com/threat/cve-20 #OffSeq #Vuln #Perl #Infosec

##

CVE-2026-49017(CVSS UNKNOWN)

EPSS: 0.00%

updated 2026-05-27T03:30:36

2 posts

In OpenStack Swift before 2.36.2 and 2.37.2, s3api middleware enters an infinite loop when processing a truncated aws-chunked PUT request body. The StreamingInput class repeatedly appends an empty buffer and re-reads, causing the proxy-server worker handling the request to become permanently unresponsive with increasing CPU and memory consumption. An authenticated attacker can systematically exhau

offseq at 2026-05-27T03:00:26.874Z ##

CVE-2026-49017: HIGH-severity in OpenStack Swift 2.36.0 & 2.37.0. Infinite loop in s3api lets authenticated attackers exhaust proxy workers → DoS risk. Patch to 2.36.2 or 2.37.2+ now! 🔄 radar.offseq.com/threat/cve-20

##
offseq@infosec.exchange at 2026-05-27T03:00:26.000Z ##

CVE-2026-49017: HIGH-severity in OpenStack Swift 2.36.0 & 2.37.0. Infinite loop in s3api lets authenticated attackers exhaust proxy workers → DoS risk. Patch to 2.36.2 or 2.37.2+ now! 🔄 radar.offseq.com/threat/cve-20 #OffSeq #OpenStack #Vuln #DoS

##

CVE-2026-9632
(8.8 HIGH)

EPSS: 0.00%

updated 2026-05-27T02:16:36.067000

2 posts

A flaw has been found in UTT HiPER 1250GW up to 3.2.7-210907-180535. Affected by this issue is the function strcpy of the file /goform/formGroupConfig of the component Web Management Interface. Executing a manipulation of the argument Profile can lead to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been published and may be used.

thehackerwire@mastodon.social at 2026-05-27T03:00:44.000Z ##

🟠 CVE-2026-9632 - High (8.8)

A flaw has been found in UTT HiPER 1250GW up to 3.2.7-210907-180535. Affected by this issue is the function strcpy of the file /goform/formGroupConfig of the component Web Management Interface. Executing a manipulation of the argument Profile can ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-05-27T03:00:44.000Z ##

🟠 CVE-2026-9632 - High (8.8)

A flaw has been found in UTT HiPER 1250GW up to 3.2.7-210907-180535. Affected by this issue is the function strcpy of the file /goform/formGroupConfig of the component Web Management Interface. Executing a manipulation of the argument Profile can ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-9631
(8.8 HIGH)

EPSS: 0.00%

updated 2026-05-27T02:16:35.907000

2 posts

A vulnerability was detected in UTT HiPER 1250GW up to 3.2.7-210907-180535. Affected by this vulnerability is the function strcpy of the file /goform/formConfigFastDirectionW of the component Web Management Interface. Performing a manipulation of the argument Profile results in stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit is now public and may be used.

thehackerwire@mastodon.social at 2026-05-27T04:00:11.000Z ##

🟠 CVE-2026-9631 - High (8.8)

A vulnerability was detected in UTT HiPER 1250GW up to 3.2.7-210907-180535. Affected by this vulnerability is the function strcpy of the file /goform/formConfigFastDirectionW of the component Web Management Interface. Performing a manipulation of ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-05-27T04:00:11.000Z ##

🟠 CVE-2026-9631 - High (8.8)

A vulnerability was detected in UTT HiPER 1250GW up to 3.2.7-210907-180535. Affected by this vulnerability is the function strcpy of the file /goform/formConfigFastDirectionW of the component Web Management Interface. Performing a manipulation of ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-9628
(8.8 HIGH)

EPSS: 0.00%

updated 2026-05-27T02:16:35.747000

2 posts

A weakness has been identified in UTT HiPER 1200GW up to 2.5.3-170306. Affected is an unknown function of the file /goform/formPptpClientConfig of the component Web Management Interface. This manipulation of the argument PPTP server address/username/password/tunnel name causes stack-based buffer overflow. The attack may be initiated remotely. The exploit has been made available to the public and c

thehackerwire@mastodon.social at 2026-05-27T04:00:00.000Z ##

🟠 CVE-2026-9628 - High (8.8)

A weakness has been identified in UTT HiPER 1200GW up to 2.5.3-170306. Affected is an unknown function of the file /goform/formPptpClientConfig of the component Web Management Interface. This manipulation of the argument PPTP server address/userna...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-05-27T04:00:00.000Z ##

🟠 CVE-2026-9628 - High (8.8)

A weakness has been identified in UTT HiPER 1200GW up to 2.5.3-170306. Affected is an unknown function of the file /goform/formPptpClientConfig of the component Web Management Interface. This manipulation of the argument PPTP server address/userna...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-9627
(8.8 HIGH)

EPSS: 0.00%

updated 2026-05-27T02:16:35.583000

2 posts

A security flaw has been discovered in UTT HiPER 1200GW up to 2.5.3-170306. This impacts the function strcpy of the file /goform/setSysAdm of the component Web Management Interface. The manipulation of the argument sysAdmUser/sysAdmPass results in buffer overflow. The attack can be launched remotely. The exploit has been released to the public and may be used for attacks.

thehackerwire@mastodon.social at 2026-05-27T03:01:04.000Z ##

🟠 CVE-2026-9627 - High (8.8)

A security flaw has been discovered in UTT HiPER 1200GW up to 2.5.3-170306. This impacts the function strcpy of the file /goform/setSysAdm of the component Web Management Interface. The manipulation of the argument sysAdmUser/sysAdmPass results in...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-05-27T03:01:04.000Z ##

🟠 CVE-2026-9627 - High (8.8)

A security flaw has been discovered in UTT HiPER 1200GW up to 2.5.3-170306. This impacts the function strcpy of the file /goform/setSysAdm of the component Web Management Interface. The manipulation of the argument sysAdmUser/sysAdmPass results in...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-9207
(8.8 HIGH)

EPSS: 0.00%

updated 2026-05-27T02:16:35.130000

2 posts

Tanium addressed an unauthorized code execution vulnerability in Connect.

thehackerwire@mastodon.social at 2026-05-27T03:00:54.000Z ##

🟠 CVE-2026-9207 - High (8.8)

Tanium addressed an unauthorized code execution vulnerability in Connect.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-05-27T03:00:54.000Z ##

🟠 CVE-2026-9207 - High (8.8)

Tanium addressed an unauthorized code execution vulnerability in Connect.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-48689
(9.8 CRITICAL)

EPSS: 0.00%

updated 2026-05-27T02:16:33.807000

1 posts

FastNetMon Community Edition through 1.2.9 contains an off-by-one heap-based buffer overflow in the dynamic_binary_buffer_t class (src/dynamic_binary_buffer.hpp). Five methods (append_dynamic_buffer, append_data_as_pointer, append_data_as_object_ptr, memcpy_from_ptr, memcpy_from_object_ptr) use an incorrect bounds check of the form 'if (offset + length > maximum_internal_storage_size + 1)' instead

EUVD_Bot@mastodon.social at 2026-05-26T19:00:45.000Z ##

🚨 EUVD-2026-31950

📊 Score: n/a
📅 Updated: 2026-05-26

📝 FastNetMon Community Edition through 1.2.9 has a buffer overflow, a different vulnerability than CVE-2026-48686 and CVE-2026-48689.

🔗 euvd.enisa.europa.eu/vulnerabi

#cybersecurity #infosec #euvd #cve #vulnerability

##

CVE-2025-43306
(7.8 HIGH)

EPSS: 0.00%

updated 2026-05-27T02:16:32.963000

2 posts

A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. A malicious app may be able to gain root privileges.

thehackerwire@mastodon.social at 2026-05-27T04:01:07.000Z ##

🟠 CVE-2025-43306 - High (7.8)

A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. A malicious app may be able to gain root privileges.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-05-27T04:01:07.000Z ##

🟠 CVE-2025-43306 - High (7.8)

A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. A malicious app may be able to gain root privileges.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-42013
(8.2 HIGH)

EPSS: 0.00%

updated 2026-05-27T00:31:34

2 posts

A flaw was found in gnutls. When validating certificates, an oversized Subject Alternative Name (SAN) could cause the validation process to incorrectly fall back to checking the Common Name (CN) field. This could allow a remote attacker to bypass proper certificate validation, potentially leading to spoofing or man-in-the-middle attacks.

thehackerwire@mastodon.social at 2026-05-26T23:01:43.000Z ##

🟠 CVE-2026-42013 - High (8.2)

A flaw was found in gnutls. When validating certificates, an oversized Subject Alternative Name (SAN) could cause the validation process to incorrectly fall back to checking the Common Name (CN) field. This could allow a remote attacker to bypass ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-05-26T23:01:43.000Z ##

🟠 CVE-2026-42013 - High (8.2)

A flaw was found in gnutls. When validating certificates, an oversized Subject Alternative Name (SAN) could cause the validation process to incorrectly fall back to checking the Common Name (CN) field. This could allow a remote attacker to bypass ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-5260
(8.2 HIGH)

EPSS: 0.00%

updated 2026-05-27T00:31:34

2 posts

A flaw was found in libgnutls. A remote attacker, by sending an extremely short premaster secret during an RSA key exchange to a server using an RSA key backed by a PKCS#11 token, could trigger a short heap overread. This memory corruption vulnerability could lead to information disclosure.

thehackerwire@mastodon.social at 2026-05-26T23:00:08.000Z ##

🟠 CVE-2026-5260 - High (8.2)

A flaw was found in libgnutls. A remote attacker, by sending an extremely short premaster secret during an RSA key exchange to a server using an RSA key backed by a PKCS#11 token, could trigger a short heap overread. This memory corruption vulnera...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-05-26T23:00:08.000Z ##

🟠 CVE-2026-5260 - High (8.2)

A flaw was found in libgnutls. A remote attacker, by sending an extremely short premaster secret during an RSA key exchange to a server using an RSA key backed by a PKCS#11 token, could trigger a short heap overread. This memory corruption vulnera...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-9312(CVSS UNKNOWN)

EPSS: 0.00%

updated 2026-05-27T00:31:29

2 posts

A server-side request forgery (SSRF) vulnerability was identified in GitHub Enterprise Server that allowed an unauthenticated attacker to send crafted requests to internal services by exploiting insufficient input validation in an upload endpoint. By injecting path traversal content into request parameters, an attacker could bypass the intended request flow and redirect internal API calls, potenti

offseq at 2026-05-27T01:30:24.691Z ##

🚨 CRITICAL: CVE-2026-9312 (SSRF) in GitHub Enterprise Server 3.16.0 – 3.21.0 lets unauth attackers access internal services via crafted uploads. Patch to 3.16.20+ ASAP! Details: radar.offseq.com/threat/cve-20

##
offseq@infosec.exchange at 2026-05-27T01:30:24.000Z ##

🚨 CRITICAL: CVE-2026-9312 (SSRF) in GitHub Enterprise Server 3.16.0 – 3.21.0 lets unauth attackers access internal services via crafted uploads. Patch to 3.16.20+ ASAP! Details: radar.offseq.com/threat/cve-20 #OffSeq #SSRF #GitHub #Vuln

##

CVE-2026-44966
(8.3 HIGH)

EPSS: 0.00%

updated 2026-05-26T22:16:43.293000

2 posts

Velocity.js is a JavaScript implementation of the Apache Velocity template engine. In 2.1.5 and earlier, a prototype pollution vulnerability was discovered in velocityjs. This issue occurs during the processing of #set directives in Velocity templates. If an application renders a template controlled by an attacker, it is possible to modify Object.prototype, potentially leading to Denial of Service

thehackerwire@mastodon.social at 2026-05-26T23:00:27.000Z ##

🟠 CVE-2026-44966 - High (8.3)

Velocity.js is a JavaScript implementation of the Apache Velocity template engine. In 2.1.5 and earlier, a prototype pollution vulnerability was discovered in velocityjs. This issue occurs during the processing of #set directives in Velocity templ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-05-26T23:00:27.000Z ##

🟠 CVE-2026-44966 - High (8.3)

Velocity.js is a JavaScript implementation of the Apache Velocity template engine. In 2.1.5 and earlier, a prototype pollution vulnerability was discovered in velocityjs. This issue occurs during the processing of #set directives in Velocity templ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-44900
(8.1 HIGH)

EPSS: 0.00%

updated 2026-05-26T22:16:42.873000

2 posts

epa4all-client is the Java Client for epa4all / ePA 3.0 in the Telematik Infrastruktur. Prior to 1.2.1, in SignedPublicKeysTrustValidatorImpl.isTrusted(), the ECDSA signature verification at line 45 discards the boolean return value of Signature.verify(). The method performs certificate chain validation, OCSP check, and signature algorithm setup, but never checks whether the signature actually ma

thehackerwire@mastodon.social at 2026-05-27T04:00:55.000Z ##

🟠 CVE-2026-44900 - High (8.1)

epa4all-client is the Java Client for epa4all / ePA 3.0 in the Telematik Infrastruktur. Prior to 1.2.1, in SignedPublicKeysTrustValidatorImpl.isTrusted(), the ECDSA signature verification at line 45 discards the boolean return value of Signature....

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-05-27T04:00:55.000Z ##

🟠 CVE-2026-44900 - High (8.1)

epa4all-client is the Java Client for epa4all / ePA 3.0 in the Telematik Infrastruktur. Prior to 1.2.1, in SignedPublicKeysTrustValidatorImpl.isTrusted(), the ECDSA signature verification at line 45 discards the boolean return value of Signature....

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-43988
(7.5 HIGH)

EPSS: 0.00%

updated 2026-05-26T22:16:42.303000

2 posts

Vanetza is an open-source implementation of the ETSI C-ITS protocol suite. In 26.02 and earlier, a denial-of-service vulnerability was identified in the ASN.1/OER parsing pipeline of Vanetza. When processing malformed network packets containing corrupted ASN.1/OER structures (e.g., invalid length fields or malformed certificate encoding), the ASN.1 wrapper (asn1c_wrapper.cpp) raises a std::runtime

thehackerwire@mastodon.social at 2026-05-27T04:00:45.000Z ##

🟠 CVE-2026-43988 - High (7.5)

Vanetza is an open-source implementation of the ETSI C-ITS protocol suite. In 26.02 and earlier, a denial-of-service vulnerability was identified in the ASN.1/OER parsing pipeline of Vanetza. When processing malformed network packets containing co...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-05-27T04:00:45.000Z ##

🟠 CVE-2026-43988 - High (7.5)

Vanetza is an open-source implementation of the ETSI C-ITS protocol suite. In 26.02 and earlier, a denial-of-service vulnerability was identified in the ASN.1/OER parsing pipeline of Vanetza. When processing malformed network packets containing co...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-48686
(9.8 CRITICAL)

EPSS: 0.00%

updated 2026-05-26T21:32:56

1 posts

FastNetMon Community Edition through 1.2.9 contains a stack-based buffer overflow in the BGP NLRI (Network Layer Reachability Information) decoder. The function decode_bgp_subnet_encoding_ipv4_raw() in src/bgp_protocol.cpp reads prefix_bit_length directly from the BGP packet (line 99) without validating it is <= 32 for IPv4 prefixes. This value is passed to how_much_bytes_we_need_for_storing_certa

EUVD_Bot@mastodon.social at 2026-05-26T19:00:45.000Z ##

🚨 EUVD-2026-31950

📊 Score: n/a
📅 Updated: 2026-05-26

📝 FastNetMon Community Edition through 1.2.9 has a buffer overflow, a different vulnerability than CVE-2026-48686 and CVE-2026-48689.

🔗 euvd.enisa.europa.eu/vulnerabi

#cybersecurity #infosec #euvd #cve #vulnerability

##

CVE-2026-5426
(7.5 HIGH)

EPSS: 0.08%

updated 2026-05-26T21:32:41

1 posts

Hard-coded ASP.NET/IIS machineKey value in Digital Knowledge KnowledgeDeliver deployments prior to February 24, 2026 allows adversaries to circumvent ViewState validation mechanisms and achieve remote code execution via malicious ViewState deserialization attacks

1 repos

https://github.com/HORKimhab/CVE-2026-5426

Analyst207@mastodon.social at 2026-05-26T20:20:12.000Z ##

Hackers Exploit KnowledgeDeliver Flaw to Install Web Shells

Hackers have exploited a critical flaw in KnowledgeDeliver, using it as a zero-day to sneakily install a powerful .NET web shell called Godzilla on vulnerable servers. This sneaky attack was made possible by a deserialization vulnerability, CVE-2026-5426, that allowed threat actors to execute code at the operating-system level.

osintsights.com/hackers-exploi

#Cve20265426 #ZeroDay #WebShell #ViewstateDeserialization #Net

##

CVE-2026-9642
(9.8 CRITICAL)

EPSS: 0.00%

updated 2026-05-26T21:32:08

2 posts

There is a mitigation bypass / (incomplete fix) for CVE-2025-62582 (Unauthenticated Remote Database Access) An unauthenticated remote attacker can access configured databases in a DIAView project.

thehackerwire@mastodon.social at 2026-05-26T22:00:09.000Z ##

🔴 CVE-2026-9642 - Critical (9.8)

There is a mitigation bypass / (incomplete fix) for CVE-2025-62582 (Unauthenticated Remote Database Access)

An unauthenticated remote attacker can access configured databases in a DIAView project.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-05-26T22:00:09.000Z ##

🔴 CVE-2026-9642 - Critical (9.8)

There is a mitigation bypass / (incomplete fix) for CVE-2025-62582 (Unauthenticated Remote Database Access)

An unauthenticated remote attacker can access configured databases in a DIAView project.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-8676
(8.8 HIGH)

EPSS: 0.00%

updated 2026-05-26T21:32:07

2 posts

An attacker is able to downgrade the security of a Bluetooth LE connection by deleting an existing bond, spoofing the bonded device and creating a new bond.

thehackerwire@mastodon.social at 2026-05-26T22:00:19.000Z ##

🟠 CVE-2026-8676 - High (8.8)

An attacker is able to downgrade the security of a Bluetooth LE connection by deleting an existing bond, spoofing the bonded device and creating a new bond.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-05-26T22:00:19.000Z ##

🟠 CVE-2026-8676 - High (8.8)

An attacker is able to downgrade the security of a Bluetooth LE connection by deleting an existing bond, spoofing the bonded device and creating a new bond.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-8854
(7.5 HIGH)

EPSS: 0.00%

updated 2026-05-26T20:27:32.703000

2 posts

IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service via the optional module mod_mem_cache.

thehackerwire@mastodon.social at 2026-05-26T19:00:07.000Z ##

🟠 CVE-2026-8854 - High (7.5)

IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service via the optional module mod_mem_cache.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-05-26T19:00:07.000Z ##

🟠 CVE-2026-8854 - High (7.5)

IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service via the optional module mod_mem_cache.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-48172
(9.8 CRITICAL)

EPSS: 0.01%

updated 2026-05-26T20:19:13.460000

6 posts

LiteSpeed User-End cPanel Plugin before 2.4.5 allows privilege escalation (possibly to root), as exploited in the wild in May 2026. Detection is best done via a command line of grep -rE "cpanel_jsonapi_func=redisAble" /var/cpanel/logs /usr/local/cpanel/logs/ 2>/dev/null in Bash. If you get no output, you have not been hit with exploitation of the vulnerability. If there is output, we recommend you

2 repos

https://github.com/HORKimhab/CVE-2026-48172

https://github.com/retmakarunia/CVE-2026-48172

bugxhunter at 2026-05-27T02:00:53.687Z ##

🏛️ CISA Adds LiteSpeed cPanel Plugin Privilege Escalation Vulnerability

📝 CISA adds CVE-2026-48172 to KEV Catalog, affecting federal agencies.

cisa.gov/news-events/alerts/20

📰 Alerts

##
secdb at 2026-05-26T20:00:14.633Z ##

🚨 [CISA-2026:0526] CISA Adds One Known Exploited Vulnerability to Catalog (secdb.nttzen.cloud/security-ad)

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

⚠️ CVE-2026-48172 (secdb.nttzen.cloud/cve/detail/)
- Name: LiteSpeed cPanel Plugin Privilege Escalation Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: LiteSpeed
- Product: cPanel Plugin
- Notes: blog.litespeedtech.com/2026/05 ; nvd.nist.gov/vuln/detail/CVE-2

##
cisakevtracker@mastodon.social at 2026-05-26T18:01:10.000Z ##

CVE ID: CVE-2026-48172
Vendor: LiteSpeed
Product: cPanel Plugin
Date Added: 2026-05-26
CVE URL: nvd.nist.gov/vuln/detail/CVE-2

##
bugxhunter@infosec.exchange at 2026-05-27T02:00:53.000Z ##

🏛️ CISA Adds LiteSpeed cPanel Plugin Privilege Escalation Vulnerability

📝 CISA adds CVE-2026-48172 to KEV Catalog, affecting federal agencies.

cisa.gov/news-events/alerts/20

📰 Alerts

#GovSec #CVE

##
secdb@infosec.exchange at 2026-05-26T20:00:14.000Z ##

🚨 [CISA-2026:0526] CISA Adds One Known Exploited Vulnerability to Catalog (secdb.nttzen.cloud/security-ad)

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

⚠️ CVE-2026-48172 (secdb.nttzen.cloud/cve/detail/)
- Name: LiteSpeed cPanel Plugin Privilege Escalation Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: LiteSpeed
- Product: cPanel Plugin
- Notes: blog.litespeedtech.com/2026/05 ; nvd.nist.gov/vuln/detail/CVE-2

#SecDB #InfoSec #CVE #CISA_KEV #cisa_20260526 #cisa20260526 #cve_2026_48172 #cve202648172

##
cisakevtracker@mastodon.social at 2026-05-26T18:01:10.000Z ##

CVE ID: CVE-2026-48172
Vendor: LiteSpeed
Product: cPanel Plugin
Date Added: 2026-05-26
CVE URL: nvd.nist.gov/vuln/detail/CVE-2

##

CVE-2026-25104
(7.8 HIGH)

EPSS: 0.01%

updated 2026-05-26T20:16:40.787000

2 posts

MediaArea MediaInfoLib LXF parsing heap-based buffer overflow vulnerability

thehackerwire@mastodon.social at 2026-05-26T14:00:09.000Z ##

🟠 CVE-2026-25104 - High (7.8)

MediaArea MediaInfoLib LXF parsing heap-based buffer overflow vulnerability

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
offseq@infosec.exchange at 2026-05-26T09:00:29.000Z ##

🚨 HIGH severity: CVE-2026-25104 impacts MediaArea MediaInfoLib 26.01. Integer underflow in LXF parsing can trigger heap-based buffer overflow. No patch yet — restrict untrusted LXF file parsing and monitor for updates. radar.offseq.com/threat/cve-20 #OffSeq #Vulnerability #Infosec

##

CVE-2026-44469
(7.8 HIGH)

EPSS: 0.01%

updated 2026-05-26T20:00:24.897000

1 posts

The affected product extracts installation files to a temporary directory with incorrect default permissions during administrative installation. A low-privileged local attacker can exploit a TOCTOU race condition with a practical time window to replace verified files with malicious ones before installation, resulting in local privilege escalation.

certvde@infosec.exchange at 2026-05-26T07:14:09.000Z ##

#OT #Advisory VDE-2026-055
CODESYS Development System - Incorrect Default Permissions

Two local privilege escalation vulnerabilities were identified in the CODESYS Development System. Specifically, the PackageManager and the IPM create temporary directories with insecure default permissions when executed with administrative privileges. This allows low-privileged local users to modify a temporary bootstrap file to force the deployment of arbitrary components, or to exploit a Time-of-Check to Time-of-Use (TOCTOU) race condition to replace digitally verified installation files with malicious ones prior to installation. Both flaws bypass intended security boundaries during the installation of packages or add-ons.
#CVE CVE-2026-44469, CVE-2026-44468

certvde.com/en/advisories/vde-

#CSAF codesys.csaf-tp.certvde.com/.w

##

CVE-2026-9058
(0 None)

EPSS: 0.04%

updated 2026-05-26T19:59:22.323000

2 posts

Szafir SDK returns a success status code from the cryptographic digital signature verification process (i.e. /VerifyingTaskItem/Signature/VerificationResult/Result/@code == 0, "Positively verified") even when the trust status of the signer's certificate could not be established (i.e. /VerifyingTaskItem/Signature/VerificationResult/SigningCertificate/@certificateType == "nondetermined"). This cause

avolha@infosec.exchange at 2026-05-25T13:53:46.000Z ##

Na CONFidence 2026 Michał kończy właśnie opowieść o krytycznych lukach, które umożliwiały zalogowanie się na konto dowolnego obywatela w wielu kluczowych systemach administracji publicznej, a @zaufanatrzeciastrona opublikowała przed chwilą cykl artykułów jego autorstwa, dokładnie wyjaśniający problem. Zdecydowanie polecam (zarwałam noc, żeby je na czas skorygować ;-))

👉 Zdalne wykonanie kodu w SzafirHost – [CVE-2026-26928] [Badanie e-podpisów, cz. 1] – zaufanatrzeciastrona.pl/post/z
👉 Hakowanie e-Sądu YubiKeyem – [Badanie e-podpisów, cz. 2] – zaufanatrzeciastrona.pl/post/h
👉 Ominięcie uwierzytelniania w ZUS-ie i systemach e-Zdrowia, czyli o krok od cyberchaosu – [CVE-2026-9058] [Badanie e-podpisów, cz. 3] – zaufanatrzeciastrona.pl/post/o
👉 Podsumowanie: Krytyczna podatność umożliwiająca całkowite ominięcie logowania w ZUS-ie, e-Sądzie i systemach e-Zdrowia – zaufanatrzeciastrona.pl/post/p

#cyberbezpieczenstwo #cybersecurity #confidence

##
zaufanatrzeciastrona@infosec.exchange at 2026-05-25T13:34:30.000Z ##

Michał odkrył sposób na logowanie jako dowolny użytkownik do eZUS-u, E-Sądu, eZdrowia i innych rządowych systemów. Poczytajcie, bo to najgrubsze odkrycie tego roku w PL
1. zaufanatrzeciastrona.pl/post/z
2. zaufanatrzeciastrona.pl/post/h
3. zaufanatrzeciastrona.pl/post/o
4. zaufanatrzeciastrona.pl/post/p

##

CVE-2026-45247
(9.8 CRITICAL)

EPSS: 0.00%

updated 2026-05-26T19:50:21.747000

1 posts

Mirasvit Full Page Cache Warmer for Magento 2 before version 1.11.12 contains a PHP object injection vulnerability that allows unauthenticated attackers to achieve remote code execution by supplying a crafted serialized PHP object in the CacheWarmer cookie. Attackers can exploit the unrestricted call to PHP's native unserialize() function combined with gadget chains available in Magento and its de

thehackerwire@mastodon.social at 2026-05-26T16:00:25.000Z ##

🔴 CVE-2026-45247 - Critical (9.8)

Mirasvit Full Page Cache Warmer for Magento 2 before version 1.11.12 contains a PHP object injection vulnerability that allows unauthenticated attackers to achieve remote code execution by supplying a crafted serialized PHP object in the CacheWarm...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-42774
(9.3 CRITICAL)

EPSS: 0.03%

updated 2026-05-26T19:31:20.323000

1 posts

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Crocoblock JetEngine allows SQL Injection. This issue affects JetEngine: from n/a through 3.8.8.1.

offseq@infosec.exchange at 2026-05-26T01:30:23.000Z ##

🚨 CRITICAL SQL Injection (CVE-2026-42774) in Crocoblock JetEngine ≤ 3.8.8.1 (CVSS 9.3). Unauthenticated attackers could access sensitive DB data. No vendor patch yet — restrict access & monitor activity. More: radar.offseq.com/threat/cve-20 #OffSeq #SQLInjection #WordPress

##

CVE-2026-42497
(0 None)

EPSS: 0.02%

updated 2026-05-26T19:21:53.013000

1 posts

Archive::Tar versions before 3.08 for Perl extract hardlinks to attacker controlled paths outside the extraction directory. _make_special_file() passes the tar header's linkname to link() without validating it against absolute paths or .. segments, creating a hardlink that shares the victim file's inode. A subsequent write through the extracted name modifies the victim file, and the post-extract

offseq@infosec.exchange at 2026-05-26T04:30:24.000Z ##

🛡️ CVE-2026-42497 (HIGH): BINGOS Archive::Tar <3.08 lets attackers create hardlinks outside extraction dirs, risking file overwrite or privilege escalation. No patch yet — avoid untrusted tar files. Details: radar.offseq.com/threat/cve-20 #OffSeq #Vulnerability #Perl #Security

##

CVE-2025-1782
(9.9 CRITICAL)

EPSS: 0.00%

updated 2026-05-26T19:08:15.080000

1 posts

In HylaFAX Enterprise Web Interface and AvantFAX, the language form element is not properly sanitized before being used and can be misused to include an arbitrary file in the PHP code allowing an attacker to do anything as the web server user. This flaw requires the attacker to be authenticated with a valid user account.

hugovalters@mastodon.social at 2026-05-26T23:03:26.000Z ##

CVE-2025-1782 - Critical RCE in HylaFAX. Unpatched. CVSS 9.9. Authenticated users can exploit file inclusion for full server compromise. Isolate or disable immediately. #CVE #HylaFAX #infosec

valtersit.com/cve/CVE-2025-178

##

CVE-2026-7374
(9.9 CRITICAL)

EPSS: 0.00%

updated 2026-05-26T19:08:15.080000

1 posts

A flaw was found in KubeVirt's virt-handler component. This vulnerability allows an authenticated OpenShift user with edit permissions in a single namespace to exploit improper symlink validation when connecting to virtual machine console sockets. By replacing the console socket with a symlink to the host's container runtime (CRI-O) socket, an attacker can hijack virt-handler's privileged connecti

thehackerwire@mastodon.social at 2026-05-26T15:00:49.000Z ##

🔴 CVE-2026-7374 - Critical (9.9)

A flaw was found in KubeVirt's virt-handler component. This vulnerability allows an authenticated OpenShift user with edit permissions in a single namespace to exploit improper symlink validation when connecting to virtual machine console sockets....

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-5222
(0 None)

EPSS: 0.04%

updated 2026-05-26T19:08:15.080000

2 posts

Cargo between 1.68 and 1.96 incorrectly normalized the URLs of third-party registries using the sparse index protocol. If a hosting provider allowed multiple registries to be hosted with arbitrary names within the same domain, an attacker able to publish crates in a registry could obtain the credentials of others users of the same registry. The severity of the vulnerability is **low**, due to the

rustaceans@mastodon.social at 2026-05-25T16:05:57.000Z ##

JUST IN: Security Advisory for Cargo (CVE-2026-5222)

>> Cargo CVE-2026-5222: Sparse registry URL normalization flaw lets attackers steal credentials from third-party registries under niche conditions. Fixed in Rust 1.96.

#rustlang #rustlang

##
rustaceans@mastodon.social at 2026-05-25T16:05:57.000Z ##

Link: blog.rust-lang.org/2026/05/25/

##

CVE-2026-5223
(0 None)

EPSS: 0.04%

updated 2026-05-26T19:08:15.080000

3 posts

Cargo incorrectly handled symlinks inside of crate tarballs downloaded from third-party registries, allowing a malicious crate to override the source code of another crate from the same registry. The severity of the vulnerability is **medium** for users of third-party registries. Users of crates.io are **not affected**, as crates.io forbids uploading crates containing any symlink.

rustaceans@mastodon.social at 2026-05-25T16:03:16.000Z ##

JUST IN: Security Advisory for Cargo (CVE-2026-5223)

>> Cargo CVE-2026-5223: Malicious crates with symlinks can override other crates from the same third-party registry. Fixed in Rust 1.96.0.

#rustlang #rust

##
rustaceans@mastodon.social at 2026-05-25T16:03:17.000Z ##

Link: blog.rust-lang.org/2026/05/25/

##
Mozilla@activitypub.awakari.com at 2026-05-25T00:00:00.000Z ## The Rust Programming Language Blog: Security Advisory for Cargo (CVE-2026-5223) The Rust Security Response Team was notified that Cargo incorrectly handled symlinks inside of crate tarballs downloa...


Origin | Interest | Match ##

CVE-2026-8620
(7.5 HIGH)

EPSS: 0.00%

updated 2026-05-26T19:06:14.330000

2 posts

IBM Web Server Plug-ins for WebSphere Application Server and WebSphere Liberty 8.5, 9.0 IBM WebSphere Application Server and WebSphere Application Server Liberty are vulnerable to HTTP request smuggling in the Web Server Plug-ins through a specially crafted request.

thehackerwire@mastodon.social at 2026-05-26T19:03:10.000Z ##

🟠 CVE-2026-8620 - High (7.5)

IBM Web Server Plug-ins for WebSphere Application Server and WebSphere Liberty 8.5, 9.0 IBM WebSphere Application Server and WebSphere Application Server Liberty are vulnerable to HTTP request smuggling in the Web Server Plug-ins through a special...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-05-26T19:03:10.000Z ##

🟠 CVE-2026-8620 - High (7.5)

IBM Web Server Plug-ins for WebSphere Application Server and WebSphere Liberty 8.5, 9.0 IBM WebSphere Application Server and WebSphere Application Server Liberty are vulnerable to HTTP request smuggling in the Web Server Plug-ins through a special...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-9435
(9.8 CRITICAL)

EPSS: 0.89%

updated 2026-05-26T18:59:55.850000

1 posts

A vulnerability was detected in Totolink A8000RU 7.1cu.643_b20200521. The affected element is the function setQosCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Performing a manipulation of the argument enable results in os command injection. Remote exploitation of the attack is possible. The exploit is now public and may be used.

offseq@infosec.exchange at 2026-05-25T10:30:25.000Z ##

🛡️ CVE-2026-9435: Critical OS command injection in Totolink A8000RU (fw 7.1cu.643_b20200521) allows unauthenticated remote code execution. No patch yet — restrict web UI & monitor advisories. Exploit is public! radar.offseq.com/threat/cve-20 #OffSeq #CVE20269435 #IoTSecurity

##

CVE-2026-9434
(9.8 CRITICAL)

EPSS: 0.89%

updated 2026-05-26T18:59:55.850000

1 posts

A security vulnerability has been detected in Totolink A8000RU 7.1cu.643_b20200521. Impacted is the function setWiFiWpsCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Such manipulation of the argument wscDisabled leads to os command injection. The attack may be launched remotely. The exploit has been disclosed publicly and may be used.

offseq@infosec.exchange at 2026-05-25T07:30:26.000Z ##

Totolink A8000RU (v7.1cu.643_b20200521) hit by CRITICAL OS command injection (CVE-2026-9434). Remote unauthenticated attackers may gain full control. No fix yet — restrict management access & monitor for updates. radar.offseq.com/threat/cve-20 #OffSeq #Vulnerability #Router

##

CVE-2026-7454
(7.8 HIGH)

EPSS: 0.00%

updated 2026-05-26T18:31:59

2 posts

A maliciously crafted WRL file, when parsed through Autodesk 3ds Max, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.

thehackerwire@mastodon.social at 2026-05-26T19:02:59.000Z ##

🟠 CVE-2026-7454 - High (7.8)

A maliciously crafted WRL file, when parsed through Autodesk 3ds Max, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-05-26T19:02:59.000Z ##

🟠 CVE-2026-7454 - High (7.8)

A maliciously crafted WRL file, when parsed through Autodesk 3ds Max, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-8855
(8.1 HIGH)

EPSS: 0.00%

updated 2026-05-26T18:31:59

2 posts

IBM HTTP Server 8.5, and 9.0 is vulnerable to remote code execution and denial of service in configurations with TLS mutual authentication (client authentication).

thehackerwire@mastodon.social at 2026-05-26T19:00:17.000Z ##

🟠 CVE-2026-8855 - High (8.1)

IBM HTTP Server 8.5, and 9.0 is vulnerable to remote code execution and denial of service in configurations with TLS mutual authentication (client authentication).

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-05-26T19:00:17.000Z ##

🟠 CVE-2026-8855 - High (8.1)

IBM HTTP Server 8.5, and 9.0 is vulnerable to remote code execution and denial of service in configurations with TLS mutual authentication (client authentication).

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-9170
(7.5 HIGH)

EPSS: 0.00%

updated 2026-05-26T18:31:51

2 posts

IBM Web Server Plug-ins for WebSphere Application Server and WebSphere Liberty 8.5, 9.0 IBM WebSphere Application Server and WebSphere Application Server Liberty are vulnerable to denial of service and a potential remote code execution due to improper input validation.

thehackerwire@mastodon.social at 2026-05-26T19:02:49.000Z ##

🟠 CVE-2026-9170 - High (7.5)

IBM Web Server Plug-ins for WebSphere Application Server and WebSphere Liberty 8.5, 9.0 IBM WebSphere Application Server and WebSphere Application Server Liberty are vulnerable to denial of service and a potential remote code execution due to impr...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-05-26T19:02:49.000Z ##

🟠 CVE-2026-9170 - High (7.5)

IBM Web Server Plug-ins for WebSphere Application Server and WebSphere Liberty 8.5, 9.0 IBM WebSphere Application Server and WebSphere Application Server Liberty are vulnerable to denial of service and a potential remote code execution due to impr...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-8856
(7.7 HIGH)

EPSS: 0.00%

updated 2026-05-26T18:31:51

2 posts

IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service in configurations where an attacker has write access to parts of the server configuration.

thehackerwire@mastodon.social at 2026-05-26T19:00:27.000Z ##

🟠 CVE-2026-8856 - High (7.7)

IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service in configurations where an attacker has write access to parts of the server configuration.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-05-26T19:00:27.000Z ##

🟠 CVE-2026-8856 - High (7.7)

IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service in configurations where an attacker has write access to parts of the server configuration.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-25112
(7.8 HIGH)

EPSS: 0.00%

updated 2026-05-26T18:31:42

1 posts

A high-severity vulnerability in the deployment of Genetec RabbitMQ that allows a privilege escalation attack.

thehackerwire@mastodon.social at 2026-05-26T16:59:57.000Z ##

🟠 CVE-2026-25112 - High (7.8)

A high-severity vulnerability in the deployment of Genetec RabbitMQ that allows a privilege escalation attack.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-9496
(7.5 HIGH)

EPSS: 0.04%

updated 2026-05-26T15:33:18

1 posts

Versions of the package pacote from 11.2.7 are vulnerable to Denial of Service (DoS) via the addGitSha function. An attacker can exploit this vulnerability by supplying a specially crafted spec.rawSpec value that triggers the function’s regex replacement and string-manipulation logic, causing excessive CPU consumption and potentially stalling or crashing the process.

offseq@infosec.exchange at 2026-05-26T07:30:26.000Z ##

⚠️ HIGH severity: CVE-2026-9496 impacts pacote 11.2.7 in cloud-hosted setups. Crafted spec.rawSpec can trigger DoS via CPU exhaustion. Vendor patches are rolling out — verify your service is updated. No active exploitation seen. radar.offseq.com/threat/cve-20 #OffSeq #DoS #CloudSec

##

CVE-2026-46368
(8.8 HIGH)

EPSS: 0.00%

updated 2026-05-26T15:32:17

1 posts

luci-app-https-dns-proxy through 2025.12.29-5 — an optional LuCI web UI add-on for the https-dns-proxy package, distributed through the OpenWrt community packages feed and not installed by default — contains a command injection vulnerability in the setInitAction function. An authenticated user holding the luci.https-dns-proxy ACL permission can inject shell metacharacters through the 'name' parame

thehackerwire@mastodon.social at 2026-05-26T16:00:41.000Z ##

🟠 CVE-2026-46368 - High (8.8)

luci-app-https-dns-proxy through 2025.12.29-5 — an optional LuCI web UI add-on for the https-dns-proxy package, distributed through the OpenWrt community packages feed and not installed by default — contains a command injection vulnerability i...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-4480
(8.5 HIGH)

EPSS: 0.00%

updated 2026-05-26T15:32:17

1 posts

A flaw was found in the Samba printing subsystem. Samba passes the client-controlled job description string to the command configured with the "print command" setting via the "%J" substitution character without escaping shell meta characters. A remote attacker could exploit this vulnerability by sending a specially crafted print job description that contains unescaped shell characters. This could

thehackerwire@mastodon.social at 2026-05-26T16:00:15.000Z ##

🟠 CVE-2026-4480 - High (8.5)

A flaw was found in the Samba printing subsystem. Samba passes the client-controlled job description string to the command configured with the "print command" setting via the "%J"
substitution character without escaping shell meta characters. A re...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-48131
(8.1 HIGH)

EPSS: 0.00%

updated 2026-05-26T15:32:16

1 posts

The VPN service may mishandle an unexpected IKE fragment value received on the IKE port 500/UDP during the early stage of a connection attempt. This can cause the service to terminate unexpectedly, resulting in denial of service (temporary disruption of VPN-related functionality).

thehackerwire@mastodon.social at 2026-05-26T15:00:59.000Z ##

🟠 CVE-2026-48131 - High (8.1)

The VPN service may mishandle an unexpected IKE fragment value received on the IKE port 500/UDP during the early stage of a connection attempt. This can cause the service to terminate unexpectedly, resulting in denial of service (temporary disrupt...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-9543
(9.8 CRITICAL)

EPSS: 0.00%

updated 2026-05-26T15:32:16

1 posts

A vulnerability has been found in Totolink N300RH 6.1c.1353_B20190305. Affected is the function setPasswordCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Such manipulation of the argument admpass leads to os command injection. The attack can be executed remotely. The exploit has been disclosed to the public and may be used.

thehackerwire@mastodon.social at 2026-05-26T15:00:39.000Z ##

🔴 CVE-2026-9543 - Critical (9.8)

A vulnerability has been found in Totolink N300RH 6.1c.1353_B20190305. Affected is the function setPasswordCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Such manipulation of the argument admpass leads to os comman...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-44468
(7.8 HIGH)

EPSS: 0.01%

updated 2026-05-26T13:31:03

1 posts

The affected product creates a directory with insecure default permissions during administrative installation. This allows a low-privileged local attacker to modify a temporary file defining the components to be installed, enabling local privilege escalation by forcing the deployment of arbitrary components.

certvde@infosec.exchange at 2026-05-26T07:14:09.000Z ##

#OT #Advisory VDE-2026-055
CODESYS Development System - Incorrect Default Permissions

Two local privilege escalation vulnerabilities were identified in the CODESYS Development System. Specifically, the PackageManager and the IPM create temporary directories with insecure default permissions when executed with administrative privileges. This allows low-privileged local users to modify a temporary bootstrap file to force the deployment of arbitrary components, or to exploit a Time-of-Check to Time-of-Use (TOCTOU) race condition to replace digitally verified installation files with malicious ones prior to installation. Both flaws bypass intended security boundaries during the installation of packages or add-ons.
#CVE CVE-2026-44469, CVE-2026-44468

certvde.com/en/advisories/vde-

#CSAF codesys.csaf-tp.certvde.com/.w

##

CVE-2026-8047
(7.5 HIGH)

EPSS: 0.07%

updated 2026-05-26T13:31:02

1 posts

The affected products perform improper length checking when parsing incoming HTTP requests, resulting in a size-limited out-of-bounds write. An unauthenticated remote attacker can exploit this flaw to cause a denial of service via a system crash on the affected device.

certvde@infosec.exchange at 2026-05-26T07:14:44.000Z ##

#OT #Advisory VDE-2026-057
CODESYS Control - Out-of-bounds Write

Successful exploitation allows an unauthenticated remote attacker to trigger an out-of-bounds write, causing the CODESYS Control Runtime to crash and resulting in a denial of service on the affected device.
#CVE CVE-2026-8047

certvde.com/en/advisories/vde-

#CSAF codesys.csaf-tp.certvde.com/.w

##

CVE-2026-8046
(8.1 HIGH)

EPSS: 0.10%

updated 2026-05-26T13:31:02

1 posts

The affected products insufficiently verify authorization when deleting user accounts. An authenticated, low-privileged remote user can exploit this vulnerability to delete other users, including those with higher privileges.

certvde@infosec.exchange at 2026-05-26T07:14:28.000Z ##

#OT #Advisory VDE-2026-056
CODESYS Control - Incorrect Authorization

The CODESYS Control runtime system provides a user management mechanism with multiple privilege groups including the visualization administrators group, which is intended solely to manage visualization users.
#CVE CVE-2026-8046

certvde.com/en/advisories/vde-

#CSAF codesys.csaf-tp.certvde.com/.w

##

CVE-2026-42773
(9.3 CRITICAL)

EPSS: 0.03%

updated 2026-05-26T13:30:58

1 posts

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in eMagicOne eMagicOne Store Manager allows Blind SQL Injection. This issue affects eMagicOne Store Manager: from n/a through 1.3.2.

offseq@infosec.exchange at 2026-05-26T00:00:35.000Z ##

🚨 CRITICAL: CVE-2026-42773 in eMagicOne Store Manager (≤1.3.2) enables unauthenticated Blind SQL Injection (CVSS 9.3). No patch yet. Restrict app access & monitor databases. Details: radar.offseq.com/threat/cve-20 #OffSeq #SQLInjection #Vuln #eMagicOne

##

CVE-2026-39661
(7.5 HIGH)

EPSS: 0.11%

updated 2026-05-26T13:30:57

1 posts

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Magentech SW Core allows PHP Local File Inclusion. This issue affects SW Core: from n/a through 1.7.18.

thehackerwire@mastodon.social at 2026-05-26T14:00:00.000Z ##

🟠 CVE-2026-39661 - High (7.5)

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Magentech SW Core allows PHP Local File Inclusion.

This issue affects SW Core: from n/a through 1.7.18.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-25713
(7.8 HIGH)

EPSS: 0.01%

updated 2026-05-26T13:30:56

1 posts

MediaArea MediaInfoLib ID3v2 parsing heap buffer overflow vulnerability

thehackerwire@mastodon.social at 2026-05-26T14:00:23.000Z ##

🟠 CVE-2026-25713 - High (7.8)

MediaArea MediaInfoLib ID3v2 parsing heap buffer overflow vulnerability

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-9478
(9.8 CRITICAL)

EPSS: 0.89%

updated 2026-05-26T13:30:56

1 posts

A weakness has been identified in Totolink A8000RU 7.1cu.643_b20200521. Impacted is the function setParentalRules of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Executing a manipulation of the argument enable can lead to os command injection. The attack may be performed from remote. The exploit has been made available to the public and could be used for attacks.

offseq@infosec.exchange at 2026-05-26T03:00:25.000Z ##

🛑 CRITICAL: Totolink A8000RU (7.1cu.643_b20200521) is vulnerable (CVE-2026-9478) to remote OS command injection via the web interface. Public exploit available. Restrict access & monitor for patches! radar.offseq.com/threat/cve-20 #OffSeq #CVE20269478 #IoTSecurity #Infosec

##

CVE-2026-42496(CVSS UNKNOWN)

EPSS: 0.02%

updated 2026-05-26T13:30:54

1 posts

Archive::Tar versions before 3.08 for Perl extract symlinks with attacker controlled targets outside the extraction directory. _make_special_file() passes the tar header's linkname to symlink() without validating it against absolute paths or .. segments. The secure-extract mode check that guards regular file extraction does not cover the symlink target. A subsequent open through the extracted na

offseq@infosec.exchange at 2026-05-26T06:00:33.000Z ##

🚩 CVE-2026-42496: HIGH severity vuln in BINGOS Archive::Tar (<3.08). Symlinks in tar archives can escape extraction dir, risking unauthorized file access. No patch yet — avoid untrusted archives! radar.offseq.com/threat/cve-20 #OffSeq #vuln #Perl #infosec

##

CVE-2026-9436
(9.8 CRITICAL)

EPSS: 0.94%

updated 2026-05-26T13:30:46

1 posts

A flaw has been found in Totolink A8000RU 7.1cu.643_b20200521. The impacted element is the function setL2tpServerCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Executing a manipulation of the argument enable can lead to os command injection. The attack can be executed remotely. The exploit has been published and may be used.

offseq@infosec.exchange at 2026-05-25T09:00:24.000Z ##

🔴 CRITICAL: Totolink A8000RU (7.1cu.643_b20200521) has an unauthenticated OS command injection bug (CVE-2026-9436). Exploit released, no patch yet. Restrict web management access and monitor closely. radar.offseq.com/threat/cve-20 #OffSeq #Vulnerability #Security #Router

##

CVE-2026-9404
(9.8 CRITICAL)

EPSS: 0.89%

updated 2026-05-26T13:30:41

1 posts

A vulnerability was identified in Totolink A8000RU 7.1cu.643_b20200521. This affects the function setDdnsCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Such manipulation of the argument provider leads to os command injection. The attack may be launched remotely. The exploit is publicly available and might be used.

offseq@infosec.exchange at 2026-05-25T06:00:25.000Z ##

🚨 CRITICAL: Totolink A8000RU (7.1cu.643_b20200521) suffers OS command injection (CVE-2026-9404, CVSS 9.3). Exploit is public; no patch yet. Restrict web mgmt interface & watch for updates. radar.offseq.com/threat/cve-20 #OffSeq #infosec #CVE20269404 #routersecurity

##

CVE-2026-45659
(8.8 HIGH)

EPSS: 0.50%

updated 2026-05-26T13:30:30

2 posts

Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

1 repos

https://github.com/HORKimhab/CVE-2026-45659

undercodenews@mastodon.social at 2026-05-26T19:41:18.000Z ##

Microsoft SharePoint RCE Flaw Raises New Security Concerns as Attackers Continue Targeting Enterprise Servers

Introduction Microsoft has released urgent security updates to address a newly discovered remote code execution vulnerability affecting Microsoft SharePoint Server, once again putting enterprise collaboration platforms under the cybersecurity spotlight. The flaw, identified as CVE-2026-45659, carries a high CVSS severity score of 8.8 and could allow attackers…

undercodenews.com/microsoft-sh

##
benzogaga33@mamot.fr at 2026-05-26T15:40:04.000Z ##

Faille RCE dans SharePoint : Microsoft publie un patch pour la CVE-2026-45659 it-connect.fr/faille-rce-share #ActuCybersécurité #Cybersécurité #Vulnérabilité #SharePoint #Microsoft

##

CVE-2026-45250
(7.8 HIGH)

EPSS: 0.01%

updated 2026-05-22T08:16:14.847000

2 posts

The setcred(2) system call is only available to privileged users. However, before the privilege level of the caller is checked, the user-supplied list of supplementary groups is copied into a fixed-size kernel stack buffer without first validating its length. If the supplied list exceeds the capacity of that buffer, a stack buffer overflow occurs. Because the bounds check on the supplementary g

1 repos

https://github.com/venglin/setcred

emaste@mastodon.social at 2026-05-26T18:07:06.000Z ##

@lattera How is autoloading zfs.ko related to CVE-2026-45250?

##
emaste@mastodon.social at 2026-05-26T18:07:06.000Z ##

@lattera How is autoloading zfs.ko related to CVE-2026-45250?

##

CVE-2010-0249
(8.8 HIGH)

EPSS: 88.68%

updated 2026-05-21T12:57:01.463000

2 posts

Use-after-free vulnerability in Microsoft Internet Explorer 6, 6 SP1, 7, and 8 on Windows 2000 SP4; Windows XP SP2 and SP3; Windows Server 2003 SP2; Windows Vista Gold, SP1, and SP2; Windows Server 2008 Gold, SP2, and R2; and Windows 7 allows remote attackers to execute arbitrary code by accessing a pointer associated with a deleted object, related to incorrectly initialized memory and improper ha

nyanbinary at 2026-05-26T21:36:21.528Z ##

Ok, CISA adding CVE-2010-0249 (Use-After-Free in checks notes Internet Explorer 6, 6 SP1, 7, and 8 for Server up to 2008 & Win7 to their KEV list... last week... has me giggle.

Yeah, I guess there may be EITW exploitation? But putting a "you got 2 weeks to fix your Server 2008 Internet Explorer NOW in 2 weeks!!!" is, like, seriously funny.

db.gcve.eu/known-exploited-vul

##
nyanbinary@infosec.exchange at 2026-05-26T21:36:21.000Z ##

Ok, CISA adding CVE-2010-0249 (Use-After-Free in checks notes Internet Explorer 6, 6 SP1, 7, and 8 for Server up to 2008 & Win7 to their KEV list... last week... has me giggle.

Yeah, I guess there may be EITW exploitation? But putting a "you got 2 weeks to fix your Server 2008 Internet Explorer NOW in 2 weeks!!!" is, like, seriously funny.

db.gcve.eu/known-exploited-vul

##

CVE-2026-9082
(6.5 MEDIUM)

EPSS: 17.33%

updated 2026-05-20T21:32:36

3 posts

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Drupal Drupal core allows SQL Injection. This issue affects Drupal core: from 8.9.0 before 10.4.10, from 10.5.0 before 10.5.10, from 10.6.0 before 10.6.9, from 11.0.0 before 11.1.10, from 11.2.0 before 11.2.12, from 11.3.0 before 11.3.10.

Nuclei template

7 repos

https://github.com/ridhinva/CVE-2026-9082

https://github.com/HORKimhab/CVE-2026-9082

https://github.com/N45HT/drupal-cve-2026-9082-checker

https://github.com/lysophavin18/cve-2026-9082

https://github.com/7h30th3r0n3/CVE-2026-9082-Drupal-PoC

https://github.com/0xBlackash/CVE-2026-9082

https://github.com/ywh-jfellus/CVE-2026-9082

maniabel@mastodon.de at 2026-05-26T19:55:39.000Z ##

Drupal: kritische Sicherheitslücke (CVE-2026-9082). Der Patch steht zur Verfügung. Aktuell sind in Deutschland 61 Instanzen ungepatcht.
Interessiert das irgendjemenschen? Braucht es weitere Informationen? Oder ist der Beitrag flüssiger als Wasser?

dashboard.shadowserver.org/sta

#Drupal #infosec

##
maniabel@mastodon.de at 2026-05-26T19:55:39.000Z ##

Drupal: kritische Sicherheitslücke (CVE-2026-9082). Der Patch steht zur Verfügung. Aktuell sind in Deutschland 61 Instanzen ungepatcht.
Interessiert das irgendjemenschen? Braucht es weitere Informationen? Oder ist der Beitrag flüssiger als Wasser?

dashboard.shadowserver.org/sta

#Drupal #infosec

##
hackmag@infosec.exchange at 2026-05-25T18:00:02.000Z ##

⚪️ Critical Drupal bug could lead to remote code execution

🗨️ The Drupal developers have released emergency patches for a “highly critical” vulnerability in Drupal Core that affects sites using PostgreSQL. The issue has been assigned the identifier CVE-2026-9082 and is related to an SQL injection, which in some scenarios may…

🔗 hackmag.com/news/drupal-inject

#news

##

CVE-2026-41091
(7.8 HIGH)

EPSS: 5.94%

updated 2026-05-20T18:31:35

2 posts

Improper link resolution before file access ('link following') in Microsoft Defender allows an authorized attacker to elevate privileges locally.

2 repos

https://github.com/ridhinva/defender-vulnerability-scanner

https://github.com/0xBlackash/CVE-2026-41091

christopherkunz@chaos.social at 2026-05-26T10:31:47.000Z ##

The RedSun vulnerability was "officially fixed" on May 19, with the fix being "let's break the PoC by quarantining the affected .exe". The fix is just part of a Defender definition update. So, I guess the Red Sun no longer prevails.
msrc.microsoft.com/update-guid

##
christopherkunz@chaos.social at 2026-05-26T06:57:56.000Z ##

@jhr77 @Hal_9000 Turns out my hunch was right: CVE-2026-41091 is RedSun.

##

CVE-2026-42096(CVSS UNKNOWN)

EPSS: 0.04%

updated 2026-05-19T15:31:29

1 posts

Sparx Pro Cloud Server is vulnerable to Broken Access Control within communication with the database. Due to lack of permission checks, any low privileged user can run arbitrary SQL queries within database user context. The vendor was notified early about this vulnerability, but didn't respond with the details of vulnerability or vulnerable version range. Only version 6.1 (build 167) and below we

1 repos

https://github.com/br0xpl/sparx_hack

campuscodi@mastodon.social at 2026-05-26T17:43:45.000Z ##

Sparx Systems has failed to patch five security issues in its Pro Cloud Server even after being contacted by CERT Poland

cert.pl/en/posts/2026/05/CVE-2

##

CVE-2026-45829
(0 None)

EPSS: 0.17%

updated 2026-05-19T14:16:46.977000

1 posts

A pre-authentication, code injection vulnerability in version 1.0.0 or later of the ChromaDB Python project allows an unauthenticated attacker to run arbitrary code on the server by sending a malicious model repository and trust_remote_code set to true in the /api/v2/tenants/{tenant}/databases/{db}/collections endpoint.

2 repos

https://github.com/fevar54/FULL-ANALYSIS---CVE-2026-45829-ChromaDB-

https://github.com/0xBlackash/CVE-2026-45829

nicfab@fosstodon.org at 2026-05-26T08:12:31.000Z ##

NicFab Newsletter #22 is out.

→ Garante fines Ambrosetti €85k for late breach notification (Art. 34 GDPR)
→ Verizon DBIR 2026: vuln exploitation overtakes credentials as #1 vector
→ Commission opens first Article 112(1) AI Act review
→ Colorado CADMA replaces the 2024 AI Act
→ Unpatched RCE in ChromaDB (CVE-2026-45829)

Read: nicfab.eu/en/newsletter-issues
Subscribe: nicfab.eu/en/pages/newsletter/

#Privacy #AIAct #AI #GDPR #Cybersecurity

##

CVE-2026-45298
(8.6 HIGH)

EPSS: 0.00%

updated 2026-05-18T16:41:41

2 posts

## Summary In a default dozzle deploy (the documented quickstart, no `DOZZLE_AUTH_PROVIDER` set), `POST /api/notifications/test-webhook` is reachable without authentication and forwards an attacker-controlled URL into a `WebhookDispatcher` that: - Sends an HTTP POST to the supplied URL with attacker-controlled request headers, and - Returns the response status code AND up to 1MB of the response

thehackerwire@mastodon.social at 2026-05-26T23:01:25.000Z ##

🟠 CVE-2026-45298 - High (8.6)

Dozzle is a realtime log viewer for docker containers. Prior to 10.5.2, in a default dozzle deploy (the documented quickstart, no DOZZLE_AUTH_PROVIDER set), POST /api/notifications/test-webhook is reachable without authentication and forwards an a...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-05-26T23:01:25.000Z ##

🟠 CVE-2026-45298 - High (8.6)

Dozzle is a realtime log viewer for docker containers. Prior to 10.5.2, in a default dozzle deploy (the documented quickstart, no DOZZLE_AUTH_PROVIDER set), POST /api/notifications/test-webhook is reachable without authentication and forwards an a...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-45574
(8.1 HIGH)

EPSS: 0.00%

updated 2026-05-15T18:29:32

2 posts

### Impact An attacker on the network path between the ePA service and the Konnektor can present any TLS certificate (self-signed, expired, wrong CN) and intercept all SOAP traffic. This includes patient identifiers (KVNR), SMC-B card operations (authentication, signing), document content, and credential exchanges. ### Patches [#36](https://github.com/oviva-ag/epa4all-client/pull/36) ### Workaro

thehackerwire@mastodon.social at 2026-05-26T23:01:34.000Z ##

🟠 CVE-2026-45574 - High (8.1)

epa4all-client is the Java Client for epa4all / ePA 3.0 in the Telematik Infrastruktur. Prior to 1.2.2, an attacker on the network path between the ePA service and the Konnektor can present any TLS certificate (self-signed, expired, wrong CN) and ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-05-26T23:01:34.000Z ##

🟠 CVE-2026-45574 - High (8.1)

epa4all-client is the Java Client for epa4all / ePA 3.0 in the Telematik Infrastruktur. Prior to 1.2.2, an attacker on the network path between the ePA service and the Konnektor can present any TLS certificate (self-signed, expired, wrong CN) and ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-41089
(9.8 CRITICAL)

EPSS: 0.13%

updated 2026-05-15T15:42:17.907000

1 posts

Stack-based buffer overflow in Windows Netlogon allows an unauthorized attacker to execute code over a network.

threatcodex@infosec.exchange at 2026-05-26T17:43:22.000Z ##

Micropatches released for Windows Netlogon Remote Code Execution Vulnerability (CVE-2026-41089)
#CVE_2026_41089
blog.0patch.com/2026/05/microp

##

CVE-2026-6637
(8.8 HIGH)

EPSS: 0.04%

updated 2026-05-14T15:31:59

1 posts

Stack buffer overflow in PostgreSQL module "refint" allows an unprivileged database user to execute arbitrary code as the operating system user running the database. A distinct attack is possible if the application declares a user-controlled column as a "refint" cascade primary key and facilitates user-controlled updates to that column. In that case, a SQL injection allows a primary key update v

mastokukei@social.josko.org at 2026-05-26T18:01:26.000Z ##

Blip blop, I'm a #mastobot.
Here is a summary (in beta) of the latest posts in #newsAtKukei masto.kukei.eu/browse/news category:
- **Russia's GPS jamming extends deep into Europe**, raising concerns over military and civilian impacts.
- **Citizenship controversies in Moldova**, with discussions on legal and political implications.
- **PostgreSQL security vulnerability (CVE-2026-6637)** in the `refint` module, urging immediate fixes.
- **AI and tech industry developments**, [1/3]

##

CVE-2026-0265(CVSS UNKNOWN)

EPSS: 0.03%

updated 2026-05-13T18:31:07

1 posts

An authentication bypass vulnerability in Palo Alto Networks PAN-OS® software enables an unauthenticated attacker with network access to bypass authentication controls when Cloud Authentication Service (CAS) is enabled. The risk is higher if CAS is enabled on the management interface and lower when any other login interfaces are used. The risk of this issue is greatly reduced if you secure acc

2 repos

https://github.com/tstephens1080/palo-alto-cve-2026-0265-checker

https://github.com/BishopFox/CVE-2026-0265-check

hrbrmstr@mastodon.social at 2026-05-25T15:08:44.000Z ##

I thought Palo was part of the Mythos seekrit cabal platform and also had their own advanced AI BS that protected enterprises from everything.

Given that, how does CVE-2026-0265 — an at-scale PAN-OS CAS Authentication Bypass — happen now?

Seems like Mythos isn't all its cracked up to be?

##

CVE-2026-28952
(7.5 HIGH)

EPSS: 0.02%

updated 2026-05-13T14:08:26.420000

7 posts

An integer overflow was addressed with improved input validation. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. An app may be able to cause unexpected system termination.

hackernewsrobot@mastodon.social at 2026-05-27T03:56:10.000Z ##

CVE-2026-28952: Apple macOS 26.5 Kernel Vuln found by Claude support.apple.com/en-us/127115

##
hackersnews@mastodon.cesium.pw at 2026-05-26T05:30:08.000Z ##

CVE-2026-28952: Apple macOS 26.5 Kernel Vuln found by Claude
news.ycombinator.com/item?id=4

#hackernews #tech

##
hn100@social.lansky.name at 2026-05-26T04:45:09.000Z ##

CVE-2026-28952: Apple macOS 26.5 Kernel Vuln found by Claude

Link: support.apple.com/en-us/127115
Discussion: news.ycombinator.com/item?id=4

##
hn50@social.lansky.name at 2026-05-26T01:15:06.000Z ##

CVE-2026-28952: Apple macOS 26.5 Kernel Vuln found by Claude

Link: support.apple.com/en-us/127115
Discussion: news.ycombinator.com/item?id=4

##
hnbot@chrispelli.fun at 2026-05-26T00:13:26.000Z ##

CVE-2026-28952: Apple macOS 26.5 Kernel Vuln found by Claude - support.apple.com/en-us/127115

#hackernews

##
h4ckernews@mastodon.social at 2026-05-26T00:12:12.000Z ##

CVE-2026-28952: Apple macOS 26.5 Kernel Vuln found by Claude

support.apple.com/en-us/127115

#HackerNews #CVE202628952 #Apple #macOS #Kernel #Vulnerability #CyberSecurity #Claude

##
CuratedHackerNews@mastodon.social at 2026-05-26T00:12:03.000Z ##

CVE-2026-28952: Apple macOS 26.5 Kernel Vuln found by Claude

support.apple.com/en-us/127115

#apple #macos

##

CVE-2026-28910
(3.3 LOW)

EPSS: 0.01%

updated 2026-05-13T00:49:16

1 posts

This issue was addressed with improved permissions checking. This issue is fixed in macOS Tahoe 26.4. A malicious app may be able to access arbitrary files.

psylo@infosec.exchange at 2026-05-25T08:35:35.000Z ##

@menos @wabetainfo @mysk

This macOS bug made it easy to exfiltrate WhatsApp chats. If it was encrypted , you'd need more tricks to decrypt the data:

mysk.blog/2026/05/19/cve-2026-

##

CVE-2026-26980
(9.4 CRITICAL)

EPSS: 63.49%

updated 2026-05-12T13:31:01

4 posts

### Impact A SQL injection vulnerability existed in Ghost's Content API that allowed unauthenticated attackers to read arbitrary data from the database. ### Vulnerable Versions This vulnerability is present in Ghost v3.24.0 to v6.19.0. ### Patches v6.19.1 contains a fix for this issue. **Note:** as this vulnerability lets an attacker gain access to a site's API keys, we recommend reviewing

Nuclei template

3 repos

https://github.com/vognik/CVE-2026-26980

https://github.com/Kulik-Labs-Development/Ghost-CMS-Code-Injection-Audit-CVE-2026-26980

https://github.com/dinosn/ghost-cve-2026-26980

tomshw@mastodon.social at 2026-05-26T11:05:09.000Z ##

⚠️ Un CMS molto usato finisce nel mirino: siti legittimi possono diventare trappole invisibili. Aggiornare, monitorare, verificare. #Cybersecurity #CMS

🔗 tomshw.it/hardware/ghost-cms-c

##
oversecurity@mastodon.social at 2026-05-26T10:40:33.000Z ##

Critical Ghost CMS Vulnerability Exploited to Hack 700+ Websites

A critical Ghost CMS vulnerability identified as CVE-2026-26980 has been exploited in a widespread cyber campaign that compromised more than 700...

🔗️ [Thecyberexpress] link.is.it/FdS8KE

##
beyondmachines1@infosec.exchange at 2026-05-25T11:01:07.000Z ##

Ghost CMS SQL Injection Flaw Exploited in Global ClickFix Malware Campaign

A critical SQL injection vulnerability in Ghost CMS (CVE-2026-26980) is being exploited to steal administrative keys and inject malicious 'ClickFix' scripts into over 700 websites. The campaign targets high-profile domains to deliver malware by tricking visitors into running malicious commands in their system terminal.

**If you run a Ghost CMS site, this is urgent. Check your version and update to version 6.19.1 or later. Then rotate all API keys and staff passwords since any credentials from before the patch may already be compromised. Also review your published articles for unauthorized scripts and check API logs for signs of suspicious activity.**
#cybersecurity #infosec #attack #activeexploit
beyondmachines.net/event_detai

##
teezeh@ieji.de at 2026-05-25T06:23:57.000Z ##

"A large-scale campaign is exploiting a critical SQL injection vulnerability (CVE-2026-26980) in Ghost CMS to inject malicious JavaScript code that triggers ClickFix attack flows.

The campaign was discovered by XLab threat intelligence researchers at Chinese cybersecurity company Qianxin, who confirmed impact on more than 700 domains, including university portals, AI/SaaS companies, media outlets, fintech firms, security sites, and personal blogs.

According to the researchers, threat actors planted malicious code on the websites of Harvard University, Oxford University, Auburn University, and DuckDuckGo."

bleepingcomputer.com/news/secu

##

CVE-2026-44895(CVSS UNKNOWN)

EPSS: 0.00%

updated 2026-05-09T00:10:30

2 posts

## SSE Transport Has No Authentication and Wildcard CORS, Exposing All 86 GitLab Tools Including Destructive Operations A review of `mcp-gitlab-server` at commit `80a7b4cf3fba6b55389c0ef491a48190f7c8996a` uncovered that the SSE HTTP transport — advertised in the README and comparison table as a differentiating feature — runs with no authentication and wildcard CORS on every endpoint. The maintain

offseq at 2026-05-27T00:00:35.815Z ##

🚨 CRITICAL: CVE-2026-44895 in yoda-digital mcp-gitlab-server (<0.6.0) allows unauthenticated access to a mutation-capable RPC endpoint, risking full GitLab resource compromise. Upgrade to 0.6.0+ ASAP. radar.offseq.com/threat/cve-20

##
offseq@infosec.exchange at 2026-05-27T00:00:35.000Z ##

🚨 CRITICAL: CVE-2026-44895 in yoda-digital mcp-gitlab-server (<0.6.0) allows unauthenticated access to a mutation-capable RPC endpoint, risking full GitLab resource compromise. Upgrade to 0.6.0+ ASAP. radar.offseq.com/threat/cve-20 #OffSeq #Vuln #GitLab #CVE202644895

##

CVE-2026-44843
(8.2 HIGH)

EPSS: 0.00%

updated 2026-05-08T23:07:34

2 posts

LangChain contains older runtime code paths that deserialize run inputs, run outputs, or other application-controlled payloads using overly broad object allowlists. These paths may call `load()` with `allowed_objects="all"`. This does not enable arbitrary Python object deserialization, but it does allow any trusted LangChain-serializable object to be revived, which is broader than these runtime pa

thehackerwire@mastodon.social at 2026-05-26T22:00:28.000Z ##

🟠 CVE-2026-44843 - High (8.2)

LangChain is a framework for building agents and LLM-powered applications. Prior to 0.3.85 and 1.3.3, LangChain contains older runtime code paths that deserialize run inputs, run outputs, or other application-controlled payloads using overly broad...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-05-26T22:00:28.000Z ##

🟠 CVE-2026-44843 - High (8.2)

LangChain is a framework for building agents and LLM-powered applications. Prior to 0.3.85 and 1.3.3, LangChain contains older runtime code paths that deserialize run inputs, run outputs, or other application-controlled payloads using overly broad...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-26928(CVSS UNKNOWN)

EPSS: 0.01%

updated 2026-04-02T15:31:40

2 posts

SzafirHost downloads necessary files in the context of the initiating web page. When called, SzafirHost updates its dynamic library. JAR files are correctly verified based on a list of trusted file hashes, and if a file was not on that list, it was checked to see if it had been digitally signed by the vendor. The application doesn't verify hash or vendor's digital signature of uploaded DLL, SO, JN

avolha@infosec.exchange at 2026-05-25T13:53:46.000Z ##

Na CONFidence 2026 Michał kończy właśnie opowieść o krytycznych lukach, które umożliwiały zalogowanie się na konto dowolnego obywatela w wielu kluczowych systemach administracji publicznej, a @zaufanatrzeciastrona opublikowała przed chwilą cykl artykułów jego autorstwa, dokładnie wyjaśniający problem. Zdecydowanie polecam (zarwałam noc, żeby je na czas skorygować ;-))

👉 Zdalne wykonanie kodu w SzafirHost – [CVE-2026-26928] [Badanie e-podpisów, cz. 1] – zaufanatrzeciastrona.pl/post/z
👉 Hakowanie e-Sądu YubiKeyem – [Badanie e-podpisów, cz. 2] – zaufanatrzeciastrona.pl/post/h
👉 Ominięcie uwierzytelniania w ZUS-ie i systemach e-Zdrowia, czyli o krok od cyberchaosu – [CVE-2026-9058] [Badanie e-podpisów, cz. 3] – zaufanatrzeciastrona.pl/post/o
👉 Podsumowanie: Krytyczna podatność umożliwiająca całkowite ominięcie logowania w ZUS-ie, e-Sądzie i systemach e-Zdrowia – zaufanatrzeciastrona.pl/post/p

#cyberbezpieczenstwo #cybersecurity #confidence

##
zaufanatrzeciastrona@infosec.exchange at 2026-05-25T13:34:30.000Z ##

Michał odkrył sposób na logowanie jako dowolny użytkownik do eZUS-u, E-Sądu, eZdrowia i innych rządowych systemów. Poczytajcie, bo to najgrubsze odkrycie tego roku w PL
1. zaufanatrzeciastrona.pl/post/z
2. zaufanatrzeciastrona.pl/post/h
3. zaufanatrzeciastrona.pl/post/o
4. zaufanatrzeciastrona.pl/post/p

##

CVE-2025-15284
(3.7 LOW)

EPSS: 0.07%

updated 2026-02-26T19:57:11.663000

1 posts

Improper Input Validation vulnerability in qs (parse modules) allows HTTP DoS.This issue affects qs: < 6.14.1. Summary The arrayLimit option in qs did not enforce limits for bracket notation (a[]=1&a[]=2), only for indexed notation (a[0]=1). This is a consistency bug; arrayLimit should apply uniformly across all array notations. Note: The default parameterLimit of 1000 effectively mitigates th

certvde@infosec.exchange at 2026-05-26T07:15:09.000Z ##

#OT #Advisory VDE-2026-009
JUMO: Multiple products affected by nodejs vulnerability

A vulnerability in the REST API of the JUMO device allows an attacker to trigger a denial‑of‑service (DoS) condition. Due to an incorrect implementation of the arrayLimit option in the Node.js qs module, limits for incoming request parameters are not properly enforced. As a result, an attacker can send specially crafted requests containing excessively large or deeply nested arrays, causing the web server to become unresponsive. This condition leads to a crash of the web server, followed by an automatic restart of the device.
#CVE CVE-2025-15284

certvde.com/en/advisories/vde-

#CSAF jumo.csaf-tp.certvde.com/.well

##

CVE-2026-3172
(8.1 HIGH)

EPSS: 0.06%

updated 2026-02-25T21:31:25

1 posts

Buffer overflow in parallel HNSW index build in pgvector 0.6.0 through 0.8.1 allows a database user to leak sensitive data from other relations or crash the database server.

mastokukei@social.josko.org at 2026-05-26T18:01:58.000Z ##

Blip blop, I'm a #mastobot.
Here is a summary (in beta) of the latest posts in #programmingAtKukei masto.kukei.eu/browse/programm category:
- **AI coding tools & agentic workflows**: GitHub Copilot, Claude Code, Cursor, DeepSeek Reasonix, and debates on AI’s impact on development (e.g., token efficiency, security risks).
- **PostgreSQL & pgvector**: Security patches (CVE-2026-3172), parallel HNSW index fixes, and pgBackRest’s multi-vendor funding model.
- **Open-source security [1/3]

##

CVE-2025-62582
(9.8 CRITICAL)

EPSS: 0.03%

updated 2026-01-20T16:58:23.900000

3 posts

Delta Electronics DIAView has multiple vulnerabilities.

EUVD_Bot@mastodon.social at 2026-05-26T22:00:46.000Z ##

🚨 EUVD-2026-31970

📊 Score: 9.8/10 (CVSS v3.1)
📦 Product: DIAView
🏢 Vendor: Delta Electronics
📅 Updated: 2026-05-26

📝 There is a mitigation bypass / (incomplete fix) for CVE-2025-62582 (Unauthenticated Remote Database Access)

An unauthenticated remote attacker can access configured databases in a DIAView project.

🔗 euvd.enisa.europa.eu/vulnerabi

#cybersecurity #infosec #euvd #cve #vulnerability

##
thehackerwire@mastodon.social at 2026-05-26T22:00:09.000Z ##

🔴 CVE-2026-9642 - Critical (9.8)

There is a mitigation bypass / (incomplete fix) for CVE-2025-62582 (Unauthenticated Remote Database Access)

An unauthenticated remote attacker can access configured databases in a DIAView project.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-05-26T22:00:09.000Z ##

🔴 CVE-2026-9642 - Critical (9.8)

There is a mitigation bypass / (incomplete fix) for CVE-2025-62582 (Unauthenticated Remote Database Access)

An unauthenticated remote attacker can access configured databases in a DIAView project.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-20286
(9.9 CRITICAL)

EPSS: 0.18%

updated 2025-06-04T18:30:58

1 posts

A vulnerability in Amazon Web Services (AWS), Microsoft Azure, and Oracle Cloud Infrastructure (OCI) cloud deployments of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to access sensitive data, execute limited administrative operations, modify system configurations, or disrupt services within the impacted systems. This vulnerability exists because credentia

hugovalters@mastodon.social at 2026-05-26T02:04:37.000Z ##

CVE-2025-20286 Critical flaw in Cisco ISE cloud deployments on AWS, Azure, OCI. Unauthenticated remote access to sensitive data, admin ops, config changes, or DoS. CVSS 9.9. No patch yet. Monitor immediately. #CVE #Cisco #infosec

valtersit.com/cve/CVE-2025-202

##

CVE-2025-46273
(9.8 CRITICAL)

EPSS: 0.58%

updated 2025-04-25T00:32:07

1 posts

UNI-NMS-Lite uses hard-coded credentials that could allow an unauthenticated attacker to gain administrative privileges to all UNI-NMS managed devices.

hugovalters@mastodon.social at 2026-05-26T18:11:12.000Z ##

CVE-2025-46273 - Critical Supply Chain Attack in Uni. Hard-coded credentials expose all managed devices to admin takeover. CVSS 9.8. No patch available yet. Isolate systems now. #CVE #infosec #supplychain

valtersit.com/cve/CVE-2025-462

##

CVE-2025-27740
(8.8 HIGH)

EPSS: 0.80%

updated 2025-04-08T18:35:03

1 posts

Weak authentication in Windows Active Directory Certificate Services allows an authorized attacker to elevate privileges over a network.

hugovalters@mastodon.social at 2026-05-27T02:01:44.000Z ##

CVE-2025-27740 - Critical auth bypass in Microsoft AD CS. Allows privilege escalation over network. CVSS 8.8. No patch yet. Mitigate immediately. #CVE #Microsoft #infosec

valtersit.com/cve/CVE-2025-277

##

CVE-2021-21735(CVSS UNKNOWN)

EPSS: 0.17%

updated 2023-01-29T05:06:59

1 posts

A ZTE product has an information leak vulnerability. Due to improper permission settings, an attacker with ordinary user permissions could exploit this vulnerability to obtain some sensitive user information through the wizard page without authentication. This affects ZXHN H168N all versions up to V3.5.0_EG1T4_TE.

1 repos

https://github.com/minanagehsalalma/cve-2021-21735-zte-zxhn-h168n-admin-compromise

_r_netsec@infosec.exchange at 2026-05-25T14:58:05.000Z ##

CVE-2021-21735: ZTE H168N wizard whitelist exposed PPPoE and WLAN secrets pre-auth minanagehsalalma.github.io/cve

##

CVE-2026-44905
(0 None)

EPSS: 0.00%

2 posts

N/A

thehackerwire@mastodon.social at 2026-05-26T23:00:18.000Z ##

🟠 CVE-2026-44905 - High (7.5)

Vanetza is an open-source implementation of the ETSI C-ITS protocol suite. In 26.02 and earlier, a denial-of-service vulnerability was identified in the cryptographic verification pipeline of Vanetza. When processing incoming V2X messages, the ASN...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-05-26T23:00:18.000Z ##

🟠 CVE-2026-44905 - High (7.5)

Vanetza is an open-source implementation of the ETSI C-ITS protocol suite. In 26.02 and earlier, a denial-of-service vulnerability was identified in the cryptographic verification pipeline of Vanetza. When processing incoming V2X messages, the ASN...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-70103
(0 None)

EPSS: 0.00%

2 posts

N/A

sigdevel at 2026-05-26T18:14:03.314Z ##

Security Advisory: CVE-2025-70103 - Heap-Based Buffer Overflow in libjxl / cjxl

A heap-based buffer overflow vulnerability was identified in JPEG XL libjxl when processing crafted PBM/PNM images.

Summary:
The vulnerability exists in `jxl::extras::DecodeImagePNM()` in `lib/extras/dec/pnm.cc`. When processing a specially crafted PBM/PNM image, insufficient validation of buffer sizes before memory copy operations may cause `memcpy()` to write past the end of an allocated heap buffer.

The issue was observed as a WRITE of 24 bytes at the end of a 16-byte heap region.

CWE:
CWE-122 - Heap-based Buffer Overflow
CWE-787 - Out-of-bounds Write

Affected product:
JPEG XL / libjxl

Affected component:
`lib/extras/dec/pnm.cc`
Function: `jxl::extras::DecodeImagePNM()`
Affected line: `pnm.cc:554`

Affected version:
The issue was reproduced in `cjxl v0.12.0` at commit `24357f189c233c03fb46368a142a0b2c1a949f9d`.

Attack conditions:
Exploitation requires the vulnerable application or library consumer to process a crafted PBM/PNM image. This can be triggered locally via `cjxl` or through software that exposes the `DecodeImagePNM` decoding path to attacker-controlled input.

Example reproduction command:
`./cjxl ./2_PBM_lib_extras_dec_pnm_cc_554 --disable_output`

Impact:
Successful exploitation may cause memory corruption and process termination. The confirmed impact is denial of service (DoS) due to a crash during image processing. No evidence of reliable arbitrary code execution has been identified.

Fix / mitigation status:
The upstream issue is closed. A mitigation/fix proposal was provided in PR `#4338`, adding additional buffer-size, row-boundary, pixel-size, offset, and extra-channel checks. Users are advised to update to a libjxl build that contains the relevant fix once available, or review and apply the mitigation from PR `#4338` where appropriate.

References:
Issue:
github.com/libjxl/libjxl/issue

Fix / mitigation PR:
github.com/libjxl/libjxl/pull/
github.com/libjxl/libjxl/commi

PoC:
github.com/sigdevel/pocs/blob/

Credit:
@sigdevel

##
sigdevel@infosec.exchange at 2026-05-26T18:14:03.000Z ##

Security Advisory: CVE-2025-70103 - Heap-Based Buffer Overflow in libjxl / cjxl

A heap-based buffer overflow vulnerability was identified in JPEG XL libjxl when processing crafted PBM/PNM images.

Summary:
The vulnerability exists in `jxl::extras::DecodeImagePNM()` in `lib/extras/dec/pnm.cc`. When processing a specially crafted PBM/PNM image, insufficient validation of buffer sizes before memory copy operations may cause `memcpy()` to write past the end of an allocated heap buffer.

The issue was observed as a WRITE of 24 bytes at the end of a 16-byte heap region.

CWE:
CWE-122 - Heap-based Buffer Overflow
CWE-787 - Out-of-bounds Write

Affected product:
JPEG XL / libjxl

Affected component:
`lib/extras/dec/pnm.cc`
Function: `jxl::extras::DecodeImagePNM()`
Affected line: `pnm.cc:554`

Affected version:
The issue was reproduced in `cjxl v0.12.0` at commit `24357f189c233c03fb46368a142a0b2c1a949f9d`.

Attack conditions:
Exploitation requires the vulnerable application or library consumer to process a crafted PBM/PNM image. This can be triggered locally via `cjxl` or through software that exposes the `DecodeImagePNM` decoding path to attacker-controlled input.

Example reproduction command:
`./cjxl ./2_PBM_lib_extras_dec_pnm_cc_554 --disable_output`

Impact:
Successful exploitation may cause memory corruption and process termination. The confirmed impact is denial of service (DoS) due to a crash during image processing. No evidence of reliable arbitrary code execution has been identified.

Fix / mitigation status:
The upstream issue is closed. A mitigation/fix proposal was provided in PR `#4338`, adding additional buffer-size, row-boundary, pixel-size, offset, and extra-channel checks. Users are advised to update to a libjxl build that contains the relevant fix once available, or review and apply the mitigation from PR `#4338` where appropriate.

References:
Issue:
github.com/libjxl/libjxl/issue

Fix / mitigation PR:
github.com/libjxl/libjxl/pull/
github.com/libjxl/libjxl/commi

PoC:
github.com/sigdevel/pocs/blob/

Credit:
@sigdevel

#fuzzing #infosec #security #afl #revers #cybersecurity #bugbounty #vulnerability #opensource #linux #cve #advisory

##

CVE-2026-43935
(0 None)

EPSS: 0.00%

1 posts

N/A

thehackerwire@mastodon.social at 2026-05-26T16:59:47.000Z ##

🟠 CVE-2026-43935 - High (8.1)

e107 is a content management system (CMS). Prior to 2.3.4, a Host Header Injection vulnerability in the password reset page allows attackers to manipulate the Host header to generate password reset links pointing to attacker-controlled domains. Th...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-33636
(0 None)

EPSS: 0.04%

1 posts

N/A

certvde@infosec.exchange at 2026-05-26T08:01:19.000Z ##

#OT #Advisory VDE-2026-053
METTLER TOLEDO: EVA Karl Fischer titrators affected by libpng vulnerabilities

Titration software versions prior to 2.0.2.6 are affected by libpng vulnerabilities CVE-2026-33416 and CVE-2026-33636.
#CVE CVE-2026-33636, CVE-2026-33416

certvde.com/en/advisories/vde-

#CSAF mettler-toledo.csaf-tp.certvde

##

CVE-2026-33416
(0 None)

EPSS: 0.02%

1 posts

N/A

certvde@infosec.exchange at 2026-05-26T08:01:19.000Z ##

#OT #Advisory VDE-2026-053
METTLER TOLEDO: EVA Karl Fischer titrators affected by libpng vulnerabilities

Titration software versions prior to 2.0.2.6 are affected by libpng vulnerabilities CVE-2026-33416 and CVE-2026-33636.
#CVE CVE-2026-33636, CVE-2026-33416

certvde.com/en/advisories/vde-

#CSAF mettler-toledo.csaf-tp.certvde

##

CVE-2026-40172
(0 None)

EPSS: 0.01%

1 posts

N/A

hugovalters@mastodon.social at 2026-05-25T18:25:29.000Z ##

Is your self-hosted network actually secure?
A brand new CVE-2026-40172 just dropped for Authentik, targeting Single Sign-On (SSO) gateways. Don't let hackers compromise your Proxmox cluster.More ww.valtersit.com/ #infosec #devops #proxmox #valtersit #CVE #CVEAlert #devsecops #hackers #sysadmins #sysadmin #developers

##
Visit counter For Websites