40
CVEs
26
Threats
0
News
2
Critical
1
CISA KEV
🛡 Security Vulnerabilities (CVE)
F5 BIG-IP — CVE-2025-53521
F5 BIG-IP APM contains a stack-based buffer overflow vulnerability that could allow a threat actor to achieve remote code execution.
Required Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or…
OpenBao is an open source identity-based secrets management system. Prior to version 2.5.2, OpenBao does not prompt for user confirmation when logging in via JWT/OIDC and a role with `callback_mode` set to `direct`. This allows an attacker to start an authentication request and p…
CVE-2026-4975
A vulnerability has been found in Tenda AC15 15.03.05.19. This affects the function formSetCfm of the file /goform/setcf
03:24 KSA
A vulnerability has been found in Tenda AC15 15.03.05.19. This affects the function formSetCfm of the file /goform/setcfm of the component POST Request Handler. The manipulation of the argument funcpara1 leads to stack-based buffer overflow. The attack can be initiated remotely. …
CVE-2026-33767
WWBN AVideo is an open source video platform. In versions up to and including 26.0, in `objects/like.php`, the `getLike(
03:24 KSA
WWBN AVideo is an open source video platform. In versions up to and including 26.0, in `objects/like.php`, the `getLike()` method constructs a SQL query using a prepared statement placeholder (`?`) for `users_id` but directly concatenates `$this->videos_id` into the query string …
CVE-2026-33735
MyTube is a self-hosted downloader and player for several video websites Prior to version 1.8.69, an authorization bypas
03:24 KSA
MyTube is a self-hosted downloader and player for several video websites Prior to version 1.8.69, an authorization bypass in the `/api/settings/import-database` endpoint allows attackers with low-privilege credentials to upload and replace the application's SQLite database entire…
CVE-2026-34386
Fleet is open source device management software. Prior to 4.81.0, a SQL injection vulnerability in Fleet's MDM bootstrap
21:26 KSA
Fleet is open source device management software. Prior to 4.81.0, a SQL injection vulnerability in Fleet's MDM bootstrap package configuration allows an authenticated user with Team Admin or Global Admin privileges to modify arbitrary team configurations, exfiltrate sensitive dat…
CVE-2026-29180
Fleet is open source device management software. Prior to 4.81.1, a broken access control vulnerability in Fleet's host
03:24 KSA
Fleet is open source device management software. Prior to 4.81.1, a broken access control vulnerability in Fleet's host transfer API allows a team maintainer to transfer hosts from any team into their own team, bypassing team isolation boundaries. Once transferred, the attacker g…
CVE-2026-4904
A vulnerability has been found in Tenda AC5 15.03.06.47. This issue affects the function formSetCfm of the file /goform/
03:24 KSA
A vulnerability has been found in Tenda AC5 15.03.06.47. This issue affects the function formSetCfm of the file /goform/setcfm of the component POST Request Handler. Such manipulation of the argument funcpara1 leads to stack-based buffer overflow. The attack may be launched remot…
CVE-2026-26060
Fleet is open source device management software. Prior to 4.81.0, a vulnerability in Fleet’s password management logic c
03:24 KSA
Fleet is open source device management software. Prior to 4.81.0, a vulnerability in Fleet’s password management logic could allow previously issued password reset tokens to remain valid after a user changes their password. As a result, a stale password reset token could be reuse…
CVE-2026-25099
Bludit’s API plugin allows an authenticated attacker with a valid API token to upload files of any type and extension wi
03:24 KSA
Bludit’s API plugin allows an authenticated attacker with a valid API token to upload files of any type and extension without restriction, which can then be executed, leading to Remote Code Execution.
This issue was fixed in 3.18.4.
CVE-2026-4905
A vulnerability was found in Tenda AC5 15.03.06.47. Impacted is the function formWifiWpsOOB of the file /goform/WifiWpsO
03:24 KSA
A vulnerability was found in Tenda AC5 15.03.06.47. Impacted is the function formWifiWpsOOB of the file /goform/WifiWpsOOB of the component POST Request Handler. Performing a manipulation of the argument index results in stack-based buffer overflow. Remote exploitation of the att…
CVE-2026-4906
A vulnerability was determined in Tenda AC5 15.03.06.47. The affected element is the function decodePwd of the file /gof
03:24 KSA
A vulnerability was determined in Tenda AC5 15.03.06.47. The affected element is the function decodePwd of the file /goform/WizardHandle of the component POST Request Handler. Executing a manipulation of the argument WANT/WANS can lead to stack-based buffer overflow. The attack c…
CVE-2026-4974
A flaw has been found in Tenda AC7 15.03.06.44. Affected by this issue is the function fromSetSysTime of the file /gofor
03:24 KSA
A flaw has been found in Tenda AC7 15.03.06.44. Affected by this issue is the function fromSetSysTime of the file /goform/SetSysTimeCfg of the component POST Request Handler. Executing a manipulation of the argument Time can lead to stack-based buffer overflow. It is possible to …
CVE-2019-25651
Ubiquiti UniFi Network Controller prior to 5.10.12 (excluding 5.6.42), UAP FW prior to 4.0.6, UAP-AC, UAP-AC v2, and UAP
03:24 KSA
Ubiquiti UniFi Network Controller prior to 5.10.12 (excluding 5.6.42), UAP FW prior to 4.0.6, UAP-AC, UAP-AC v2, and UAP-AC Outdoor FW prior to 3.8.17, USW FW prior to 4.0.6, USG FW prior to 4.4.34 uses AES-CBC encryption for device-to-controller communication, which contains cry…
CVE-2026-33941
Handlebars provides the power necessary to let users build semantic templates. In versions 4.0.0 through 4.7.8, the Hand
03:24 KSA
Handlebars provides the power necessary to let users build semantic templates. In versions 4.0.0 through 4.7.8, the Handlebars CLI precompiler (`bin/handlebars` / `lib/precompiler.js`) concatenates user-controlled strings — template file names and several CLI options — directly i…
CVE-2026-4248
The Ultimate Member plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and incl
03:24 KSA
The Ultimate Member plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.11.2. This is due to the '{usermeta:password_reset_link}' template tag being processed within post content via the '[um_loggedin]' shortcode, which gen…
CVE-2026-27309
Substance3D - Stager versions 3.1.7 and earlier are affected by a Use After Free vulnerability that could result in arbi
03:24 KSA
Substance3D - Stager versions 3.1.7 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2026-34391
Fleet is open source device management software. Prior to 4.81.1, a vulnerability in Fleet's Windows MDM command process
21:26 KSA
Fleet is open source device management software. Prior to 4.81.1, a vulnerability in Fleet's Windows MDM command processing allows a malicious enrolled device to access MDM commands intended for other devices, potentially exposing sensitive configuration data such as WiFi credent…
CVE-2026-34388
Fleet is open source device management software. Prior to 4.81.0, a denial-of-service vulnerability in Fleet's gRPC Laun
21:26 KSA
Fleet is open source device management software. Prior to 4.81.0, a denial-of-service vulnerability in Fleet's gRPC Launcher endpoint allows an authenticated host to crash the entire Fleet server process by sending an unexpected log type value. The server terminates immediately, …
CVE-2026-33871
Netty is an asynchronous, event-driven network application framework. In versions prior to 4.1.132.Final and 4.2.10.Fina
03:24 KSA
Netty is an asynchronous, event-driven network application framework. In versions prior to 4.1.132.Final and 4.2.10.Final, a remote user can trigger a Denial of Service (DoS) against a Netty HTTP/2 server by sending a flood of `CONTINUATION` frames. The server's lack of a limit o…
CVE-2026-33935
MyTube is a self-hosted downloader and player for several video websites Prior to version 1.8.72, an unauthenticated att
03:24 KSA
MyTube is a self-hosted downloader and player for several video websites Prior to version 1.8.72, an unauthenticated attacker can lock out administrator and visitor accounts from password-based authentication by triggering failed login attempts. The application exposes three pass…
CVE-2026-33867
WWBN AVideo is an open source video platform. In versions up to and including 26.0, AVideo allows content owners to pass
03:24 KSA
WWBN AVideo is an open source video platform. In versions up to and including 26.0, AVideo allows content owners to password-protect individual videos. The video password is stored in the database in plaintext — no hashing, salting, or encryption is applied. If an attacker gains …
CVE-2026-33699
pypdf is a free and open-source pure-python PDF library. Versions prior to 6.9.2 have a vulnerability in which an attack
03:24 KSA
pypdf is a free and open-source pure-python PDF library. Versions prior to 6.9.2 have a vulnerability in which an attacker can craft a PDF which leads to an infinite loop. This requires reading a file in non-strict mode. This has been fixed in pypdf 6.9.2. If users cannot upgrade…
CVE-2019-25652
UniFi Network Controller before version 5.10.22 and 5.11.x before 5.11.18 contains an improper certificate verification
03:24 KSA
UniFi Network Controller before version 5.10.22 and 5.11.x before 5.11.18 contains an improper certificate verification vulnerability that allows adjacent network attackers to conduct man-in-the-middle attacks by presenting a false SSL certificate during SMTP connections. Attacke…
CVE-2026-26061
Fleet is open source device management software. Prior to 4.81.0, Fleet contained multiple unauthenticated HTTP endpoint
03:24 KSA
Fleet is open source device management software. Prior to 4.81.0, Fleet contained multiple unauthenticated HTTP endpoints that read request bodies without enforcing a size limit. An unauthenticated attacker could exploit this behavior by sending large or repeated HTTP payloads, c…
CVE-2026-33745
cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.39.0, the cpp-httplib HTTP
03:24 KSA
cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.39.0, the cpp-httplib HTTP client forwards stored Basic Auth, Bearer Token, and Digest Auth credentials to arbitrary hosts when following cross-origin HTTP redirects (301/302/307/308). A …
CVE-2026-4908
A security flaw has been discovered in code-projects Simple Laundry System 1.0. This affects an unknown function of the
03:24 KSA
A security flaw has been discovered in code-projects Simple Laundry System 1.0. This affects an unknown function of the file /modstaffinfo.php of the component Parameter Handler. The manipulation of the argument userid results in sql injection. The attack may be performed from re…
CVE-2026-4955
A vulnerability was found in Shenzhen Ruiming Technology Streamax Crocus 1.3.44. This impacts an unknown function of the
03:24 KSA
A vulnerability was found in Shenzhen Ruiming Technology Streamax Crocus 1.3.44. This impacts an unknown function of the file /OperateStatistic.do. The manipulation of the argument VehicleID results in sql injection. The attack can be launched remotely. The exploit has been made …
CVE-2026-4956
A vulnerability was detected in Shenzhen Ruiming Technology Streamax Crocus 1.3.44. The affected element is an unknown f
03:24 KSA
A vulnerability was detected in Shenzhen Ruiming Technology Streamax Crocus 1.3.44. The affected element is an unknown function of the file /DevicePrint.do?Action=ReadTask of the component Parameter Handler. The manipulation of the argument State results in sql injection. The att…
CVE-2026-4959
A vulnerability was found in OpenBMB XAgent 1.0.0. This impacts the function check_user of the file XAgentServer/applica
03:24 KSA
A vulnerability was found in OpenBMB XAgent 1.0.0. This impacts the function check_user of the file XAgentServer/application/websockets/share.py of the component ShareServer WebSocket Endpoint. Performing a manipulation of the argument interaction_id results in missing authentica…
CVE-2025-15616
Wazuh wazuh-agent and wazuh-manager versions 2.1.0 before 4.8.0 contain multiple shell injection and untrusted search pa
02:36 KSA
Wazuh wazuh-agent and wazuh-manager versions 2.1.0 before 4.8.0 contain multiple shell injection and untrusted search path vulnerabilities that allow attackers to execute arbitrary commands through various components including logcollector configuration, maild SMTP server tags, a…
CVE-2026-3098
The Smart Slider 3 plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 3.5.1
02:36 KSA
The Smart Slider 3 plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 3.5.1.33 via the 'actionExportAll' function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to read the contents of arbi…
CVE-2025-15617
Wazuh version 4.12.0 contains an exposure vulnerability in GitHub Actions workflow artifacts that allows attackers to ex
02:36 KSA
Wazuh version 4.12.0 contains an exposure vulnerability in GitHub Actions workflow artifacts that allows attackers to extract the GITHUB_TOKEN from uploaded artifacts. Attackers can use the exposed token within a limited time window to perform unauthorized actions such as pushing…
CVE-2026-4907
A vulnerability was identified in Page-Replica Page Replica up to e4a7f52e75093ee318b4d5a9a9db6751050d2ad0. The impacted
02:36 KSA
A vulnerability was identified in Page-Replica Page Replica up to e4a7f52e75093ee318b4d5a9a9db6751050d2ad0. The impacted element is the function sitemap.fetch of the file /sitemap of the component Endpoint. The manipulation of the argument url leads to server-side request forgery…
CVE-2026-4970
A security flaw has been discovered in code-projects Social Networking Site 1.0. This affects an unknown function of the
02:36 KSA
A security flaw has been discovered in code-projects Social Networking Site 1.0. This affects an unknown function of the file delete_photos.php of the component Endpoint. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploi…
CVE-2025-15615
Wazuh Manager authd service in wazuh-manager packages through version 4.7.3 contains an improper restriction of client-i
02:36 KSA
Wazuh Manager authd service in wazuh-manager packages through version 4.7.3 contains an improper restriction of client-initiated SSL/TLS renegotiation vulnerability that allows remote attackers to cause a denial of service by sending excessive renegotiation requests. Attackers ca…
CVE-2026-32983
Wazuh Manager authd service in wazuh-manager packages through version 4.7.3 contains an improper restriction of client-i
02:36 KSA
Wazuh Manager authd service in wazuh-manager packages through version 4.7.3 contains an improper restriction of client-initiated SSL/TLS renegotiation vulnerability that allows remote attackers to cause a denial of service by sending excessive renegotiation requests. Attackers ca…
CVE-2026-4948
A flaw was found in firewalld. A local unprivileged user can exploit this vulnerability by mis-authorizing two runtime D
02:36 KSA
A flaw was found in firewalld. A local unprivileged user can exploit this vulnerability by mis-authorizing two runtime D-Bus (Desktop Bus) setters, setZoneSettings2 and setPolicySettings. This mis-authorization allows the user to modify the runtime firewall state without proper a…
CVE-2026-32859
ByteDance Deer-Flow versions prior to commit 5dbb362 contain a stored cross-site scripting vulnerability in the artifact
02:36 KSA
ByteDance Deer-Flow versions prior to commit 5dbb362 contain a stored cross-site scripting vulnerability in the artifacts API that allows attackers to execute arbitrary scripts by uploading malicious HTML or script content as artifacts. Attackers can store malicious content that …
CVE-2026-34411
Appsmith versions prior to 1.98 expose sensitive instance management API endpoints without authentication. Unauthenticat
02:36 KSA
Appsmith versions prior to 1.98 expose sensitive instance management API endpoints without authentication. Unauthenticated attackers can query endpoints like /api/v1/consolidated-api/view and /api/v1/tenants/current to retrieve configuration metadata, license information, and uns…
⚠️ Threat Intelligence
26 threats
rss:The Hacker News
—
17:58 KSA
<strong>LangChain, LangGraph Flaws Expose Files, Secrets, Databases in Widely Used AI Frameworks</strong>
Three critical vulnerabilities discovered in LangChain and LangGraph AI frameworks could allow attackers to access filesystem data, environment secrets, and conversation his…
rss:The Hacker News
—
16:54 KSA
<strong>Bearlyfy Hits Russian Firms with Custom GenieLocker Ransomware</strong>
Pro-Ukrainian hacktivist group Bearlyfy has conducted over 70 cyberattacks against Russian companies since January 2025, deploying custom GenieLocker ransomware. These attacks represent politically-m…
rss:The Hacker News
—
16:54 KSA
<strong>We Are At War</strong>
Rising geopolitical tensions are increasingly manifested through cyber operations, with technology becoming a politicized domain. The article discusses how cyber warfare has become integral to modern conflicts and the fragmentation of global tech p…
rss:The Hacker News
—
16:54 KSA
<strong>AitM Phishing Targets TikTok Business Accounts Using Cloudflare Turnstile Evasion</strong>
Cybercriminals are deploying adversary-in-the-middle (AitM) phishing attacks to hijack TikTok Business accounts by evading Cloudflare Turnstile protections. Business social media a…
rss:The Hacker News
—
15:52 KSA
<strong>Open VSX Bug Let Malicious VS Code Extensions Bypass Pre-Publish Security Checks</strong>
A patched vulnerability in Open VSX's pre-publish scanning pipeline allowed malicious VS Code extensions to bypass security checks and be published to the registry. The flaw in the …
rss:The Hacker News
—
15:52 KSA
<strong>TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files</strong>
TeamPCP threat actor compromised the telnyx Python package on PyPI by publishing malicious versions 4.87.1 and 4.87.2 that steal sensitive data. The malware is hidden within WAV audio f…
rss:Dark Reading
—
14:48 KSA
<strong>Google Sets 2029 Deadline for Quantum-Safe Cryptography</strong>
Google has announced a 2029 deadline for completing migration to post-quantum cryptography (PQC) across its systems. This proactive timeline reflects the urgency of preparing cryptographic defenses against …
rss:BleepingComputer
—
04:36 KSA
<strong>Dutch Police discloses security breach after phishing attack</strong>
Dutch National Police experienced a security breach from a successful phishing attack. The incident had limited impact and did not compromise citizen data, demonstrating the ongoing threat of social en…
rss:BleepingComputer
—
03:32 KSA
<strong>Windows 11 KB5079391 update rolls out Smart App Control improvements</strong>
Microsoft released KB5079391 preview update for Windows 11 with 29 improvements including Smart App Control enhancements. This security feature helps protect against malware and untrusted appli…
rss:BleepingComputer
—
03:32 KSA
<strong>Anti-piracy coalition takes down AnimePlay app with 5 million users</strong>
The Alliance for Creativity and Entertainment shut down AnimePlay, an illegal anime streaming platform with 5 million users. While primarily a copyright enforcement action, it demonstrates coord…
rss:BleepingComputer
—
03:32 KSA
<strong>European Commission investigating breach after Amazon cloud account hack</strong>
The European Commission is investigating a security breach after unauthorized access to its Amazon cloud environment. This incident highlights risks to government cloud infrastructure and p…
rss:SecurityWeek
—
02:28 KSA
<strong>Coruna iOS Exploit Kit Likely an Update to Operation Triangulation</strong>
Coruna iOS exploit kit contains an updated kernel exploit from Operation Triangulation, a sophisticated APT campaign from three years ago. This represents a continued threat to iOS devices throug…
rss:SecurityWeek
—
02:28 KSA
<strong>CISA Flags Critical PTC Vulnerability That Had German Police Mobilized</strong>
CISA flagged a critical vulnerability (CVE-2026-4681) in PTC Windchill software that prompted German police to physically visit organizations to warn them. The severity of this flaw necessita…
rss:SecurityWeek
—
01:17 KSA
<strong>RSAC 2026 Conference Announcements Summary (Days 3-4)</strong>
Summary of vendor announcements and product releases from the third and fourth days of the RSA Conference 2026. The conference showcases latest cybersecurity technologies, solutions, and industry trends relev…
rss:SecurityWeek
—
01:17 KSA
<strong>TP-Link Patches High-Severity Router Vulnerabilities</strong>
TP-Link has released security patches for high-severity vulnerabilities in their routers that could allow attackers to bypass authentication mechanisms, execute arbitrary commands, and decrypt configuration fi…
rss:The Hacker News
—
06:02 KSA
<strong>Apple Sends Lock Screen Alerts to Outdated iPhones Over Active Web-Based Exploits</strong>
Apple is sending lock screen notifications to users with outdated iOS and iPadOS versions warning of active web-based attacks. This proactive measure aims to protect users from ong…
rss:SecurityWeek
—
06:02 KSA
<strong>OpenAI Launches Bug Bounty Program for Abuse and Safety Risks</strong>
OpenAI launched a bug bounty program focused on abuse and safety risks in its AI systems. The program rewards researchers who identify design or implementation flaws that could lead to material harm, …
rss:SecurityWeek
—
06:02 KSA
<strong>In Other News: Palo Alto Recruiter Scam, Anti-Deepfake Chip, Google Sets 2029 Quantum Deadline</strong>
Multiple cybersecurity incidents reported including a Palo Alto recruiter scam, Heritage Bank data breach, and LA Metro service disruptions. The State Department has e…
rss:SecurityWeek
—
06:02 KSA
<strong>Pro-Iranian Hacking Group Claims Credit for Hack of FBI Director Kash Patel’s Personal Account</strong>
A pro-Iranian hacking group claimed responsibility for breaching FBI Director Kash Patel's personal account, releasing emails and documents for download. This represen…
rss:Malwarebytes Lab
—
06:01 KSA
<strong>Bogus Avast website fakes virus scan, installs Venom Stealer instead</strong>
A fraudulent website impersonating Avast antivirus performs fake virus scans and tricks users into installing Venom Stealer malware. The stealer targets passwords, browser session data, and cry…
rss:Malwarebytes Lab
—
06:01 KSA
<strong>Criminals are renting virtual phones to bypass bank security</strong>
Cybercriminals are exploiting virtual phone services to bypass banking fraud detection systems. These virtual devices appear legitimate enough to fool bank security measures, enabling unauthorized acce…
rss:Dark Reading
—
06:01 KSA
<strong>Infrastructure Attacks With Physical Consequences Down 25%</strong>
Attacks on operational technology (OT) systems at industrial and critical infrastructure sites have decreased 25%, attributed to reduced ransomware activity and attackers' limited knowledge of OT environ…
rss:Dark Reading
—
06:01 KSA
<strong>Wartime Usage of Compromised IP Cameras Highlight Their Danger</strong>
Multiple nation-states are exploiting compromised Internet-connected cameras for espionage operations within adversary territories. Organizations must implement stronger security measures and monitor…
rss:Dark Reading
—
06:01 KSA
<strong>China Upgrades the Backdoor It Uses to Spy on Telcos Globally</strong>
Chinese APT group Red Menshen has upgraded BPFdoor malware to evade traditional cybersecurity defenses, specifically targeting telecommunications companies worldwide. The advanced backdoor poses signi…
rss:BleepingComputer
—
06:00 KSA
<strong>Fake VS Code alerts on GitHub spread malware to developers</strong>
A large-scale campaign is targeting developers on GitHub through fake Visual Studio Code security alerts posted in project Discussion sections. Attackers impersonate legitimate security warnings to trick…
rss:BleepingComputer
—
06:00 KSA
<strong>Agentic GRC: Teams Get the Tech. The Mindset Shift Is What's Missing.</strong>
Agentic GRC (Governance, Risk, and Compliance) systems automate workflows but require organizational mindset shifts from operational execution to strategic risk leadership. The article di…
📰 Cybersecurity News
0 articles
No news aggregated today yet
This digest is updated automatically every day — Last updated: Friday, March 27, 2026
CVE Archive ·
Threats ·
News