130
CVEs
47
Threats
0
News
56
Critical
55
CISA KEV
🛡 Security Vulnerabilities (CVE)
Microsoft Office — CVE-2009-0238
Microsoft Office Excel contains a remote code execution vulnerability that could allow an attacker to take complete control of an affected system if a user opens a specially crafted Excel file that includes a malformed object.
Required Action: Ap…
Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability — The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code on an affected system or c…
Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability — The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code on an affected system or c…
Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability — The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code on an affected system or c…
Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability — The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code.
CVE-2019-18426
WhatsApp Cross-Site Scripting Vulnerability — A vulnerability in WhatsApp Desktop when paired with WhatsApp for iPhone a
11:01 KSA
WhatsApp Cross-Site Scripting Vulnerability — A vulnerability in WhatsApp Desktop when paired with WhatsApp for iPhone allows cross-site scripting and local file reading.
CVE-2019-18935
Progress Telerik UI for ASP.NET AJAX Deserialization of Untrusted Data Vulnerability — Progress Telerik UI for ASP.NET A
11:01 KSA
Progress Telerik UI for ASP.NET AJAX Deserialization of Untrusted Data Vulnerability — Progress Telerik UI for ASP.NET AJAX contains a deserialization of untrusted data vulnerability through RadAsyncUpload which leads to code execution on the server in the context of the w3wp.exe…
CVE-2019-18988
TeamViewer Desktop Bypass Remote Login Vulnerability — TeamViewer Desktop allows for bypass of remote-login access contr
11:01 KSA
TeamViewer Desktop Bypass Remote Login Vulnerability — TeamViewer Desktop allows for bypass of remote-login access control because the same AES key is used for different customers' installations. If an attacker were to know this key, they could decrypt protected information store…
CVE-2019-19356
Netis WF2419 Devices Remote Code Execution Vulnerability — Netis WF2419 devices contains an unspecified vulnerability th
11:01 KSA
Netis WF2419 Devices Remote Code Execution Vulnerability — Netis WF2419 devices contains an unspecified vulnerability that allows an attacker to perform remote code execution as root through the router's web management page.
CVE-2019-19781
Citrix ADC, Gateway, and SD-WAN WANOP Appliance Code Execution Vulnerability — Citrix ADC, Citrix Gateway, and multiple
11:01 KSA
Citrix ADC, Gateway, and SD-WAN WANOP Appliance Code Execution Vulnerability — Citrix ADC, Citrix Gateway, and multiple Citrix SD-WAN WANOP appliance models contain an unspecified vulnerability that could allow an unauthenticated attacker to perform code execution.
CVE-2019-20085
TVT NVMS-1000 Directory Traversal Vulnerability — TVT devices utilizing NVMS-1000 software contain a directory traversal
11:01 KSA
TVT NVMS-1000 Directory Traversal Vulnerability — TVT devices utilizing NVMS-1000 software contain a directory traversal vulnerability via GET /.. requests.
CVE-2019-20500
D-Link DWL-2600AP Access Point Command Injection Vulnerability — D-Link DWL-2600AP access point contains an authenticate
11:01 KSA
D-Link DWL-2600AP Access Point Command Injection Vulnerability — D-Link DWL-2600AP access point contains an authenticated command injection vulnerability via the Save Configuration functionality in the Web interface, using shell metacharacters in the admin.cgi?action=config_save …
CVE-2019-2215
Android Kernel Use-After-Free Vulnerability — Android Kernel contains a use-after-free vulnerability in binder.c that al
11:01 KSA
Android Kernel Use-After-Free Vulnerability — Android Kernel contains a use-after-free vulnerability in binder.c that allows for privilege escalation from an application to the Linux Kernel. This vulnerability was observed chained with CVE-2020-0041 and CVE-2020-0069 under exploi…
CVE-2019-2725
Oracle WebLogic Server, Injection — Injection vulnerability in the Oracle WebLogic Server component of Oracle Fusion Mid
11:01 KSA
Oracle WebLogic Server, Injection — Injection vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services).
CVE-2019-3010
Oracle Solaris Privilege Escalation Vulnerability — Oracle Solaris component: XScreenSaver contains an unspecified vulne
11:01 KSA
Oracle Solaris Privilege Escalation Vulnerability — Oracle Solaris component: XScreenSaver contains an unspecified vulnerability that allows for privilege escalation.
CVE-2019-3396
Atlassian Confluence Server and Data Center Server-Side Template Injection Vulnerability — Atlassian Confluence Server a
11:01 KSA
Atlassian Confluence Server and Data Center Server-Side Template Injection Vulnerability — Atlassian Confluence Server and Data Center contain a server-side template injection vulnerability that may allow an attacker to achieve path traversal and remote code execution.
CVE-2019-3398
Atlassian Confluence Server and Data Center Path Traversal Vulnerability — Atlassian Confluence Server and Data Center c
11:01 KSA
Atlassian Confluence Server and Data Center Path Traversal Vulnerability — Atlassian Confluence Server and Data Center contain a path traversal vulnerability in the downloadallattachments resource that may allow a privileged, remote attacker to write files. Exploitation can lead …
CVE-2019-3568
WhatsApp VOIP Stack Buffer Overflow Vulnerability — A buffer overflow vulnerability in WhatsApp VOIP stack allowed remot
11:01 KSA
WhatsApp VOIP Stack Buffer Overflow Vulnerability — A buffer overflow vulnerability in WhatsApp VOIP stack allowed remote code execution via specially crafted series of RTCP packets sent to a target phone number.
CVE-2019-3929
Crestron Multiple Products Command Injection Vulnerability — Multiple Crestron products are vulnerable to command inject
11:01 KSA
Crestron Multiple Products Command Injection Vulnerability — Multiple Crestron products are vulnerable to command injection via the file_transfer.cgi HTTP endpoint. A remote, unauthenticated attacker can use this vulnerability to execute operating system commands as root.
CVE-2019-4716
IBM Planning Analytics Remote Code Execution Vulnerability — IBM Planning Analytics is vulnerable to a configuration ove
11:01 KSA
IBM Planning Analytics Remote Code Execution Vulnerability — IBM Planning Analytics is vulnerable to a configuration overwrite that allows an unauthenticated user to login as "admin", and then execute code as root or SYSTEM via TM1 scripting.
CVE-2019-5418
Rails Ruby on Rails Path Traversal Vulnerability — Rails Ruby on Rails contains a path traversal vulnerability in Action
11:01 KSA
Rails Ruby on Rails Path Traversal Vulnerability — Rails Ruby on Rails contains a path traversal vulnerability in Action View. Specially crafted accept headers in combination with calls to `render file:` can cause arbitrary files on the target server to be rendered, disclosing th…
CVE-2019-5544
VMware ESXi and Horizon DaaS OpenSLP Heap-Based Buffer Overflow Vulnerability — VMware ESXi and Horizon Desktop as a Ser
11:01 KSA
VMware ESXi and Horizon DaaS OpenSLP Heap-Based Buffer Overflow Vulnerability — VMware ESXi and Horizon Desktop as a Service (DaaS) OpenSLP contains a heap-based buffer overflow vulnerability that allows an attacker with network access to port 427 to overwrite the heap of the Ope…
CVE-2019-5591
Fortinet FortiOS Default Configuration Vulnerability — Fortinet FortiOS contains a default configuration vulnerability t
11:01 KSA
Fortinet FortiOS Default Configuration Vulnerability — Fortinet FortiOS contains a default configuration vulnerability that may allow an unauthenticated attacker on the same subnet to intercept sensitive information by impersonating the Lightweight Directory Access Protocol (LDAP…
CVE-2019-5786
Google Chrome Blink Use-After-Free Vulnerability — Google Chrome Blink contains a heap use-after-free vulnerability that
11:01 KSA
Google Chrome Blink Use-After-Free Vulnerability — Google Chrome Blink contains a heap use-after-free vulnerability that allows an attacker to potentially perform out of bounds memory access via a crafted HTML page.
Wazuh Server Deserialization of Untrusted Data Vulnerability — Wazuh contains a deserialization of untrusted data vulnerability that allows for remote code execution on Wazuh servers.
Microsoft Windows NTLM Hash Disclosure Spoofing Vulnerability — Microsoft Windows NTLM contains an external control of file name or path vulnerability that allows an unauthorized attacker to perform spoofing over a network.
Apple Multiple Products Use-After-Free Vulnerability — Apple iOS, macOS, and other Apple products contain a user-after-free vulnerability that could allow a malicious application to elevate privileges.
Apple iOS and iPadOS Incorrect Authorization Vulnerability — Apple iOS and iPadOS contains an incorrect authorization vulnerability that allows a physical attacker to disable USB Restricted Mode on a locked device.
Apple Multiple Products WebKit Out-of-Bounds Write Vulnerability — Apple iOS, iPadOS, macOS, and other Apple products contain an out-of-bounds write vulnerability in WebKit that may allow maliciously crafted web content to break out of Web Content sandbox. This vulnerability coul…
CVE-2025-24472
Fortinet FortiOS/FortiProxy Authentication Bypass - Super-Admin Privilege Escalation
11:01 KSA
Fortinet FortiOS and FortiProxy Authentication Bypass Vulnerability — Fortinet FortiOS and FortiProxy contain an authentication bypass vulnerability that allows a remote attacker to gain super-admin privileges via crafted CSF proxy requests.
Apache Tomcat Path Equivalence Vulnerability — Apache Tomcat contains a path equivalence vulnerability that allows a remote attacker to execute code, disclose information, or inject malicious content via a partial PUT request.
XWiki Platform Eval Injection Vulnerability — XWiki Platform contains an eval injection vulnerability that could allow any guest to perform arbitrary remote code execution through a request to SolrSearch.
Microsoft Windows Win32k Use-After-Free Vulnerability — Microsoft Windows Win32 Kernel Subsystem contains a use-after-free vulnerability that allows an authorized attacker to elevate privileges locally.
Microsoft Windows NTFS Information Disclosure Vulnerability — Microsoft Windows New Technology File System (NTFS) contains an insertion of sensitive Information into log file vulnerability that allows an unauthorized attacker to disclose information with a physical attack. An att…
Microsoft Windows Fast FAT File System Driver Integer Overflow Vulnerability — Microsoft Windows Fast FAT File System Driver contains an integer overflow or wraparound vulnerability that allows an unauthorized attacker to execute code locally.
Microsoft Power Pages Improper Access Control Vulnerability — Microsoft Power Pages contains an improper access control vulnerability that allows an unauthorized attacker to elevate privileges over a network potentially bypassing the user registration control.
CVE-2025-24990
Windows Agere Modem Driver Untrusted Pointer Dereference Privilege Escalation
11:01 KSA
Microsoft Windows Untrusted Pointer Dereference Vulnerability — Microsoft Windows Agere Modem Driver contains an untrusted pointer dereference vulnerability that allows for privilege escalation. An attacker who successfully exploited this vulnerability could gain administrator pr…
Microsoft Windows NTFS Out-Of-Bounds Read Vulnerability — Microsoft Windows New Technology File System (NTFS) contains an out-of-bounds read vulnerability that allows an authorized attacker to disclose information locally.
Microsoft Windows NTFS Heap-Based Buffer Overflow Vulnerability — Microsoft Windows New Technology File System (NTFS) contains a heap-based buffer overflow vulnerability that allows an unauthorized attacker to execute code locally.
Advantive VeraCore SQL Injection Vulnerability — Advantive VeraCore contains a SQL injection vulnerability in timeoutWarning.asp that allows a remote attacker to execute arbitrary SQL commands via the PmSess1 parameter.
Microsoft Windows Scripting Engine Type Confusion Vulnerability — Microsoft Windows Scripting Engine contains a type confusion vulnerability that allows an unauthorized attacker to execute code over a network via a specially crafted URL.
Microsoft Windows DWM Core Library Use-After-Free Vulnerability — Microsoft Windows DWM Core Library contains a use-after-free vulnerability that allows an authorized attacker to elevate privileges locally.
Gladinet CentreStack and Triofox Use of Hard-coded Cryptographic Key Vulnerability — Gladinet CentreStack and Triofox contains a use of hard-coded cryptographic key vulnerability in the way that the application manages keys used for ViewState integrity verification. Successful ex…
Versa Concerto Improper Authentication Vulnerability — Versa Concerto SD-WAN orchestration platform contains an improper authentication vulnerability in the Traefik reverse proxy configuration, allowing at attacker to access administrative endpoints. The internal Actuator endpoin…
CVE-2025-34028
Commvault Command Center Unauthenticated Remote Code Execution via Path Traversal
11:01 KSA
Commvault Command Center Path Traversal Vulnerability — Commvault Command Center contains a path traversal vulnerability that allows a remote, unauthenticated attacker to execute arbitrary code.
Craft CMS External Control of Assumed-Immutable Web Parameter Vulnerability — Craft CMS contains an external control of assumed-immutable web parameter vulnerability. This vulnerability could allow an unauthenticated client to introduce arbitrary values, such as PHP code, to a kn…
Hewlett Packard Enterprise (HPE) OneView Code Injection Vulnerability — Hewlett Packard Enterprise (HPE) OneView contains a code injection vulnerability that allows a remote unauthenticated user to perform remote code execution.
Linux Kernel Time-of-Check Time-of-Use (TOCTOU) Race Condition Vulnerability — Linux kernel contains a time-of-check time-of-use (TOCTOU) race condition vulnerability that has a high impact on confidentiality, integrity, and availability.
TeleMessage TM SGNL Hidden Functionality Vulnerability — TeleMessage TM SGNL contains a hidden functionality vulnerability in which the archiving backend holds cleartext copies of messages from TM SGNL application users.
Android Runtime Use-After-Free Vulnerability — Android Runtime contains a use-after-free vulnerability potentially allowing a chrome sandbox escape leading to local privilege escalation.
Android Framework Privilege Escalation Vulnerability — Android Framework contains an unspecified vulnerability that allows for privilege escalation.
SmarterTools SmarterMail Unrestricted Upload of File with Dangerous Type Vulnerability — SmarterTools SmarterMail contains an unrestricted upload of file with dangerous type vulnerability that could allow an unauthenticated attacker to upload arbitrary files to any location on th…
ASUS Live Update Embedded Malicious Code Vulnerability — ASUS Live Update contains an embedded malicious code vulnerability client were distributed with unauthorized modifications introduced through a supply chain compromise. The modified builds could cause devices meeting specif…
CVE-2025-59689
Libraesva Email Security Gateway Command Injection via Compressed Attachments
11:01 KSA
Libraesva Email Security Gateway Command Injection Vulnerability — Libraesva Email Security Gateway (ESG) contains a command injection vulnerability which allows command injection via a compressed e-mail attachment.
CVE-2025-59718
Fortinet Cryptographic Signature Verification Bypass in FortiOS, FortiSwitchMaster, FortiProxy, FortiWeb
11:01 KSA
Fortinet Multiple Products Improper Verification of Cryptographic Signature Vulnerability — Fortinet FortiOS, FortiSwitchMaster, FortiProxy, and FortiWeb contain an improper verification of cryptographic signature vulnerability that may allow an unauthenticated attacker to bypass…
Nix is a package manager for Linux and other Unix systems. A bug in the fix for CVE-2024-27297 allowed for arbitrary overwrites of files writable by the Nix process orchestrating the builds (typically the Nix daemon running as root in multi-user installations) by following symlin…
CVE-2026-35643
OpenClaw before 2026.3.22 contains an unvalidated WebView JavascriptInterface vulnerability allowing attackers to inject
08:18 KSA
OpenClaw before 2026.3.22 contains an unvalidated WebView JavascriptInterface vulnerability allowing attackers to inject arbitrary instructions. Untrusted pages can invoke the canvas bridge to execute malicious code within the Android application context.
CVE-2026-35663
OpenClaw before 2026.3.25 contains a privilege escalation vulnerability allowing non-admin operators to self-request bro
16:36 KSA
OpenClaw before 2026.3.25 contains a privilege escalation vulnerability allowing non-admin operators to self-request broader scopes during backend reconnect. Attackers can bypass pairing requirements to reconnect as operator.admin, gaining unauthorized administrative privileges.
CVE-2026-35666
OpenClaw before 2026.3.22 contains an allowlist bypass vulnerability in system.run approvals that fails to unwrap /usr/b
22:47 KSA
OpenClaw before 2026.3.22 contains an allowlist bypass vulnerability in system.run approvals that fails to unwrap /usr/bin/time wrappers. Attackers can bypass executable binding restrictions by using an unregistered time wrapper to reuse approval state for inner commands.
CVE-2026-35669
OpenClaw before 2026.3.25 contains a privilege escalation vulnerability in gateway-authenticated plugin HTTP routes that
22:47 KSA
OpenClaw before 2026.3.25 contains a privilege escalation vulnerability in gateway-authenticated plugin HTTP routes that incorrectly mint operator.admin runtime scope regardless of caller-granted scopes. Attackers can exploit this scope boundary bypass to gain elevated privileges…
CVE-2026-5144
The BuddyPress Groupblog plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including
22:47 KSA
The BuddyPress Groupblog plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.9.3. This is due to the group blog settings handler accepting the `groupblog-blogid`, `default-member`, and `groupblog-silent-add` parameters from user inpu…
CVE-2026-5617
The Login as User plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.0.3
13:54 KSA
The Login as User plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.0.3. This is due to the handle_return_to_admin() function trusting a client-controlled cookie (oclaup_original_admin) to determine which user to authenticate as, w…
CVE-2026-6120
A vulnerability was detected in Tenda F451 1.0.0.7. Affected is the function fromDhcpListClient of the file /goform/Dhcp
22:47 KSA
A vulnerability was detected in Tenda F451 1.0.0.7. Affected is the function fromDhcpListClient of the file /goform/DhcpListClient of the component httpd. The manipulation of the argument page results in stack-based buffer overflow. The attack can be launched remotely. The exploi…
CVE-2026-34632
Adobe Photoshop Installer was affected by an Uncontrolled Search Path Element vulnerability that could have resulted in
13:54 KSA
Adobe Photoshop Installer was affected by an Uncontrolled Search Path Element vulnerability that could have resulted in arbitrary code execution in the context of the current user. A low-privileged local attacker could have exploited this vulnerability by manipulating the search …
CVE-2021-47961
A plaintext storage of a password vulnerability in Synology SSL VPN Client before 1.4.5-0684 allows remote attackers to
04:18 KSA
A plaintext storage of a password vulnerability in Synology SSL VPN Client before 1.4.5-0684 allows remote attackers to access or influence the user's PIN code due to insecure storage. This may lead to unauthorized VPN configuration and potential interception of subsequent VPN tr…
CVE-2026-35653
OpenClaw before 2026.3.24 contains an incorrect authorization vulnerability in the POST /reset-profile endpoint that all
16:36 KSA
OpenClaw before 2026.3.24 contains an incorrect authorization vulnerability in the POST /reset-profile endpoint that allows authenticated callers with operator.write access to browser.request to bypass profile mutation restrictions. Attackers can invoke POST /reset-profile throug…
CVE-2026-35660
OpenClaw before 2026.3.23 contains an insufficient access control vulnerability in the Gateway agent /reset endpoint tha
16:36 KSA
OpenClaw before 2026.3.23 contains an insufficient access control vulnerability in the Gateway agent /reset endpoint that allows callers with operator.write permission to reset admin sessions. Attackers with operator.write privileges can invoke /reset or /new messages with an exp…
CVE-2026-22676
Barracuda RMM versions prior to 2025.2.2 contain a privilege escalation vulnerability that allows local attackers to gai
13:54 KSA
Barracuda RMM versions prior to 2025.2.2 contain a privilege escalation vulnerability that allows local attackers to gain SYSTEM-level privileges by exploiting overly permissive filesystem ACLs on the C:\Windows\Automation directory. Attackers can modify existing automation conte…
CVE-2026-35641
OpenClaw before 2026.3.24 contains an arbitrary code execution vulnerability in local plugin and hook installation that
08:18 KSA
OpenClaw before 2026.3.24 contains an arbitrary code execution vulnerability in local plugin and hook installation that allows attackers to execute malicious code by crafting a .npmrc file with a git executable override. During npm install execution in the staged package director…
CVE-2026-4145
During an internal security assessment, a potential vulnerability was discovered in Lenovo Software Fix that could allow
13:54 KSA
During an internal security assessment, a potential vulnerability was discovered in Lenovo Software Fix that could allow a local authenticated user to perform arbitrary code execution with elevated privileges.
CVE-2026-35668
OpenClaw before 2026.3.24 contains a path traversal vulnerability in sandbox enforcement allowing sandboxed agents to re
22:47 KSA
OpenClaw before 2026.3.24 contains a path traversal vulnerability in sandbox enforcement allowing sandboxed agents to read arbitrary files from other agents' workspaces via unnormalized mediaUrl or fileUrl parameter keys. Attackers can exploit incomplete parameter validation in n…
CVE-2026-35650
OpenClaw before 2026.3.22 contains an environment variable override handling vulnerability that allows attackers to bypa
10:19 KSA
OpenClaw before 2026.3.22 contains an environment variable override handling vulnerability that allows attackers to bypass the shared host environment policy through inconsistent sanitization paths. Attackers can supply blocked or malformed override keys that slip through inconsi…
CVE-2026-4134
During an internal security assessment, a potential vulnerability was discovered in Lenovo Software Fix, that during ins
13:54 KSA
During an internal security assessment, a potential vulnerability was discovered in Lenovo Software Fix, that during installation could allow a local authenticated user to execute code with elevated privileges.
CVE-2026-6037
A vulnerability was determined in code-projects Vehicle Showroom Management System 1.0. This affects an unknown function
04:18 KSA
A vulnerability was determined in code-projects Vehicle Showroom Management System 1.0. This affects an unknown function of the file /util/AddVehicleFunction.php. This manipulation of the argument BRANCH_ID causes sql injection. The attack is possible to be carried out remotely. …
CVE-2026-6038
A vulnerability was identified in code-projects Vehicle Showroom Management System 1.0. This impacts an unknown function
04:18 KSA
A vulnerability was identified in code-projects Vehicle Showroom Management System 1.0. This impacts an unknown function of the file /util/RegisterCustomerFunction.php. Such manipulation of the argument BRANCH_ID leads to sql injection. The attack may be performed from remote. Th…
CVE-2026-6105
A security vulnerability has been detected in perfree go-fastdfs-web up to 1.3.7. This affects an unknown part of the fi
22:47 KSA
A security vulnerability has been detected in perfree go-fastdfs-web up to 1.3.7. This affects an unknown part of the file src/main/java/com/perfree/controller/InstallController.java of the component doInstall Interface. The manipulation leads to improper authorization. The attac…
CVE-2026-6110
A vulnerability was identified in FoundationAgents MetaGPT up to 0.8.1. This affects the function generate_thoughts of t
22:47 KSA
A vulnerability was identified in FoundationAgents MetaGPT up to 0.8.1. This affects the function generate_thoughts of the file metagpt/strategy/tot.py of the component Tree-of-Thought Solver. The manipulation leads to code injection. It is possible to initiate the attack remotel…
CVE-2026-6384
A flaw was found in gimp. This buffer overflow vulnerability in the GIF image loading component's `ReadJeffsImage` funct
13:54 KSA
A flaw was found in gimp. This buffer overflow vulnerability in the GIF image loading component's `ReadJeffsImage` function allows an attacker to write beyond an allocated buffer by processing a specially crafted GIF file. This can lead to a denial of service or potentially arbit…
CVE-2026-20205
In Splunk MCP Server app versions below 1.0.3 , a user who holds a role with access to the Splunk `_internal` index or p
13:54 KSA
In Splunk MCP Server app versions below 1.0.3 , a user who holds a role with access to the Splunk `_internal` index or possesses the high-privilege capability `mcp_tool_admin` could view users session and authorization tokens in clear text.<br><br>The vulnerability would require …
CVE-2026-2834
The Age Verification & Identity Verification by Token of Trust plugin for WordPress is vulnerable to Stored Cross-Site S
07:48 KSA
The Age Verification & Identity Verification by Token of Trust plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘description’ parameter in all versions up to, and including, 3.32.3 due to insufficient input sanitization and output escaping. This makes it …
CVE-2026-29002
CouchCMS contains a privilege escalation vulnerability that allows authenticated Admin-level users to create SuperAdmin
04:18 KSA
CouchCMS contains a privilege escalation vulnerability that allows authenticated Admin-level users to create SuperAdmin accounts by tampering with the f_k_levels_list parameter in user creation requests. Attackers can modify the parameter value from 4 to 10 in the HTTP request bo…
CVE-2026-3643
The Accessibly plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the REST API in all versions up to,
13:54 KSA
The Accessibly plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the REST API in all versions up to, and including, 3.0.3. The plugin registers REST API endpoints at `/otm-ac/v1/update-widget-options` and `/otm-ac/v1/update-app-config` with the `permission_cal…
CVE-2026-5217
The Optimole – Optimize Images | Convert WebP & AVIF | CDN & Lazy Load | Image Optimization plugin for WordPress is vuln
22:47 KSA
The Optimole – Optimize Images | Convert WebP & AVIF | CDN & Lazy Load | Image Optimization plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 4.2.2. This is due to insufficient input sanitization and output escaping on the use…
CVE-2026-5694
The Quick Interest Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'loan-amount' and 'l
13:54 KSA
The Quick Interest Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'loan-amount' and 'loan-period' parameters in all versions up to, and including, 3.1.5 due to insufficient input sanitization and output escaping. This makes it possible for unauth…
CVE-2026-0827
During an internal security assessment, a potential vulnerability was discovered in Lenovo Diagnostics and the HardwareS
13:54 KSA
During an internal security assessment, a potential vulnerability was discovered in Lenovo Diagnostics and the HardwareScanAddin used in Lenovo Vantage that, during installation or when using hardware scan, could allow a local authenticated user to perform an arbitrary file write…
CVE-2026-20204
In Splunk Enterprise versions below 10.2.1, 10.0.5, 9.4.10, and 9.3.11, and Splunk Cloud Platform versions below 10.4.26
13:54 KSA
In Splunk Enterprise versions below 10.2.1, 10.0.5, 9.4.10, and 9.3.11, and Splunk Cloud Platform versions below 10.4.2603.0, 10.3.2512.5, 10.2.2510.9, 10.1.2507.19, 10.0.2503.13, and 9.3.2411.127, a low-privileged user that does not hold the `admin` or `power` Splunk roles could…
CVE-2026-4162
The Gravity SMTP plugin for WordPress is vulnerable to Missing Authorization in versions up to, and including, 2.1.4. Th
04:18 KSA
The Gravity SMTP plugin for WordPress is vulnerable to Missing Authorization in versions up to, and including, 2.1.4. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with subscrib…
CVE-2026-5809
The wpForo Forum plugin for WordPress is vulnerable to Arbitrary File Deletion in versions up to and including 3.0.2. Th
22:47 KSA
The wpForo Forum plugin for WordPress is vulnerable to Arbitrary File Deletion in versions up to and including 3.0.2. This is due to a two-step logic flaw: the topic_add() and topic_edit() action handlers accept arbitrary user-supplied data[*] arrays from $_REQUEST and store them…
CVE-2026-21009
Improper check for exceptional conditions in Recents prior to SMR Apr-2026 Release 1 allows physical attacker to bypass
21:16 KSA
Improper check for exceptional conditions in Recents prior to SMR Apr-2026 Release 1 allows physical attacker to bypass App Pinning.
CVE-2026-34864
Boundary-unlimited vulnerability in the application read module.
Impact: Successful exploitation of this vulnerability m
02:16 KSA
Boundary-unlimited vulnerability in the application read module.
Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2026-40500
ProcessWire CMS version 3.0.255 and prior contain a server-side request forgery vulnerability in the admin panel's 'Add
10:55 KSA
ProcessWire CMS version 3.0.255 and prior contain a server-side request forgery vulnerability in the admin panel's 'Add Module From URL' feature that allows authenticated administrators to supply arbitrary URLs to the module download parameter, causing the server to issue outboun…
CVE-2026-1636
A potential DLL hijacking vulnerability was reported in Lenovo Service Bridge that, under certain conditions, could allo
02:16 KSA
A potential DLL hijacking vulnerability was reported in Lenovo Service Bridge that, under certain conditions, could allow a local authenticated user to execute code with elevated privileges.
CVE-2026-34863
Out-of-bounds write vulnerability in the file system.
Impact: Successful exploitation of this vulnerability may affect a
02:16 KSA
Out-of-bounds write vulnerability in the file system.
Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2026-20202
In Splunk Enterprise versions below 10.2.2, 10.0.5, 9.4.10, and 9.3.11, and Splunk Cloud Platform versions below 10.4.26
02:16 KSA
In Splunk Enterprise versions below 10.2.2, 10.0.5, 9.4.10, and 9.3.11, and Splunk Cloud Platform versions below 10.4.2603.0, 10.3.2512.6, 10.2.2510.10, 10.1.2507.20, 10.0.2503.13, and 9.3.2411.127, a user who holds a role that contains the high-privilege capability `edit_user`co…
CVE-2026-4135
During an internal security assessment, a potential vulnerability was discovered in Lenovo Software Fix, that during ins
02:16 KSA
During an internal security assessment, a potential vulnerability was discovered in Lenovo Software Fix, that during installation could allow a local authenticated user to perform an arbitrary file write with elevated privileges.
CVE-2025-15470
The Eleganzo theme for WordPress is vulnerable to arbitrary directory deletion due to insufficient path validation in th
21:16 KSA
The Eleganzo theme for WordPress is vulnerable to arbitrary directory deletion due to insufficient path validation in the akd_required_plugin_callback function in all versions up to, and including, 1.2. This makes it possible for authenticated attackers, with Subscriber-level acc…
CVE-2026-20078
Multiple vulnerabilities in Cisco Unity Connection could allow an authenticated, remote attacker to download arbitr
02:16 KSA
Multiple vulnerabilities in Cisco Unity Connection could allow an authenticated, remote attacker to download arbitrary files from an affected system. To exploit these vulnerabilities, the attacker must have valid administrative credentials.
These vulnerabilities are…
CVE-2026-20081
Multiple vulnerabilities in Cisco Unity Connection could allow an authenticated, remote attacker to download arbitr
02:16 KSA
Multiple vulnerabilities in Cisco Unity Connection could allow an authenticated, remote attacker to download arbitrary files from an affected system. To exploit these vulnerabilities, the attacker must have valid administrative credentials.
These vulnerabilities are…
CVE-2026-6385
A flaw was found in FFmpeg. A remote attacker could exploit this vulnerability by providing a specially crafted MPEG-PS/
10:55 KSA
A flaw was found in FFmpeg. A remote attacker could exploit this vulnerability by providing a specially crafted MPEG-PS/VOB media file containing a malicious DVD subtitle stream. This vulnerability is caused by a signed integer overflow in the DVD subtitle parser's fragment reass…
CVE-2026-3659
The WP Circliful plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' shortcode attribute of t
02:16 KSA
The WP Circliful plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' shortcode attribute of the [circliful] shortcode and via multiple shortcode attributes of the [circliful_direct] shortcode in all versions up to and including 1.2. This is due to insuf…
CVE-2026-3998
The WM JqMath plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'style' shortcode attribute of t
02:16 KSA
The WM JqMath plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'style' shortcode attribute of the [jqmath] shortcode in all versions up to and including 1.3. This is due to insufficient input sanitization and output escaping on user-supplied shortcode att…
CVE-2026-4005
The Coachific Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'userhash' shortcode a
02:16 KSA
The Coachific Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'userhash' shortcode attribute in all versions up to and including 1.0. This is due to insufficient input sanitization and output escaping. The plugin uses sanitize_text_field() on t…
CVE-2026-4011
The Power Charts Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' parameter of the [p
02:16 KSA
The Power Charts Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' parameter of the [pc] shortcode in all versions up to, and including, 0.1.0. This is due to insufficient input sanitization and output escaping on the 'id' shortcode attribute. Sp…
CVE-2026-5717
The VI: Include Post By plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'class_container' attr
02:16 KSA
The VI: Include Post By plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'class_container' attribute of the 'include-post-by-cat' shortcode in all versions up to, and including, 0.4.200706 due to insufficient input sanitization and output escaping on user…
CVE-2026-27299
Adobe Framemaker versions 2022.8 and earlier are affected by an Improper Input Validation vulnerability that could lead
07:16 KSA
Adobe Framemaker versions 2022.8 and earlier are affected by an Improper Input Validation vulnerability that could lead to arbitrary file system read. An attacker could leverage this vulnerability to access sensitive files or data on the system. Exploitation of this issue require…
CVE-2026-34861
Race condition vulnerability in the thermal management module.
Impact: Successful exploitation of this vulnerability may
02:16 KSA
Race condition vulnerability in the thermal management module.
Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2026-34862
Race condition vulnerability in the power consumption statistics module.
Impact: Successful exploitation of this vulnera
02:16 KSA
Race condition vulnerability in the power consumption statistics module.
Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2026-1852
The Product Pricing Table by WooBeWoo plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions u
02:16 KSA
The Product Pricing Table by WooBeWoo plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.0. This is due to missing or incorrect nonce validation on the updateLabel() and remove() functions. This makes it possible for unauthe…
CVE-2026-20059
A vulnerability in the web-based management interface of Cisco Unity Connection could allow an unauthenticated, remote a
02:16 KSA
A vulnerability in the web-based management interface of Cisco Unity Connection could allow an unauthenticated, remote attacker to conduct a reflected XSS attack against a user of the interface.
This vulnerability exists because the web-based management interface does not prop…
CVE-2026-20170
A vulnerability in the Desktop Agent functionality of Cisco Webex Contact Center could have allowed an unauthenticated,
08:54 KSA
A vulnerability in the Desktop Agent functionality of Cisco Webex Contact Center could have allowed an unauthenticated, remote attacker to conduct cross-site scripting attacks. Cisco has addressed this vulnerability in the Cisco Webex Contact Center service, and no customer actio…
CVE-2026-4091
The OPEN-BRAIN plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.
02:16 KSA
The OPEN-BRAIN plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.5.0. This is due to missing nonce verification on the settings form in the func_page_main() function. This makes it possible for unauthenticated attackers to in…
CVE-2026-40919
A flaw was found in GIMP. This vulnerability, a buffer overflow in the `file-seattle-filmworks` plugin, can be exploited
08:54 KSA
A flaw was found in GIMP. This vulnerability, a buffer overflow in the `file-seattle-filmworks` plugin, can be exploited when a user opens a specially crafted Seattle Filmworks file. A remote attacker could leverage this to cause a denial of service (DoS), leading to the plugin c…
CVE-2026-20136
A vulnerability in the CLI of Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PI
02:16 KSA
A vulnerability in the CLI of Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) could allow an authenticated, local attacker with administrative privileges to perform a command injection attack on the underlying operating system and elev…
CVE-2026-20161
A vulnerability in the CLI of Cisco ThousandEyes Enterprise Agent could allow an authenticated, local attacker with low
06:48 KSA
A vulnerability in the CLI of Cisco ThousandEyes Enterprise Agent could allow an authenticated, local attacker with low privileges to overwrite arbitrary files on the local system of an affected device.
This vulnerability is due to improper access controls on files that are on…
CVE-2026-27300
Adobe Framemaker versions 2022.8 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could
07:16 KSA
Adobe Framemaker versions 2022.8 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sensitive information. Exploitation of this issue requires user interaction …
CVE-2026-27301
Adobe Framemaker versions 2022.8 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could lead
07:16 KSA
Adobe Framemaker versions 2022.8 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sensitive information stored in memory. Exploitation of this issue requires user i…
CVE-2026-40915
A flaw was found in GIMP. A remote attacker could exploit an integer overflow vulnerability in the FITS image loader by
08:54 KSA
A flaw was found in GIMP. A remote attacker could exploit an integer overflow vulnerability in the FITS image loader by providing a specially crafted FITS file. This integer overflow leads to a zero-byte memory allocation, which is then subjected to a heap buffer overflow when pr…
CVE-2026-40918
A flaw was found in GIMP. Processing a specially crafted PVR image file with large dimensions can lead to a denial of se
08:54 KSA
A flaw was found in GIMP. Processing a specially crafted PVR image file with large dimensions can lead to a denial of service (DoS). This occurs due to a stack-based buffer overflow and an out-of-bounds read in the PVR image loader, causing the application to crash. Systems that …
CVE-2026-6245
A flaw was found in the System Security Services Daemon (SSSD). The pam_passkey_child_read_data() function within the PA
08:54 KSA
A flaw was found in the System Security Services Daemon (SSSD). The pam_passkey_child_read_data() function within the PAM passkey responder fails to properly handle raw bytes received from a pipe. Because the data is treated as a NUL-terminated C string without explicit terminati…
CVE-2026-1509
The Avada (Fusion) Builder plugin for WordPress is vulnerable to Arbitrary WordPress Action Execution in all versions up
21:16 KSA
The Avada (Fusion) Builder plugin for WordPress is vulnerable to Arbitrary WordPress Action Execution in all versions up to, and including, 3.15.1. This is due to the plugin's `output_action_hook()` function accepting user-controlled input to trigger any registered WordPress acti…
CVE-2026-6383
A flaw was found in KubeVirt's Role-Based Access Control (RBAC) evaluation logic. The authorization mechanism improperly
08:54 KSA
A flaw was found in KubeVirt's Role-Based Access Control (RBAC) evaluation logic. The authorization mechanism improperly truncates subresource names, leading to incorrect permission evaluations. This allows authenticated users with specific custom roles to gain unauthorized acces…
CVE-2025-15565
The Nexi XPay plugin for WordPress is vulnerable to unauthorized modification of data due to missing authorization check
05:00 KSA
The Nexi XPay plugin for WordPress is vulnerable to unauthorized modification of data due to missing authorization checks on the redirect function in all versions up to, and including, 8.3.0. This makes it possible for unauthenticated attackers to mark pending WooCommerce orders …
CVE-2026-1314
The 3D FlipBook – PDF Embedder, PDF Flipbook Viewer, Flipbook Image Gallery plugin for WordPress is vulnerable to unauth
21:16 KSA
The 3D FlipBook – PDF Embedder, PDF Flipbook Viewer, Flipbook Image Gallery plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the send_post_pages_json() function in all versions up to, and including, 1.16.17. This makes it poss…
CVE-2026-1782
The MetForm Pro plugin for WordPress is vulnerable to Improper Input Validation in all versions up to, and including, 3
02:16 KSA
The MetForm Pro plugin for WordPress is vulnerable to Improper Input Validation in all versions up to, and including, 3.9.7 This is due to the payment integrations (Stripe/PayPal) trusting a user-submitted calculation field value without recomputing or validating it against the …
CVE-2026-20152
A vulnerability in the authentication service feature of Cisco AsyncOS Software for Cisco Secure Web Appliance could all
06:48 KSA
A vulnerability in the authentication service feature of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to bypass authentication policy requirements.
This vulnerability is due to improper validation of user-supplied authen…
CVE-2026-3642
The e-shot™ form builder plugin for WordPress is vulnerable to Missing Authorization in all versions up to and including
02:16 KSA
The e-shot™ form builder plugin for WordPress is vulnerable to Missing Authorization in all versions up to and including 1.0.2. The eshot_form_builder_update_field_data() AJAX handler lacks any capability checks (current_user_can()) or nonce verification (check_ajax_referer()/wp_…
CVE-2026-3649
The Katalogportal PDF Sync plugin for WordPress is vulnerable to Missing Authorization in all versions up to and includi
02:16 KSA
The Katalogportal PDF Sync plugin for WordPress is vulnerable to Missing Authorization in all versions up to and including 1.0.0. The katalogportal_popup_shortcode() function is registered as an AJAX handler via wp_ajax_katalogportal_shortcodePrinter but lacks any capability chec…
CVE-2026-4812
The Advanced Custom Fields (ACF) plugin for WordPress is vulnerable to Missing Authorization to Arbitrary Post/Page Disc
21:16 KSA
The Advanced Custom Fields (ACF) plugin for WordPress is vulnerable to Missing Authorization to Arbitrary Post/Page Disclosure in versions up to and including 6.7.0. This is due to AJAX field query endpoints accepting user-supplied filter parameters that override field-configured…
CVE-2026-40916
A flaw was found in GIMP. A stack buffer overflow vulnerability in the TIM image loader's 4BPP decoding path allows a lo
08:54 KSA
A flaw was found in GIMP. A stack buffer overflow vulnerability in the TIM image loader's 4BPP decoding path allows a local user to cause a Denial of Service (DoS). By opening a specially crafted TIM image file, the application crashes due to an unconditional overflow when writin…
CVE-2026-40917
A flaw was found in GIMP. This vulnerability, a heap buffer over-read in the `icns_slurp()` function, occurs when proces
08:54 KSA
A flaw was found in GIMP. This vulnerability, a heap buffer over-read in the `icns_slurp()` function, occurs when processing specially crafted ICNS image files. An attacker could provide a malicious ICNS file, potentially leading to application crashes or information disclosure o…
⚠️ Threat Intelligence
47 threats
rss:Mandiant Blog
—
04:54 KSA
<strong>The German Cyber Criminal Überfall: Shifts in Europe's Data Leak Landscape</strong>
Germany has become the primary target for cyber extortion in Europe, with data leak site posts increasing nearly 50% globally in 2025. German infrastructure is experiencing dispropor…
rss:Recorded Future
—
03:48 KSA
<strong>4 Essential Integration Workflows for Operationalizing Threat Intelligence Recorded Future</strong>
Recorded Future outlines four essential integration workflows for operationalizing threat intelligence within existing security infrastructure. The guide covers four stage…
rss:Dark Reading
—
02:36 KSA
<strong>Navigating the Unique Security Risks of Asia's Digital Supply Chain</strong>
Asian organizations face complex supply chain security challenges due to regulatory fragmentation, highly interconnected digital ecosystems, and rapid AI adoption. These factors create uniq…
rss:BleepingComputer
—
02:36 KSA
<strong>WordPress plugin suite hacked to push malware to thousands of sites</strong>
Over 30 WordPress plugins in the EssentialPlugin package were compromised with malicious code enabling unauthorized access to affected websites. This supply chain attack impacts thousands of Wor…
rss:Malwarebytes Lab
—
00:18 KSA
<strong>AI clickbait can turn your notifications into a scam feed</strong>
A new AI-powered campaign called Pushpaganda exploits browser notifications using clickbait tactics to deliver scams and fraudulent alerts to users. This threat leverages artificial intelligence to create…
rss:The Hacker News
—
00:18 KSA
<strong>n8n Webhooks Abused Since October 2025 to Deliver Malware via Phishing Emails</strong>
Threat actors are weaponizing n8n, an AI workflow automation platform, to conduct sophisticated phishing campaigns. Attackers leverage the platform's trusted infrastructure to deliver …
rss:BleepingComputer
—
00:18 KSA
<strong>Signed software abused to deploy antivirus-killing scripts</strong>
Digitally signed adware tool deployed malicious payloads with SYSTEM privileges to disable antivirus protections across thousands of endpoints. Critical sectors affected include education, utilities, gov…
rss:SecurityWeek
—
23:16 KSA
<strong>Sweden Blames Pro-Russian Group for Cyberattack Last Year on Its Energy Infrastructure</strong>
Sweden publicly disclosed a cyberattack by a pro-Russian group targeting a heating plant in western Sweden, marking the country's first official acknowledgment of the incident…
rss:BleepingComputer
—
23:16 KSA
<strong>Microsoft pays $2.3M for cloud and AI flaws at Zero Day Quest</strong>
Microsoft awarded $2.3 million to security researchers who identified cloud and AI vulnerabilities through the Zero Day Quest hacking contest, receiving nearly 700 submissions. This bug bounty program…
rss:Recorded Future
—
22:00 KSA
<strong>Your Supply Chain Breach Is Someone Else's Payday</strong>
TeamPCP conducted a sophisticated supply chain attack by compromising trusted software tools to harvest credentials at scale. The stolen credentials enabled multiple criminal activities including payroll fra…
rss:Recorded Future
—
22:00 KSA
<strong>Your Supply Chain Breach Is Someone Else's Payday</strong>
TeamPCP conducted a sophisticated supply chain attack by compromising trusted software tools to harvest credentials at scale. The stolen credentials enabled multiple criminal activities including payroll fra…
rss:Dark Reading
—
22:00 KSA
<strong>Prepping for 'Q-Day': Why Quantum Risk Management Should Start Now</strong>
Quantum computers pose an emerging cryptographic threat that could break current encryption systems. Experts warn that achieving quantum-safe security will take years and organizations …
rss:Dark Reading
—
22:00 KSA
<strong>Audit: Big Tech Often Ignores CA Privacy Law Opt-Out Requests</strong>
Major technology companies including Google, Meta, and Microsoft fail to comply with approximately 50% of user requests to opt out of online tracking as mandated by California privacy law. This non-co…
rss:Dark Reading
—
22:00 KSA
<strong>Prepping for 'Q-Day': Why Quantum Risk Management Should Start Now</strong>
Quantum computers pose an emerging threat to current cryptographic systems, with experts warning that achieving quantum-safe security could take years or may never be fully realized. Or…
rss:BleepingComputer
—
22:00 KSA
<strong>CISA flags Windows Task Host vulnerability as exploited in attacks</strong>
CISA has added a Windows Task Host privilege escalation vulnerability to its Known Exploited Vulnerabilities catalog, warning U.S. federal agencies of active exploitation. The vulnerability allow…
rss:Malwarebytes Lab
—
20:48 KSA
<strong>Fake YouTube copyright notices can steal your Google login</strong>
A sophisticated phishing campaign is targeting YouTube content creators using fake copyright infringement notices. Attackers can compromise not only YouTube channels but entire Google accounts through th…
rss:SecurityWeek
—
20:48 KSA
<strong>Capsule Security Emerges From Stealth With $7 Million in Funding</strong>
Israeli startup Capsule Security secures $7 million in funding to develop AI agent security solutions. The company focuses on runtime protection for AI agents through continuous behavioral monitori…
rss:SecurityWeek
—
20:48 KSA
<strong>Exploited Vulnerability Exposes Nginx Servers to Hacking</strong>
Hackers are actively exploiting CVE-2026-33032, a critical remote code execution vulnerability in Nginx UI management tool. This vulnerability allows attackers to remotely take over affected Nginx servers,…
rss:The Hacker News
—
20:48 KSA
<strong>April Patch Tuesday Fixes Critical Flaws Across SAP, Adobe, Microsoft, Fortinet, and More</strong>
April 2025 Patch Tuesday addresses multiple critical vulnerabilities across major enterprise vendors including SAP, Adobe, Microsoft, and Fortinet. The most severe includes…
rss:The Hacker News
—
20:48 KSA
<strong>Actively Exploited nginx-ui Flaw (CVE-2026-33032) Enables Full Nginx Server Takeover</strong>
Critical authentication bypass vulnerability (CVE-2026-33032, CVSS 9.8) in nginx-ui web management tool is being actively exploited. The flaw allows threat actors to completely …
rss:BleepingComputer
—
20:48 KSA
<strong>Rolling Networks: Securing the Transportation Sector</strong>
Modern transportation vehicles have become mobile networks with extensive sensors and connectivity, creating significant cybersecurity vulnerabilities. The NMFTA Cybersecurity Conference addresses emerging cyb…
rss:SecurityWeek
—
19:36 KSA
<strong>‘By Design’ Flaw in MCP Could Enable Widespread AI Supply Chain Attacks</strong>
A design flaw in Anthropic's Model Context Protocol (MCP) allows unsanitized commands to execute silently, potentially enabling full system compromise. The vulnerability affects widely deplo…
rss:SecurityWeek
—
19:36 KSA
<strong>CISO Conversations: Ross McKerchar, CISO at Sophos</strong>
Interview with Sophos CISO Ross McKerchar discussing cybersecurity leadership challenges including managing security at scale, talent retention strategies, defending against AI-enabled threats, and addressing th…
rss:SecurityWeek
—
19:36 KSA
<strong>100 Chrome Extensions Steal User Data, Create Backdoor</strong>
Security researchers discovered 100 malicious Chrome extensions that steal user data and create backdoors for attackers. The extensions were published through five accounts and appear to be part of a coordin…
rss:The Hacker News
—
19:36 KSA
<strong>Deterministic + Agentic AI: The Architecture Exposure Validation Requires</strong>
Organizations are rapidly adopting AI across operational and security functions under pressure from leadership and boards. This architectural shift requires proper exposure validation fram…
rss:SecurityWeek
—
18:32 KSA
<strong>Two Vulnerabilities Patched in Ivanti Neurons for ITSM </strong>
Two vulnerabilities have been patched in Ivanti Neurons for ITSM that could allow remote attackers to maintain unauthorized access after account disablement and access information from other user sessions. …
rss:SecurityWeek
—
18:32 KSA
<strong>Mirax RAT Targeting Android Users in Europe</strong>
Mirax RAT is being offered as Malware-as-a-Service to Russian-speaking affiliates, targeting Android users in Europe. The malware can convert infected devices into residential proxy nodes, enabling attackers to route m…
rss:Dark Reading
—
18:32 KSA
<strong>Microsoft, Salesforce Patch AI Agent Data Leak Flaws</strong>
Microsoft and Salesforce patched critical prompt injection vulnerabilities in their AI agents (Copilot and Agentforce) that could have allowed external attackers to exfiltrate sensitive corporate data. The fla…
rss:BleepingComputer
—
18:32 KSA
<strong>Microsoft: April updates trigger BitLocker key prompts on some servers</strong>
Microsoft's April 2026 KB5082063 security update causes some Windows Server 2025 devices to boot into BitLocker recovery mode. This issue affects server availability and requires manual inter…
rss:Malwarebytes Lab
—
17:16 KSA
<strong>April Patch Tuesday fixes two zero-days, including one under active attack</strong>
Microsoft's April Patch Tuesday addresses 167 vulnerabilities including two zero-day flaws, one actively exploited in the wild. The vulnerabilities enable system compromise, data exposure…
rss:Malwarebytes Lab
—
17:16 KSA
<strong>From fake Proton VPN sites to gaming mods, this Windows infostealer is everywhere</strong>
A widespread Windows infostealer is being distributed through fake Proton VPN sites, GitHub repositories, and YouTube links. The malware targets user credentials and cryptocurrency…
rss:SecurityWeek
—
17:16 KSA
<strong>Trump Urges Extending Foreign Surveillance Program as Some Lawmakers Push for US Privacy Protections</strong>
The U.S. Congress is preparing to reauthorize a controversial foreign surveillance program that allows intelligence agencies to monitor foreigners' communication…
rss:SecurityWeek
—
17:16 KSA
<strong>$10 Domain Could Have Handed Hackers 25k Endpoints, Including in OT and Gov Networks</strong>
Security researchers discovered adware with capabilities to disable cybersecurity products and deliver more dangerous malicious payloads to compromised systems. A $10 domain reg…
rss:BleepingComputer
—
17:16 KSA
<strong>Microsoft fixes bug behind Windows Server 2025 automatic upgrades</strong>
Microsoft resolved a critical bug causing unintended automatic upgrades from Windows Server 2019/2022 to Server 2025. This unexpected behavior could disrupt enterprise operations and introduce com…
rss:Malwarebytes Lab
—
16:00 KSA
<strong>Credit Resources Vault: Why this credit email set off our scam alarms</strong>
A targeted phishing campaign exploits financially vulnerable individuals through deceptive credit-related emails. The scam tricks victims into disclosing sensitive personal and financial data …
rss:SecurityWeek
—
16:00 KSA
<strong>Fortinet Patches Critical FortiSandbox Vulnerabilities</strong>
Fortinet has patched critical vulnerabilities in FortiSandbox that could allow attackers to bypass authentication and execute arbitrary code or commands through HTTP requests. Organizations using FortiSandbo…
rss:The Hacker News
—
16:00 KSA
<strong>Microsoft Issues Patches for SharePoint Zero-Day and 168 Other New Vulnerabilities</strong>
Microsoft released patches for a record 169 security vulnerabilities, including one actively exploited SharePoint zero-day vulnerability. Eight vulnerabilities are rated Critical …
rss:SecurityWeek
—
13:48 KSA
<strong>ICS Patch Tuesday: 8 Industrial Giants Publish New Security Advisories</strong>
Eight major industrial control system vendors including Siemens, Schneider Electric, and Rockwell Automation released security patches for vulnerabilities in their ICS/SCADA systems. These co…
rss:The Hacker News
—
12:34 KSA
<strong>OpenAI Launches GPT-5.4-Cyber with Expanded Access for Security Teams</strong>
OpenAI released GPT-5.4-Cyber, a specialized AI model optimized for defensive cybersecurity operations. This launch follows competitor Anthropic's release of their Mythos model, indicating inc…
rss:Dark Reading
—
06:54 KSA
<strong>Microsoft Bets $10 Billion to Boost Japan's AI, Cybersecurity</strong>
Microsoft announces $10 billion investment in Japan focused on AI adoption and cybersecurity partnerships. The initiative includes workforce training and data center development as part of sovere…
rss:Dark Reading
—
04:36 KSA
<strong>Privilege Elevation Dominates Massive Microsoft Patch Update</strong>
Microsoft released patches for 165 vulnerabilities, with over half being privilege elevation bugs. Two zero-day vulnerabilities were included in this massive security update, requiring immediate attent…
rss:Krebs on Securit
—
04:36 KSA
<strong>Patch Tuesday, April 2026 Edition</strong>
Microsoft released patches for 167 security vulnerabilities including a SharePoint Server zero-day and a publicly disclosed Windows Defender flaw called 'BlueHammer'. Google Chrome also patched its fourth vulnerability, indicati…
rss:BleepingComputer
—
04:36 KSA
<strong>Crypto-exchange Kraken extorted by hackers after insider breach</strong>
Cryptocurrency exchange Kraken disclosed an extortion attempt by cybercriminals following an insider breach. The threat actors obtained videos showing internal systems containing client data and are…
rss:BleepingComputer
—
04:36 KSA
<strong>Microsoft adds Windows protections for malicious Remote Desktop files</strong>
Microsoft has implemented new security protections in Windows to defend against phishing attacks exploiting Remote Desktop Protocol (.rdp) files. The update includes warning prompts and disabl…
rss:Dark Reading
—
03:32 KSA
<strong>Why Orgs Need to Test Networks to Withstand DDoS Attacks During Peak Loads</strong>
Organizations must test DDoS defenses during peak operational periods, not just in controlled environments. Testing during high-demand scenarios like tax deadlines ensures networks can wi…
rss:Dark Reading
—
03:32 KSA
<strong>EDR-Killer Ecosystem Expansion Requires Stronger BYOVD Defenses</strong>
EDR-killer malware using bring-your-own-vulnerable-driver (BYOVD) techniques poses significant challenges to endpoint security. Attackers exploit legitimate but vulnerable drivers to disable securit…
rss:BleepingComputer
—
03:32 KSA
<strong>Over 100 Chrome extensions in Web Store target users accounts and data</strong>
Over 100 malicious Chrome extensions discovered in the official Web Store actively stealing Google OAuth2 Bearer tokens and user credentials. The extensions deploy backdoors and conduct ad fr…
📰 Cybersecurity News
0 articles
No news aggregated today yet
This digest is updated automatically every day — Last updated: Wednesday, April 15, 2026
CVE Archive ·
Threats ·
News