200
CVEs
49
Threats
0
News
82
Critical
83
CISA KEV
🛡 Security Vulnerabilities (CVE)
Marimo Marimo — CVE-2026-39987
Marimo contains an pre-authorization remote code execution vulnerability, allowing an unauthenticated attacked to shell access and execute arbitrary system commands.
Required Action: Apply mitigations per vendor instructions, follow applicable BOD …
NETGEAR Multiple Devices Exposure of Sensitive Information Vulnerability — Multiple NETGEAR devices are prone to admin password disclosure via simple crafted requests to the web management server.
Apache Struts Remote Code Execution Vulnerability — Apache Struts Jakarta Multipart parser allows for malicious file upload using the Content-Type value, leading to remote code execution.
Intel Active Management Technology (AMT), Small Business Technology (SBT), and Standard Manageability Privilege Escalation Vulnerability — Intel products contain a vulnerability which can allow attackers to perform privilege escalation.
NETGEAR DGN2200 Remote Code Execution Vulnerability — NETGEAR DGN2200 wireless routers contain a vulnerability that allows for remote code execution.
CVE-2017-6316
Citrix NetScaler SD-WAN and CloudBridge Unauthenticated Remote Code Execution
11:01 KSA
Citrix Multiple Products Remote Code Execution Vulnerability — A vulnerability has been identified in the management interface of Citrix NetScaler SD-WAN Enterprise and Standard Edition and Citrix CloudBridge Virtual WAN Edition that could result in an unauthenticated, remote att…
Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability — The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code.
QNAP Photo Station Path Traversal Vulnerability — QNAP devices running Photo Station contain an external control of file name or path vulnerability allowing remote attackers to access or modify system files.
Sonatype Nexus Repository Manager Incorrect Access Control Vulnerability — Sonatype Nexus Repository Manager before 3.15.0 has an incorrect access control vulnerability. Exploitation allows for remote code execution.
Nice Linear eMerge E3-Series OS Command Injection Vulnerability — Nice Linear eMerge E3-Series contains an OS command injection vulnerability that allows an attacker to conduct remote code execution.
Apple Multiple Products Memory Corruption Vulnerability — Apple iOS, macOS, watchOS, and tvOS contain a memory corruption vulnerability that could allow for privilege escalation.
Apple iOS Memory Corruption Vulnerability — Apple iOS contains a memory corruption vulnerability which could allow an attacker to perform remote code execution.
SonicWall SMA100 SQL Injection Vulnerability — SonicWall SMA100 contains a SQL injection vulnerability allowing an unauthenticated user to gain read-only access to unauthorized resources.
SonicWall SMA100 Directory Traversal Vulnerability — In SonicWall SMA100, an unauthenticated Directory Traversal vulnerability in the handleWAFRedirect CGI allows the user to test for the presence of a file on the server.
Kibana Arbitrary Code Execution — Kibana contain an arbitrary code execution flaw in the Timelion visualizer.
Zoho ManageEngine ServiceDesk Plus (SDP) File Upload Vulnerability — Zoho ManageEngine ServiceDesk Plus (SDP) contains an unspecified vulnerability that allows remote users to upload files via login page customization.
Apple Multiple Products Type Confusion Vulnerability — A type confusion issue affecting multiple Apple products allows processing of maliciously crafted web content, leading to arbitrary code execution.
Apple macOS Use-After-Free Vulnerability — Apple macOS contains a use-after-free vulnerability that could allow for privilege escalation.
Apple Multiple Products Use-After-Free Vulnerability — A use-after-free vulnerability in Apple iOS, macOS, tvOS, and watchOS could allow a malicious application to execute code with system privileges.
WebKitGTK Memory Corruption Vulnerability — WebKitGTK contains a memory corruption vulnerability which can allow an attacker to perform remote code execution.
ThinkPHP Remote Code Execution Vulnerability — ThinkPHP contains an unspecified vulnerability that allows for remote code execution via public//?s=index/\think\app/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]= followed by the command.
Synacor Zimbra Collaboration Suite (ZCS) Server-Side Request Forgery (SSRF) Vulnerability — Synacor Zimbra Collaboration Suite (ZCS) contains a server-side request forgery (SSRF) vulnerability via the ProxyServlet component.
Synacor Zimbra Collaboration Suite (ZCS) Improper Restriction of XML External Entity Reference — Synacor Zimbra Collaboration Suite (ZCS) contains an improper restriction of XML external entity (XXE) vulnerability in the mailboxd component.
Sitecore CMS and Experience Platform (XP) Deserialization Vulnerability — Sitecore CMS and Experience Platform (XP) contain a deserialization vulnerability in the Sitecore.Security.AntiCSRF module that allows an unauthenticated attacker to execute arbitrary code by sending a seri…
Sitecore CMS and Experience Platform (XP) Deserialization Vulnerability — Sitecore CMS and Experience Platform (XP) contain a deserialization vulnerability in the Sitecore.Security.AntiCSRF module that allows an authenticated attacker to execute arbitrary code by sending a serial…
WordPress Social Warfare Plugin Cross-Site Scripting (XSS) Vulnerability — WordPress Social Warfare plugin contains a cross-site scripting (XSS) vulnerability that allows for remote code execution. This vulnerability affects Social Warfare and Social Warfare Pro.
Android Kernel Out-of-Bounds Write Vulnerability — Android Kernel binder_transaction of binder.c contains an out-of-bounds write vulnerability due to an incorrect bounds check that could allow for local privilege escalation. This vulnerability was observed chained with CVE-2019-2…
CVE-2020-0069
MediaTek Chipsets Command Queue Driver Input Validation Privilege Escalation
11:01 KSA
Mediatek Multiple Chipsets Insufficient Input Validation Vulnerability — Multiple MediaTek chipsets contain an insufficient input validation vulnerability and have missing SELinux restrictions in the Command Queue drivers ioctl handlers. This causes an out-of-bounds write leading…
CVE-2020-0601
Microsoft Windows CryptoAPI ECC Certificate Spoofing Vulnerability (CurveBall)
11:01 KSA
Microsoft Windows CryptoAPI Spoofing Vulnerability — Microsoft Windows CryptoAPI (Crypt32.dll) contains a spoofing vulnerability in the way it validates Elliptic Curve Cryptography (ECC) certificates. An attacker could exploit the vulnerability by using a spoofed code-signing cer…
Microsoft SQL Server Reporting Services Remote Code Execution Vulnerability — Microsoft SQL Server Reporting Services contains a deserialization vulnerability when handling page requests incorrectly. An authenticated attacker can exploit this vulnerability to execute code in the …
Microsoft Update Notification Manager Privilege Escalation Vulnerability — Microsoft Update Notification Manager contains an unspecified vulnerability that allows for privilege escalation.
Microsoft .NET Framework Remote Code Execution Vulnerability — Microsoft .NET Framework contains an improper input validation vulnerability that allows for remote code execution.
Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability — Microsoft Internet Explorer contains a memory corruption vulnerability due to the way the Scripting Engine handles objects in memory. Successful exploitation could allow remote code execution in the co…
Microsoft Windows Installer Privilege Escalation Vulnerability — Microsoft Windows Installer contains a privilege escalation vulnerability when MSI packages process symbolic links, which allows attackers to bypass access restrictions to add or remove files.
Microsoft Exchange Server Validation Key Remote Code Execution Vulnerability — Microsoft Exchange Server Validation Key fails to properly create unique keys at install time, allowing for remote code execution.
Microsoft Windows Background Intelligent Transfer Service (BITS) Improper Privilege Management Vulnerability — Microsoft Windows BITS is vulnerable to to a privilege elevation vulnerability if it improperly handles symbolic links. An actor can exploit this vulnerability to execut…
Microsoft SMBv3 Remote Code Execution Vulnerability — A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests. An attacker who successfully exploited the vulnerability could gain the ability t…
Microsoft Edge and Internet Explorer Memory Corruption Vulnerability — Microsoft Edge and Internet Explorer contain a memory corruption vulnerability that allows attackers to execute code in the context of the current user.
Microsoft Windows Adobe Font Manager Library Remote Code Execution Vulnerability — Microsoft Windows Adobe Font Manager Library contains an unspecified vulnerability when handling specially crafted multi-master fonts (Adobe Type 1 PostScript format) that allows for remote code ex…
Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability — Microsoft Internet Explorer contains a memory corruption vulnerability due to how the Scripting Engine handles objects in memory, leading to remote code execution.
Microsoft Windows Kernel Privilege Escalation Vulnerability — Microsoft Windows kernel contains an unspecified vulnerability when handling objects in memory that allows attackers to escalate privileges and execute code in kernel mode.
SolarWinds Orion Authentication Bypass Vulnerability — SolarWinds Orion API contains an authentication bypass vulnerability that could allow a remote attacker to execute API commands.
CVE-2020-10181
Sumavision EMR CSRF Vulnerability Allows Unauthorized Admin Account Creation
11:01 KSA
Sumavision EMR Cross-Site Request Forgery (CSRF) Vulnerability — Sumavision Enhanced Multimedia Router (EMR) contains a cross-site request forgery (CSRF) vulnerability allowing the creation of users with elevated privileges as administrator on a device.
Zoho ManageEngine Desktop Central File Upload Vulnerability — Zoho ManageEngine Desktop Central contains a file upload vulnerability that allows for unauthenticated remote code execution.
Sonatype Nexus Repository Remote Code Execution Vulnerability — Sonatype Nexus Repository contains an unspecified vulnerability that allows for remote code execution.
Microsoft Windows Adobe Font Manager Library Remote Code Execution Vulnerability — Microsoft Windows Adobe Font Manager Library contains an unspecified vulnerability when handling specially crafted multi-master fonts (Adobe Type 1 PostScript format) that allows for remote code ex…
rConfig OS Command Injection Vulnerability — rConfig lib/ajaxHandlers/ajaxAddTemplate.php contains an OS command injection vulnerability that allows remote attackers to execute OS commands via shell metacharacters in the fileName POST parameter.
Microsoft Windows Kernel Privilege Escalation Vulnerability — An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.
Microsoft Hyper-V RemoteFX vGPU Remote Code Execution Vulnerability — Microsoft Hyper-V RemoteFX vGPU contains an improper input validation vulnerability due to the host server failing to properly validate input from an authenticated user on a guest operating system. Successful e…
Microsoft Win32k Privilege Escalation Vulnerability — Microsoft Win32k contains a privilege escalation vulnerability when the Windows kernel-mode driver fails to properly handle objects in memory. Successful exploitation allows an attacker to execute code in kernel mode.
Tenda AC1900 Router AC15 Model Remote Code Execution Vulnerability — Tenda AC1900 Router AC15 Model contains an unspecified vulnerability that allows remote attackers to execute system commands via the deviceName POST parameter.
JQuery Cross-Site Scripting (XSS) Vulnerability — JQuery contains a persistent cross-site scripting (XSS) vulnerability. When passing maliciously formed, untrusted input enclosed in HTML tags, JQuery's DOM manipulators can execute untrusted code in the context of the user's brows…
Qualcomm Multiple Chipsets Improper Input Validation Vulnerability — Memory corruption due to improper check to return error when user application requests memory allocation of a huge size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, S…
Microsoft .NET Framework, SharePoint, and Visual Studio Remote Code Execution Vulnerability — Microsoft .NET Framework, Microsoft SharePoint, and Visual Studio contain a remote code execution vulnerability when the software fails to check the source markup of XML file input. Succ…
SaltStack Salt Authentication Bypass Vulnerability — SaltStack Salt contains an authentication bypass vulnerability in the salt-master process ClearFuncs due to improperly validating method calls. The vulnerability allows a remote user to access some methods without authenticatio…
SaltStack Salt Path Traversal Vulnerability — SaltStack Salt contains a path traversal vulnerability in the salt-master process ClearFuncs which allows directory access to authenticated users. Salt users who follow fundamental internet security guidelines and best practices are n…
WordPress Snap Creek Duplicator Plugin File Download Vulnerability — WordPress Snap Creek Duplicator plugin contains a file download vulnerability when an administrator creates a new copy of their site that allows an attacker to download the generated files from their Wordpress d…
Treck TCP/IP stack Out-of-Bounds Read Vulnerability — The Treck TCP/IP stack contains an IPv6 out-of-bounds read vulnerability.
Apache Airflow Command Injection — A remote code/command injection vulnerability was discovered in one of the example DAGs shipped with Airflow.
Sophos SFOS SQL Injection Vulnerability — Sophos Firewall operating system (SFOS) firmware contains a SQL injection vulnerability when configured with either the administration (HTTPS) service or the User Portal is exposed on the WAN zone. Successful exploitation may cause remote…
Roundcube Webmail Remote Code Execution Vulnerability — Roundcube Webmail contains an remote code execution vulnerability that allows attackers to execute code via shell metacharacters in a configuration setting for im_convert_path or im_identify_path.
CVE-2020-12812
Fortinet FortiOS SSL VPN Authentication Bypass via Username Case Manipulation
11:01 KSA
Fortinet FortiOS SSL VPN Improper Authentication Vulnerability — Fortinet FortiOS SSL VPN contains an improper authentication vulnerability that may allow a user to login successfully without being prompted for the second factor of authentication (FortiToken) if they change the c…
Microsoft Windows DNS Server Remote Code Execution Vulnerability — Microsoft Windows DNS Servers fail to properly handle requests, allowing an attacker to perform remote code execution in the context of the Local System Account. The vulnerability is also known under the moniker o…
Drupal core Un-restricted Upload of File — Improper sanitization in the extension file names is present in Drupal core.
Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability — Microsoft Internet Explorer contains a memory corruption vulnerability which can allow for remote code execution in the context of the current user.
Apache Airflow's Experimental API Authentication Bypass — The previous default setting for Airflow's Experimental API was to allow all API requests without authentication.
Roundcube Webmail Cross-Site Scripting (XSS) Vulnerability — Roundcube Webmail contains a cross-site scripting (XSS) vulnerability that allows a remote attacker to manipulate data via a malicious XML attachment.
Microsoft Windows Spoofing Vulnerability — Microsoft Windows contains a spoofing vulnerability when Windows incorrectly validates file signatures, allowing an attacker to bypass security features and load improperly signed files.
Oracle WebLogic Server Remote Code Execution Vulnerability — Oracle WebLogic Server, a product within the Fusion Middleware suite, contains a deserialization vulnerability. Unauthenticated attackers with network access via T3 or IIOP can exploit this vulnerability to achieve remo…
Microsoft Netlogon Privilege Escalation Vulnerability — Microsoft's Netlogon Remote Protocol (MS-NRPC) contains a privilege escalation vulnerability when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller. An attacker who successfully e…
Oracle WebLogic Server Remote Code Execution Vulnerability — Oracle WebLogic Server contains an unspecified vulnerability allowing an unauthenticated attacker to perform remote code execution. This vulnerability is related to CVE-2020-14882.
Oracle Business Intelligence Enterprise Edition Path Transversal — Path traversal vulnerability, where an attacker can target the preview FilePath parameter of the getPreviewImage function to get access to arbitrary system file.
Oracle Solaris and Zettabyte File System (ZFS) Unspecified Vulnerability — Oracle Solaris and Oracle ZFS Storage Appliance Kit contain an unspecified vulnerability causing high impacts to confidentiality, integrity, and availability of affected systems.
Oracle WebLogic Server Remote Code Execution Vulnerability — Oracle WebLogic Server contains an unspecified vulnerability, which is assessed to allow for remote code execution, based on this vulnerability being related to CVE-2020-14750.
Oracle WebLogic Server Unspecified Vulnerability — Oracle WebLogic Server contains an unspecified vulnerability in the Console component with high impacts to confidentilaity, integrity, and availability.
Sophos XG Firewall Buffer Overflow Vulnerability — Sophos XG Firewall contains a buffer overflow vulnerability that allows for remote code execution via the "HTTP/S bookmark" feature.
DrayTek Multiple Vigor Routers OS Command Injection Vulnerability — DrayTek Vigor3900, Vigor2960, and Vigor300B devices contain an OS command injection vulnerability in cgi-bin/mainfunction.cgi/cvmcfgupload that allows for remote code execution via shell metacharacters in a filen…
Ivanti MobileIron Multiple Products Remote Code Execution Vulnerability — Ivanti MobileIron's Core & Connector, Sentry, and Monitor and Reporting Database (RDB) products contain an unspecified vulnerability that allows for remote code execution.
Citrix ADC, Gateway, and SD-WAN WANOP Appliance Information Disclosure Vulnerability — Citrix ADC, Citrix Gateway, and multiple Citrix SD-WAN WANOP appliance models contain an information disclosure vulnerability.
Pulse Connect Secure Code Injection Vulnerability — A code injection vulnerability exists in Pulse Connect Secure that allows an attacker to crafted a URI to perform an arbitrary code execution via the admin web interface.
Apple Multiple Products WebKit Out-of-Bounds Read Vulnerability — Apple iOS, iPadOS, macOS, tvOS, watchOS, and Safari WebKit contain an out-of-bounds read vulnerability that may disclose sensitive information when processing maliciously crafted web content. This vulnerability cou…
CVE-2023-33246
Apache RocketMQ Unauthenticated Remote Command Execution via Configuration Update
11:01 KSA
Apache RocketMQ Command Execution Vulnerability — Several components of Apache RocketMQ, including NameServer, Broker, and Controller, are exposed to the extranet and lack permission verification. An attacker can exploit this vulnerability by using the update configuration functi…
CVE-2026-2906
A security flaw has been discovered in Tenda HG9 300001138. Affected is an unknown function of the file /boaform/formSam
11:14 KSA
A security flaw has been discovered in Tenda HG9 300001138. Affected is an unknown function of the file /boaform/formSamba of the component Samba Configuration Endpoint. The manipulation of the argument sambaCap results in stack-based buffer overflow. The attack may be launched r…
CVE-2026-2907
A weakness has been identified in Tenda HG9 300001138. Affected by this vulnerability is an unknown functionality of the
11:14 KSA
A weakness has been identified in Tenda HG9 300001138. Affected by this vulnerability is an unknown functionality of the file /boaform/formgponConf of the component GPON Configuration Endpoint. This manipulation of the argument fmgpon_loid/fmgpon_loid_password causes stack-based …
CVE-2026-2908
A security vulnerability has been detected in Tenda HG9 300001138. Affected by this issue is some unknown functionality
11:14 KSA
A security vulnerability has been detected in Tenda HG9 300001138. Affected by this issue is some unknown functionality of the file /boaform/formLoopBack of the component Loopback Detection Configuration Endpoint. Such manipulation of the argument Ethtype leads to stack-based buf…
CVE-2026-2909
A vulnerability was detected in Tenda HG9 300001138. This affects an unknown part of the file /boaform/formPing of the c
11:14 KSA
A vulnerability was detected in Tenda HG9 300001138. This affects an unknown part of the file /boaform/formPing of the component Diagnostic Ping Endpoint. Performing a manipulation of the argument pingAddr results in stack-based buffer overflow. The attack is possible to be carri…
CVE-2026-2910
A flaw has been found in Tenda HG9 300001138. This vulnerability affects unknown code of the file /boaform/formPing6. Ex
11:14 KSA
A flaw has been found in Tenda HG9 300001138. This vulnerability affects unknown code of the file /boaform/formPing6. Executing a manipulation of the argument pingAddr can lead to stack-based buffer overflow. The attack may be performed from remote. The exploit has been published…
CVE-2026-2911
A vulnerability has been found in Tenda FH451 up to 1.0.0.9. This issue affects some unknown processing of the file /gof
11:14 KSA
A vulnerability has been found in Tenda FH451 up to 1.0.0.9. This issue affects some unknown processing of the file /goform/GstDhcpSetSer. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and m…
CVE-2026-29180
Fleet is open source device management software. Prior to 4.81.1, a broken access control vulnerability in Fleet's host
03:24 KSA
Fleet is open source device management software. Prior to 4.81.1, a broken access control vulnerability in Fleet's host transfer API allows a team maintainer to transfer hosts from any team into their own team, bypassing team isolation boundaries. Once transferred, the attacker g…
CVE-2026-2925
A vulnerability was detected in D-Link DWR-M960 1.01.07. Affected by this issue is the function sub_42B5A0 of the file /
11:14 KSA
A vulnerability was detected in D-Link DWR-M960 1.01.07. Affected by this issue is the function sub_42B5A0 of the file /boafrm/formBridgeVlan of the component Bridge VLAN Configuration Endpoint. Performing a manipulation of the argument submit-url results in stack-based buffer ov…
CVE-2026-2926
A flaw has been found in D-Link DWR-M960 1.01.07. This affects the function sub_4237AC of the file /boafrm/formLteSetup
11:14 KSA
A flaw has been found in D-Link DWR-M960 1.01.07. This affects the function sub_4237AC of the file /boafrm/formLteSetup of the component LTE Configuration Endpoint. Executing a manipulation of the argument submit-url can lead to stack-based buffer overflow. The attack can be laun…
CVE-2026-2927
A vulnerability has been found in D-Link DWR-M960 1.01.07. This vulnerability affects the function sub_462590 of the fil
11:14 KSA
A vulnerability has been found in D-Link DWR-M960 1.01.07. This vulnerability affects the function sub_462590 of the file /boafrm/formOpMode of the component Operation Mode Configuration Endpoint. The manipulation of the argument submit-url leads to stack-based buffer overflow. T…
CVE-2026-2928
A vulnerability was found in D-Link DWR-M960 1.01.07. This issue affects the function sub_452CCC of the file /boafrm/for
11:14 KSA
A vulnerability was found in D-Link DWR-M960 1.01.07. This issue affects the function sub_452CCC of the file /boafrm/formWlEncrypt of the component WLAN Encryption Configuration Endpoint. The manipulation of the argument submit-url results in stack-based buffer overflow. The atta…
CVE-2026-2929
A vulnerability was determined in D-Link DWR-M960 1.01.07. Impacted is the function sub_453140 of the file /boafrm/formW
11:14 KSA
A vulnerability was determined in D-Link DWR-M960 1.01.07. Impacted is the function sub_453140 of the file /boafrm/formWlAc of the component Wireless Access Control Endpoint. This manipulation of the argument submit-url causes stack-based buffer overflow. Remote exploitation of t…
CVE-2026-2931
The Amelia Booking plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and includ
03:24 KSA
The Amelia Booking plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and including, 9.1.2. This is due to the plugin providing user-controlled access to objects, letting a user bypass authorization and access system resources. This makes i…
CVE-2026-2958
A security vulnerability has been detected in D-Link DWR-M960 1.01.07. Affected is the function sub_457C5C of the file /
11:14 KSA
A security vulnerability has been detected in D-Link DWR-M960 1.01.07. Affected is the function sub_457C5C of the file /boafrm/formWsc. Such manipulation of the argument save_apply leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been dis…
CVE-2026-2959
A vulnerability was detected in D-Link DWR-M960 1.01.07. Affected by this vulnerability is the function sub_44E0F8 of th
11:14 KSA
A vulnerability was detected in D-Link DWR-M960 1.01.07. Affected by this vulnerability is the function sub_44E0F8 of the file /boafrm/formNewSchedule. Performing a manipulation of the argument url results in stack-based buffer overflow. Remote exploitation of the attack is possi…
CVE-2026-30460
Daylight Studio FuelCMS v1.5.2 was discovered to contain an authenticated remote code execution (RCE) vulnerability in t
14:52 KSA
Daylight Studio FuelCMS v1.5.2 was discovered to contain an authenticated remote code execution (RCE) vulnerability in the Blocks module.
CVE-2026-30932
Froxlor is open source server administration software. Prior to version 2.3.5, the DomainZones.add API endpoint (accessi
23:54 KSA
Froxlor is open source server administration software. Prior to version 2.3.5, the DomainZones.add API endpoint (accessible to customers with DNS enabled) does not validate the content field for several DNS record types (LOC, RP, SSHFP, TLSA). An attacker can inject newlines and …
CVE-2026-32171
Insufficiently protected credentials in Azure Logic Apps allows an authorized attacker to elevate privileges over a netw
06:19 KSA
Insufficiently protected credentials in Azure Logic Apps allows an authorized attacker to elevate privileges over a network.
CVE-2026-3243
The Advanced Members for ACF plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path
00:18 KSA
The Advanced Members for ACF plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the create_crop function in all versions up to, and including, 1.2.5. This makes it possible for authenticated attackers, with Subscriber-level a…
CVE-2026-3274
A security flaw has been discovered in Tenda F453 1.0.0.3. Affected by this issue is the function frmL7ProtForm of the f
04:30 KSA
A security flaw has been discovered in Tenda F453 1.0.0.3. Affected by this issue is the function frmL7ProtForm of the file /goform/L7Prot of the component httpd. Performing a manipulation of the argument page results in buffer overflow. The attack is possible to be carried out r…
CVE-2026-3275
A weakness has been identified in Tenda F453 1.0.0.3. This affects the function fromAddressNat of the file /goform/addre
04:30 KSA
A weakness has been identified in Tenda F453 1.0.0.3. This affects the function fromAddressNat of the file /goform/addressNat of the component httpd. Executing a manipulation of the argument entrys can lead to buffer overflow. The attack may be performed from remote. The exploit …
CVE-2026-32914
OpenClaw before 2026.3.12 contains an insufficient access control vulnerability in the /config and /debug command handle
21:26 KSA
OpenClaw before 2026.3.12 contains an insufficient access control vulnerability in the /config and /debug command handlers that allows command-authorized non-owners to access owner-only surfaces. Attackers with command authorization can read or modify privileged configuration set…
CVE-2026-32915
OpenClaw before 2026.3.11 contains a sandbox boundary bypass vulnerability allowing leaf subagents to access the subagen
21:26 KSA
OpenClaw before 2026.3.11 contains a sandbox boundary bypass vulnerability allowing leaf subagents to access the subagents control surface and resolve against parent requester scope instead of their own session tree. A low-privilege sandboxed leaf worker can steer or kill sibling…
CVE-2026-33046
Indico is an event management system that uses Flask-Multipass, a multi-backend authentication system for Flask. In vers
11:22 KSA
Indico is an event management system that uses Flask-Multipass, a multi-backend authentication system for Flask. In versions prior to 3.3.12, due to vulnerabilities in TeXLive and obscure LaTeX syntax that allowed circumventing Indico's LaTeX sanitizer, it is possible to use spec…
CVE-2026-33083
DataEase is an open-source data visualization and analytics platform. Versions 2.10.20 and below contain a SQL injection
02:16 KSA
DataEase is an open-source data visualization and analytics platform. Versions 2.10.20 and below contain a SQL injection vulnerability in the orderDirection parameter used in dataset-related endpoints including /de2api/datasetData/enumValueDs and /de2api/datasetTree/exportDataset…
CVE-2026-33084
DataEase is an open-source data visualization and analytics platform. Versions 2.10.20 and below contain a SQL injection
02:16 KSA
DataEase is an open-source data visualization and analytics platform. Versions 2.10.20 and below contain a SQL injection vulnerability in the sort parameter of the /de2api/datasetData/enumValueObj endpoint. The DatasetDataManage service layer directly transfers the user-supplied …
CVE-2026-33120
Untrusted pointer dereference in SQL Server allows an authorized attacker to execute code over a network.
17:32 KSA
Untrusted pointer dereference in SQL Server allows an authorized attacker to execute code over a network.
CVE-2026-33121
DataEase is an open-source data visualization and analytics platform. Versions 2.10.20 and below contain a SQL injection
06:18 KSA
DataEase is an open-source data visualization and analytics platform. Versions 2.10.20 and below contain a SQL injection vulnerability in the API datasource saving process. The deTableName field from the Base64-encoded datasource configuration is used to construct a DDL statement…
CVE-2026-33207
DataEase is an open-source data visualization and analytics platform. Versions 2.10.20 and below contain a SQL injection
06:18 KSA
DataEase is an open-source data visualization and analytics platform. Versions 2.10.20 and below contain a SQL injection vulnerability in the /datasource/getTableField endpoint. The getTableFiledSql method in CalciteProvider.java incorporates the tableName parameter directly into…
CVE-2026-33336
Vikunja is an open-source self-hosted task management platform. Starting in version 0.21.0 and prior to version 2.2.0, t
21:55 KSA
Vikunja is an open-source self-hosted task management platform. Starting in version 0.21.0 and prior to version 2.2.0, the Vikunja Desktop Electron wrapper enables `nodeIntegration` in the main BrowserWindow and does not restrict same-window navigations. An attacker who can place…
CVE-2026-33413
etcd is a distributed key-value store for the data of a distributed system. Prior to versions 3.4.42, 3.5.28, and 3.6.9,
03:24 KSA
etcd is a distributed key-value store for the data of a distributed system. Prior to versions 3.4.42, 3.5.28, and 3.6.9, unauthorized users may bypass authentication or authorization checks and call certain etcd functions in clusters that expose the gRPC API to untrusted or parti…
CVE-2026-33510
Homarr is an open-source dashboard. Prior to 1.57.0, a DOM-based Cross-Site Scripting (XSS) vulnerability has been disco
05:32 KSA
Homarr is an open-source dashboard. Prior to 1.57.0, a DOM-based Cross-Site Scripting (XSS) vulnerability has been discovered in Homarr's /auth/login page. The application improperly trusts a URL parameter (callbackUrl), which is passed to redirect and router.push. An attacker ca…
CVE-2026-3357
IBM Langflow Desktop 1.6.0 through 1.8.2 Langflow could allow an authenticated user to execute arbitrary code on the sys
00:18 KSA
IBM Langflow Desktop 1.6.0 through 1.8.2 Langflow could allow an authenticated user to execute arbitrary code on the system, caused by an insecure default setting which permits the deserialization of untrusted data in the FAISS component.
CVE-2026-33573
OpenClaw before 2026.3.11 contains an authorization bypass vulnerability in the gateway agent RPC that allows authentica
21:26 KSA
OpenClaw before 2026.3.11 contains an authorization bypass vulnerability in the gateway agent RPC that allows authenticated operators with operator.write permission to override workspace boundaries by supplying attacker-controlled spawnedBy and workspaceDir values. Remote operato…
CVE-2026-33622
PinchTab is a standalone HTTP server that gives AI agents direct control over a Chrome browser. PinchTab `v0.8.3` throug
03:24 KSA
PinchTab is a standalone HTTP server that gives AI agents direct control over a Chrome browser. PinchTab `v0.8.3` through `v0.8.5` allow arbitrary JavaScript execution through `POST /wait` and `POST /tabs/{id}/wait` when the request uses `fn` mode, even if `security.allowEvaluate…
CVE-2026-33634
Trivy is a security scanner. On March 19, 2026, a threat actor used compromised credentials to publish a malicious Trivy
11:22 KSA
Trivy is a security scanner. On March 19, 2026, a threat actor used compromised credentials to publish a malicious Trivy v0.69.4 release, force-push 76 of 77 version tags in `aquasecurity/trivy-action` to credential-stealing malware, and replace all 7 tags in `aquasecurity/setup-…
CVE-2026-33735
MyTube is a self-hosted downloader and player for several video websites Prior to version 1.8.69, an authorization bypas
03:24 KSA
MyTube is a self-hosted downloader and player for several video websites Prior to version 1.8.69, an authorization bypass in the `/api/settings/import-database` endpoint allows attackers with low-privilege credentials to upload and replace the application's SQLite database entire…
CVE-2026-33767
WWBN AVideo is an open source video platform. In versions up to and including 26.0, in `objects/like.php`, the `getLike(
03:24 KSA
WWBN AVideo is an open source video platform. In versions up to and including 26.0, in `objects/like.php`, the `getLike()` method constructs a SQL query using a prepared statement placeholder (`?`) for `users_id` but directly concatenates `$this->videos_id` into the query string …
CVE-2026-33785
A Missing Authorization vulnerability in the CLI of Juniper Networks Junos OS on MX Series allows a local, authenticated
21:26 KSA
A Missing Authorization vulnerability in the CLI of Juniper Networks Junos OS on MX Series allows a local, authenticated user with low privileges to execute specific commands which will lead to a complete compromise of managed devices.
Any user logged in, without requiring speci…
CVE-2026-34040
Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that all
03:28 KSA
Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that allows attackers to bypass authorization plugins (AuthZ). This issue has been patched in version 29.3.1.
CVE-2026-34121
An authentication bypass vulnerability within the HTTP handling of the DS configuration service in TP-Link Tapo C520WS v
03:23 KSA
An authentication bypass vulnerability within the HTTP handling of the DS configuration service in TP-Link Tapo C520WS v2.6 was identified, due to inconsistent parsing and authorization logic in JSON requests during authentication check. An unauthenticated attacker can append an…
CVE-2026-34227
Sliver is a command and control framework that uses a custom Wireguard netstack. Prior to version 1.7.4, a single click
17:48 KSA
Sliver is a command and control framework that uses a custom Wireguard netstack. Prior to version 1.7.4, a single click on a malicious link gives an unauthenticated attacker immediate, silent control over every active C2 session or beacon, capable of exfiltrating all collected ta…
CVE-2026-34373
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to version
03:28 KSA
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.66 and 9.7.0-alpha.10, the GraphQL API endpoint does not respect the allowOrigin server option and unconditionally allows cross-origin requests from any w…
CVE-2026-34386
Fleet is open source device management software. Prior to 4.81.0, a SQL injection vulnerability in Fleet's MDM bootstrap
21:26 KSA
Fleet is open source device management software. Prior to 4.81.0, a SQL injection vulnerability in Fleet's MDM bootstrap package configuration allows an authenticated user with Team Admin or Global Admin privileges to modify arbitrary team configurations, exfiltrate sensitive dat…
CVE-2026-34427
Vvveb prior to 1.0.8.1 contains a privilege escalation vulnerability in the admin user profile save endpoint that allows
00:49 KSA
Vvveb prior to 1.0.8.1 contains a privilege escalation vulnerability in the admin user profile save endpoint that allows authenticated users to modify privileged fields on their own profile. Attackers can inject role_id=1 into profile save requests to escalate to Super Administra…
CVE-2026-34570
CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorizati
22:50 KSA
CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.0.0, the application fails to immediately revoke active user sessions when an account is deleted. Due to a logic fla…
CVE-2026-3464
The WP Customer Area plugin for WordPress is vulnerable to arbitrary file read and deletion due to insufficient file pat
18:48 KSA
The WP Customer Area plugin for WordPress is vulnerable to arbitrary file read and deletion due to insufficient file path validation in the 'ajax_attach_file' function in all versions up to, and including, 8.3.4. This makes it possible for authenticated attackers with a role that…
CVE-2026-34791
Endian Firewall version 3.3.25 and prior allow authenticated users to execute arbitrary OS commands via the DATE paramet
08:48 KSA
Endian Firewall version 3.3.25 and prior allow authenticated users to execute arbitrary OS commands via the DATE parameter to /cgi-bin/logs_proxy.cgi. The DATE parameter value is used to construct a file path that is passed to a Perl open() call, which allows command injection du…
CVE-2026-34792
Endian Firewall version 3.3.25 and prior allow authenticated users to execute arbitrary OS commands via the DATE paramet
08:48 KSA
Endian Firewall version 3.3.25 and prior allow authenticated users to execute arbitrary OS commands via the DATE parameter to /cgi-bin/logs_clamav.cgi. The DATE parameter value is used to construct a file path that is passed to a Perl open() call, which allows command injection d…
CVE-2026-34793
Endian Firewall version 3.3.25 and prior allow authenticated users to execute arbitrary OS commands via the DATE paramet
08:48 KSA
Endian Firewall version 3.3.25 and prior allow authenticated users to execute arbitrary OS commands via the DATE parameter to /cgi-bin/logs_firewall.cgi. The DATE parameter value is used to construct a file path that is passed to a Perl open() call, which allows command injection…
CVE-2026-34794
Endian Firewall version 3.3.25 and prior allow authenticated users to execute arbitrary OS commands via the DATE paramet
08:48 KSA
Endian Firewall version 3.3.25 and prior allow authenticated users to execute arbitrary OS commands via the DATE parameter to /cgi-bin/logs_ids.cgi. The DATE parameter value is used to construct a file path that is passed to a Perl open() call, which allows command injection due …
CVE-2026-34795
Endian Firewall version 3.3.25 and prior allow authenticated users to execute arbitrary OS commands via the DATE paramet
10:32 KSA
Endian Firewall version 3.3.25 and prior allow authenticated users to execute arbitrary OS commands via the DATE parameter to /cgi-bin/logs_log.cgi. The DATE parameter value is used to construct a file path that is passed to a Perl open() call, which allows command injection due …
CVE-2026-34796
Endian Firewall version 3.3.25 and prior allow authenticated users to execute arbitrary OS commands via the DATE paramet
15:00 KSA
Endian Firewall version 3.3.25 and prior allow authenticated users to execute arbitrary OS commands via the DATE parameter to /cgi-bin/logs_openvpn.cgi. The DATE parameter value is used to construct a file path that is passed to a Perl open() call, which allows command injection …
CVE-2026-34797
Endian Firewall version 3.3.25 and prior allow authenticated users to execute arbitrary OS commands via the DATE paramet
15:00 KSA
Endian Firewall version 3.3.25 and prior allow authenticated users to execute arbitrary OS commands via the DATE parameter to /cgi-bin/logs_smtp.cgi. The DATE parameter value is used to construct a file path that is passed to a Perl open() call, which allows command injection due…
CVE-2026-3499
The Product Feed PRO for WooCommerce by AdTribes – Product Feeds for WooCommerce plugin for WordPress is vulnerable to C
00:18 KSA
The Product Feed PRO for WooCommerce by AdTribes – Product Feeds for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions 13.4.6 through 13.5.2.1. This is due to missing or incorrect nonce validation on the ajax_migrate_to_custom_post_type, aja…
CVE-2026-35029
LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. Prior to 1.83.0, the /config/updat
17:55 KSA
LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. Prior to 1.83.0, the /config/update endpoint does not enforce admin role authorization. A user who is already authenticated into the platform can then use this endpoint to modify proxy configura…
CVE-2026-3533
The Jupiter X Core plugin for WordPress is vulnerable to limited file uploads due to missing authorization on import_pop
11:22 KSA
The Jupiter X Core plugin for WordPress is vulnerable to limited file uploads due to missing authorization on import_popup_templates() function as well as insufficient file type validation in the upload_files() function in all versions up to, and including, 4.14.1. This makes it …
CVE-2026-35638
OpenClaw before 2026.3.22 contains a privilege escalation vulnerability in the Control UI that allows unauthenticated se
01:48 KSA
OpenClaw before 2026.3.22 contains a privilege escalation vulnerability in the Control UI that allows unauthenticated sessions to retain self-declared privileged scopes without device identity verification. Attackers can exploit the device-less allow path in the trusted-proxy mec…
CVE-2026-35639
OpenClaw before 2026.3.22 contains a privilege escalation vulnerability in the device.pair.approve method that allows an
01:48 KSA
OpenClaw before 2026.3.22 contains a privilege escalation vulnerability in the device.pair.approve method that allows an operator.pairing approver to approve pending device requests with broader operator scopes than the approver actually holds. Attackers can exploit insufficient …
CVE-2026-35643
OpenClaw before 2026.3.22 contains an unvalidated WebView JavascriptInterface vulnerability allowing attackers to inject
08:18 KSA
OpenClaw before 2026.3.22 contains an unvalidated WebView JavascriptInterface vulnerability allowing attackers to inject arbitrary instructions. Untrusted pages can invoke the canvas bridge to execute malicious code within the Android application context.
CVE-2026-35663
OpenClaw before 2026.3.25 contains a privilege escalation vulnerability allowing non-admin operators to self-request bro
16:36 KSA
OpenClaw before 2026.3.25 contains a privilege escalation vulnerability allowing non-admin operators to self-request broader scopes during backend reconnect. Attackers can bypass pairing requirements to reconnect as operator.admin, gaining unauthorized administrative privileges.
CVE-2026-35666
OpenClaw before 2026.3.22 contains an allowlist bypass vulnerability in system.run approvals that fails to unwrap /usr/b
22:47 KSA
OpenClaw before 2026.3.22 contains an allowlist bypass vulnerability in system.run approvals that fails to unwrap /usr/bin/time wrappers. Attackers can bypass executable binding restrictions by using an unregistered time wrapper to reuse approval state for inner commands.
CVE-2026-35669
OpenClaw before 2026.3.25 contains a privilege escalation vulnerability in gateway-authenticated plugin HTTP routes that
22:47 KSA
OpenClaw before 2026.3.25 contains a privilege escalation vulnerability in gateway-authenticated plugin HTTP routes that incorrectly mint operator.admin runtime scope regardless of caller-granted scopes. Attackers can exploit this scope boundary bypass to gain elevated privileges…
CVE-2026-3614
The AcyMailing plugin for WordPress is vulnerable to privilege escalation in all versions From 9.11.0 up to, and includi
00:16 KSA
The AcyMailing plugin for WordPress is vulnerable to privilege escalation in all versions From 9.11.0 up to, and including, 10.8.1 due to a missing capability check on the `wp_ajax_acymailing_router` AJAX handler. This makes it possible for authenticated attackers, with Subscribe…
CVE-2026-3666
The wpForo Forum plugin for WordPress is vulnerable to arbitrary file deletion in all versions up to, and including, 2.4
15:48 KSA
The wpForo Forum plugin for WordPress is vulnerable to arbitrary file deletion in all versions up to, and including, 2.4.16. This is due to a missing file name/path validation against path traversal sequences. This makes it possible for authenticated attackers, with subscriber le…
CVE-2026-3692
In Progress Flowmon versions prior to 12.5.8, a vulnerability exists whereby an authenticated low-privileged user may cr
04:00 KSA
In Progress Flowmon versions prior to 12.5.8, a vulnerability exists whereby an authenticated low-privileged user may craft a request during the report generation process that results in unintended commands being executed on the server.
CVE-2026-3854
An improper neutralization of special elements vulnerability was identified in GitHub Enterprise Server that allowed an
03:13 KSA
An improper neutralization of special elements vulnerability was identified in GitHub Enterprise Server that allowed an attacker with push access to a repository to achieve remote code execution on the instance. During a git push operation, user-supplied push option values were n…
CVE-2026-39342
ChurchCRM is an open-source church management system. Prior to 7.1.0, the searchwhat parameter via QueryView.php with th
18:17 KSA
ChurchCRM is an open-source church management system. Prior to 7.1.0, the searchwhat parameter via QueryView.php with the QueryID=15 is vulnerable to a SQL injection. The authenticated user requires access to Data/Reports > Query Menu and access to the "Advanced Search" query. Th…
CVE-2026-39911
Hashgraph Guardian through version 3.5.0 contains an unsandboxed JavaScript execution vulnerability in the Custom Logic
21:26 KSA
Hashgraph Guardian through version 3.5.0 contains an unsandboxed JavaScript execution vulnerability in the Custom Logic policy block worker that allows authenticated Standard Registry users to execute arbitrary code by passing user-supplied JavaScript expressions directly to the …
CVE-2026-40040
Pachno 1.0.6 contains an unrestricted file upload vulnerability that allows authenticated users to upload arbitrary file
03:25 KSA
Pachno 1.0.6 contains an unrestricted file upload vulnerability that allows authenticated users to upload arbitrary file types by bypassing ineffective extension filtering to the /uploadfile endpoint. Attackers can upload executable files .php5 scripts to web-accessible directori…
CVE-2026-40459
PAC4J is vulnerable to LDAP Injection in multiple methods. A low-privileged remote attacker can inject crafted LDAP synt
12:32 KSA
PAC4J is vulnerable to LDAP Injection in multiple methods. A low-privileged remote attacker can inject crafted LDAP syntax into ID-based search parameters, potentially resulting in unauthorized LDAP queries and arbitrary directory operations.
This issue was fixed in PAC4J versio…
CVE-2026-40502
OpenHarness prior to commit dd1d235 contains a command injection vulnerability that allows remote gateway users with cha
20:00 KSA
OpenHarness prior to commit dd1d235 contains a command injection vulnerability that allows remote gateway users with chat access to invoke sensitive administrative commands by exploiting insufficient distinction between local-only and remote-safe commands in the gateway handler. …
CVE-2026-40900
DataEase is an open-source data visualization and analytics platform. Versions 2.10.20 and below contain a SQL injection
06:18 KSA
DataEase is an open-source data visualization and analytics platform. Versions 2.10.20 and below contain a SQL injection vulnerability in the /de2api/datasetData/previewSql endpoint. The user-supplied SQL is wrapped in a subquery without validation that the input is a single SELE…
CVE-2026-40901
DataEase is an open-source data visualization and analytics platform. Versions 2.10.20 and below ship the legacy velocit
06:18 KSA
DataEase is an open-source data visualization and analytics platform. Versions 2.10.20 and below ship the legacy velocity-1.7.jar, which pulls in commons-collections-3.2.1.jar containing the InvokerTransformer deserialization gadget chain. Quartz 2.3.2, also bundled in the applic…
CVE-2026-41137
Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, The CSVAgent al
21:54 KSA
Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, The CSVAgent allows providing a custom Pandas CSV read code. Due to lack of sanitization, an attacker can provide a command injection payload that will get interpolated and ex…
CVE-2026-41138
Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, there is a remo
21:54 KSA
Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, there is a remote code execution vulnerability in AirtableAgent.ts caused by lack of input verification when using Pandas. The user’s input is directly applied to the question…
CVE-2026-41277
Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, a Mass Assignme
21:54 KSA
Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, a Mass Assignment vulnerability in the DocumentStore creation endpoint allows authenticated users to control the primary key (id) and internal state fields of DocumentStore en…
CVE-2026-41303
OpenClaw before 2026.3.28 contains an authorization bypass vulnerability in Discord text approval commands that allows n
02:44 KSA
OpenClaw before 2026.3.28 contains an authorization bypass vulnerability in Discord text approval commands that allows non-approvers to resolve pending exec approvals. Attackers can send Discord text commands to bypass the channels.discord.execApprovals.approvers allowlist and ap…
CVE-2026-41349
OpenClaw before 2026.3.28 contains an agentic consent bypass vulnerability allowing LLM agents to silently disable execu
21:54 KSA
OpenClaw before 2026.3.28 contains an agentic consent bypass vulnerability allowing LLM agents to silently disable execution approval via config.patch parameter. Remote attackers can exploit this to bypass security controls and execute unauthorized operations without user consent…
CVE-2026-41352
OpenClaw before 2026.3.31 contains a remote code execution vulnerability where a device-paired node can bypass the node
09:32 KSA
OpenClaw before 2026.3.31 contains a remote code execution vulnerability where a device-paired node can bypass the node scope gate authentication mechanism. Attackers with device pairing credentials can execute arbitrary node commands on the host system without proper node pairin…
CVE-2026-41445
KissFFT before commit 8a8e66e contains an integer overflow vulnerability in the kiss_fftndr_alloc() function in kiss_fft
00:49 KSA
KissFFT before commit 8a8e66e contains an integer overflow vulnerability in the kiss_fftndr_alloc() function in kiss_fftndr.c where the allocation size calculation dimOther*(dimReal+2)*sizeof(kiss_fft_scalar) overflows signed 32-bit integer arithmetic before being widened to size…
CVE-2026-4314
The 'The Ultimate WordPress Toolkit – WP Extended' plugin for WordPress is vulnerable to Privilege Escalation in all ver
11:22 KSA
The 'The Ultimate WordPress Toolkit – WP Extended' plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 3.2.4. This is due to the `isDashboardOrProfileRequest()` method in the Menu Editor module using an insecure `strpos()` check agains…
CVE-2026-4326
The Vertex Addons for Elementor plugin for WordPress is vulnerable to Missing Authorization in all versions up to and in
09:16 KSA
The Vertex Addons for Elementor plugin for WordPress is vulnerable to Missing Authorization in all versions up to and including 1.6.4. This is due to improper authorization enforcement in the activate_required_plugins() function. Specifically, the current_user_can('install_plugin…
CVE-2026-4529
A vulnerability was identified in D-Link DHP-1320 1.00WWB04. This affects the function redirect_count_down_page of the c
11:22 KSA
A vulnerability was identified in D-Link DHP-1320 1.00WWB04. This affects the function redirect_count_down_page of the component SOAP Handler. Such manipulation leads to stack-based buffer overflow. The attack can be executed remotely. The exploit is publicly available and might …
CVE-2026-4534
A flaw has been found in Tenda FH451 1.0.0.9. This affects the function formWrlExtraSet of the file /goform/WrlExtraSet.
11:22 KSA
A flaw has been found in Tenda FH451 1.0.0.9. This affects the function formWrlExtraSet of the file /goform/WrlExtraSet. This manipulation of the argument GO causes stack-based buffer overflow. The attack can be initiated remotely. The exploit has been published and may be used.
CVE-2026-4535
A vulnerability has been found in Tenda FH451 1.0.0.9. This vulnerability affects the function WrlclientSet of the file
11:22 KSA
A vulnerability has been found in Tenda FH451 1.0.0.9. This vulnerability affects the function WrlclientSet of the file /goform/WrlclientSet. Such manipulation of the argument GO leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been discl…
CVE-2026-4551
A vulnerability was found in Tenda F453 1.0.0.3. This vulnerability affects the function fromSafeClientFilter of the fil
11:22 KSA
A vulnerability was found in Tenda F453 1.0.0.3. This vulnerability affects the function fromSafeClientFilter of the file /goform/SafeClientFilter of the component Parameters Handler. Performing a manipulation of the argument menufacturer/Go results in stack-based buffer overflow…
CVE-2026-4552
A vulnerability was determined in Tenda F453 1.0.0.3. This issue affects the function fromVirtualSer of the file /goform
11:22 KSA
A vulnerability was determined in Tenda F453 1.0.0.3. This issue affects the function fromVirtualSer of the file /goform/VirtualSer of the component Parameters Handler. Executing a manipulation of the argument page can lead to stack-based buffer overflow. The attack may be perfor…
CVE-2026-4553
A vulnerability was identified in Tenda F453 1.0.0.3. Impacted is the function fromNatlimit of the file /goform/Natlimit
11:22 KSA
A vulnerability was identified in Tenda F453 1.0.0.3. Impacted is the function fromNatlimit of the file /goform/Natlimit of the component Parameters Handler. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to initiate the attack remotely…
CVE-2026-4555
A weakness has been identified in D-Link DIR-513 1.10. The impacted element is the function formEasySetTimezone of the f
11:22 KSA
A weakness has been identified in D-Link DIR-513 1.10. The impacted element is the function formEasySetTimezone of the file /goform/formEasySetTimezone of the component boa. This manipulation of the argument curTime causes stack-based buffer overflow. The attack can be initiated …
CVE-2026-4558
A flaw has been found in Linksys MR9600 2.0.6.206937. Affected is the function smartConnectConfigure of the file SmartCo
11:22 KSA
A flaw has been found in Linksys MR9600 2.0.6.206937. Affected is the function smartConnectConfigure of the file SmartConnect.lua. Executing a manipulation of the argument configApSsid/configApPassphrase/srpLogin/srpPassword can lead to os command injection. The attack may be lau…
CVE-2026-4565
A vulnerability was detected in Tenda AC21 16.03.08.16. Impacted is the function formSetQosBand of the file /goform/SetN
11:22 KSA
A vulnerability was detected in Tenda AC21 16.03.08.16. Impacted is the function formSetQosBand of the file /goform/SetNetControlList. Performing a manipulation of the argument list results in buffer overflow. The attack can be initiated remotely. The exploit is now public and ma…
CVE-2026-4566
A flaw has been found in Belkin F9K1122 1.00.33. The affected element is the function formWISP5G of the file /goform/for
11:22 KSA
A flaw has been found in Belkin F9K1122 1.00.33. The affected element is the function formWISP5G of the file /goform/formWISP5G. Executing a manipulation of the argument webpage can lead to stack-based buffer overflow. The attack can be launched remotely. The exploit has been pub…
CVE-2026-4639
Vitals ESP developed by Galaxy Software Services has a Incorrect Authorization vulnerability, allowing authenticated rem
11:22 KSA
Vitals ESP developed by Galaxy Software Services has a Incorrect Authorization vulnerability, allowing authenticated remote attackers to perform certain administrative functions, thereby escalating privileges.
CVE-2026-4840
A security flaw has been discovered in Netcore Power 15AX up to 3.0.0.6938. Affected by this issue is the function setTo
03:24 KSA
A security flaw has been discovered in Netcore Power 15AX up to 3.0.0.6938. Affected by this issue is the function setTools of the file /bin/netis.cgi of the component Diagnostic Tool Interface. Performing a manipulation of the argument IpAddr results in os command injection. Rem…
CVE-2026-4861
A weakness has been identified in Wavlink WL-NU516U1 260227. This vulnerability affects the function ftext of the file /
03:24 KSA
A weakness has been identified in Wavlink WL-NU516U1 260227. This vulnerability affects the function ftext of the file /cgi-bin/nas.cgi. This manipulation of the argument Content-Length causes stack-based buffer overflow. The attack can be initiated remotely. The exploit has been…
CVE-2026-4862
A security vulnerability has been detected in UTT HiPER 1250GW up to 3.2.7-210907-180535. This issue affects the functio
03:24 KSA
A security vulnerability has been detected in UTT HiPER 1250GW up to 3.2.7-210907-180535. This issue affects the function strcpy of the file /goform/formConfigDnsFilterGlobal of the component Parameter Handler. Such manipulation of the argument GroupName leads to buffer overflow.…
CVE-2026-4902
A vulnerability was detected in Tenda AC5 15.03.06.47. This affects the function fromAddressNat of the file /goform/addr
03:24 KSA
A vulnerability was detected in Tenda AC5 15.03.06.47. This affects the function fromAddressNat of the file /goform/addressNat of the component POST Request Handler. The manipulation of the argument page results in stack-based buffer overflow. The attack can be launched remotely.…
CVE-2026-4903
A flaw has been found in Tenda AC5 15.03.06.47. This vulnerability affects the function formQuickIndex of the file /gofo
03:24 KSA
A flaw has been found in Tenda AC5 15.03.06.47. This vulnerability affects the function formQuickIndex of the file /goform/QuickIndex of the component POST Request Handler. This manipulation of the argument PPPOEPassword causes stack-based buffer overflow. The attack may be initi…
CVE-2026-4904
A vulnerability has been found in Tenda AC5 15.03.06.47. This issue affects the function formSetCfm of the file /goform/
03:24 KSA
A vulnerability has been found in Tenda AC5 15.03.06.47. This issue affects the function formSetCfm of the file /goform/setcfm of the component POST Request Handler. Such manipulation of the argument funcpara1 leads to stack-based buffer overflow. The attack may be launched remot…
CVE-2026-4905
A vulnerability was found in Tenda AC5 15.03.06.47. Impacted is the function formWifiWpsOOB of the file /goform/WifiWpsO
03:24 KSA
A vulnerability was found in Tenda AC5 15.03.06.47. Impacted is the function formWifiWpsOOB of the file /goform/WifiWpsOOB of the component POST Request Handler. Performing a manipulation of the argument index results in stack-based buffer overflow. Remote exploitation of the att…
CVE-2026-4906
A vulnerability was determined in Tenda AC5 15.03.06.47. The affected element is the function decodePwd of the file /gof
03:24 KSA
A vulnerability was determined in Tenda AC5 15.03.06.47. The affected element is the function decodePwd of the file /goform/WizardHandle of the component POST Request Handler. Executing a manipulation of the argument WANT/WANS can lead to stack-based buffer overflow. The attack c…
CVE-2026-4974
A flaw has been found in Tenda AC7 15.03.06.44. Affected by this issue is the function fromSetSysTime of the file /gofor
03:24 KSA
A flaw has been found in Tenda AC7 15.03.06.44. Affected by this issue is the function fromSetSysTime of the file /goform/SetSysTimeCfg of the component POST Request Handler. Executing a manipulation of the argument Time can lead to stack-based buffer overflow. It is possible to …
CVE-2026-4975
A vulnerability has been found in Tenda AC15 15.03.05.19. This affects the function formSetCfm of the file /goform/setcf
03:24 KSA
A vulnerability has been found in Tenda AC15 15.03.05.19. This affects the function formSetCfm of the file /goform/setcfm of the component POST Request Handler. The manipulation of the argument funcpara1 leads to stack-based buffer overflow. The attack can be initiated remotely. …
CVE-2026-5004
A vulnerability was determined in Wavlink WL-WN579X3-C 231124. This impacts the function sub_4019FC of the file /cgi-bin
15:22 KSA
A vulnerability was determined in Wavlink WL-WN579X3-C 231124. This impacts the function sub_4019FC of the file /cgi-bin/firewall.cgi of the component UPNP Handler. Executing a manipulation of the argument UpnpEnabled can lead to stack-based buffer overflow. It is possible to lau…
CVE-2026-5021
A flaw has been found in Tenda F453 1.0.0.3. This affects the function fromPPTPUserSetting of the file /goform/PPTPUserS
21:26 KSA
A flaw has been found in Tenda F453 1.0.0.3. This affects the function fromPPTPUserSetting of the file /goform/PPTPUserSetting of the component httpd. This manipulation of the argument delno causes stack-based buffer overflow. Remote exploitation of the attack is possible. The ex…
CVE-2026-5024
A vulnerability was found in D-Link DIR-513 1.10. This issue affects the function formSetEmail of the file /goform/formS
21:26 KSA
A vulnerability was found in D-Link DIR-513 1.10. This issue affects the function formSetEmail of the file /goform/formSetEmail. Performing a manipulation of the argument curTime results in stack-based buffer overflow. The attack is possible to be carried out remotely. The exploi…
CVE-2026-5036
A vulnerability was found in Tenda 4G06 04.06.01.29. This vulnerability affects the function fromDhcpListClient of the f
21:26 KSA
A vulnerability was found in Tenda 4G06 04.06.01.29. This vulnerability affects the function fromDhcpListClient of the file /goform/DhcpListClient of the component Endpoint. Performing a manipulation of the argument page results in stack-based buffer overflow. The attack can be i…
CVE-2026-5042
A security flaw has been discovered in Belkin F9K1122 1.00.33. The affected element is the function formCrossBandSwitch
21:26 KSA
A security flaw has been discovered in Belkin F9K1122 1.00.33. The affected element is the function formCrossBandSwitch of the file /goform/formCrossBandSwitch of the component Parameter Handler. The manipulation of the argument webpage results in stack-based buffer overflow. The…
CVE-2026-5043
A weakness has been identified in Belkin F9K1122 1.00.33. The impacted element is the function formSetPassword of the fi
21:26 KSA
A weakness has been identified in Belkin F9K1122 1.00.33. The impacted element is the function formSetPassword of the file /goform/formSetPassword of the component Parameter Handler. This manipulation of the argument webpage causes stack-based buffer overflow. Remote exploitation…
CVE-2026-5044
A security vulnerability has been detected in Belkin F9K1122 1.00.33. This affects the function formSetSystemSettings of
21:26 KSA
A security vulnerability has been detected in Belkin F9K1122 1.00.33. This affects the function formSetSystemSettings of the file /goform/formSetSystemSettings of the component Setting Handler. Such manipulation of the argument webpage leads to stack-based buffer overflow. The at…
CVE-2026-5045
A vulnerability was detected in Tenda FH1201 1.2.0.14(408). This impacts the function WrlclientSet of the file /goform/W
21:26 KSA
A vulnerability was detected in Tenda FH1201 1.2.0.14(408). This impacts the function WrlclientSet of the file /goform/WrlclientSet of the component Parameter Handler. Performing a manipulation of the argument GO results in stack-based buffer overflow. The attack is possible to b…
CVE-2026-5046
A flaw has been found in Tenda FH1201 1.2.0.14(408). Affected is the function formWrlExtraSet of the file /goform/WrlExt
21:26 KSA
A flaw has been found in Tenda FH1201 1.2.0.14(408). Affected is the function formWrlExtraSet of the file /goform/WrlExtraSet of the component Parameter Handler. Executing a manipulation of the argument GO can lead to stack-based buffer overflow. The attack may be performed from …
CVE-2026-5130
The Debugger & Troubleshooter plugin for WordPress was vulnerable to Unauthenticated Privilege Escalation in versions up
21:26 KSA
The Debugger & Troubleshooter plugin for WordPress was vulnerable to Unauthenticated Privilege Escalation in versions up to and including 1.3.2. This was due to the plugin accepting the wp_debug_troubleshoot_simulate_user cookie value directly as a user ID without any cryptograph…
CVE-2026-5144
The BuddyPress Groupblog plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including
22:47 KSA
The BuddyPress Groupblog plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.9.3. This is due to the group blog settings handler accepting the `groupblog-blogid`, `default-member`, and `groupblog-silent-add` parameters from user inpu…
CVE-2026-5152
A vulnerability was detected in Tenda CH22 1.0.0.1. Impacted is the function formCreateFileName of the file /goform/crea
21:26 KSA
A vulnerability was detected in Tenda CH22 1.0.0.1. Impacted is the function formCreateFileName of the file /goform/createFileName. Performing a manipulation of the argument fileNameMit results in stack-based buffer overflow. The attack may be initiated remotely. The exploit is n…
CVE-2026-5154
A vulnerability has been found in Tenda CH22 1.0.0.1/1.If. The impacted element is the function fromSetCfm of the file /
21:26 KSA
A vulnerability has been found in Tenda CH22 1.0.0.1/1.If. The impacted element is the function fromSetCfm of the file /goform/setcfm of the component Parameter Handler. The manipulation of the argument funcname leads to stack-based buffer overflow. Remote exploitation of the att…
CVE-2026-5155
A vulnerability was found in Tenda CH22 1.0.0.1. This affects the function fromAdvSetWan of the file /goform/AdvSetWan o
21:26 KSA
A vulnerability was found in Tenda CH22 1.0.0.1. This affects the function fromAdvSetWan of the file /goform/AdvSetWan of the component Parameter Handler. The manipulation of the argument wanmode results in stack-based buffer overflow. The attack can be executed remotely. The exp…
⚠️ Threat Intelligence
49 threats
rss:Dark Reading
—
05:20 KSA
China-Backed Hackers Are Industrializing Botnets
China-backed threat actors are industrializing botnet operations to conduct large-scale cyberattacks through compromised device networks. This approach enables low-cost, low-risk, and deniable attack campaigns aga…
rss:BleepingComputer
—
02:17 KSA
Bitwarden CLI npm package compromised to steal developer credentials
The Bitwarden CLI package on npm was compromised with a malicious payload designed to steal developer credentials and propagate to dependent projects. This supply chain attack targeted develope…
rss:The Hacker News
—
01:16 KSA
UNC6692 Impersonates IT Helpdesk via Microsoft Teams to Deploy SNOW Malware
UNC6692, a previously undocumented threat actor group, is using social engineering tactics through Microsoft Teams to impersonate IT helpdesk staff and deploy custom SNOW malware on targ…
rss:BleepingComputer
—
01:16 KSA
Trigona ransomware attacks use custom exfiltration tool to steal data
Trigona ransomware operators have deployed a custom command-line exfiltration tool to accelerate data theft from compromised systems. This enhancement demonstrates the group's technical sophis…
rss:CISA Advisories
—
01:16 KSA
SpiceJet Online Booking System
SpiceJet Online Booking System contains multiple vulnerabilities (CVE-2026-6375, CVE-2026-6376) affecting all versions that could allow attackers to disclose sensitive information. Successful exploitation poses a risk to customer d…
rss:CISA Advisories
—
00:06 KSA
Intrado 911 Emergency Gateway (EGW)
A critical file manipulation vulnerability in Intrado 911 Emergency Gateway (versions 5.x, 6.x, and 7.x) allows attackers to read, modify, or delete files. CVE-2026-6074 affects critical emergency response infrastructure.
Sou…
rss:CISA Advisories
—
00:06 KSA
Milesight Cameras
Multiple critical vulnerabilities in Milesight Cameras (MS-Cxx63-PD versions up to 51.7.0.77-r12) could allow remote code execution or device crashes. Five CVEs are identified affecting surveillance infrastructure.
Source: https://www.cisa.gov…
rss:CISA Advisories
—
00:06 KSA
Yadea T5 Electric Bicycle
A critical vulnerability in Yadea T5 Electric Bicycle allows attackers to unlock and start the bicycle remotely, enabling vehicle theft. All versions of the T5 model are affected by CVE-2025-70994.
Source: https://www.cisa.gov/news-eve…
rss:CISA Advisories
—
23:00 KSA
FIRESTARTER Backdoor
CISA has analyzed a FIRESTARTER backdoor malware sample obtained from forensic investigation in collaboration with UK National authorities. This backdoor malware represents a significant threat to organizations as it enables unauthorized rem…
rss:CISA Advisories
—
23:00 KSA
Hangzhou Xiongmai Technology Co., Ltd XM530 IP Camera
A critical vulnerability in Hangzhou Xiongmai Technology XM530 IP Camera (model XM530V200_X6-WEQ_8M) allows attackers to bypass authentication and gain remote access to sensitive information stored on the dev…
rss:CISA Advisories
—
23:00 KSA
Carlson Software VASCO-B GNSS Receiver
A critical vulnerability (CVE-2026-3893) in Carlson Software VASCO-B GNSS Receiver versions below 1.4.0 allows remote attackers to alter critical system functions or disrupt device operation. This vulnerability poses signif…
rss:BleepingComputer
—
23:00 KSA
New Checkmarx supply-chain breach affects KICS analysis tool
Attackers compromised Docker images and VSCode extensions for the Checkmarx KICS code analysis tool to steal sensitive data from developer environments. This supply-chain attack targets developers and …
rss:Malwarebytes Lab
—
21:54 KSA
How cyberattacks on companies affect everyone
This article examines the broader impact of cybercrime targeting companies and how such attacks affect customers and the general public. It highlights the cascading consequences of corporate security breaches beyond …
rss:SecurityWeek
—
21:54 KSA
Cloudsmith Raises $72 Million in Series C Funding
Cloudsmith secured $72 million in Series C funding to accelerate product development and expand market reach. This investment strengthens the company's position in software supply chain security and artifact mana…
rss:Mandiant Blog
—
20:53 KSA
Snow Flurries: How UNC6692 Employed Social Engineering to Deploy a Custom Malware Suite
Google Threat Intelligence Group identified UNC6692, a newly tracked threat group conducting multi-stage intrusion campaigns using persistent social engineering tactics combi…
rss:Recorded Future
—
20:53 KSA
Today, trust is the superpower that makes innovation possible
This article discusses the role of trust and intelligence in enabling innovation and financial growth. While focused on business collaboration, it addresses the importance of secure information sharin…
rss:Recorded Future
—
20:53 KSA
Critical minerals and cyber operations
The article examines how critical minerals and rare earth elements have become strategic targets for state-sponsored cyber operations, with particular focus on China's refining dominance and geopolitical risks. It highlight…
rss:Dark Reading
—
20:53 KSA
Bad Memories Still Haunt AI Agents
Cisco discovered a significant vulnerability in Anthropic's memory handling mechanisms that could compromise AI agent security. Experts warn that improper memory file management poses ongoing risks to AI systems and their data …
rss:Dark Reading
—
20:53 KSA
Chinese APT Abuses Multiple Cloud Tools to Spy on Mongolia
A Chinese APT group exploited legitimate cloud services including Microsoft Outlook, Slack, Discord, and file.io to establish command and control infrastructure for espionage operations. The threat actor…
rss:The Hacker News
—
20:53 KSA
ThreatsDay Bulletin: $290M DeFi Hack, macOS LotL Abuse, ProxySmart SIM Farms +25 New Stories
A comprehensive threat bulletin highlighting multiple critical security incidents including a $290M DeFi hack, macOS living-off-the-land attacks, and widespread supply c…
rss:The Hacker News
—
20:53 KSA
Bitwarden CLI Compromised in Ongoing Checkmarx Supply Chain Campaign
Bitwarden CLI password manager tool has been compromised with malicious code in version 2026.4.0 as part of an ongoing supply chain attack campaign. The malware was injected into the 'bw1.js' f…
rss:BleepingComputer
—
20:53 KSA
Regular Password Resets Aren’t as Safe as You Think
Security research reveals that password reset processes are vulnerable to social engineering attacks targeting helpdesk personnel. Attackers can exploit legitimate-appearing reset requests to compromise user ac…
rss:BleepingComputer
—
20:53 KSA
Cosmetics giant Rituals discloses data breach affecting customers
Dutch cosmetics company Rituals disclosed a data breach exposing customer personal information from its membership database. The breach compromised an undisclosed number of customers in the 'My Ri…
rss:SecurityWeek
—
19:41 KSA
Chinese Cybersecurity Firm’s AI Hacking Claims Draw Comparisons to Claude Mythos
Chinese cybersecurity firm 360 Digital Security Group claims to have discovered 1,000 vulnerabilities using AI technology, including findings presented at the Tianfu Cup hacking com…
rss:Dark Reading
—
19:41 KSA
Electricity Is a Growing Area of Cyber Risk
Cyberattackers are increasingly exploiting electrical infrastructure vulnerabilities by manipulating voltage fluctuations to achieve malicious objectives. This emerging threat vector targets critical infrastructure sys…
rss:Dark Reading
—
19:41 KSA
Africa Relinquishes Cyberattack Lead to Latin America — For Now
Cyberattack volume targeting Africa decreased by 22% weekly attacks year-over-year, indicating a potential shift in attacker focus to other regions. This trend suggests evolving threat landscapes an…
rss:BleepingComputer
—
19:40 KSA
UK warns of Chinese hackers using proxy networks to evade detection
UK's NCSC and international partners warn that Chinese-nexus threat actors are using large-scale proxy networks of compromised consumer devices to evade detection and mask malicious activities. …
rss:BleepingComputer
—
19:40 KSA
Microsoft: Some Teams users can’t join meetings after Edge update
Microsoft Edge browser update introduced a bug preventing Windows users from joining Teams meetings. This impacts business continuity for organizations relying on Teams for communications. The iss…
rss:SecurityWeek
—
18:20 KSA
Rilian Raises $17.5 Million for AI-Native Security Orchestration
Rilian has secured $17.5 million in funding to advance AI-native security orchestration capabilities. The company plans to expand its workforce and operations across the US and allied nations to en…
rss:The Hacker News
—
18:20 KSA
Project Glasswing Proved AI Can Find the Bugs. Who's Going to Fix Them?
Anthropic's Project Glasswing demonstrates AI's capability to identify software vulnerabilities more effectively than humans, prompting the company to restrict public access and provide…
rss:The Hacker News
—
18:20 KSA
[Webinar] Mythos Reality Check: Beating Automated Exploitation at AI Speed
AI-powered automated exploitation tools are enabling attackers to discover and exploit vulnerabilities at unprecedented speed, creating a critical gap between vulnerability discovery and …
rss:BleepingComputer
—
18:20 KSA
New GopherWhisper APT group abuses Outlook, Slack, Discord for comms
A previously undocumented state-backed APT group named GopherWhisper is leveraging Go-based custom malware and legitimate communication platforms (Microsoft 365 Outlook, Slack, Discord) to cond…
rss:CISA Advisories
—
18:20 KSA
Defending Against China-Nexus Covert Networks of Compromised Devices
CISA advisory addressing defensive strategies against China-nexus covert networks utilizing compromised infrastructure. The article explains the shift in adversarial tactics, techniques, and pr…
rss:Malwarebytes Lab
—
17:18 KSA
Apple fixes iOS bug that kept deleted notifications, including chat previews
Apple patched a vulnerability in iOS that allowed deleted notifications, including encrypted messaging previews, to be recovered by law enforcement. This security flaw could have expose…
rss:SecurityWeek
—
17:18 KSA
Luxury Cosmetics Giant Rituals Discloses Data Breach
Luxury cosmetics company Rituals has disclosed a data breach affecting My Rituals members, with attackers accessing personal information including names and addresses. The breach compromises customer privacy a…
rss:SecurityWeek
—
17:18 KSA
The Behavioral Shift: Why Trusted Relationships Are the Newest Attack Surface
Attackers are shifting tactics from technical exploits to weaponizing trusted relationships and routine workflows within organizations. This behavioral shift represents a significant t…
rss:BleepingComputer
—
17:18 KSA
CISA orders feds to patch BlueHammer flaw exploited as zero-day
CISA has issued an emergency directive requiring U.S. federal agencies to patch a critical privilege escalation vulnerability in Microsoft Defender (BlueHammer) that is actively being exploited in z…
rss:SecurityWeek
—
16:16 KSA
AI Can Autonomously Hack Cloud Systems With Minimal Oversight: Researchers
Palo Alto Networks has developed Zealot, an AI-powered multi-agent penetration testing proof-of-concept that can autonomously perform reconnaissance, exploitation, and data exfiltration …
rss:Dark Reading
—
16:16 KSA
'Zealot' Shows What AI's Capable of in Staged Cloud Attack
A proof of concept demonstration revealed that AI-based attacks can execute at speeds exceeding human defensive response capabilities, with the AI system demonstrating unexpected autonomou…
rss:The Hacker News
—
16:16 KSA
Vercel Finds More Compromised Accounts in Context.ai-Linked Breach
Vercel discovered additional compromised customer accounts resulting from a security incident that granted unauthorized access to its internal systems. The company expanded its investigation and …
rss:The Hacker News
—
16:16 KSA
China-Linked GopherWhisper Infects 12 Mongolian Government Systems with Go Backdoors
A previously undocumented China-aligned APT group called GopherWhisper has targeted Mongolian government institutions, deploying Go-based backdoors and loaders. The threat actor…
rss:Malwarebytes Lab
—
15:12 KSA
Roblox clamps down on chats and age checks as legal pressure builds
Roblox is implementing enhanced age verification and chat restrictions following a multi-million dollar settlement for child safety violations. These security measures aim to protect minors on t…
rss:SecurityWeek
—
15:12 KSA
Apple Patches iOS Flaw Allowing Recovery of Deleted Chats
Apple released security patches for multiple iPhone and iPad models to address a vulnerability that allowed recovery of deleted chat messages. The flaw could potentially expose sensitive communications th…
rss:The Hacker News
—
15:12 KSA
Apple Patches iOS Flaw That Stored Deleted Signal Notifications in FBI Forensic Case
Apple released a security patch for iOS and iPadOS addressing a Notification Services vulnerability (CVE-2026-28950) that retained deleted notifications on devices. The flaw, cl…
rss:SecurityWeek
—
14:11 KSA
Recent Microsoft Defender Vulnerability Exploited as Zero-Day
A zero-day vulnerability in Microsoft Defender allows attackers to access the SAM database and extract NTLM hashes to gain System-level privileges. This critical flaw poses significant risk to Windows…
rss:Recorded Future
—
08:40 KSA
Evolution of Chinese-Language Guarantee Telegram Marketplaces
Chinese-language Telegram-based guarantee marketplaces continue to proliferate among criminal groups despite high-profile shutdowns like Huione Guarantee in 2025. These platforms facilitate illicit tr…
rss:Dark Reading
—
04:32 KSA
'The Gentlemen' Rapidly Rises to Ransomware Prominence
The 'Gentlemen' ransomware gang has rapidly scaled its operations and demonstrated sophisticated attack capabilities, posing a significant threat to organizations. Researchers have noted the group'…
rss:BleepingComputer
—
03:13 KSA
Apple fixes iOS bug that retained deleted notification data
Apple released emergency security updates for iPhone and iPad to fix a Notification Services vulnerability that could retain deleted notification data on devices. This flaw could potentially expose sens…
rss:BleepingComputer
—
03:13 KSA
New Mirai campaign exploits RCE flaw in EoL D-Link routers
A new Mirai botnet campaign is actively exploiting CVE-2025-29635, a critical remote code execution vulnerability in D-Link DIR-823X routers, to compromise devices and expand the botnet. This exploitatio…
📰 Cybersecurity News
0 articles
No news aggregated today yet
This digest is updated automatically every day — Last updated: Thursday, April 23, 2026
CVE Archive ·
Threats ·
News