200
CVEs
45
Threats
2
News
🛡 Security Vulnerabilities (CVE)
CVE-2026-7855
A vulnerability was detected in D-Link DI-8100 16.07.26A1. Affected by this issue is the function tggl_asp of the file /
14:54 KSA
A vulnerability was detected in D-Link DI-8100 16.07.26A1. Affected by this issue is the function tggl_asp of the file /tggl.asp of the component HTTP Request Handler. Performing a manipulation of the argument Name results in buffer overflow. The attack can be initiated remotely.…
CTMS developed by Sunnet has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents.
CVE-2026-7503
Buffer Overflow in code-projects Plugin 4.1.2cu.5137 setWiFiMultipleConfig Function
08:54 KSA
A vulnerability was detected in code-projects for Plugin 4.1.2cu.5137. The impacted element is the function setWiFiMultipleConfig in the library /lib/cste_modules/wireless.so of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument wepkey2 results in buffer overflow. Th…
CVE-2026-7512
A flaw has been found in UTT HiPER 1200GW up to 2.5.3-1703. The affected element is the function strcpy of the file /gof
10:32 KSA
A flaw has been found in UTT HiPER 1200GW up to 2.5.3-1703. The affected element is the function strcpy of the file /goform/formUser. Executing a manipulation can lead to buffer overflow. The attack can be launched remotely. The exploit has been published and may be used.
CVE-2026-7513
A vulnerability has been found in UTT HiPER 1200GW up to 2.5.3-170306. The impacted element is the function strcpy of th
10:32 KSA
A vulnerability has been found in UTT HiPER 1200GW up to 2.5.3-170306. The impacted element is the function strcpy of the file /goform/formRemoteControl. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public …
A vulnerability was detected in Totolink NR1800X 9.1.0u.6279_B20210910. This affects the function sub_41A68C of the file /cgi-bin/cstecgi.cgi. Performing a manipulation of the argument setUssd results in command injection. The attack is possible to be carried out remotely. The ex…
HKUDS OpenHarness contains a remote code execution vulnerability in the /bridge slash command that allows remote senders accepted by configuration to execute arbitrary operating system commands. Attackers can invoke the /bridge spawn command with attacker-controlled command text …
A security vulnerability has been detected in TRENDnet TEW-821DAP 1.12B01. Impacted is the function auto_update_firmware of the component Firmware Udpate. The manipulation of the argument str leads to buffer overflow. The attack may be initiated remotely. The vendor explains: "Th…
CVE-2026-7641
WordPress Plugin Privilege Escalation via Incomplete Multisite Meta Key Blocklist
01:48 KSA
The Import and export users and customers plugin for WordPress is vulnerable to Privilege Escalation in all versions up to and including 2.0.8 via the `save_extra_user_profile_fields()` function. This is due to an incomplete blocklist that correctly restricts capability meta keys…
CVE-2023-54345
Frappe Framework ERPNext 13.4.0 contains a sandbox escape vulnerability in RestrictedPython that allows authenticated us
18:32 KSA
Frappe Framework ERPNext 13.4.0 contains a sandbox escape vulnerability in RestrictedPython that allows authenticated users with System Manager role to execute arbitrary code by exploiting frame introspection. Attackers can create a server script via the /app/server-script endpoi…
CVE-2023-54348
ERPGo SaaS 3.9 contains a CSV injection vulnerability that allows authenticated attackers to execute arbitrary code by i
18:32 KSA
ERPGo SaaS 3.9 contains a CSV injection vulnerability that allows authenticated attackers to execute arbitrary code by injecting formula payloads into vendor name fields. Attackers can add malicious formulas like =10+20+cmd|' /C calc'!A0 in the vendor creation form, which execute…
The Widget Options – Advanced Conditional Visibility for Gutenberg Blocks & Classic Widgets plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 4.2.2 via the Display Logic feature. This is due to the plugin using eval() on user-suppli…
CVE-2026-23479
Redis is an in-memory data structure store. In redis-server from 7.2.0 until 8.6.3, the unblock client flow does not han
14:54 KSA
Redis is an in-memory data structure store. In redis-server from 7.2.0 until 8.6.3, the unblock client flow does not handle an error return from `processCommandAndResetClient` when re-executing a blocked command. If a blocked client is evicted during this flow, an authenticated a…
CVE-2026-25243
Redis is an in-memory data structure store. In versions of redis-server up to 8.6.3, the RESTORE command does not proper
14:54 KSA
Redis is an in-memory data structure store. In versions of redis-server up to 8.6.3, the RESTORE command does not properly validate serialized values. An authenticated attacker with permission to execute RESTORE can supply a crafted serialized payload that triggers invalid memory…
CVE-2026-25588
RedisTimeSeries is a time-series module for Redis. In all versions before 1.12.14 of RedisTimeSeries, the module does no
14:54 KSA
RedisTimeSeries is a time-series module for Redis. In all versions before 1.12.14 of RedisTimeSeries, the module does not properly validate serialized values processed through the Redis RESTORE command. An authenticated attacker with permission to execute RESTORE on a server with…
CVE-2026-25589
RedisBloom is a probabilistic data structures module for Redis. In all versions of RedisBloom before 2.8.20, the module
14:54 KSA
RedisBloom is a probabilistic data structures module for Redis. In all versions of RedisBloom before 2.8.20, the module does not properly validate serialized values processed through the Redis RESTORE command. An authenticated attacker with permission to execute RESTORE on a serv…
SQLBot is an intelligent Text-to-SQL system based on large language models and RAG. In versions 1.7.0 and earlier, the Text2SQL chat interface is vulnerable to prompt injection. The user-provided question parameter is directly concatenated into the LLM prompt without filtering or…
CVE-2026-34458
Sandboxie-Plus INI Injection Vulnerability Enables Sandbox Escape and Privilege Escalation
17:20 KSA
Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, an INI injection vulnerability allows any standard local user to bypass configuration restrictions (EditAdminOnly and ConfigPassword) and inject arbitrary directives int…
Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, the SbieSvc proxy service's GetRawInputDeviceInfoSlave handler contains two vulnerabilities that can be chained for sandbox escape. First, when a sandboxed process sends…
CVE-2026-34464
Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, NamedPipe
07:16 KSA
Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, NamedPipeServer::OpenHandler copies the server field from NAMED_PIPE_OPEN_REQ into a fixed WCHAR pipename[160] stack buffer using wcscat without verifying null terminati…
CVE-2026-35397
Jupyter Server is the backend for Jupyter web applications. In versions 2.17.0 and earlier, a path traversal vulnerabili
07:16 KSA
Jupyter Server is the backend for Jupyter web applications. In versions 2.17.0 and earlier, a path traversal vulnerability in the REST API allows an authenticated user to escape the configured root_dir and access sibling directories whose names begin with the same prefix as the r…
The WP Editor plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2.9.2. This is due to missing nonce verification in the 'add_plugins_page' and 'add_themes_page' functions. This makes it possible for unauthenticated attackers …
Pi-hole FTL is the core engine of the Pi-hole network-level advertisement and tracker blocker. In versions before 6.6.1, the `dns.interface` configuration field in Pi-hole FTL accepted newline characters without validation, allowing an attacker to inject arbitrary directives into…
In versions 2.1.63 through 2.1.83 of Claude Code, the folder trust determination logic used the git worktree commondir file without validating its contents. An attacker could craft a malicious repository with a commondir file pointing to a path the victim had previously trusted, …
CVE-2026-42434
OpenClaw versions 2026.4.5 before 2026.4.10 contain a sandbox escape vulnerability allowing sandboxed agents to override
18:32 KSA
OpenClaw versions 2026.4.5 before 2026.4.10 contain a sandbox escape vulnerability allowing sandboxed agents to override exec routing by specifying host=node. Attackers can bypass sandbox boundaries and route execution to remote nodes instead of intended sandbox paths.
CVE-2026-42435
OpenClaw versions from 2026.2.22 before 2026.4.12 contain an insufficient shell-wrapper detection vulnerability allowing
18:32 KSA
OpenClaw versions from 2026.2.22 before 2026.4.12 contain an insufficient shell-wrapper detection vulnerability allowing attackers to inject environment variable assignments at the argv level. Attackers can bypass exec preflight handling to manipulate high-risk shell variables li…
CVE-2026-43530
OpenClaw versions 2026.2.23 before 2026.4.12 contain a weakened exec approval binding vulnerability in busybox and toybo
14:54 KSA
OpenClaw versions 2026.2.23 before 2026.4.12 contain a weakened exec approval binding vulnerability in busybox and toybox applet execution that allows attackers to obscure which applet would actually run. Attackers can exploit opaque multi-call binaries to bypass exec approval me…
CVE-2026-43569
OpenClaw before 2026.4.9 contains an authentication bypass vulnerability allowing untrusted workspace plugins to be auto
14:54 KSA
OpenClaw before 2026.4.9 contains an authentication bypass vulnerability allowing untrusted workspace plugins to be auto-enabled during non-interactive onboarding when provider auth choices are shadowed. Attackers can exploit this by crafting malicious workspace plugins that are …
CVE-2026-43571
OpenClaw before 2026.4.10 contains a plugin trust bypass vulnerability that allows channel setup catalog lookups to reso
14:54 KSA
OpenClaw before 2026.4.10 contains a plugin trust bypass vulnerability that allows channel setup catalog lookups to resolve workspace plugin shadows before bundled channel plugins. Attackers can exploit this by crafting malicious workspace plugins that bypass intended trust gates…
CVE-2026-6261
The Betheme theme for WordPress is vulnerable to Arbitrary File Upload in versions up to, and including, 28.4. This is d
14:54 KSA
The Betheme theme for WordPress is vulnerable to Arbitrary File Upload in versions up to, and including, 28.4. This is due to the upload_icons() function workflow moving and unzipping user-controlled ZIP files into a public uploads directory without validating extracted file type…
CVE-2026-6389
IBM Turbonomic Excessive Cluster Permissions and Secret Access Vulnerability
08:54 KSA
IBM Turbonomic prometurbo agent 8.16.0 through 8.17.6 IBM Turbonomic Application Resource Management grants excessive cluster‑wide permissions, including unrestricted read access to all secrets. An attacker that compromises the operator or its service account can exfiltrate sensi…
IBM Langflow Desktop 1.0.0 through 1.8.4 Langflow allows an attacker to execute arbitrary commands with the privileges of the process running Langflow. This allows reading sensitive environment variables (API keys, DB credentials), modifying files, or launching further attacks on…
CVE-2026-6963
WP Mail Gateway Plugin Missing Capability Check - SMTP Settings Unauthorized Access
01:48 KSA
The WP Mail Gateway plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the wmg_save_provider_config AJAX action in all versions up to, and including, 1.8. This makes it possible for authenticated attackers, with Subscriber-level access …
OpenClaw before 2026.4.10 contains an arbitrary file read vulnerability in QQBot media tags that allows attackers to reference host-local paths outside the intended media storage boundary. Attackers can craft malicious reply text containing media tags to disclose arbitrary local …
OpenClaw before 2026.4.10 contains a server-side request forgery policy bypass vulnerability in the browser tabs action select and close routes. Attackers can bypass configured browser SSRF policy protections by exploiting the /tabs/action endpoint to perform unauthorized tab nav…
CVE-2026-39852
Quarkus is a Java framework for building cloud-native applications. In versions prior to 3.20.6.1, 3.27.3.1, 3.33.1.1, 3
11:32 KSA
Quarkus is a Java framework for building cloud-native applications. In versions prior to 3.20.6.1, 3.27.3.1, 3.33.1.1, 3.35.1.1, 3.34.7, and 3.35.2, a path normalization inconsistency between the security layer and the routing layer allows unauthenticated or lower-privileged user…
Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.43, 3.6.14, and 3.7.0-rc.2, there is a high severity authentication bypass vulnerability in Traefik's StripPrefixRegex middleware when used in combination with ForwardAuth, BasicAuth, or DigestAuth. The mi…
Redis is an in-memory data structure store. In all versions of redis-server with Lua scripting, an authenticated attacker can exploit the master-replica synchronization mechanism to trigger a use-after-free on replicas where replica-read-only is disabled or can be disabled, which…
The Profile Builder Pro plugin for WordPress is vulnerable to PHP Object Injection in all versions up to and including 3.14.5. This is due to the use of PHP's maybe_unserialize() function on the attacker-controlled 'args' POST parameter within the wppb_request_users_pins_action_c…
CVE-2026-7399
Authorization bypass through User-Controlled key vulnerability in MeWare Software Development Inc. PDKS allows Privilege
03:32 KSA
Authorization bypass through User-Controlled key vulnerability in MeWare Software Development Inc. PDKS allows Privilege Abuse.
This issue affects PDKS: from V16.20200313 before VMYR_3.5.2025117.
CVE-2026-7402
Improper Control of Interaction Frequency vulnerability in MeWare Software Development Inc. PDKS allows Flooding.
This
03:32 KSA
Improper Control of Interaction Frequency vulnerability in MeWare Software Development Inc. PDKS allows Flooding.
This issue affects PDKS: from V16.20200313 before VMYR_3.5.2025117.
CVE-2026-43003
An issue was discovered in OpenStack ironic-python-agent 1.0.0 through 11.5.0. Ironic Python Agent (IPA) sometimes execu
21:54 KSA
An issue was discovered in OpenStack ironic-python-agent 1.0.0 through 11.5.0. Ironic Python Agent (IPA) sometimes executes grub-install from within a chroot of the deployed partition image, leading to code execution in the case of a malicious image.
CVE-2026-5712
This vulnerability impacts all versions of IdentityIQ and allows an authenticated identity that is the requestor or assi
21:54 KSA
This vulnerability impacts all versions of IdentityIQ and allows an authenticated identity that is the requestor or assignee of a work item to edit the definition of a role without having an assigned capability that would allow role editing.
CVE-2026-43001
An issue was discovered in OpenStack Keystone 13 through 29. POST /v3/credentials did not validate that the caller-suppl
21:54 KSA
An issue was discovered in OpenStack Keystone 13 through 29. POST /v3/credentials did not validate that the caller-supplied project_id for an EC2-type credential matched the project of the authenticating application credential. This allowed an attacker holding an unrestricted app…
CVE-2025-14576
Insufficient validation of node IDs in Qt SVG module allows arbitrary QML/JavaScript code injection when loading malicio
10:32 KSA
Insufficient validation of node IDs in Qt SVG module allows arbitrary QML/JavaScript code injection when loading malicious SVG files through the VectorImage component in Qt Quick. While QML execution is typically more restricted than native code execution, this could still lead t…
CVE-2026-33451 is an arbitrary read/write vulnerability in the Secure
Access Windows client prior to 14.50. Attackers with local control of
the Windows client can send malformed data to an API and elevate their
level of privilege to system.
Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, the SbieIniServer RunSbieCtrl handler contains a stack buffer overflow. The MSGID_SBIE_INI_RUN_SBIE_CTRL message is handled before normal sandbox and impersonation check…
CVE-2026-34462
Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, several P
20:58 KSA
Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, several ProcessServer handlers (KillAllHandler, SuspendAllHandler, and RunSandboxedHandler) copy a WCHAR boxname[34] field from request structures into WCHAR[40] stack b…
CVE-2026-42436
OpenClaw before 2026.4.14 contains an improper access control vulnerability in browser snapshot, screenshot, and tab rou
21:54 KSA
OpenClaw before 2026.4.14 contains an improper access control vulnerability in browser snapshot, screenshot, and tab routes that fail to consistently validate the final browser target after navigation. Authenticated callers can bypass SSRF restrictions to expose internal or disal…
OpenClaw versions 2026.4.9 before 2026.4.10 contain a sender policy bypass vulnerability in the outbound host-media attachment read helper that allows unauthorized local file disclosure. Attackers with denied read access via toolsBySender or group policy can trigger host-media at…
CVE-2026-43527
OpenClaw before 2026.4.14 contains a server-side request forgery vulnerability in browser SSRF policy that allows privat
10:36 KSA
OpenClaw before 2026.4.14 contains a server-side request forgery vulnerability in browser SSRF policy that allows private-network navigation by default. Attackers can exploit this misconfiguration to access internal services or metadata endpoints through browser-driven requests.
OpenClaw versions 2026.4.7 before 2026.4.10 fail to normalize Discord event cover image parameters in sandbox media processing. Attackers can bypass media normalization to inject host-local media references into channel action paths expecting normalized media.
OpenClaw before 2026.4.10 contains a server-side request forgery policy bypass vulnerability in existing-session browser interaction routes. Attackers can bypass SSRF navigation guards to interact with or navigate to unauthorized targets without policy enforcement.
CVE-2026-5174
Improper input validation vulnerability in Progress Software MOVEit Automation allows Privilege Escalation.
This issue
03:32 KSA
Improper input validation vulnerability in Progress Software MOVEit Automation allows Privilege Escalation.
This issue affects MOVEit Automation: from 2025.1.0 before 2025.1.5, from 2025.0.0 before 2025.0.9, from 2024.0.0 before 2024.1.8, versions prior to 2024.0.0.
CVE-2022-50992
Weaver (Fanwei) E-cology 9.5 versions prior to 10.52 contain an arbitrary file read vulnerability in the XmlRpcServlet i
03:32 KSA
Weaver (Fanwei) E-cology 9.5 versions prior to 10.52 contain an arbitrary file read vulnerability in the XmlRpcServlet interface at the XML-RPC endpoint that allows unauthenticated remote attackers to read arbitrary files by supplying file paths to the WorkflowService.getAttachme…
CVE-2023-54346
WordPress Backup Migration Plugin Information Disclosure via Predictable Paths
18:32 KSA
WordPress Plugin Backup Migration 1.2.8 contains an information disclosure vulnerability that allows unauthenticated attackers to download complete database backups by accessing predictable file paths. Attackers can enumerate backup directories through configuration files and com…
CVE-2023-54347
OpenEMR 7.0.1 Authentication Brute Force Vulnerability - Rate Limiting Bypass
18:32 KSA
OpenEMR 7.0.1 contains an authentication brute force vulnerability that allows attackers to bypass rate limiting protections by sending repeated login attempts to the main login endpoint. Attackers can submit POST requests with authUser and clearPass parameters to systematically …
Unauthenticated attackers can exploit a weakness in the XML parser functionality of the SOAP endpoints in 4D server. This allows them to obtain read access to files on the application server and adjacent network shares, and perform HTTP GET requests to arbitrary services.
CVE-2026-2892
The Otter Blocks plugin for WordPress is vulnerable to Purchase Verification Bypass in all versions up to, and including
03:32 KSA
The Otter Blocks plugin for WordPress is vulnerable to Purchase Verification Bypass in all versions up to, and including, 3.1.4. This is due to the 'get_customer_data' method relying on an unsigned 'o_stripe_data' cookie to determine Stripe product ownership for unauthenticated u…
CVE-2026-30923
ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx. Libmodsec
14:54 KSA
ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx. Libmodsecurity is one component of the ModSecurity v3 project. A segmentation fault occurs when a rule using the t:hexDecode transformation inspects a query string param…
CVE-2026-32934
CoreDNS is a DNS server that chains plugins. In versions prior to 1.14.3, the DNS-over-QUIC (DoQ) server can be driven i
14:54 KSA
CoreDNS is a DNS server that chains plugins. In versions prior to 1.14.3, the DNS-over-QUIC (DoQ) server can be driven into unbounded goroutine and memory growth by a remote client that opens many QUIC streams and sends only 1 byte per stream. When the worker pool is full, CoreDN…
CVE-2026-32936
CoreDNS is a DNS server that chains plugins. In versions prior to 1.14.3, the DNS-over-HTTPS (DoH) GET path accepts over
17:20 KSA
CoreDNS is a DNS server that chains plugins. In versions prior to 1.14.3, the DNS-over-HTTPS (DoH) GET path accepts oversized dns= query parameter values and performs URL query parsing, base64 decoding, and DNS message unpacking before rejecting the request. Unlike the POST path,…
CVE-2026-33190
CoreDNS is a DNS server that chains plugins. In versions prior to 1.14.3, the tsig plugin can be bypassed on non-plain-D
17:20 KSA
CoreDNS is a DNS server that chains plugins. In versions prior to 1.14.3, the tsig plugin can be bypassed on non-plain-DNS transports (DoT, DoH, DoH3, DoQ, and gRPC) because it trusts the transport writer's TsigStatus() instead of performing verification itself. The DoH and DoH3 …
CVE-2026-33449 is a buffer overflow in a message handling function of
the Secure Access client prior to 14.50. Attackers with control of
a modified server can send a cryptographically valid message to the
client, overwriting a small portion of memory conceivably leading to a
…
CVE-2026-33489
CoreDNS is a DNS server that chains plugins. In versions prior to 1.14.3, the transfer plugin can select the wrong ACL s
17:20 KSA
CoreDNS is a DNS server that chains plugins. In versions prior to 1.14.3, the transfer plugin can select the wrong ACL stanza when both a parent zone and a more-specific subzone are configured. The longestMatch() function in plugin/transfer/transfer.go uses a lexicographic string…
The Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder plugin for WordPress is vulnerable to SQL Injection via the 'inputs' parameter in versions up to, and including, 1.15.42 due to insufficient escaping on the user supplied parameter and lack of sufficient p…
The GeekyBot — Generate AI Content Without Prompt, Chatbot and Lead Generation plugin for WordPress is vulnerable to SQL Injection via the 'attributekey' parameter in versions up to, and including, 1.2.0 due to insufficient escaping on the user supplied parameter and lack of suff…
OpenMRS Core is an open source electronic medical record system platform. In versions 2.7.8 and earlier and versions 2.8.0 through 2.8.5, the `/openmrs/moduleResources/{moduleid}` endpoint is vulnerable to a path traversal attack. The ModuleResourcesServlet constructs a filesyste…
CVE-2026-40280
Gotenberg is an API-based document conversion tool. In versions 8.30.1 and earlier, the default private-IP deny-lists fo
07:16 KSA
Gotenberg is an API-based document conversion tool. In versions 8.30.1 and earlier, the default private-IP deny-lists for the --webhook-deny-list and --api-download-from-deny-list flags use a case-sensitive regular expression (^https?://) to match URL schemes. Because Go's net/ur…
CVE-2026-42437
OpenClaw versions 2026.4.9 before 2026.4.10 contain a denial of service vulnerability in the voice-call realtime WebSock
14:54 KSA
OpenClaw versions 2026.4.9 before 2026.4.10 contain a denial of service vulnerability in the voice-call realtime WebSocket path that accepts oversized frames without proper validation. Remote attackers can send oversized WebSocket frames to cause service unavailability for deploy…
An issue was discovered in VrmlData_IndexedFaceSet::TShape in the VRML V2.0 parser in Open CASCADE Technology (OCCT) V8_0_0_rc5 allows attackers to cause a denial of service via a crafted VRML file. The issue occurs because malformed VRML input can trigger dereference of a corrup…
CVE-2026-4304
The WeePie Cookie Allow plugin for WordPress is vulnerable to SQL Injection via the 'consent' parameter in all versions
14:54 KSA
The WeePie Cookie Allow plugin for WordPress is vulnerable to SQL Injection via the 'consent' parameter in all versions up to, and including, 3.4.11 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This make…
IBM Langflow Desktop 1.0.0 through 1.8.4 Langflow could allow an unauthenticated user to view other users' images due to an indirect object reference through a user-controlled key.
The AWP Classifieds plugin for WordPress is vulnerable to SQL Injection via the 'regions' parameter array keys in versions up to, and including, 4.4.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This ma…
CVE-2026-5192
The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to Path Trave
18:32 KSA
The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to Path Traversal in versions up to, and including, 1.52.1 via the 'upload-1[file][file_path]' parameter. This makes it possible for unauthenticated attackers to read the co…
CVE-2026-6918
In Eclipse Open9J versions 0.21 to 0.58, a pre-authentication remote attacker can crash JITServer by sending a 32-byte c
14:54 KSA
In Eclipse Open9J versions 0.21 to 0.58, a pre-authentication remote attacker can crash JITServer by sending a 32-byte crafted TCP message.
The ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'orderby' parameter in all versions up to, and including, 4.0.60 due to insufficient escaping on the user …
CVE-2026-7371
Multiple reflected cross-site scripting (xss) vulnerabilities exist in the Web Interface / ssi.cgi functionality of GeoV
10:36 KSA
Multiple reflected cross-site scripting (xss) vulnerabilities exist in the Web Interface / ssi.cgi functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted malicious url can lead to an arbitrary javascript code execution. An attacker can provide a crafted URL to trigg…
telnetd in GNU inetutils through 2.7 allows privilege escalation that can be exploited by abusing systemd service credentials support added to the login(1) implementation of util-linux in release 2.40. This is related to client control over the CREDENTIALS_DIRECTORY environment v…
In JetBrains IntelliJ IDEA before 2024.3.7.1,
2025.1.7.1,
2025.2.6.2,
2025.3.4.1,
2026.1.1 reading arbitrary local files was possible via built-in web server
CVE-2026-42366
Multiple reflected cross-site scripting (xss) vulnerabilities exist in the Web Interface / ssi.cgi functionality of GeoV
10:36 KSA
Multiple reflected cross-site scripting (xss) vulnerabilities exist in the Web Interface / ssi.cgi functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted malicious url can lead to an arbitrary javascript code execution. An attacker can provide a crafted URL to trigg…
CVE-2022-4987
Hirschmann Industrial HiVision version 08.1.03 prior to 08.1.04 and 08.2.00 contains a vulnerability in the execution of
04:54 KSA
Hirschmann Industrial HiVision version 08.1.03 prior to 08.1.04 and 08.2.00 contains a vulnerability in the execution of user-configured external applications that allows a local attacker to execute arbitrary binaries. Due to insufficient path sanitization, an attacker can place …
CVE-2024-11976
The The BuddyPress plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and includ
04:01 KSA
The The BuddyPress plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 14.3.3. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it …
CVE-2025-10463
Improper Authentication vulnerability in Birtech Information Technologies Industry and Trade Ltd. Co. Senseway allows Au
04:01 KSA
Improper Authentication vulnerability in Birtech Information Technologies Industry and Trade Ltd. Co. Senseway allows Authentication Abuse.This issue affects Senseway: through 09022026. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2025-10679
The ReviewX – WooCommerce Product Reviews with Multi-Criteria, Reminder Emails, Google Reviews, Schema & More plugin for
11:22 KSA
The ReviewX – WooCommerce Product Reviews with Multi-Criteria, Reminder Emails, Google Reviews, Schema & More plugin for WordPress is vulnerable to arbitrary method calls in all versions up to, and including, 2.2.12. This is due to insufficient input validation in the bulkTenRevi…
CVE-2025-15426
A vulnerability was identified in jackying H-ui.admin up to 3.1. This affects an unknown function in the library /lib/we
04:01 KSA
A vulnerability was identified in jackying H-ui.admin up to 3.1. This affects an unknown function in the library /lib/webuploader/0.1.5/server/preview.php. The manipulation leads to unrestricted upload. The attack is possible to be carried out remotely. The exploit is publicly av…
CVE-2025-15555
A security flaw has been discovered in Open5GS up to 2.7.6. Affected by this vulnerability is the function hss_ogs_diam_
04:01 KSA
A security flaw has been discovered in Open5GS up to 2.7.6. Affected by this vulnerability is the function hss_ogs_diam_cx_mar_cb of the file src/hss/hss-cx-path.c of the component VoLTE Cx-Test. The manipulation of the argument OGS_KEY_LEN results in stack-based buffer overflow.…
CVE-2025-3646
Petlibro Smart Pet Feeder Authorization Bypass Vulnerability (CVE-2025-3646)
04:01 KSA
Petlibro Smart Pet Feeder Platform versions up to 1.7.31 contains an authorization bypass vulnerability that allows unauthorized users to add users as shared owners to any device by exploiting missing permission checks. Attackers can send requests to the device share API to gain …
CVE-2025-55263
HCL Aftermarket DPC is affected by Hardcoded Sensitive Data which allows attacker to gain access to the source code or i
03:24 KSA
HCL Aftermarket DPC is affected by Hardcoded Sensitive Data which allows attacker to gain access to the source code or if it is stored in insecure repositories, they can easily retrieve these hardcoded secrets.
CVE-2026-0508
The SAP BusinessObjects Business Intelligence Platform allows an authenticated attacker with high privileges to insert m
04:01 KSA
The SAP BusinessObjects Business Intelligence Platform allows an authenticated attacker with high privileges to insert malicious URL within the application. Upon successful exploitation, the victim may click on this malicious URL, resulting in an unvalidated redirect to the attac…
CVE-2026-0832
The New User Approve plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to a
04:01 KSA
The New User Approve plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to a missing capability check on multiple REST API endpoints in all versions up to, and including, 3.2.2. This makes it possible for unauthenticated attackers to ap…
CVE-2026-0932
Blind server-side request forgery (SSRF) vulnerability in legacy connection methods of document co-authoring features in
06:00 KSA
Blind server-side request forgery (SSRF) vulnerability in legacy connection methods of document co-authoring features in M-Files Server before 26.3 allow an unauthenticated attacker to cause the server to send HTTP GET requests to arbitrary URLs.
CVE-2026-1192
A vulnerability was determined in Tosei Online Store Management System ネット店舗管理システム 1.01. The affected element is an unkn
04:01 KSA
A vulnerability was determined in Tosei Online Store Management System ネット店舗管理システム 1.01. The affected element is an unknown function of the file /cgi-bin/imode_alldata.php. Executing a manipulation of the argument DevId can lead to command injection. The attack can be executed re…
CVE-2026-1345
IBM Verify Identity Access Container 11.0 through 11.0.2 and IBM Security Verify Access Container 10.0 through 10.0.9.1
19:32 KSA
IBM Verify Identity Access Container 11.0 through 11.0.2 and IBM Security Verify Access Container 10.0 through 10.0.9.1 and IBM Verify Identity Access 11.0 through 11.0.2 and IBM Security Verify Access 10.0 through 10.0.9.1 could allow an unauthenticated user to execute arbitrary…
CVE-2026-1449
A flaw has been found in Hisense TransTech Smart Bus Management System up to 20260113. Affected is the function Page_Loa
04:01 KSA
A flaw has been found in Hisense TransTech Smart Bus Management System up to 20260113. Affected is the function Page_Load of the file YZSoft/Forms/XForm/BM/BusComManagement/TireMng.aspx. Executing a manipulation of the argument key can lead to sql injection. It is possible to lau…
CVE-2026-1679
The eswifi socket offload driver copies user-provided payloads into a fixed buffer without checking available space; ove
03:24 KSA
The eswifi socket offload driver copies user-provided payloads into a fixed buffer without checking available space; oversized sends overflow `eswifi->buf`, corrupting kernel memory (CWE-120). Exploit requires local code that can call the socket send API; no remote attacker can r…
CVE-2026-1740
A vulnerability was found in EFM ipTIME A8004T 14.18.2. This impacts the function httpcon_check_session_url of the file
04:01 KSA
A vulnerability was found in EFM ipTIME A8004T 14.18.2. This impacts the function httpcon_check_session_url of the file /cgi/timepro.cgi of the component Hidden Hiddenloginsetup Interface. The manipulation results in improper authentication. The attack may be performed from remot…
CVE-2026-1802
A security flaw has been discovered in Ziroom ZHOME A0101 1.0.1.0. This issue affects the function macAddrClone of the f
04:01 KSA
A security flaw has been discovered in Ziroom ZHOME A0101 1.0.1.0. This issue affects the function macAddrClone of the file luci\controller\api\zrMacClone.lua. The manipulation of the argument macType results in command injection. The attack may be launched remotely. The exploit …
CVE-2026-20151
A vulnerability in the web interface of Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an authenticated,
15:19 KSA
A vulnerability in the web interface of Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an authenticated, remote attacker to elevate privileges on an affected system.
This vulnerability is due to the improper transmission of sensitive user information. An attack…
CVE-2026-2113
A security vulnerability has been detected in yuan1994 tpadmin up to 1.3.12. This affects an unknown part in the library
04:01 KSA
A security vulnerability has been detected in yuan1994 tpadmin up to 1.3.12. This affects an unknown part in the library /public/static/admin/lib/webuploader/0.1.5/server/preview.php of the component WebUploader. The manipulation leads to deserialization. The attack is possible t…
CVE-2026-2177
A vulnerability has been found in SourceCodester Prison Management System 1.0. The impacted element is an unknown functi
04:01 KSA
A vulnerability has been found in SourceCodester Prison Management System 1.0. The impacted element is an unknown function of the component Login. The manipulation leads to session fixiation. It is possible to initiate the attack remotely. The exploit has been disclosed to the pu…
CVE-2026-21916
A UNIX Symbolic Link (Symlink) Following vulnerability in the CLI of Juniper Networks Junos OS allows a local, authentic
21:26 KSA
A UNIX Symbolic Link (Symlink) Following vulnerability in the CLI of Juniper Networks Junos OS allows a local, authenticated attacker with low privileges to escalate their privileges to root which will lead to a complete compromise of the system.
When after a user has performed …
CVE-2026-2364
If a legitimate user confirms a self-update prompt or initiate an installation of a CODESYS Development System, a low pr
03:13 KSA
If a legitimate user confirms a self-update prompt or initiate an installation of a CODESYS Development System, a low privileged local attacker can gain elevated rights due to a TOCTOU vulnerability in the CODESYS installer.
D-Link D-View 8 versions 2.0.1.107 and below contain an uncontrolled search path vulnerability in the installer. When executed with elevated privileges via UAC, the installer attempts to load version.dll from its execution directory, allowing DLL preloading. An attacker can suppl…
CVE-2026-23988
Rufus is a utility that helps format and create bootable USB flash drives. Versions 4.11 and below contain a race condit
04:01 KSA
Rufus is a utility that helps format and create bootable USB flash drives. Versions 4.11 and below contain a race condition (TOCTOU) in src/net.c during the creation, validation, and execution of the Fido PowerShell script. Since Rufus runs with elevated privileges (Administrator…
A vulnerability has been identified in SINEC NMS (All versions < V4.0 SP3 with UMC). The affected application contains an authentication weakness due to insufficient validation of user identity in the UMC component.
This could allow an unauthenticated remote attacker to bypass a…
CVE-2026-27488
OpenClaw is a personal AI assistant. In versions 2026.2.17 and below, Cron webhook delivery in src/gateway/server-cron.t
11:14 KSA
OpenClaw is a personal AI assistant. In versions 2026.2.17 and below, Cron webhook delivery in src/gateway/server-cron.ts uses fetch() directly, so webhook targets can reach private/metadata/internal endpoints without SSRF policy checks. This issue was fixed in version 2026.2.19.
CVE-2026-27655
Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Permissions Based on M
19:04 KSA
Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Permissions Based on Mailboxes report.
Seerr is an open-source media request and discovery manager for Jellyfin, Plex, and Emby. Starting in version 2.0.0 and prior to version 3.1.0, an authentication guard logic flaw in `POST /api/v1/auth/jellyfin` allows an unauthenticated attacker to register a new Seerr account on…
CVE-2026-2865
A vulnerability was found in itsourcecode Agri-Trading Online Shopping System 1.0. This impacts an unknown function of t
11:14 KSA
A vulnerability was found in itsourcecode Agri-Trading Online Shopping System 1.0. This impacts an unknown function of the file admin/productcontroller.php of the component HTTP POST Request Handler. Performing a manipulation of the argument Product results in sql injection. The …
A vulnerability was determined in itsourcecode Vehicle Management System 1.0. Affected is an unknown function of the file /billaction.php. Executing a manipulation of the argument ID can lead to sql injection. The attack may be launched remotely. The exploit has been publicly dis…
CVE-2026-28703
Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Mails Exchanged Betwee
19:04 KSA
Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Mails Exchanged Between Users report.
Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Distribution Lists report.
CVE-2026-28756
ManageEngine Exchange Reporter Plus Stored XSS in Distribution Groups Report
19:04 KSA
Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Permissions based on Distribution Groups report.
CVE-2026-2896
A weakness has been identified in funadmin up to 7.1.0-rc4. This affects the function setConfig of the file app/backend/
11:14 KSA
A weakness has been identified in funadmin up to 7.1.0-rc4. This affects the function setConfig of the file app/backend/controller/Ajax.php of the component Configuration Handler. Executing a manipulation can lead to improper authorization. The attack can be executed remotely. Th…
CVE-2026-2912
SQL Injection in Online Reviewer System studentresult-view.php test_id Parameter
11:14 KSA
A vulnerability was found in code-projects Online Reviewer System 1.0. Impacted is an unknown function of the file /system/system/students/assessments/results/studentresult-view.php. The manipulation of the argument test_id results in sql injection. It is possible to launch the a…
CVE-2026-2938
A vulnerability has been found in SourceCodester Student Result Management System 1.0. The affected element is an unknow
11:14 KSA
A vulnerability has been found in SourceCodester Student Result Management System 1.0. The affected element is an unknown function of the file /srms/script/admin/core/update_smtp.php. The manipulation leads to improper access controls. It is possible to initiate the attack remote…
CVE-2026-2940
A vulnerability was determined in Zaher1307 tiny_web_server up to 8d77b1044a0ca3a5297d8726ac8aa2cf944d481b. This affects
11:14 KSA
A vulnerability was determined in Zaher1307 tiny_web_server up to 8d77b1044a0ca3a5297d8726ac8aa2cf944d481b. This affects the function tiny_web_server/tiny.c of the file tiny_web_server/tiny.c of the component URL Handler. This manipulation causes out-of-bounds write. The attack c…
A security flaw has been discovered in Tosei Online Store Management System ネット店舗管理システム 1.01. Affected is the function system of the file /cgi-bin/monitor.php of the component HTTP POST Request Handler. Performing a manipulation of the argument DevId results in os command injecti…
A flaw has been found in Vaelsys 4.1.0. This vulnerability affects unknown code of the file /tree/tree_server.php of the component HTTP POST Request Handler. This manipulation of the argument xajaxargs causes os command injection. The attack is possible to be carried out remotely…
CVE-2026-3261
A flaw has been found in itsourcecode School Management System 1.0. This impacts an unknown function of the file /settin
05:22 KSA
A flaw has been found in itsourcecode School Management System 1.0. This impacts an unknown function of the file /settings/index.php of the component Setting Handler. This manipulation of the argument ID causes sql injection. The attack may be initiated remotely. The exploit has …
CVE-2026-32979
OpenClaw before 2026.3.11 contains an approval integrity vulnerability allowing attackers to execute rewritten local cod
23:27 KSA
OpenClaw before 2026.3.11 contains an approval integrity vulnerability allowing attackers to execute rewritten local code by modifying scripts between approval and execution when exact file binding cannot occur. Remote attackers can change approved local scripts before execution …
CVE-2026-34544
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the
04:00 KSA
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From version 3.4.0 to before version 3.4.8, a crafted B44 or B44A EXR file can cause an out-of-bounds write in any application that dec…
CVE-2026-34545
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the
04:00 KSA
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From version 3.4.0 to before version 3.4.7, an attacker providing a crafted .exr file with HTJ2K compression and a channel width of 327…
CVE-2026-34856
UAF vulnerability in the communication module.
Impact: Successful exploitation of this vulnerability may affect availabi
03:25 KSA
UAF vulnerability in the communication module.
Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2026-35603
Claude Code is an agentic coding tool. In versions prior to 2.1.75 on Windows, Claude Code loaded the system-wide defaul
00:51 KSA
Claude Code is an agentic coding tool. In versions prior to 2.1.75 on Windows, Claude Code loaded the system-wide default configuration from C:\ProgramData\ClaudeCode\managed-settings.json without validating directory ownership or access permissions. Because the ProgramData direc…
Jupyter Server is the backend for Jupyter web applications. In versions 2.17.0 and earlier, the Origin header validation uses Python's re.match() to check incoming origins against the allow_origin_pat configuration value. Because re.match() only anchors at the start of the string…
CVE-2026-43531
OpenClaw before 2026.4.9 contains an environment variable injection vulnerability allowing malicious workspace .env file
14:54 KSA
OpenClaw before 2026.4.9 contains an environment variable injection vulnerability allowing malicious workspace .env files to set runtime-control variables. Attackers can inject variables affecting update sources, gateway URLs, ClawHub resolution, and browser executable paths to c…
A security vulnerability has been detected in moxi624 Mogu Blog v2 up to 5.2. Affected by this vulnerability is the function LocalFileServiceImpl.uploadPictureByUrl of the file mogu_picture/src/main/java/com/moxi/mogublog/picture/service/impl/LocalFileServiceImpl.java of the comp…
A vulnerability has been found in Metasoft 美特软件 MetaCRM up to 6.4.0. This vulnerability affects the function Statement.executeUpdate of the file sql.jsp of the component Interface. Such manipulation of the argument sql leads to sql injection. The attack can be launched remotely. …
A security vulnerability has been detected in rowboatlabs rowboat up to 0.1.67. This impacts the function tool_call of the file apps/experimental/tools_webhook/app.py of the component tools_webhook. Such manipulation of the argument X-Tools-JWE leads to improper authentication. T…
A vulnerability was found in ericc-ch copilot-api up to 0.7.0. The impacted element is the function cors of the file src/server.ts of the component Token Endpoint. Performing a manipulation results in permissive cross-domain policy with untrusted domains. It is possible to initia…
A vulnerability was determined in KLiK SocialMediaWebsite up to 1.0.1. This vulnerability affects unknown code of the file /includes/get_message_ajax.php of the component Private Message Handler. Executing a manipulation of the argument c_id can lead to sql injection. It is possi…
A vulnerability was found in Typecho up to 1.3.0. This vulnerability affects the function Service::sendPingHandle of the file var/Widget/Service.php of the component Ping Back Service Endpoint. The manipulation of the argument X-Pingback/link results in server-side request forger…
A vulnerability was identified in Tenda i9 1.0.0.5(2204). This vulnerability affects the function R7WebsSecurityHandlerfunction of the component HTTP Handler. The manipulation leads to path traversal. Remote exploitation of the attack is possible. The exploit is publicly availabl…
A flaw has been found in 666ghj MiroFish up to 0.1.2. This affects the function create_app of the file backend/app/__init__.py of the component REST API Endpoint. Executing a manipulation can lead to missing authentication. It is possible to launch the attack remotely. The exploi…
A vulnerability has been found in BidingCC BuildingAI up to 26.0.1. Impacted is the function uploadRemoteFile of the file packages/core/src/modules/upload/services/file-storage.service.ts of the component Remote Upload API. The manipulation of the argument url leads to server-sid…
A vulnerability was found in choieastsea simple-openstack-mcp up to 767b2f4a8154cca344344b9725537a58399e6036. The affected element is the function exec_openstack of the file server.py. The manipulation results in os command injection. It is possible to launch the attack remotely.…
A vulnerability was determined in D-Link DIR-822 A_101. The impacted element is the function system of the file /udhcpcd/dhcpd.c of the component udhcpd DHCP Service. This manipulation of the argument Hostname causes command injection. The attack can be initiated remotely. The ex…
A weakness has been identified in code-projects Inventory Management System 1.0. Affected is an unknown function of the component Login. Executing a manipulation of the argument Username can lead to sql injection. The attack may be launched remotely. The exploit has been made ava…
A vulnerability was detected in CodePanda Source canteen_management_system 1.0. Affected by this issue is some unknown functionality of the file /api/login.php. The manipulation of the argument Username results in sql injection. The attack can be executed remotely. The exploit is…
A flaw has been found in itsourcecode Construction Management System 1.0. This affects an unknown part of the file /execute.php. This manipulation of the argument code causes sql injection. The attack is possible to be carried out remotely. The exploit has been published and may …
A vulnerability has been found in itsourcecode Construction Management System 1.0. This vulnerability affects unknown code of the file /execute1.php. Such manipulation of the argument code leads to sql injection. The attack may be performed from remote. The exploit has been discl…
CVE-2026-7505
A flaw has been found in nextlevelbuilder GoClaw and GoClaw Lite up to 3.8.5. This affects an unknown function of the co
08:54 KSA
A flaw has been found in nextlevelbuilder GoClaw and GoClaw Lite up to 3.8.5. This affects an unknown function of the component RPC Handler. This manipulation causes improper authorization. The attack may be initiated remotely. The exploit has been published and may be used. Upgr…
A security vulnerability has been detected in EyouCMS up to 1.7.9. The affected element is the function GetSortData of the file application/common.php. The manipulation of the argument sort_asc leads to sql injection. The attack may be initiated remotely. The exploit has been dis…
A vulnerability was found in 54yyyu code-mcp up to 4cfc4643541a110c906d93635b391bf7e357f4a8. The impacted element is the function git_operation of the file src/code_mcp/server.py of the component MCP Tool. Performing a manipulation of the argument operation results in command inj…
CVE-2026-7076
SQL Injection in itsourcecode Courier Management System 1.0 /edit_branch.php
05:32 KSA
A vulnerability was determined in itsourcecode Courier Management System 1.0. Impacted is an unknown function of the file /edit_branch.php. Executing a manipulation of the argument ID can lead to sql injection. It is possible to launch the attack remotely. The exploit has been pu…
CVE-2026-7468
A security vulnerability has been detected in 1024-lab smart-admin up to 3.30.0. This affects an unknown function of the
09:00 KSA
A security vulnerability has been detected in 1024-lab smart-admin up to 3.30.0. This affects an unknown function of the file /smart-admin-api/druid/index.html of the component Demo Site. The manipulation leads to improper access controls. The attack may be initiated remotely. Th…
CVE-2026-7446
A vulnerability was detected in VetCoders mcp-server-semgrep 1.0.0. This affects the function analyze_results/filter_res
20:54 KSA
A vulnerability was detected in VetCoders mcp-server-semgrep 1.0.0. This affects the function analyze_results/filter_results/export_results/compare_results/scan_directory/create_rule of the file src/index.ts of the component MCP Interface. The manipulation of the argument ID resu…
CVE-2026-7443
A weakness has been identified in BurtTheCoder mcp-dnstwist up to 1.0.4. Affected by this vulnerability is the function
20:54 KSA
A weakness has been identified in BurtTheCoder mcp-dnstwist up to 1.0.4. Affected by this vulnerability is the function fuzz_domain of the file src/index.ts of the component MCP Interface. Executing a manipulation of the argument Request can lead to os command injection. The atta…
CVE-2026-7417
A vulnerability was found in Algovate xhs-mcp 0.8.11. This affects the function xhs_publish_content of the file src/serv
18:32 KSA
A vulnerability was found in Algovate xhs-mcp 0.8.11. This affects the function xhs_publish_content of the file src/server/mcp.server.ts of the component MCP Interface. Performing a manipulation of the argument media_paths results in server-side request forgery. The attack may be…
CVE-2026-7416
A vulnerability was found in PolarVista xcode-mcp-server 1.0.0. This issue affects the function build_project/run_tests
18:32 KSA
A vulnerability was found in PolarVista xcode-mcp-server 1.0.0. This issue affects the function build_project/run_tests of the file src/index.ts of the component MCP Interface. The manipulation of the argument Request results in os command injection. The attack may be launched re…
CVE-2026-7404
A weakness has been identified in getsimpletool mcpo-simple-server up to 0.2.0. Affected is the function delete_shared_p
18:32 KSA
A weakness has been identified in getsimpletool mcpo-simple-server up to 0.2.0. Affected is the function delete_shared_prompt of the file src/mcpo_simple_server/services/prompt_manager/base_manager.py. This manipulation of the argument detail causes relative path traversal. It is…
CVE-2026-7400
A security vulnerability has been detected in geekgod382 filesystem-mcp-server 1.0.0. This issue affects the function is
18:32 KSA
A security vulnerability has been detected in geekgod382 filesystem-mcp-server 1.0.0. This issue affects the function is_path_allowed of the file server.py of the component read_file_tool/write_file_tool. Such manipulation leads to path traversal. The attack can be launched remot…
CVE-2026-7398
A weakness has been identified in florensiawidjaja BioinfoMCP up to 7ada7918b9e515604d3c0ae264d3a9af10bf6e54. This vulne
07:54 KSA
A weakness has been identified in florensiawidjaja BioinfoMCP up to 7ada7918b9e515604d3c0ae264d3a9af10bf6e54. This vulnerability affects the function Upload of the file bioinfo_mcp_platform/app.py of the component Upload Endpoint. This manipulation of the argument Name causes pat…
CVE-2026-7506
A vulnerability has been found in SourceCodester Hotel Management System 1.0. This impacts an unknown function of the fi
10:32 KSA
A vulnerability has been found in SourceCodester Hotel Management System 1.0. This impacts an unknown function of the file /index.php/reservation/check. Such manipulation of the argument room_type leads to sql injection. The attack may be launched remotely. The exploit has been d…
A vulnerability has been found in 54yyyu code-mcp up to 4cfc4643541a110c906d93635b391bf7e357f4a8. The affected element is the function is_safe_path of the file src/code_mcp/server.py of the component MCP File Handler. Such manipulation leads to path traversal. It is possible to l…
A flaw has been found in UsamaK98 python-notebook-mcp up to a05a232815809a7e425b5fa7be26e0d4369894c2. Impacted is the function create_notebook/read_notebook/edit_cell/add_cell of the file server.py. This manipulation causes path traversal. It is possible to initiate the attack re…
CVE-2026-7519
A vulnerability has been found in Fujian Apex LiveBOS up to 2.0. Impacted is an unknown function of the file /feed/Uploa
10:32 KSA
A vulnerability has been found in Fujian Apex LiveBOS up to 2.0. Impacted is an unknown function of the file /feed/UploadImage.do of the component Endpoint. Such manipulation of the argument filename leads to path traversal. The attack can be launched remotely. The exploit has be…
CVE-2026-7545
A weakness has been identified in SourceCodester Advanced School Management System 1.0. The affected element is an unkno
15:18 KSA
A weakness has been identified in SourceCodester Advanced School Management System 1.0. The affected element is an unknown function of the file commonController.php of the component checkEmail Endpoint. This manipulation causes sql injection. Remote exploitation of the attack is …
CVE-2026-7788
A security flaw has been discovered in Axle-Bucamp MCP-Docusaurus up to 404bc028e15ec304c9a045528560f4b5f27a17e0. The af
18:32 KSA
A security flaw has been discovered in Axle-Bucamp MCP-Docusaurus up to 404bc028e15ec304c9a045528560f4b5f27a17e0. The affected element is the function update_document/continue_document/delete_document/get_content of the file app/routes/document.py. Performing a manipulation of th…
CVE-2026-7549
A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. This impacts an unknown function of the
15:18 KSA
A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. This impacts an unknown function of the file /ajax.php?action=delete_customer. Executing a manipulation of the argument ID can lead to sql injection. The attack may be performed from remote. The expl…
CVE-2026-7550
A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected is an unknown functio
15:18 KSA
A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected is an unknown function of the file /ajax.php?action=save_customer. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The ex…
A security flaw has been discovered in A-G-U-P-T-A wireshark-mcp edaf604416fbc94a201b4043092d4a1b09a12275/400c3da70074f22f3cce7ccb65304cafc7089c89. This affects the function quick_capture of the file pyshark_mcp.py. The manipulation results in os command injection. The attack may…
CVE-2026-7555
A vulnerability was identified in itsourcecode Electronic Judging System 1.0. This affects an unknown part of the file /
15:18 KSA
A vulnerability was identified in itsourcecode Electronic Judging System 1.0. This affects an unknown part of the file /intrams/login.php. Such manipulation of the argument Username leads to sql injection. The attack can be launched remotely. The exploit is publicly available and…
CVE-2026-7590
A vulnerability was identified in eyal-gor p_69_branch_monkey_mcp up to 69bc71874ce40050ef45fde5a435855f18af3373. The af
01:48 KSA
A vulnerability was identified in eyal-gor p_69_branch_monkey_mcp up to 69bc71874ce40050ef45fde5a435855f18af3373. The affected element is an unknown function of the file branch_monkey_mcp/bridge_and_local_actions/routes/advanced.py of the component Preview Endpoint. Such manipula…
CVE-2026-7592
A weakness has been identified in itsourcecode Courier Management System 1.0. This affects an unknown function of the fi
01:48 KSA
A weakness has been identified in itsourcecode Courier Management System 1.0. This affects an unknown function of the file /edit_staff.php. Executing a manipulation of the argument ID can lead to sql injection. The attack may be launched remotely. The exploit has been made availa…
CVE-2026-7593
A security vulnerability has been detected in Sunwood-ai-labs command-executor-mcp-server up to 0.1.0. This impacts the
01:48 KSA
A security vulnerability has been detected in Sunwood-ai-labs command-executor-mcp-server up to 0.1.0. This impacts the function execute_command of the file src/index.ts of the component MCP Interface. The manipulation leads to os command injection. Remote exploitation of the att…
CVE-2026-7594
A vulnerability was detected in Flux159 mcp-game-asset-gen 0.1.0. Affected is the function image_to_3d_async of the file
01:48 KSA
A vulnerability was detected in Flux159 mcp-game-asset-gen 0.1.0. Affected is the function image_to_3d_async of the file src/index.ts of the component MCP Interface. The manipulation of the argument statusFile results in path traversal. The attack can be executed remotely. The ex…
CVE-2026-7784
A vulnerability has been found in RTGS2017 NagaAgent up to 5.1.0. This issue affects some unknown processing of the file
18:32 KSA
A vulnerability has been found in RTGS2017 NagaAgent up to 5.1.0. This issue affects some unknown processing of the file apiserver/routes/extensions.py of the component Skills Endpoint. Such manipulation of the argument Name leads to path traversal. It is possible to launch the a…
A vulnerability has been found in code-projects Online Lot Reservation System up to 1.0. The impacted element is an unknown function of the file /loginuser.php. The manipulation of the argument email/password leads to sql injection. It is possible to initiate the attack remotely.…
A security vulnerability has been detected in edvardlindelof notes-mcp up to 0.1.4. This affects an unknown function of the file notes_mcp.py. The manipulation of the argument root_dir/path leads to path traversal. The attack is possible to be carried out remotely. The exploit ha…
A weakness has been identified in dvladimirov MCP up to 0.1.0. The impacted element is the function GitSearchRequest of the file mcp_server.py of the component Git Search API. Executing a manipulation of the argument repo_url/pattern can lead to command injection. The attack can …
A vulnerability was detected in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected by this vulnerability is an unknown functionality of the file /ajax.php?action=delete_product. Performing a manipulation of the argument ID results in sql injection. It is possible to…
A weakness has been identified in SourceCodester Pharmacy Sales and Inventory System 1.0. This impacts an unknown function of the file /ajax.php?action=save_product. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely. The …
A security flaw has been discovered in ChatGPTNextWeb NextChat up to 2.16.1. Affected by this issue is the function proxyHandler of the file app/api/[provider]/[...path]/route.ts. The manipulation results in server-side request forgery. The attack may be performed from remote. Th…
A vulnerability has been found in dmitryglhf mcp-url-downloader up to 4b8cf2de55f6e8864a77d108e8a94a5b8e4394c6. Affected by this issue is the function _validate_url_safe of the file src/mcp_url_downloader/server.py. Such manipulation of the argument url leads to server-side reque…
A flaw has been found in disler aider-mcp-server up to b2516fa466d0d851932da92ee6d0e66946db9efc. Affected by this vulnerability is an unknown functionality of the file src/aider_mcp_server/server.py of the component aider_ai_code. This manipulation of the argument relative_editab…
A vulnerability has been found in dexhunter kaggle-mcp up to 406127ffcb2b91b8c10e20e6c2ca787fbc1dc92d. This vulnerability affects the function prepare_kaggle_dataset of the file src/kaggle_mcp/server.py. The manipulation of the argument competition_id leads to path traversal. The…
A vulnerability was detected in JoeCastrom mcp-chat-studio up to 1.5.0. Affected by this issue is some unknown functionality of the file server/routes/llm.js of the component LLM Models API. Performing a manipulation of the argument req.query.base_url results in server-side reque…
A security vulnerability has been detected in AlejandroArciniegas mcp-data-vis up to de5a51525a69822290eaee569a1ab447b490746d. Affected by this vulnerability is the function axios of the file src/servers/web-scraper/server.js of the component HTTP Request Handler. Such manipulati…
A vulnerability was detected in ezequiroga mcp-bases 357ca19c7a49a9b9cb2ef639b366f03aba8bea39/c630b8ab0f970614d42da8e566e9c0d15a16414c. This impacts the function search_papers of the file research_server.py. Performing a manipulation of the argument topic results in path traversa…
CVE-2026-7130
SQL Injection in SourceCodester Pharmacy System 1.0 Delete Category Function
02:18 KSA
A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. The affected element is an unknown function of the file /ajax.php?action=delete_category. Executing a manipulation of the argument ID can lead to sql injection. The attack may be performed from remot…
A security vulnerability has been detected in SourceCodester Pharmacy Sales and Inventory System 1.0. This issue affects some unknown processing of the file /ajax.php?action=save_type. Such manipulation of the argument ID leads to sql injection. The attack can be executed remotel…
A weakness has been identified in SourceCodester Pharmacy Sales and Inventory System 1.0. This vulnerability affects unknown code of the file /ajax.php?action=delete_receiving. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possibl…
A security flaw has been discovered in SourceCodester Pharmacy Sales and Inventory System 1.0. This affects an unknown part of the file /ajax.php?action=save_category. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit h…
CVE-2026-7094
SSRF Vulnerability in ShadowCloneLabs GlutamateMCPServers Puppeteer Component
00:06 KSA
A vulnerability was determined in ShadowCloneLabs GlutamateMCPServers up to e2de73280b01e5d943593dd1aa2c01c5b9112f78. Affected by this issue is some unknown functionality of the file src/puppeteer/index.ts of the component puppeteer_navigate. Executing a manipulation of the argum…
CVE-2026-7088
SQL Injection in SourceCodester Pharmacy System 1.0 /ajax.php save_receiving
00:06 KSA
A weakness has been identified in SourceCodester Pharmacy Sales and Inventory System 1.0. The affected element is an unknown function of the file /ajax.php?action=save_receiving. Executing a manipulation of the argument ID can lead to sql injection. The attack can be launched rem…
A security flaw has been discovered in SourceCodester Pharmacy Sales and Inventory System 1.0. Impacted is an unknown function of the file /ajax.php?action=save_sales. Performing a manipulation of the argument ID results in sql injection. The attack can be initiated remotely. The…
CVE-2026-7077
SQL Injection in itsourcecode Courier Management System 1.0 /edit_parcel.php
05:32 KSA
A vulnerability was identified in itsourcecode Courier Management System 1.0. The affected element is an unknown function of the file /edit_parcel.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit is publicly availa…
A vulnerability was found in itsourcecode Construction Management System 1.0. This issue affects some unknown processing of the file /locations.php. Performing a manipulation of the argument address results in sql injection. It is possible to initiate the attack remotely. The exp…
A vulnerability was identified in eghuzefa engineer-your-data up to 0.1.3. This vulnerability affects the function read_file/write_file/list_files/file_inf of the file src/server.py. The manipulation of the argument WORKSPACE_PATH leads to path traversal. The attack may be initia…
A flaw has been found in elinsky execution-system-mcp 0.1.0. The impacted element is the function _get_context_file_path of the file src/execution_system_mcp/server.py of the component add_action Tool. This manipulation of the argument context causes path traversal. The attack ca…
A vulnerability has been found in eiliyaabedini aider-mcp up to 667b914301aada695aab0e46d1fb3a7d5e32c8af. Affected is an unknown function of the file aider_mcp.py of the component code_with_ai. The manipulation of the argument working_dir/editable_files leads to command injection…
A flaw has been found in eiceblue spire-pdf-mcp-server 0.1.1. This impacts the function get_pdf_path of the file src/spire_pdf_mcp/server.py of the component PDF File Handler. Executing a manipulation of the argument filepath can lead to path traversal. The attack can be launched…
A vulnerability was detected in eiceblue spire-doc-mcp-server 1.0.0. This affects the function get_doc_path of the file src/spire_doc_mcp/api/base.py. Performing a manipulation of the argument document_name results in path traversal. The attack can be initiated remotely. The expl…
CVE-2026-7272
A flaw has been found in WilliamCloudQi matlab-mcp-server up to ab88f6b9bf5f36f725e8628029f7f6dd0d9913ca. The affected e
15:54 KSA
A flaw has been found in WilliamCloudQi matlab-mcp-server up to ab88f6b9bf5f36f725e8628029f7f6dd0d9913ca. The affected element is the function generate_matlab_code/execute_matlab_code of the file src/index.ts of the component MCP Interface. Executing a manipulation of the argumen…
CVE-2026-7237
A vulnerability was detected in AgiFlow scaffold-mcp up to 1.0.27. Affected by this issue is some unknown functionality
09:48 KSA
A vulnerability was detected in AgiFlow scaffold-mcp up to 1.0.27. Affected by this issue is some unknown functionality of the file packages/scaffold-mcp/src/server/index.ts of the component write-to-file Tool. The manipulation of the argument file_path results in path traversal.…
A flaw has been found in fatbobman mail-mcp-bridge up to 1.3.3. Affected is an unknown function of the file src/mail_mcp_server.py. Executing a manipulation of the argument message_ids can lead to path traversal. The attack can be executed remotely. The exploit has been published…
CVE-2026-7234
A weakness has been identified in BrowserOperator browser-operator-core up to 0.6.0. Affected is the function startsWith
03:16 KSA
A weakness has been identified in BrowserOperator browser-operator-core up to 0.6.0. Affected is the function startsWith of the file scripts/component_server/server.js. Executing a manipulation of the argument request.url can lead to path traversal. The attack can be launched rem…
⚠️ Threat Intelligence
45 threats
rss:Dark Reading
—
18:36 KSA
Why Security Leadership Makes or Breaks a Pen Test
Effective security leadership is critical to successful penetration testing programs that go beyond compliance checkboxes to identify genuine vulnerabilities. Strong leaders ensure proper scope definition, acces…
rss:Dark Reading
—
18:36 KSA
Research Hub Bridges Cybersecurity Gap for Under-Resourced Organizations
UC Berkeley's Center for Long-Term Cybersecurity provides critical cybersecurity tools and support to under-resourced organizations including schools, local governments, and non-profits fac…
rss:Dark Reading
—
03:48 KSA
Trellix Source Code Breach Highlights Growing Supply Chain Threats
Trellix experienced a source code breach that exposes critical information about security product controls and detection mechanisms. This type of breach provides attackers with valuable intellige…
rss:CISA Advisories
—
03:48 KSA
ABB B&R PVI
ABB disclosed a vulnerability in B&R PVI product versions that allows attackers to read sensitive information from logging data. An update has been released to remediate the vulnerability and prevent unauthorized information disclosure.
Source: …
rss:CISA Advisories
—
03:48 KSA
Johnson Controls CEM AC2000
A privilege escalation vulnerability (CVE-2026-21661) affects Johnson Controls CEM AC2000 versions 10.6, 11.0, and 12.0, allowing standard users to escalate privileges on the host machine. Successful exploitation could grant unauthori…
rss:BleepingComputer
—
02:03 KSA
The EOL Blind Spot in Your CVE Feed: What SCA Tools Miss
Software composition analysis (SCA) tools and CVE feeds often miss critical vulnerabilities in end-of-life (EOL) open source software, creating security blind spots. Organizations need additional scanning …
rss:BleepingComputer
—
02:03 KSA
DAEMON Tools trojanized in supply-chain attack to deploy backdoor
Attackers compromised DAEMON Tools installers and distributed a backdoor to thousands of users who downloaded the software from the official website starting April 8. This supply-chain attack demo…
rss:CISA Advisories
—
02:03 KSA
Hitachi Energy PCM600
Hitachi Energy has identified a vulnerability in PCM600 that could compromise the integrity of the product. An attacker exploiting this vulnerability could modify or corrupt critical data. Immediate action is recommended to mitigate this ri…
rss:CISA Advisories
—
02:03 KSA
ABB B&R Automation Runtime
ABB has disclosed a vulnerability in B&R Automation Runtime that could cause denial of service by stopping the product. An update is available to address this vulnerability. Exploitation could disrupt critical industrial automation…
rss:CISA Advisories
—
02:03 KSA
ABB B&R Automation Studio
ABB has identified a vulnerability in B&R Automation Studio that could allow attackers to masquerade as trusted parties. An update is available to resolve this vulnerability. This could enable unauthorized access and impersonation a…
rss:Recorded Future
—
00:13 KSA
Hacking Embodied AI
Embodied AI systems including humanoid and quadruped robots are transitioning from experimental demonstrations to practical deployment in organizational staffing. This shift introduces new cybersecurity vulnerabilities as these physical AI sy…
rss:BleepingComputer
—
00:13 KSA
Student hacked Taiwan high-speed rail to trigger emergency brakes
A 23-year-old Taiwanese university student was arrested for hacking into the TETRA communication system of Taiwan's high-speed railway network (THSR) and triggering emergency brakes. This incident…
rss:SecurityWeek
—
22:49 KSA
Microsoft Warns of Sophisticated Phishing Campaign Targeting US Organizations
Microsoft has identified a sophisticated phishing campaign using deceptive emails claiming to contain conduct reports that direct victims to fake Microsoft websites. The attack leverag…
rss:Dark Reading
—
22:49 KSA
Physical Cargo Theft Gets a Boost From Cybercriminals
Cargo theft has evolved from localized criminal operations to sophisticated transnational cybercriminal syndicates exploiting supply chain system access to intercept and reroute shipments. This supply chain a…
rss:Dark Reading
—
22:49 KSA
Microsoft Edge Stores Passwords in Process Memory, Posing Enterprise Risk
A proof-of-concept exploit demonstrates how administrators can extract passwords stored in Microsoft Edge's process memory, enabling credential theft and subsequent malicious activities. T…
rss:The Hacker News
—
22:49 KSA
China-Linked UAT-8302 Targets Governments Using Shared APT Malware Across Regions
A China-linked APT group tracked as UAT-8302 has been conducting targeted attacks against government entities in South America since late 2024 and southeastern Europe in 2025. The …
rss:The Hacker News
—
22:49 KSA
DAEMON Tools Supply Chain Attack Compromises Official Installers with Malware
A supply chain attack compromised official DAEMON Tools installers distributed from legitimate channels, injecting malicious payloads signed with valid digital certificates. This sophi…
rss:The Hacker News
—
22:49 KSA
Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCE
Apache Software Foundation released security updates addressing a critical vulnerability (CVE-2026-23918, CVSS 8.8) in HTTP Server that could enable remote code execution. This severe fla…
rss:BleepingComputer
—
22:48 KSA
FTC to ban data broker Kochava from selling Americans’ location data
The FTC has banned data broker Kochava and its subsidiary from selling precise geolocation data collected from hundreds of millions of mobile devices without explicit consumer consent. This enf…
rss:SecurityWeek
—
20:38 KSA
Critical Bug Could Expose 300,000 Ollama Deployments to Information Theft
A critical heap out-of-bounds read vulnerability dubbed 'Bleeding Llama' affects Ollama deployments and can be exploited remotely without authentication. The flaw potentially exposes appro…
rss:SecurityWeek
—
20:38 KSA
Hacker Conversations: Joey Melo on Hacking AI
An AI red team specialist discusses techniques for bypassing AI safety mechanisms through jailbreaking and data poisoning attacks. The research aims to help developers strengthen machine learning model defenses again…
rss:The Hacker News
—
20:38 KSA
The Back Door Attackers Know About — and Most Security Teams Still Haven’t Closed
OAuth tokens generated through third-party integrations with Google and Microsoft lack expiration dates and automatic cleanup mechanisms, creating persistent backdoors that bypass …
rss:The Hacker News
—
20:38 KSA
MetInfo CMS CVE-2026-29014 Exploited for Remote Code Execution Attacks
Threat actors are actively exploiting CVE-2026-29014, a critical code injection vulnerability (CVSS 9.8) in the open-source MetInfo CMS platform. This flaw enables remote code execution attac…
rss:BleepingComputer
—
20:38 KSA
Vimeo data breach exposes personal information of 119,000 people
The ShinyHunters extortion gang breached Vimeo in April and stole personal information of over 119,000 users. The stolen data was later exposed through the Have I Been Pwned service, representing a…
rss:BleepingComputer
—
20:38 KSA
The EOL Blind Spot in Your CVE Feed: What SCA Tools Don't Check.
End-of-life (EOL) open source software creates critical security blind spots that standard vulnerability scanning tools fail to detect. Organizations using outdated dependencies may have unpat…
rss:Malwarebytes Lab
—
18:36 KSA
Update WhatsApp now: Two new flaws could expose you to malicious files
WhatsApp has released patches to address two newly discovered vulnerabilities that could allow attackers to distribute malicious content and disguised malware to users. These flaws pose a sig…
rss:SecurityWeek
—
18:36 KSA
Karakurt Ransomware Negotiator Sentenced to Prison
Deniss Zolotarjovs, a negotiator for the Karakurt ransomware group, has been sentenced to prison for his involvement in extortion strategies and victim negotiations. This represents a significant law enforcement…
rss:SecurityWeek
—
18:36 KSA
Critical, High-Severity Vulnerabilities Patched in Apache MINA, HTTP Server
Critical and high-severity vulnerabilities have been patched in Apache MINA and HTTP Server, with the most severe allowing remote attackers to execute arbitrary code. These vulnerabiliti…
rss:SecurityWeek
—
18:36 KSA
Critical Remote Code Execution Vulnerability Patched in Android
CVE-2026-0073 is a critical remote code execution vulnerability in Android's System component that can be exploited without user interaction. This vulnerability poses a significant risk to Android d…
rss:Dark Reading
—
18:36 KSA
How the Story of a USB Penetration Test Went Viral
A retrospective on a landmark cybersecurity article from two decades ago describing a USB-based social engineering penetration test at a credit union, where rigged thumb drives were left in parking lots to test …
rss:The Hacker News
—
18:36 KSA
We Scanned 1 Million Exposed AI Services. Here's How Bad the Security Actually Is
A security scan of 1 million exposed AI services reveals critical vulnerabilities in self-hosted LLM infrastructure. Organizations rapidly deploying AI solutions are neglectin…
rss:BleepingComputer
—
18:36 KSA
Google now offers up to $1.5 million for some Android exploits
Google has restructured its vulnerability reward programs for Android and Chrome, increasing bounties up to $1.5 million for complex exploits while reducing payments for vulnerabilities that AI tools…
rss:BleepingComputer
—
16:50 KSA
Karakurt extortion gang ‘cold case’ negotiator gets 8.5 years in prison
A Latvian national was extradited to the US and sentenced to 8.5 years for his role as a 'cold case' negotiator in the Russian Karakurt ransomware group. This case highlights law enforcement…
rss:BleepingComputer
—
16:50 KSA
CloudZ malware abuses Microsoft Phone Link to steal SMS and OTPs
A new variant of CloudZ remote access trojan (RAT) deploys a malicious plugin called Pheno that exploits Microsoft Phone Link to steal SMS messages and one-time passwords (OTPs) from connected mobi…
rss:SecurityWeek
—
15:43 KSA
WhatsApp Discloses File Spoofing, Arbitrary URL Scheme Vulnerabilities
WhatsApp disclosed file spoofing and arbitrary URL scheme vulnerabilities that were responsibly reported through Meta's bug bounty program. The vulnerabilities were patched with updates relea…
rss:SecurityWeek
—
15:43 KSA
MetInfo, Weaver E-cology Vulnerabilities in Attackers’ Crosshairs
Critical vulnerabilities in MetInfo and Weaver E-cology platforms allow unauthenticated remote attackers to execute arbitrary code through specially crafted requests. These security defects pose s…
rss:The Hacker News
—
15:43 KSA
ScarCruft Hacks Gaming Platform to Deploy BirdCall Malware on Android and Windows
North Korea-aligned ScarCruft APT compromised a gaming platform in a supply chain attack, deploying BirdCall backdoor malware targeting Android and Windows systems. The attack appe…
rss:BleepingComputer
—
15:43 KSA
ScarCruft hackers push BirdCall Android malware via game platform
North Korean APT37 group is distributing an Android version of the BirdCall backdoor malware through a compromised video game platform in a supply-chain attack. This malware poses significant risk…
rss:The Hacker News
—
14:33 KSA
Microsoft Details Phishing Campaign Targeting 35,000 Users Across 26 Countries
Microsoft disclosed a large-scale credential theft phishing campaign targeting 35,000 users across 26 countries using code of conduct-themed lures and legitimate email services. Attac…
rss:The Hacker News
—
14:33 KSA
Weaver E-cology RCE Flaw CVE-2026-22679 Actively Exploited via Debug API
A critical unauthenticated remote code execution vulnerability (CVE-2026-22679, CVSS 9.8) in Weaver E-cology enterprise collaboration platform is actively being exploited in the wild. The f…
rss:Recorded Future
—
04:16 KSA
Working in London at the World’s Largest Intelligence Company
This article describes workplace culture and employment opportunities at Recorded Future's London office, a leading cybersecurity intelligence company. While not directly addressing threats, it provid…
rss:Dark Reading
—
04:16 KSA
Exploit Cyber-Frenzy Threatens Millions via Critical cPanel Vulnerability
A critical authentication-bypass vulnerability in cPanel has triggered a surge in exploit activity, with multiple proof-of-concept exploits released and evidence of zero-day exploitation f…
rss:Dark Reading
—
04:16 KSA
RMM Tools Fuel Stealthy Phishing Campaign
Attackers are exploiting remote monitoring and management (RMM) tools to conduct stealthy phishing attacks that have compromised over 80 organizations. The abuse of legitimate RMM tools enables threat actors to evade tra…
rss:BleepingComputer
—
04:16 KSA
Weaver E-cology critical bug exploited in attacks since March
A critical vulnerability (CVE-2026-22679) in Weaver E-cology office automation software has been actively exploited by attackers since mid-March to execute discovery commands. This vulnerability poses…
rss:BleepingComputer
—
04:16 KSA
Amazon SES increasingly abused in phishing to evade detection
Amazon Simple Email Service (SES) is being increasingly abused by threat actors to deliver sophisticated phishing emails that bypass standard security filters and defeat reputation-based blocking mech…
📰 Cybersecurity News
2 articles
Saudi Central Bank Mandates Enhanced Cloud Security Controls for Financial Institutions Under SAMA C
03:57 KSA
SAMA has issued new cloud security requirements for all licensed financial entities, mandating comprehensive risk assessments and data sovereignty compliance by Q2 2025. The directive aligns with Visi…
Major Saudi Enterprises Accelerate Multi-Cloud Adoption as NEOM and Qiddiya Projects Drive Infrastru
03:57 KSA
Leading Saudi organizations including Aramco Digital, STC, and Mobily are implementing advanced multi-cloud strategies to support Vision 2030 megaprojects. The shift represents a SAR 8.2 billion inves…
This digest is updated automatically every day — Last updated: Tuesday, May 5, 2026
CVE Archive ·
Threats ·
News