176
CVEs
32
Threats
0
News
6
Critical
3
CISA KEV
🛡 Security Vulnerabilities (CVE)
CVE-2026-42208
BerriAI LiteLLM — CVE-2026-42208
BerriAI LiteLLM contains a SQL injection vulnerability that allows an attacker to read
05:51 KSA
BerriAI LiteLLM — CVE-2026-42208
BerriAI LiteLLM contains a SQL injection vulnerability that allows an attacker to read data from the proxy's database and potentially modify it, leading to unauthorised access to the proxy and the credentials it manages.
Required Action: Apply mi…
CVE-2026-42373
D-Link DIR-605L Hardware Revision B2 (End-of-Life, EOL) contains a hardcoded telnet backdoor. The device starts a telnet
08:48 KSA
D-Link DIR-605L Hardware Revision B2 (End-of-Life, EOL) contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /bin/telnetd.sh with the username "Alphanetworks" and the static password "wrgn76_dlwbr_dir605L" read from /etc/alpha_config/image_sign. The…
CVE-2026-42374
D-Link DIR-600L Hardware Revision B1 (End-of-Life) contains a hardcoded telnet backdoor. The device starts a telnet daem
08:48 KSA
D-Link DIR-600L Hardware Revision B1 (End-of-Life) contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /bin/telnetd.sh with the username "Alphanetworks" and the static password "wrgn61_dlwbr_dir600L" read from /etc/alpha_config/image_sign. The cust…
CVE-2026-42375
D-Link DIR-600L Hardware Revision A1 (End-of-Life) contains a hardcoded telnet backdoor. The device starts a telnet daem
08:48 KSA
D-Link DIR-600L Hardware Revision A1 (End-of-Life) contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /bin/telnetd.sh with the username "Alphanetworks" and the static password "wrgn35_dlwbr_dir600l" read from /etc/alpha_config/image_sign. The cust…
CVE-2026-6973
Ivanti Endpoint Manager Mobile (EPMM) — CVE-2026-6973
Ivanti Endpoint Manager Mobile (EPMM) contains an improper input v
05:48 KSA
Ivanti Endpoint Manager Mobile (EPMM) — CVE-2026-6973
Ivanti Endpoint Manager Mobile (EPMM) contains an improper input validation vulnerability that allows a remotely authenticated user with administrative access to achieve remote code execution.
Required Action: Apply mitigatio…
CVE-2026-41588
RELATE is a web-based courseware package. Prior to commit 2f68e16, there is a timing attack vulnerability in course/auth
04:55 KSA
RELATE is a web-based courseware package. Prior to commit 2f68e16, there is a timing attack vulnerability in course/auth.py — check_sign_in_key(). This issue has been patched via commit 2f68e16.
CVE-2023-54345
Frappe Framework ERPNext 13.4.0 contains a sandbox escape vulnerability in RestrictedPython that allows authenticated us
18:32 KSA
Frappe Framework ERPNext 13.4.0 contains a sandbox escape vulnerability in RestrictedPython that allows authenticated users with System Manager role to execute arbitrary code by exploiting frame introspection. Attackers can create a server script via the /app/server-script endpoi…
CVE-2023-54348
ERPGo SaaS 3.9 contains a CSV injection vulnerability that allows authenticated attackers to execute arbitrary code by i
18:32 KSA
ERPGo SaaS 3.9 contains a CSV injection vulnerability that allows authenticated attackers to execute arbitrary code by injecting formula payloads into vendor name fields. Attackers can add malicious formulas like =10+20+cmd|' /C calc'!A0 in the vendor creation form, which execute…
CVE-2026-29514
NetBox versions 4.3.5 through 4.5.4 contain a remote code execution vulnerability in the RenderTemplateMixin.get_environ
04:54 KSA
NetBox versions 4.3.5 through 4.5.4 contain a remote code execution vulnerability in the RenderTemplateMixin.get_environment_params() method that allows authenticated users with exporttemplate or configtemplate permissions to execute arbitrary code by specifying malicious Python …
CVE-2026-39816
Apache NiFi TinkerpopClientService Missing Execute Code Permission Restriction
20:48 KSA
The optional extension component TinkerpopClientService is missing the Restricted annotation with the Execute Code Required Permission in Apache NiFi 2.0.0-M1 through 2.8.0. The TinkerpopClientService supports configuration of ByteCode Submission for the Script Submission Type, e…
CVE-2026-42203
LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. From version 1.80.5 to before vers
23:45 KSA
LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. From version 1.80.5 to before version 1.83.7, the POST /prompts/test endpoint accepted user-supplied prompt templates and rendered them without sandboxing. A crafted template could run arbitrary…
CVE-2026-42229
n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, a flaw in the SeaTab
15:18 KSA
n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, a flaw in the SeaTable node's row:search and row:get operations allowed user-controlled input to be concatenated directly into SQL query strings without escaping or parameterizatio…
CVE-2026-42231
n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, a flaw in the xml2js
15:18 KSA
n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, a flaw in the xml2js library used to parse XML request bodies in n8n's webhook handler allowed prototype pollution via a crafted XML payload. An authenticated user with permission …
CVE-2026-42232
n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, an authenticated use
18:32 KSA
n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, an authenticated user with permission to create or modify workflows could achieve global prototype pollution via the XML Node leading to RCE when combined with other nodes exploiti…
CVE-2026-42234
n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, an authenticated use
18:32 KSA
n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, an authenticated user with permission to create or modify workflows containing a Python Code Node could escape the sandbox and achieve arbitrary code execution on the task runner c…
CVE-2026-42237
n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, the fix for GHSA-f3f
18:32 KSA
n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, the fix for GHSA-f3f2-mcxc-pwjx did not cover the Snowflake node or the legacy MySQL v1 node. Both nodes construct SQL queries by directly interpolating user-controlled table names…
CVE-2026-42271
LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. From version 1.74.2 to before vers
16:32 KSA
LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. From version 1.74.2 to before version 1.83.7, two endpoints used to preview an MCP server before saving it — POST /mcp-rest/test/connection and POST /mcp-rest/test/tools/list — accepted a full s…
CVE-2026-42434
OpenClaw versions 2026.4.5 before 2026.4.10 contain a sandbox escape vulnerability allowing sandboxed agents to override
18:32 KSA
OpenClaw versions 2026.4.5 before 2026.4.10 contain a sandbox escape vulnerability allowing sandboxed agents to override exec routing by specifying host=node. Attackers can bypass sandbox boundaries and route execution to remote nodes instead of intended sandbox paths.
CVE-2026-42435
OpenClaw versions from 2026.2.22 before 2026.4.12 contain an insufficient shell-wrapper detection vulnerability allowing
18:32 KSA
OpenClaw versions from 2026.2.22 before 2026.4.12 contain an insufficient shell-wrapper detection vulnerability allowing attackers to inject environment variable assignments at the argv level. Attackers can bypass exec preflight handling to manipulate high-risk shell variables li…
The User Frontend: AI Powered Frontend Posting, User Directory, Profile, Membership & User Registration plugin for WordPress is vulnerable to Deserialization of Untrusted Data in versions up to, and including, 4.3.1 This is due to insufficient input validation and type checking o…
CVE-2026-8137
A vulnerability has been found in Totolink X5000R 9.1.0u.6369_B20230113. This vulnerability affects the function sub_458
16:32 KSA
A vulnerability has been found in Totolink X5000R 9.1.0u.6369_B20230113. This vulnerability affects the function sub_458E40 of the file /boafrm/formDdns. The manipulation of the argument submit-url leads to buffer overflow. Remote exploitation of the attack is possible. The explo…
A vulnerability was found in Tenda CX12L 16.03.53.12. This issue affects the function formSetPPTPServer of the file /goform/SetPptpServerCfg”. The manipulation results in stack-based buffer overflow. The attack can be executed remotely. The exploit has been made public and could …
DrayTek Vigor 2960 firmware versions prior to 1.5.1.4 contain an OS command injection vulnerability in the CGI login handler that allows unauthenticated remote attackers to execute arbitrary commands by injecting shell metacharacters into the formpassword parameter. Attackers can…
Missing MinIO policy cleanup on bucket deletion via Apache CloudStack allows users to retain access to buckets which they previously owned. If another user creates a new bucket with the same name, the previous owners can gain unauthorized read and write access to it by using the …
Memory corruption when another driver calls an IOCTL with invalid input/output buffer.
Memory Corruption when copying data from a freed source while executing performance counter deselect operation.
In the Linux kernel, the following vulnerability has been resolved:
accel/qaic: Handle DBC deactivation if the owner went away
When a DBC is released, the device sends a QAIC_TRANS_DEACTIVATE_FROM_DEV
transaction to the host over the QAIC_CONTROL MHI channel. QAIC handles
this …
CVE-2026-43015
In the Linux kernel, the following vulnerability has been resolved:
net: macb: fix clk handling on PCI glue driver remo
04:54 KSA
In the Linux kernel, the following vulnerability has been resolved:
net: macb: fix clk handling on PCI glue driver removal
platform_device_unregister() may still want to use the registered clks
during runtime resume callback.
Note that there is a commit d82d5303c4c5 ("net: mac…
CVE-2026-42436
OpenClaw before 2026.4.14 contains an improper access control vulnerability in browser snapshot, screenshot, and tab rou
21:54 KSA
OpenClaw before 2026.4.14 contains an improper access control vulnerability in browser snapshot, screenshot, and tab routes that fail to consistently validate the final browser target after navigation. Authenticated callers can bypass SSRF restrictions to expose internal or disal…
CVE-2023-54346
WordPress Backup Migration Plugin Information Disclosure via Predictable Paths
18:32 KSA
WordPress Plugin Backup Migration 1.2.8 contains an information disclosure vulnerability that allows unauthenticated attackers to download complete database backups by accessing predictable file paths. Attackers can enumerate backup directories through configuration files and com…
CVE-2023-54347
OpenEMR 7.0.1 Authentication Brute Force Vulnerability - Rate Limiting Bypass
18:32 KSA
OpenEMR 7.0.1 contains an authentication brute force vulnerability that allows attackers to bypass rate limiting protections by sending repeated login attempts to the main login endpoint. Attackers can submit POST requests with authUser and clearPass parameters to systematically …
CVE-2026-25863
Conditional Fields for Contact Form 7 WordPress plugin through version 2.6.7 contains an uncontrolled resource consumpti
15:18 KSA
Conditional Fields for Contact Form 7 WordPress plugin through version 2.6.7 contains an uncontrolled resource consumption vulnerability in the Wpcf7cfMailParser class where the hide_hidden_mail_fields_regex_callback() method reads an iteration count directly from user-supplied P…
CVE-2026-32834
Easy PayPal Events & Tickets Plugin Authentication Bypass via Hardcoded Hash
08:48 KSA
Easy PayPal Events & Tickets plugin for WordPress version 1.3 and earlier contain a hardcoded authentication bypass vulnerability in the QR code scanning functionality that allows unauthenticated remote attackers to bypass hash verification by supplying 'test' as the hash paramet…
The Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder plugin for WordPress is vulnerable to SQL Injection via the 'inputs' parameter in versions up to, and including, 1.15.42 due to insufficient escaping on the user supplied parameter and lack of sufficient p…
The GeekyBot — Generate AI Content Without Prompt, Chatbot and Lead Generation plugin for WordPress is vulnerable to SQL Injection via the 'attributekey' parameter in versions up to, and including, 1.2.0 due to insufficient escaping on the user supplied parameter and lack of suff…
CVE-2026-38361
An issue in fohrloop dash-uploader v.0.1.0 through v.0.7.0a2 allows a remote attacker to execute arbitrary code via the
04:55 KSA
An issue in fohrloop dash-uploader v.0.1.0 through v.0.7.0a2 allows a remote attacker to execute arbitrary code via the dash_uploader/httprequesthandler.py, dash_uploader/upload.py in the Upload function and max_file_size parameter, dash_uploader/configure_upload.py components
CVE-2026-41471
Easy PayPal Events & Tickets plugin for WordPress versions 1.3 and earlier contain an information disclosure vulnerabili
11:33 KSA
Easy PayPal Events & Tickets plugin for WordPress versions 1.3 and earlier contain an information disclosure vulnerability in the QR code scanning endpoint that allows unauthenticated attackers to enumerate and retrieve all customer order records. Attackers can iterate over seque…
CVE-2026-41493
YARD is a Ruby Documentation tool. Prior to version 0.9.42, a path traversal vulnerability was discovered in YARD when u
02:51 KSA
YARD is a Ruby Documentation tool. Prior to version 0.9.42, a path traversal vulnerability was discovered in YARD when using yard server to serve documentation. This bug would allow unsanitized HTTP requests to access arbitrary files on the machine of a yard server host under cer…
CVE-2026-41584
ZEBRA is a Zcash node written entirely in Rust. Prior to zebrad version 4.3.1 and prior to zebra-chain version 6.0.2, Or
02:51 KSA
ZEBRA is a Zcash node written entirely in Rust. Prior to zebrad version 4.3.1 and prior to zebra-chain version 6.0.2, Orchard transactions contain a rk field which is a randomized validating key and also an elliptic curve point. The Zcash specification allows the field to be the …
CVE-2026-42226
n8n is an open source workflow automation platform. Prior to versions 1.123.33 and 2.17.5, the dynamic-node-parameters e
15:18 KSA
n8n is an open source workflow automation platform. Prior to versions 1.123.33 and 2.17.5, the dynamic-node-parameters endpoints did not verify whether the authenticated caller was authorized to use a supplied credential reference. An authenticated user with access to a shared wo…
n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, the MCP OAuth client registration endpoint accepted unauthenticated requests and stored client data without adequate resource controls. An unauthenticated remote attacker could exh…
CVE-2026-44340
PraisonAI is a multi-agent teams system. Prior to version 4.6.37, the _safe_extractall helper that all recipe pull, reci
02:51 KSA
PraisonAI is a multi-agent teams system. Prior to version 4.6.37, the _safe_extractall helper that all recipe pull, recipe publish, and recipe unpack flows route through validates each archive member's name for absolute paths, .. segments, and resolved-path escape — but does not …
ZEBRA is a Zcash node written entirely in Rust. Prior to version 4.4.0, Zebra's block validator undercounts transparent signature operations against the 20000-sigop block limit (MAX_BLOCK_SIGOPS), allowing it to accept blocks that zcashd rejects with bad-blk-sigops. A miner who p…
The AWP Classifieds plugin for WordPress is vulnerable to SQL Injection via the 'regions' parameter array keys in versions up to, and including, 4.4.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This ma…
CVE-2026-5192
The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to Path Trave
18:32 KSA
The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to Path Traversal in versions up to, and including, 1.52.1 via the 'upload-1[file][file_path]' parameter. This makes it possible for unauthenticated attackers to read the co…
CVE-2026-7784
A vulnerability has been found in RTGS2017 NagaAgent up to 5.1.0. This issue affects some unknown processing of the file
18:32 KSA
A vulnerability has been found in RTGS2017 NagaAgent up to 5.1.0. This issue affects some unknown processing of the file apiserver/routes/extensions.py of the component Skills Endpoint. Such manipulation of the argument Name leads to path traversal. It is possible to launch the a…
A security flaw has been discovered in A-G-U-P-T-A wireshark-mcp edaf604416fbc94a201b4043092d4a1b09a12275/400c3da70074f22f3cce7ccb65304cafc7089c89. This affects the function quick_capture of the file pyshark_mcp.py. The manipulation results in os command injection. The attack may…
CVE-2026-7788
A security flaw has been discovered in Axle-Bucamp MCP-Docusaurus up to 404bc028e15ec304c9a045528560f4b5f27a17e0. The af
18:32 KSA
A security flaw has been discovered in Axle-Bucamp MCP-Docusaurus up to 404bc028e15ec304c9a045528560f4b5f27a17e0. The affected element is the function update_document/continue_document/delete_document/get_content of the file app/routes/document.py. Performing a manipulation of th…
A flaw has been found in UsamaK98 python-notebook-mcp up to a05a232815809a7e425b5fa7be26e0d4369894c2. Impacted is the function create_notebook/read_notebook/edit_cell/add_cell of the file server.py. This manipulation causes path traversal. It is possible to initiate the attack re…
A vulnerability has been found in 54yyyu code-mcp up to 4cfc4643541a110c906d93635b391bf7e357f4a8. The affected element is the function is_safe_path of the file src/code_mcp/server.py of the component MCP File Handler. Such manipulation leads to path traversal. It is possible to l…
A vulnerability was found in 54yyyu code-mcp up to 4cfc4643541a110c906d93635b391bf7e357f4a8. The impacted element is the function git_operation of the file src/code_mcp/server.py of the component MCP Tool. Performing a manipulation of the argument operation results in command inj…
CVE-2026-8126
A flaw has been found in SourceCodester Comment System 1.0. This issue affects some unknown processing of the file post_
16:32 KSA
A flaw has been found in SourceCodester Comment System 1.0. This issue affects some unknown processing of the file post_comment.php. This manipulation of the argument Name causes sql injection. Remote exploitation of the attack is possible. The exploit has been published and may …
CVE-2026-8128
A vulnerability was found in SourceCodester SUP Online Shopping 1.0. The affected element is an unknown function of the
16:32 KSA
A vulnerability was found in SourceCodester SUP Online Shopping 1.0. The affected element is an unknown function of the file /admin/viewmsg.php. Performing a manipulation of the argument msgid results in sql injection. The attack is possible to be carried out remotely. The exploi…
A vulnerability was determined in SourceCodester SUP Online Shopping 1.0. The impacted element is an unknown function of the file wishlist.php. Executing a manipulation of the argument delwlistid can lead to sql injection. The attack may be performed from remote. The exploit has …
CVE-2026-8130
A vulnerability was identified in SourceCodester SUP Online Shopping 1.0. This affects an unknown function of the file /
16:32 KSA
A vulnerability was identified in SourceCodester SUP Online Shopping 1.0. This affects an unknown function of the file /admin/message.php. The manipulation of the argument seenid leads to sql injection. It is possible to initiate the attack remotely. The exploit is publicly avail…
A security flaw has been discovered in SourceCodester SUP Online Shopping 1.0. This impacts an unknown function of the file /admin/replymsg.php. The manipulation of the argument msgid results in sql injection. It is possible to launch the attack remotely. The exploit has been rel…
A weakness has been identified in CodeAstro Leave Management System 1.0. Affected is an unknown function of the file /login.php. This manipulation of the argument txt_username causes sql injection. The attack can be initiated remotely. The exploit has been made available to the p…
A security vulnerability has been detected in zyx0814 FilePress up to 2.2.0. Affected by this vulnerability is an unknown functionality of the file dzz/shares/admin.php of the component Shares Filelist API. Such manipulation of the argument order leads to sql injection. The attac…
CVE-2021-47858
Genexis Platinum-4410 P4410-V2-1.31A contains a stored cross-site scripting vulnerability in the 'start_addr' parameter
04:01 KSA
Genexis Platinum-4410 P4410-V2-1.31A contains a stored cross-site scripting vulnerability in the 'start_addr' parameter of the Security Management interface. Attackers can inject malicious scripts through the start source address field that will persist and trigger for privileged…
CVE-2021-47873
VestaCP versions prior to 0.9.8-25 contain a cross-site scripting vulnerability in the IP interface configuration that a
04:01 KSA
VestaCP versions prior to 0.9.8-25 contain a cross-site scripting vulnerability in the IP interface configuration that allows attackers to inject malicious scripts. Attackers can exploit the 'v_interface' parameter by sending a crafted POST request to the add/ip/ endpoint with a …
CVE-2021-47892
PEEL Shopping 9.3.0 contains a stored cross-site scripting vulnerability in the 'Comments / Special Instructions' parame
04:01 KSA
PEEL Shopping 9.3.0 contains a stored cross-site scripting vulnerability in the 'Comments / Special Instructions' parameter of the purchase page. Attackers can inject malicious JavaScript payloads that will execute when the page is refreshed, potentially allowing client-side scri…
CVE-2022-50806
4images 1.9 contains a remote command execution vulnerability that allows authenticated administrators to inject reverse
04:01 KSA
4images 1.9 contains a remote command execution vulnerability that allows authenticated administrators to inject reverse shell code through template editing functionality. Attackers can save malicious code in the template and execute arbitrary commands by accessing a specific cat…
CVE-2022-50907
e107 CMS version 3.2.1 contains a file upload vulnerability that allows authenticated administrative users to bypass upl
04:01 KSA
e107 CMS version 3.2.1 contains a file upload vulnerability that allows authenticated administrative users to bypass upload restrictions and execute PHP files. Attackers can upload malicious PHP files to parent directories by manipulating the upload URL parameter, enabling remote…
CVE-2022-50908
Mailhog 1.0.1 contains a stored cross-site scripting vulnerability that allows attackers to inject malicious scripts thr
04:01 KSA
Mailhog 1.0.1 contains a stored cross-site scripting vulnerability that allows attackers to inject malicious scripts through email attachments. Attackers can send crafted emails with XSS payloads to execute arbitrary API calls, including message deletion and browser manipulation.
CVE-2022-50916
e107 CMS version 3.2.1 contains a file upload vulnerability that allows authenticated administrators to override server
04:01 KSA
e107 CMS version 3.2.1 contains a file upload vulnerability that allows authenticated administrators to override server files through the Media Manager import functionality. Attackers can exploit the upload mechanism by manipulating the upload URL parameter to overwrite existing …
CVE-2024-1490
An authenticated remote attacker with high privileges can exploit the OpenVPN configuration via the web-based management
15:21 KSA
An authenticated remote attacker with high privileges can exploit the OpenVPN configuration via the web-based management interface of a WAGO PLC. If user-defined scripts are permitted, OpenVPN may allow the execution of arbitrary shell commands enabling the attacker to run arbitr…
CVE-2025-11730
A post‑authentication command injection vulnerability in the Dynamic DNS (DDNS) configuration CLI command in Zyxel ATP s
04:01 KSA
A post‑authentication command injection vulnerability in the Dynamic DNS (DDNS) configuration CLI command in Zyxel ATP series firmware versions from V5.35 through V5.41, USG FLEX series firmware versions from V5.35 through V5.41, USG FLEX 50(W) series firmware versions from V5.35…
CVE-2025-12886
The Oxygen Theme theme for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including,
03:24 KSA
The Oxygen Theme theme for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 6.0.8 via the laborator_calc_route AJAX action. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating fro…
CVE-2025-14436
The Brevo for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘user_connection_id’
04:01 KSA
The Brevo for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘user_connection_id’ parameter in all versions up to, and including, 4.0.49 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated a…
CVE-2025-14541
The Lucky Wheel Giveaway plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and includin
04:01 KSA
The Lucky Wheel Giveaway plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.0.22 via the conditional_tags parameter. This is due to the plugin using PHP's eval() function on user-controlled input without proper validation or saniti…
CVE-2025-14554
The Sell BTC - Cryptocurrency Selling Calculator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via t
04:01 KSA
The Sell BTC - Cryptocurrency Selling Calculator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'orderform_data' AJAX action in all versions up to, and including, 1.5 due to insufficient input sanitization and output escaping. This makes it possible for…
CVE-2025-14610
The TableMaster for Elementor plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, a
04:01 KSA
The TableMaster for Elementor plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.3.6. This is due to the plugin not restricting which URLs can be fetched when importing CSV data from a URL in the Data Table widget. This makes…
CVE-2025-14613
The GetContentFromURL plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and inclu
04:01 KSA
The GetContentFromURL plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.0. This is due to the plugin using wp_remote_get() instead of wp_safe_remote_get() to fetch content from a user-supplied URL in the 'url' parameter of t…
CVE-2025-15266
The GeekyBot — Generate AI Content Without Prompt, Chatbot and Lead Generation plugin for WordPress is vulnerable to Sto
04:01 KSA
The GeekyBot — Generate AI Content Without Prompt, Chatbot and Lead Generation plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the chat message field in all versions up to, and including, 1.1.7 due to insufficient input sanitization and output escaping. This…
CVE-2025-15283
The Name Directory plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'name_directory_name' and
04:01 KSA
The Name Directory plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'name_directory_name' and 'name_directory_description' parameters in all versions up to, and including, 1.30.3 due to insufficient input sanitization and output escaping. This makes it p…
CVE-2025-15378
The AJS Footnotes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'note_list_class' and 'popup
04:01 KSA
The AJS Footnotes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'note_list_class' and 'popup_display_effect_in' parameters in all versions up to, and including, 1.0 due to missing authorization and nonce verification on settings save, as well as insuff…
CVE-2025-15380
The NotificationX – FOMO, Live Sales Notification, WooCommerce Sales Popup, GDPR, Social Proof, Announcement Banner & Fl
04:01 KSA
The NotificationX – FOMO, Live Sales Notification, WooCommerce Sales Popup, GDPR, Social Proof, Announcement Banner & Floating Notification Bar plugin for WordPress is vulnerable to DOM-Based Cross-Site Scripting via the 'nx-preview' POST parameter in all versions up to, and incl…
CVE-2025-15440
The iONE360 configurator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Contact Form Paramet
04:01 KSA
The iONE360 configurator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Contact Form Parameters in all versions up to, and including, 2.0.57 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attacker…
CVE-2025-36184
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 - 11.5.9 could allow an instance owner to execu
04:01 KSA
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5.0 - 11.5.9 could allow an instance owner to execute malicious code that escalate their privileges to root due to execution of unnecessary privileges operated at a higher than minimum level.
CVE-2025-58382
A vulnerability in the secure configuration of authentication and
management services in Brocade Fabric OS before Fabri
04:01 KSA
A vulnerability in the secure configuration of authentication and
management services in Brocade Fabric OS before Fabric OS 9.2.1c2 could
allow an authenticated, remote attacker with administrative credentials
to execute arbitrary commands as root using “supportsave”,
“seccer…
CVE-2025-58383
A vulnerability in Brocade Fabric OS versions before 9.2.1c2 could allow an administrator-level user to execute the bind
04:01 KSA
A vulnerability in Brocade Fabric OS versions before 9.2.1c2 could allow an administrator-level user to execute the bind command, to escalate privileges and bypass security controls allowing the execution of arbitrary commands.
SQL Injection vulnerability in the Structure for Admin authenticated user
CVE-2025-67486
Dolibarr is an enterprise resource planning (ERP) and customer relationship management (CRM) software package. Versions
04:55 KSA
Dolibarr is an enterprise resource planning (ERP) and customer relationship management (CRM) software package. Versions 22.0.2 and earlier contains an authenticated remote code execution vulnerability in the user extrafields functionality. User-controlled input from the "computed…
CVE-2025-67684
Quick.Cart is vulnerable to Local File Inclusion and Path Traversal issues in the theme selection mechanism. Quick.Cart
04:01 KSA
Quick.Cart is vulnerable to Local File Inclusion and Path Traversal issues in the theme selection mechanism. Quick.Cart allows a privileged user to upload arbitrary file contents while only validating the filename extension. This allows an attacker to include and execute uploaded…
CVE-2025-68619
Signal K Server Arbitrary Code Execution via Malicious npm Package Installation
04:01 KSA
Signal K Server is a server application that runs on a central hub in a boat. Versions prior to 2.19.0 of the appstore interface allow administrators to install npm packages through a REST API endpoint. While the endpoint validates that the package name exists in the npm registry…
CVE-2026-0617
The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to Stored Cross-S
04:01 KSA
The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the customer profile fields in all versions up to, and including, 5.2.5 due to insufficient input sanitization and output escaping. This makes…
CVE-2026-0686
The Webmention plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 5
19:32 KSA
The Webmention plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 5.6.2 in the 'MF2::parse_authorpage' function via the 'Receiver::post' function. This makes it possible for unauthenticated attackers to make web requests to arb…
CVE-2026-0800
The User Submitted Posts – Enable Users to Submit Posts from the Front End plugin for WordPress is vulnerable to Stored
04:01 KSA
The User Submitted Posts – Enable Users to Submit Posts from the Front End plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the custom fields in all versions up to, and including, 20251210 due to insufficient input sanitization and output escaping. This makes…
CVE-2026-0807
The Frontis Blocks plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and includin
04:01 KSA
The Frontis Blocks plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.1.6. This is due to insufficient restriction on the 'url' parameter in the 'template_proxy' function. This makes it possible for unauthenticated attackers …
CVE-2026-0845
The WCFM – Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible plugin for WordPress is
04:01 KSA
The WCFM – Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible plugin for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check on the 'WCFM_Settings_Controller::proce…
CVE-2026-1065
The Form Maker by 10Web plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and inc
04:01 KSA
The Form Maker by 10Web plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 1.15.35. This is due to the plugin's default file upload allowlist including SVG files combined with weak substring-based extension validation. This mak…
A vulnerability has been found in D-Link DIR-823X 250416. This affects the function sub_4211C8 of the file /goform/set_filtering. Such manipulation leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
A command injection vulnerability may be exploited after the admin's authentication in the cloud communication interface on the TP-Link Archer BE230 v1.2. Successful exploitation could allow an attacker to gain full administrative control of the device, resulting in severe compro…
A command injection vulnerability may be exploited after the admin's authentication in the VPN Connection Service on the Archer BE230 v1.2. Successful exploitation could allow an attacker to gain full administrative control of the device, resulting in severe compromise of configu…
A command injection vulnerability may be exploited after the admin's authentication in the VPN server configuration module on the TP-Link Archer BE230 v1.2. Successful exploitation could allow an attacker to gain full administrative control of the device, resulting in severe comp…
A command injection vulnerability may be exploited after the admin's authentication via the configuration backup restoration function of the TP-Link Archer BE230 v1.2. Successful exploitation could allow an attacker to gain full administrative control of the device, resulting in …
A command injection vulnerability may be exploited after the admin's authentication via the import of a crafted VPN client configuration file on the TP-Link Archer BE230 v1.2. Successful exploitation could allow an attacker to gain full administrative control of the device, resul…
The Open eClass platform (formerly known as GUnet eClass) is a complete course management system. Prior to version 4.2, an arbitrary file upload vulnerability in the theme import functionality enables an attacker with administrative privileges to upload arbitrary files on the ser…
OpenMetadata is a unified metadata platform. Versions prior to 1.11.4 are vulnerable to remote code execution via Server-Side Template Injection (SSTI) in FreeMarker email templates. An attacker must have administrative privileges to exploit the vulnerability. Version 1.11.4 cont…
Dolibarr ERP/CRM versions prior to 23.0.2 contain an authenticated remote code execution vulnerability in the dol_eval_standard() function that fails to apply forbidden string checks in whitelist mode and does not detect PHP dynamic callable syntax. Attackers with administrator p…
Shopware is an open commerce platform. From 6.7.0.0 to before 6.7.6.1, a regression of CVE-2023-2017 leads to an array and array crafted PHP Closure not checked being against allow list for the map(...) override. This vulnerability is fixed in 6.7.6.1.
CVE-2026-23723
WeGIA SQL Injection in Atendido_ocorrenciaControle Endpoint (CVE-2026-23723)
04:01 KSA
WeGIA is a web manager for charitable institutions. Prior to 3.6.2, an authenticated SQL Injection vulnerability was identified in the Atendido_ocorrenciaControle endpoint via the id_memorando parameter. This flaw allows for full database exfiltration, exposure of sensitive PII, …
Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.5, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60, contain(s) an Improper Certificate Validation vulnerabil…
Blinko is an AI-powered card note-taking project. Prior to version 1.8.4, the MCP (Model Context Protocol) server creation function allows specifying arbitrary commands and arguments, which are executed when testing the connection. This issue has been patched in version 1.8.4.
Craft is a platform for creating digital experiences. In versions 4.0.0-RC1 through 4.16.17 and 5.0.0-RC1 through 5.8.21, a Remote Code Execution (RCE) vulnerability exists in Craft CMS where the assembleLayoutFromPost() function in src/services/Fields.php fails to sanitize user-…
GLPI is a Free Asset and IT Management Software package. From 0.60 to before 10.0.24, an authenticated technician user can store an XSS payload in a supplier fields. This vulnerability is fixed in 10.0.24.
FUXA is a web-based Process Visualization (SCADA/HMI/Dashboard) software. Prior to 1.2.11, there is a flaw in the path sanitization logic allows an authenticated attacker with administrative privileges to bypass directory traversal protections. By using nested traversal sequences…
IM-LogicDesigner module of intra-mart Accel Platform contains insecure deserialization issue. This can be exploited only when IM-LogicDesigner is deployed on the system. Arbitrary code may be executed when some crafted file is imported by a user with the administrative privilege.
Deserialization of Untrusted Data vulnerability in Stylemix uListing ulisting allows Object Injection.This issue affects uListing: from n/a through
The Age Verification & Identity Verification by Token of Trust plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘description’ parameter in all versions up to, and including, 3.32.3 due to insufficient input sanitization and output escaping. This makes it …
CouchCMS contains a privilege escalation vulnerability that allows authenticated Admin-level users to create SuperAdmin accounts by tampering with the f_k_levels_list parameter in user creation requests. Attackers can modify the parameter value from 4 to 10 in the HTTP request bo…
GLPI is a free asset and IT management software package. From 10.0.0 to before 10.0.24 and 11.0.6, an authenticated user can perform a SQL injection via the logs export feature. This vulnerability is fixed in 10.0.24 and 11.0.6.
A weakness has been identified in UTT HiPER 810G up to 1.7.7-171114. This issue affects the function strcpy of the file /goform/ConfigExceptMSN. Executing a manipulation of the argument remark can lead to buffer overflow. The attack can be executed remotely. The exploit has been …
CVE-2026-29782
OpenSTAManager is an open source management software for technical assistance and invoicing. Prior to version 2.10.2, th
04:00 KSA
OpenSTAManager is an open source management software for technical assistance and invoicing. Prior to version 2.10.2, the oauth2.php file in OpenSTAManager is an unauthenticated endpoint ($skip_permissions = true). It loads a record from the zz_oauth2 table using the attacker-con…
CVE-2026-3017
The Smart Post Show – Post Grid, Post Carousel & Slider, and List Category Posts plugin for WordPress is vulnerable to P
09:48 KSA
The Smart Post Show – Post Grid, Post Carousel & Slider, and List Category Posts plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.0.12 via deserialization of untrusted input in the import_shortcodes() function. This makes it possi…
CVE-2026-30958
OneUptime Unauthenticated Path Traversal in Workflow Documentation Endpoint
03:13 KSA
OneUptime is a solution for monitoring and managing online services. Prior to 10.0.21, an unauthenticated path traversal in the /workflow/docs/:componentName endpoint allows reading arbitrary files from the server filesystem. The componentName route parameter is concatenated dire…
CVE-2026-3120
Improper Control of Generation of Code ('Code Injection') vulnerability in Profelis Information and Consulting Trade and
19:23 KSA
Improper Control of Generation of Code ('Code Injection') vulnerability in Profelis Information and Consulting Trade and Industry Limited Company SambaBox allows OS Command Injection.
This issue affects SambaBox: from 5.1 before 5.3.
CVE-2026-33157
Craft CMS RCE via Unsanitized fieldLayouts Parameter in ElementIndexesController
21:55 KSA
Craft CMS is a content management system (CMS). From version 5.6.0 to before version 5.9.13, a Remote Code Execution (RCE) vulnerability exists in Craft CMS, it can be exploited by any authenticated user with control panel access. This is a bypass of a previous fix. The existing …
The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to PHP Object Injection via deserialization of the 'post_content' of admin_form posts in all versions up to, and including, 3.28.31. This is due to the use of WordPress's `maybe_unserialize()` function without cl…
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.59 and 9.6.0-alpha.53, an attacker with master key access can execute arbitrary SQL statements on the PostgreSQL database by injecting SQL metacharacters …
CVE-2026-33613
Due to the improper neutralisation of special elements used in an OS command, a remote attacker can exploit an RCE vulne
19:32 KSA
Due to the improper neutralisation of special elements used in an OS command, a remote attacker can exploit an RCE vulnerability in the generateSrpArray function, resulting in full system compromise.
This vulnerability can only be attacked if the attacker has some other way to wr…
CVE-2026-34217
SandboxJS Scope Modification Vulnerability via New Operator (CVE-2026-34217)
14:16 KSA
SandboxJS is a JavaScript sandboxing library. Prior to 0.8.36, a scope modification vulnerability exists in @nyariv/sandboxjs. The vulnerability allows untrusted sandboxed code to leak internal interpreter objects through the new operator, exposing sandbox scope objects in the sc…
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Ora…
XenForo before 2.3.9 and before 2.2.18 allows remote code execution (RCE) by authenticated, but malicious, admin users. An attacker with admin panel access can execute arbitrary code on the server.
The Accessibly plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the REST API in all versions up to, and including, 3.0.3. The plugin registers REST API endpoints at `/otm-ac/v1/update-widget-options` and `/otm-ac/v1/update-app-config` with the `permission_cal…
The Prismatic plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'prismatic_encoded' pseudo-shortcode in all versions up to, and including, 3.7.3. This is due to insufficient input sanitization and output escaping on user-supplied attributes within the 'pri…
Pachno 1.0.6 contains a stored cross-site scripting vulnerability that allows attackers to execute arbitrary HTML and script code by injecting malicious payloads into POST parameters. Attackers can inject scripts through the value, comment_body, article_content, description, and …
FreePBX api module version 17.0.8 and prior contain a command injection vulnerability in the initiateGqlAPIProcess() function where GraphQL mutation input fields are passed directly to shell_exec() without sanitization or escaping. An authenticated user with a valid bearer token …
The HTTP Headers plugin for WordPress is vulnerable to External Control of File Name or Path leading to Remote Code Execution in all versions up to and including 1.19.2. This is due to insufficient validation of the file path stored in the 'hh_htpasswd_path' option and lack of sa…
The Query Monitor – The developer tools panel for WordPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘$_SERVER['REQUEST_URI']’ parameter in all versions up to, and including, 3.20.3 due to insufficient input sanitization and output escaping. Th…
The Blackhole for Bad Bots plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the User-Agent HTTP header in all versions up to and including 3.8. This is due to insufficient input sanitization and output escaping. The plugin uses sanitize_text_field() when capt…
CVE-2026-4388
The Form Maker by 10Web plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Matrix field (Text Box
09:48 KSA
The Form Maker by 10Web plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Matrix field (Text Box input type) in form submissions in all versions up to, and including, 1.15.40. This is due to insufficient input sanitization (`sanitize_text_field` strips tag…
A flaw has been found in TOTOLINK X6000R 9.4.0cu.1360_B20241207/9.4.0cu.1498_B20250826. Affected by this issue is the function setLanCfg of the file /usr/sbin/shttpd. Executing a manipulation of the argument Hostname can lead to os command injection. The attack may be launched re…
A vulnerability was found in D-Link DIR-825 and DIR-825R 1.0.5/4.5.1. Affected is the function handler_update_system_time of the file libdeuteron_modules.so of the component NTP Service. The manipulation results in os command injection. The attack may be launched remotely. This v…
CVE-2026-4803
The Royal Elementor Addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'status' parameter
18:32 KSA
The Royal Elementor Addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'status' parameter in the wpr_update_form_action_meta AJAX action in all versions up to, and including, 1.7.1056. This is due to insufficient input sanitization and output escapin…
The Gerador de Certificados – DevApps plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the moveUploadedFile() function in all versions up to, and including, 1.3.6. This makes it possible for authenticated attackers, with Administ…
The NEX-Forms – Ultimate Forms Plugin for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via POST parameter key names in the submit_nex_form() function in versions up to, and including, 9.1.11 due to insufficient input sanitization and output escaping…
The Gravity Forms plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to and including 2.10.0. This is due to insufficient validation and output escaping of Product Option field values. The vulnerability exists because the state validation function ac…
The Gravity Forms plugin for WordPress is vulnerable to Unauthenticated Stored Cross-Site Scripting in versions up to and including 2.10.0. This is due to insufficient input validation and output escaping in the SingleProduct field when used inside a Repeater field. When SinglePr…
The Gravity Forms plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to and including 2.10.0. This is due to insufficient input validation and output escaping on Hidden Product field values when used inside Repeater fields, where repeater subfields b…
The Gravity Forms plugin for WordPress is vulnerable to Unauthenticated Stored Cross-Site Scripting in versions up to and including 2.10.0. This is due to insufficient input validation and output escaping of Calculation Product field product names when rendered inside Repeater fi…
The Gravity Forms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Consent field hidden inputs in versions up to and including 2.10.0. This is due to a flawed state validation mechanism that fails open when input is sanitized by wp_kses(), combined with insuf…
The Optimole – Optimize Images | Convert WebP & AVIF | CDN & Lazy Load | Image Optimization plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 4.2.2. This is due to insufficient input sanitization and output escaping on the use…
CVE-2026-5231
The WP Statistics plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'utm_source' parameter in al
06:18 KSA
The WP Statistics plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'utm_source' parameter in all versions up to, and including, 14.16.4. This is due to insufficient input sanitization and output escaping. The plugin's referral parser copies the raw utm_so…
CVE-2026-5324
Brizy Page Builder WordPress Plugin Unauthenticated Stored XSS Vulnerability
01:48 KSA
The Brizy – Page Builder plugin for WordPress is vulnerable to Unauthenticated Stored Cross-Site Scripting in all versions up to, and including, 2.8.11 This is due to a combination of missing nonce verification for unauthenticated form submissions, insufficient handling of FileUp…
The Widgets for Social Photo Feed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'feed_data' parameter keys in all versions up to, and including, 1.7.9 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticate…
The ExactMetrics – Google Analytics Dashboard for WordPress (Website Stats Plugin) plugin for WordPress is vulnerable to unauthorized arbitrary plugin installation and activation in all versions up to, and including, 9.1.2. This is due to the reports page exposing the 'onboarding…
The Quick Interest Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'loan-amount' and 'loan-period' parameters in all versions up to, and including, 3.1.5 due to insufficient input sanitization and output escaping. This makes it possible for unauth…
A vulnerability was found in D-Link DIR-882 1.01B02. Impacted is the function sprintf of the file prog.cgi of the component HNAP1 SetNetworkSettings Handler. The manipulation of the argument IPAddress results in os command injection. The attack may be performed from remote. The e…
The BackWPup plugin for WordPress is vulnerable to Local File Inclusion via the `block_name` parameter of the `/wp-json/backwpup/v1/getblock` REST endpoint in all versions up to, and including, 5.6.6 due to a non-recursive `str_replace()` sanitization of path traversal sequences.…
CVE-2026-6229
The Royal Elementor Addons plugin for WordPress is vulnerable to Server-Side Request Forgery in versions up to, and incl
01:48 KSA
The Royal Elementor Addons plugin for WordPress is vulnerable to Server-Side Request Forgery in versions up to, and including, 1.7.1057. This is due to insufficient validation of user-supplied URLs in the render_csv_data() function, which can be bypassed by including 'docs.google…
A vulnerability was found in Wavlink WL-WN530H4 20220721. This vulnerability affects the function strcat/snprintf of the file /cgi-bin/internet.cgi. The manipulation results in os command injection. It is possible to launch the attack remotely. The exploit has been made public an…
CVE-2026-6992
A vulnerability was identified in Linksys MR9600 2.0.6.206937. This affects the function BTRequestGetSmartConnectStatus
15:36 KSA
A vulnerability was identified in Linksys MR9600 2.0.6.206937. This affects the function BTRequestGetSmartConnectStatus of the file /etc/init.d/run_central2.sh of the component JNAP Action Handler. The manipulation of the argument pin leads to os command injection. The attack may…
CVE-2026-7049
The PixelYourSite Pro – Your smart PIXEL (TAG) Manager plugin for WordPress is vulnerable to Server-Side Request Forgery
01:48 KSA
The PixelYourSite Pro – Your smart PIXEL (TAG) Manager plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 12.5.0.1 via the scan_video. This makes it possible for unauthenticated attackers to make web requests to arbitrary locat…
CVE-2026-7218
A vulnerability was detected in Totolink N300RT 3.4.0-B20250430. The impacted element is the function is_cmd_string_vali
01:16 KSA
A vulnerability was detected in Totolink N300RT 3.4.0-B20250430. The impacted element is the function is_cmd_string_valid of the file /boafrm/formWsc of the component libapmib.so. Performing a manipulation of the argument localPin results in buffer overflow. The attack is possibl…
The Auto Affiliate Links plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 6.8.8 This is due to insufficient input sanitization on the 'url' POST parameter in the aal_url_stats_save_action() function and a complete absence of outp…
CVE-2026-43616
Detect-It-Easy prior to 3.21 contains a path traversal vulnerability that allows attackers to write arbitrary files to t
11:33 KSA
Detect-It-Easy prior to 3.21 contains a path traversal vulnerability that allows attackers to write arbitrary files to the filesystem by crafting malicious archive entries with relative traversal sequences or absolute paths. Attackers can exploit insufficient path normalization d…
CVE-2025-69233
Due to multiple time-of-check time-of-use race conditions in the resource count check and increment logic, as well as mi
03:32 KSA
Due to multiple time-of-check time-of-use race conditions in the resource count check and increment logic, as well as missing validations, users of the platform are able to exceed the allocation limits configured for their accounts/domains. This can be used by an attacker to degr…
CVE-2026-32603
Sandboxie is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, a local denial
04:18 KSA
Sandboxie is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, a local denial of service vulnerability exists in the Sandboxie kernel driver. An unprivileged process running inside a Standard Sandbox can send a malformed IOCTL to the \De…
Lack of user input validation in the file upload functionality of Open Notebook v1.8.3 allows the application user to access local files content from the docker container via path traversal.
ZEBRA is a Zcash node written entirely in Rust. From zebrad versions 2.2.0 to before 4.3.1 and from zebra-rpc versions 1.0.0-beta.45 to before 6.0.2, a vulnerability in Zebra's JSON-RPC HTTP middleware allows an authenticated RPC client to cause a Zebra node to crash by disconnec…
The NMR Strava activities plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's `strava_nmr_connect` shortcode in all versions up to, and including, 1.0.14 due to insufficient input sanitization and output escaping on user supplied attributes. This ma…
The Sky Addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `sky-custom-scripts` custom post type in all versions up to, and including, 3.3.2. This is due to the custom post type being registered with `capability_type => 'post'` and `show_in_rest => t…
The E2Pdf – Export Pdf Tool for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' attribute of the `e2pdf-download` shortcode in all versions up to, and including, 1.32.17. This is due to insufficient input sanitization and output escaping o…
A security flaw has been discovered in CodeAstro Online Classroom 1.0. This vulnerability affects unknown code of the file /askquery.php. The manipulation of the argument squeryx results in sql injection. The attack may be performed from remote. The exploit has been released to t…
A vulnerability was found in 8421bit MiniClaw up to 223c16a1088e138838dcbd18cd65a37c35ac5a84. Affected is the function executeCognitivePulse of the file src/kernel.ts. Performing a manipulation results in os command injection. It is possible to initiate the attack remotely. The e…
A vulnerability was identified in JeecgBoot up to 3.9.1. Affected by this issue is some unknown functionality of the file /sys/dict/loadTreeData of the component JSON Object Handler. The manipulation of the argument condition leads to sql injection. The attack can be initiated re…
A weakness has been identified in huangjunsen0406 xiaozhi-mcphub up to 1.0.3. This vulnerability affects unknown code of the file src/controllers/dxtController.ts. This manipulation of the argument manifest.name causes path traversal. The attack may be initiated remotely. The exp…
CVE-2026-8125
SQL Injection in Simple Chat System 1.0 sendMessage.php Parameter Validation
11:18 KSA
A vulnerability was detected in code-projects Simple Chat System 1.0. This vulnerability affects unknown code of the file sendMessage.php. The manipulation of the argument type/length/business parameter validity results in sql injection. The attack may be launched remotely. The e…
A vulnerability has been found in eladmin up to 2.7. Impacted is the function checkLevel of the file /rest/UserController.java of the component Users API Endpoint. Such manipulation leads to improper access controls. The attack can be executed remotely. The exploit has been discl…
Vvveb before 1.0.8.2 contains an unauthenticated reflected cross-site scripting vulnerability in the visual editor preview renderer that allows attackers to execute arbitrary JavaScript by manipulating the r query parameter and _component_ajax POST parameter. Attackers can craft …
CVE-2025-31970
HCL DFXAnalytics is affected by an Insecure Security Header configuration vulnerability where the Content-Security-Polic
04:18 KSA
HCL DFXAnalytics is affected by an Insecure Security Header configuration vulnerability where the Content-Security-Policy does not define strict directives for object-src and base-uri, which could allow an attacker to exploit injection vectors such as Cross-Site Scripting (XSS)
Vvveb before 1.0.8.2 contains an information disclosure vulnerability in the cron controller that allows unauthenticated attackers to retrieve the application's secret cron key. Attackers can access the cron controller without authentication and retrieve the exposed secret key fr…
A security flaw has been discovered in OSGeo gdal up to 3.13.0dev-4. Impacted is the function GDnentries of the file frmts/hdf4/hdf-eos/GDapi.c. Performing a manipulation of the argument DataFieldName results in heap-based buffer overflow. The attack must be initiated from a loca…
A security flaw has been discovered in gyoridavid short-video-maker up to 1.3.4. This affects an unknown part of the file src/server/routers/rest.ts of the component REST API. The manipulation of the argument req.params.tmpFile results in path traversal. The attack can be launche…
Incus is a system container and virtual machine manager. Prior to version 7.0.0, user provided image and backup tarballs would be unpacked and YAML files parsed without any size restrictions. This was making it easy for an authenticated user to provide a crafted image or backup t…
⚠️ Threat Intelligence
32 threats
rss:Dark Reading
—
02:55 KSA
ShinyHunters Claims Second Attack Against Instructure
ShinyHunters threat group has launched a second attack against Instructure, an educational technology company, claiming access to personally identifiable information of hundreds of millions of users. The comp…
rss:The Hacker News
—
01:36 KSA
TCLBANKER Banking Trojan Targets Financial Platforms via WhatsApp and Outlook Worms
A previously undocumented Brazilian banking trojan named TCLBANKER has been identified targeting 59 banking, fintech, and cryptocurrency platforms. The malware spreads via WhatsA…
rss:Recorded Future
—
23:53 KSA
Digital Citizenship Glossary: Key Terms Every Internet User Should Know
Educational glossary providing essential internet terminology to help users recognize and defend against common cyber threats including scams, phishing, and malware attacks.
Source: https:/…
rss:Recorded Future
—
23:53 KSA
The Different Types of Payment Fraud and How to Prevent Them
Educational resource detailing various payment fraud types with identification methods and prevention strategies. Relevant for financial institutions and organizations handling payment transactions in …
rss:Recorded Future
—
23:53 KSA
A Complete History of Cybersecurity: From Early Viruses to AI-Powered Threats
Comprehensive overview of cybersecurity evolution and historical threat landscape across internet eras. Provides context on how cyber threats have evolved from early viruses to modern …
rss:The Hacker News
—
22:36 KSA
Fake Call History Apps Stole Payments From Users After 7.3 Million Play Store Downloads
Fraudulent Android applications on Google Play Store deceived users by falsely promising access to call histories, tricking them into paid subscriptions that delivered fake d…
rss:BleepingComputer
—
22:36 KSA
NVIDIA confirms GeForce NOW data breach affecting Armenian users
NVIDIA confirmed a data breach affecting GeForce NOW users, with user information exposed. The breach impacts Armenian users and represents a significant security incident for the cloud gaming plat…
rss:Malwarebytes Lab
—
20:32 KSA
ShinyHunters escalates Canvas attacks with school login defacements
The ShinyHunters threat group is escalating ransomware attacks against Canvas learning management systems by defacing school login portals with ransom messages. This represents an active extorti…
rss:Malwarebytes Lab
—
20:32 KSA
Microsoft says Edge’s plaintext password behavior is “by design”
Microsoft Edge loads saved passwords into memory at startup, creating a security vulnerability where attackers with device access can extract credentials. This design choice prioritizes user conven…
rss:SecurityWeek
—
20:32 KSA
Polish Security Agency Reports ICS Breaches at Five Water Treatment Plants
Five water treatment plants in Poland suffered ICS breaches allowing attackers to modify operational parameters of critical equipment. This poses direct risk to public water supply infras…
rss:SecurityWeek
—
20:32 KSA
In Other News: Train Hacker Arrested, PamDOORa Linux Backdoor, New CISA Director Frontrunner
Multiple cybersecurity incidents including arrest of train hacker, discovery of PamDOORa Linux backdoor malware, and a spy operation targeting Eurasian drone industry. A…
rss:The Hacker News
—
20:32 KSA
Quasar Linux RAT Steals Developer Credentials for Software Supply Chain Compromise
A previously undocumented Linux RAT called Quasar Linux RAT (QLNX) is targeting developer systems to establish persistence and conduct credential harvesting, keylogging, and file …
rss:BleepingComputer
—
20:32 KSA
CISA gives feds four days to patch Ivanti flaw exploited as zero-day
CISA issued an urgent directive requiring U.S. federal agencies to patch a critical zero-day vulnerability in Ivanti Endpoint Manager Mobile (EPMM) within four days. The vulnerability is active…
rss:BleepingComputer
—
20:32 KSA
Trellix source code breach claimed by RansomHouse hackers
RansomHouse threat group claimed responsibility for breaching Trellix's source code repository and leaked proof images. This supply chain attack poses significant risk to organizations using Trellix secur…
rss:BleepingComputer
—
20:32 KSA
Why More Analysts Won’t Solve Your SOC’s Alert Problem
SOC teams struggle to investigate alerts faster than attackers operate, creating a critical gap in threat detection. AI-powered solutions can help analysts prioritize and investigate real threats more effici…
rss:SecurityWeek
—
17:36 KSA
Cyberattack Hits Canvas System Used by Thousands of Schools as Finals Loom
Canvas, a learning management system used by thousands of schools and universities, was taken offline by a cyberattack during finals period. The attack disrupted student access to course …
rss:SecurityWeek
—
17:36 KSA
AI Firm Braintrust Prompts API Key Rotation After Data Breach
Hackers compromised an AWS account at AI provider Braintrust and gained access to API keys and secrets. The breach exposed credentials that could be used to access the company's services and customer …
rss:The Hacker News
—
17:36 KSA
New Linux PamDOORa Backdoor Uses PAM Modules to Steal SSH Credentials
A new Linux backdoor called PamDOORa has been discovered and is being sold on Russian cybercrime forums for $1,600. The malware exploits Pluggable Authentication Module (PAM) to steal SSH cred…
rss:The Hacker News
—
17:36 KSA
One Missed Threat Per Week: What 25M Alerts Reveal About Low-Severity Risk
Enterprise security operations are missing critical threats due to alert fatigue and the practice of ignoring low-severity alerts. Analysis of 25 million security alerts reveals that defe…
rss:BleepingComputer
—
17:36 KSA
Zara data breach exposed personal information of 197,000 people
Hackers compromised Zara's databases and stole personal information of over 197,000 customers. The breach was confirmed through the Have I Been Pwned data breach notification service. This incident …
rss:SecurityWeek
—
15:54 KSA
Ransomware Group Takes Credit for Trellix Hack
RansomHouse ransomware group has claimed responsibility for breaching Trellix and published screenshots demonstrating access to internal services. This attack highlights the vulnerability of security software vendor…
rss:SecurityWeek
—
15:54 KSA
‘PCPJack’ Worm Removes TeamPCP Infections, Steals Credentials
PCPJack is a malware framework targeting web applications and cloud environments including AWS, Docker, and Kubernetes. The worm removes existing TeamPCP infections while stealing credentials from com…
rss:BleepingComputer
—
15:54 KSA
Former govt contractor convicted for wiping dozens of federal databases
A former federal contractor was convicted of conspiracy to destroy multiple government databases following his termination. This incident highlights insider threats and the critical importan…
rss:SecurityWeek
—
13:54 KSA
Vulnerability in Claude Extension for Chrome Exposes AI Agent to Takeover
A vulnerability in the Claude Chrome extension allows attackers to inject malicious prompts due to lax permission settings and improper trust implementation. This could enable attackers to…
rss:The Hacker News
—
13:54 KSA
Linux Kernel Dirty Frag LPE Exploit Enables Root Access Across Major Distributions
A new unpatched local privilege escalation (LPE) vulnerability called Dirty Frag has been discovered in the Linux kernel, allowing attackers to gain root access. This vulnerabilit…
rss:BleepingComputer
—
13:54 KSA
New Linux 'Dirty Frag' zero-day gives root on all major distros
A critical zero-day vulnerability in Linux called Dirty Frag allows local attackers to escalate privileges to root level across major Linux distributions using a single command. This vulne…
rss:SecurityWeek
—
12:18 KSA
Ivanti Patches EPMM Zero-Day Exploited in Targeted Attacks
Ivanti has patched CVE-2026-6973, a high-severity vulnerability in EPMM that allows authenticated administrators to execute arbitrary code. This zero-day vulnerability has been actively exploited in targ…
rss:Krebs on Securit
—
10:32 KSA
Canvas Breach Disrupts Schools & Colleges Nationwide
A cybercrime group launched a data extortion attack against Canvas, a widely-used education technology platform, disrupting classes and coursework across US schools and universities. The attackers defaced …
rss:BleepingComputer
—
05:36 KSA
New TCLBanker malware self-spreads over WhatsApp and Outlook
TCLBanker trojan targets 59 banking, fintech, and cryptocurrency platforms using a trojanized Logitech AI Prompt Builder MSI installer for distribution. The malware's self-spreading capability via mess…
rss:BleepingComputer
—
05:36 KSA
Canvas login portals hacked in mass ShinyHunters extortion campaign
ShinyHunters extortion gang breached Instructure's Canvas platform again, exploiting a vulnerability to deface login portals across hundreds of educational institutions. The attack represents a …
rss:Dark Reading
—
04:00 KSA
After Replacing TeamPCP Malware, 'PCPJack' Steals Cloud Secrets
PCPJack malware uses parquet files for stealthy reconnaissance across multiple cloud environments, representing an evolution of the TeamPCP malware family. The malware enables sophisticate…
rss:Dark Reading
—
04:00 KSA
After Replacing TeamPCP Malware, 'PCPJack' Steals Cloud Secrets
PCPJack is a sophisticated malware that replaces TeamPCP and targets cloud environments by using parquet files for stealthy reconnaissance and target discovery. The malware enables attacke…
📰 Cybersecurity News
0 articles
No news aggregated today yet
This digest is updated automatically every day — Last updated: Friday, May 8, 2026
CVE Archive ·
Threats ·
News