122
CVEs
33
Threats
0
News
1
Critical
1
CISA KEV
🛡 Security Vulnerabilities (CVE)
SolarWinds Serv-U — CVE-2026-28318
SolarWinds Serv-U contains an uncontrolled resource consumption vulnerability that allows specially crafted POST requests using the Content-Encoding: deflate header to crash the Serv-U service without authentication.
Required Action: Apply miti…
A flaw has been found in TRENDnet TEW-432BRP 3.10B20. The impacted element is the function formSetUrlFilter of the file /goform/formSetUrlFilter. This manipulation of the argument keyword_list/keyword causes stack-based buffer overflow. The attack is possible to be carried out re…
A vulnerability was found in TRENDnet TEW-432BRP 3.10B20. This impacts the function formSetDomainFilter of the file /goform/formSetDomainFilter. Performing a manipulation of the argument blocked_domain/permitted_domain/blocked_domain_list/permitted_domain_list results in stack-ba…
A vulnerability was determined in Shibby Tomato up to 1.28. Affected is the function rip_zebra_read_ipv4 of the file /usr/sbin/ripd of the component Zserv Handler. Executing a manipulation can lead to stack-based buffer overflow. It is possible to launch the attack remotely. The …
A vulnerability was identified in Edimax BR-6478AC 1.23. Affected by this vulnerability is the function formPPPoESetup of the file /goform/formPPPoESetup of the component POST Request Handler. The manipulation of the argument pppUserName leads to stack-based buffer overflow. The …
A security flaw has been discovered in Edimax BR-6478AC 1.23. Affected by this issue is the function formQoS of the file /goform/formQoS of the component POST Request Handler. The manipulation of the argument selSSID results in buffer overflow. The attack can be launched remotely…
A security flaw has been discovered in TRENDnet TEW-432BRP 3.10B20. Affected is the function formPortFw of the file /goform/formPortFw. The manipulation of the argument server_name results in stack-based buffer overflow. It is possible to launch the attack remotely. The exploit h…
A weakness has been identified in TRENDnet TEW-432BRP 3.10B20. Affected by this vulnerability is the function formSysLog of the file /goform/formSysLog. This manipulation of the argument current_page causes stack-based buffer overflow. The attack can be initiated remotely. The ex…
A security vulnerability has been detected in TRENDnet TEW-432BRP 3.10B20. Affected by this issue is the function formSetEnableWizard of the file /goform/formSetEnableWizard. Such manipulation of the argument start_wizard leads to stack-based buffer overflow. The attack can be la…
A vulnerability was detected in TRENDnet TEW-432BRP 3.10B20. This affects the function formResetStatistic of the file /goform/formResetStatistic. Performing a manipulation of the argument status_statistic results in stack-based buffer overflow. The attack may be initiated remotel…
A flaw has been found in TRENDnet TEW-432BRP 3.10B20. This vulnerability affects the function formSetPassword of the file /goform/formSetPassword. Executing a manipulation of the argument webpage can lead to stack-based buffer overflow. The attack may be launched remotely. The ex…
A vulnerability has been found in Edimax BR-6478AC 1.23. This issue affects the function formUSBAccount of the file /goform/formUSBAccount of the component POST Request Handler. The manipulation of the argument UserName/Password leads to buffer overflow. Remote exploitation of th…
A vulnerability was found in Edimax BR-6478AC 1.23. Impacted is the function formUSBFolder of the file /goform/formUSBFolder of the component POST Request Handler. The manipulation of the argument ShareName/SelectName results in buffer overflow. The attack can be executed remotel…
A vulnerability was identified in Edimax BR-6478AC 1.23. The impacted element is the function formWanTcpipSetup of the file /goform/formWanTcpipSetup of the component POST Request Handler. Such manipulation of the argument pppUserName leads to stack-based buffer overflow. The att…
A flaw has been found in TRENDnet TEW-432BRP 3.10B20. This issue affects the function formSetWlanEncrypt of the file /goform/formSetWlanEncrypt. This manipulation of the argument webpage causes stack-based buffer overflow. It is possible to initiate the attack remotely. The explo…
A vulnerability was found in TRENDnet TEW-432BRP 3.10B20. The affected element is the function formSysCmd of the file /goform/formSysCmd. Performing a manipulation of the argument submit-url results in stack-based buffer overflow. The attack can be initiated remotely. The exploit…
A vulnerability was identified in TRENDnet TEW-432BRP 3.10B20. This affects the function formWlanSetup of the file /goform/formWlanSetup. The manipulation of the argument enrollee leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit is publicly …
A flaw has been found in Tenda W12 3.0.0.7(4763). This affects the function cgistaKickOff of the file /bin/httpd. Executing a manipulation of the argument staMac can lead to stack-based buffer overflow. The attack may be performed from remote. The exploit has been published and m…
A vulnerability has been found in Tenda W12 3.0.0.7(4763). This vulnerability affects the function cgiSysTimeInfoSet of the file /bin/httpd. The manipulation of the argument sec leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has …
CVE-2026-10191
A vulnerability was determined in Tenda W12 3.0.0.7(4763). Impacted is the function cgiWifiMacFilterSet of the file /bin
15:48 KSA
A vulnerability was determined in Tenda W12 3.0.0.7(4763). Impacted is the function cgiWifiMacFilterSet of the file /bin/httpd. This manipulation of the argument wifiMacFilterSet.macList.mac causes stack-based buffer overflow. The attack can be initiated remotely. The exploit has…
CVE-2026-10192
A vulnerability was identified in Tenda W12 3.0.0.7(4763). The affected element is the function set_local_time_0 of the
15:48 KSA
A vulnerability was identified in Tenda W12 3.0.0.7(4763). The affected element is the function set_local_time_0 of the file /bin/httpd. Such manipulation of the argument Time leads to stack-based buffer overflow. The attack can be launched remotely. The exploit is publicly avail…
CVE-2026-10206
A vulnerability was detected in D-Link DI-8400 up to 16.07.26A1. This affects an unknown function of the file /dbsrv.asp
15:48 KSA
A vulnerability was detected in D-Link DI-8400 up to 16.07.26A1. This affects an unknown function of the file /dbsrv.asp. Performing a manipulation of the argument str results in stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit is now public…
A security vulnerability has been detected in H3C Magic B0 up to 100R002. The affected element is the function SetMobileAPInfoById of the file /goform/aspForm. Such manipulation of the argument param leads to stack-based buffer overflow. The attack may be performed from remote. T…
A vulnerability was detected in D-Link DI-7001 MINI up to 19.09.19A1. Impacted is the function sprintf of the file /httpd_debug.asp of the component API. The manipulation of the argument Time results in stack-based buffer overflow. The attack may be performed from remote. The exp…
CVE-2026-43623
Stack Buffer Overflow in microtar raw_to_header() Function via Crafted TAR Archives
21:04 KSA
microtar through 0.1.0 contains a stack-based buffer overflow vulnerability in the raw_to_header() function in src/microtar.c that allows attackers to corrupt adjacent stack memory by supplying a crafted TAR archive with non-null-terminated name or linkname fields. The function u…
Markdown Preview Enhanced before 0.8.28 opens external files and links from the preview through a shell and does not validate untrusted inputs taken from the markdown document - the diagram filename attribute, imported file paths, and the latex_engine code-chunk attribute. On Win…
CVE-2026-49493
Markdown Preview Enhanced Arbitrary Code Execution via Bitfield Code Blocks
21:18 KSA
Markdown Preview Enhanced before 0.8.28 parses Bitfield fenced code blocks with interpretJS(), which evaluates the block content as code via vm.runInNewContext(), allowing arbitrary code execution. A crafted markdown document containing a malicious bitfield code block executes at…
CVE-2026-5411
The WP Captcha PRO (the premium version of the Advanced Google reCAPTCHA plugin, both have the same slug) plugin for Wor
03:18 KSA
The WP Captcha PRO (the premium version of the Advanced Google reCAPTCHA plugin, both have the same slug) plugin for WordPress is vulnerable to arbitrary file upload in all versions up to, and including, 5.38. This is due to a capability check in the save_ajax() function of the l…
CVE-2026-5415
The WP Captcha PRO (the premium version of the Advanced Google reCAPTCHA plugin, both have the same slug) plugin for Wor
03:18 KSA
The WP Captcha PRO (the premium version of the Advanced Google reCAPTCHA plugin, both have the same slug) plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 5.38. This is due to the ajax_run_tool() AJAX handler relying solely on a no…
CVE-2026-7654
The Admin Columns plugin for WordPress is vulnerable to PHP Object Injection leading to Remote Code Execution in version
03:18 KSA
The Admin Columns plugin for WordPress is vulnerable to PHP Object Injection leading to Remote Code Execution in versions up to and including 7.0.18. This is due to the use of `unserialize()` without an `allowed_classes` restriction in the `IdsToCollection::get_ids_from_string()`…
IBM i Access Family 1.1.5.0 through 1.1.9.12 IBM i Access Client Solutions (ACS) is vulnerable to remote code execution when configured to listen for requests from IBM i Navigator.
It was identified that the LDAP client implementation in version 2.1.7 does not verify if the server certificate matches the intended LDAP
hostname. While the underlying code validates the certificate chain
against a trusted authority, the absence of endpoint identification
al…
OpenCATS through 0.9.7.4 contains a sql injection vulnerability in the sortDirection parameter of the DataGrid component that allows authenticated users to extract database contents. Attackers can inject malicious SQL via the sortDirection parameter in ajax/getDataGridPager.php t…
IBM WebSphere Application Server 9.0, and 8.5 is affected by an improper validation of user-supplied data during deserialization using the SAML Web Single Sign-On component. This could result in remote code execution via a crafted HTTP request when combined with a suitable gadget…
Yot CMS 3.3.1 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the aid and cid parameters. Attackers can send GET requests to index.php with crafted SQL payloads in the aid or cid pa…
Paroiciel 11.20 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the tRecIdListe parameter. Attackers can send GET requests to the trec.php endpoint with crafted SQL payloads to extr…
F5-TTS through version 1.1.20 contains a path traversal vulnerability in the finetune Gradio handlers that allows unauthenticated attackers to write arbitrary files by passing unsanitized user-supplied project names directly to os.path.join() without validating the resulting path…
OpenCATS from version 0.9.1a contains an SQL injection vulnerability in DataGrid filter handling that allows authenticated attackers to inject SQL through crafted filters targeting the non-filterable Tags column in the Candidates DataGrid. Attackers can bypass column filterable r…
CVE-2025-14773
Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in ABB T-MAC Plus.
T
03:32 KSA
Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in ABB T-MAC Plus.
This issue affects T-MAC Plus: 4.0-24.
CVE-2026-33245
React Router is a router for React. In versions 7.7.0 through 7.13.1, when using React Router's unstable React Server Co
03:32 KSA
React Router is a router for React. In versions 7.7.0 through 7.13.1, when using React Router's unstable React Server Components (RSC) APIs, there is a potential client-side Cross-Site Scripting (XSS) vulnerability in the RSC redirect handling if redirects come from untrusted sou…
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
CVE-2026-0072
Android InputMethodManagerService Missing Permission Check Privilege Escalation
21:04 KSA
In addInputMethodListener of com.android.server.inputmethod.InputMethodManagerService, there is a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
A flaw was found in Poppler's Splash backend. A remote attacker could exploit this vulnerability by crafting a malicious PDF file that, when rendered, triggers an integer overflow in the `tilingPatternFill` function. This overflow leads to an undersized heap memory allocation, al…
CVE-2026-11332
A flaw was found in ansible-core. The ansible-galaxy role install command processes dependency specifications from a rol
03:16 KSA
A flaw was found in ansible-core. The ansible-galaxy role install command processes dependency specifications from a role's meta/requirements.yml file. Due to improper neutralization of argument delimiters, a malicious role author can inject arbitrary git configuration flags thro…
CVE-2026-21029
Improper export of android application components in Galaxy Editing Service prior to SMR Jun-2026 Release 1 allows local
03:16 KSA
Improper export of android application components in Galaxy Editing Service prior to SMR Jun-2026 Release 1 allows local attacker to execute privileged operations.
Improper access control in MediaTek Audio HAL prior to SMR Jun-2026 Release 1 allows local attackers to trigger privileged functions.
Improper authorization in AppBlock prior to SMR Jun-2026 Release 1 allows local attacker to launch arbitrary activity. User interaction is required for triggering this vulnerability.
A flaw was found in rrdcached, a component of rrdtool. A local attacker with access to a rrdcached socket can exploit a stack-based buffer overflow by sending an oversized CREATE request. This vulnerability can lead to a denial of service by crashing the daemon or potentially all…
A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. A mismatch between the X server and the libXfont2 library's maximum font name length can cause a stack buffer overflow during font alias resolution. The server allocates a 256 byte stack buffer but l…
A use-after-free flaw was found in the X.Org X server and Xwayland in miSyncDestroyFence(). A client that sets up multiple fence triggers can trigger a use-after-free function pointer call. An attacker would connect to the X server to set up a fence and await that fence, then a s…
A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. The X server has multiple stack buffers sized XkbMaxShiftLevel * XkbNumKbdGroups but CheckKeyTypes() does not verify or clamp non-canonical key types to XkbMaxShiftLevel. A client can change key type…
CVE-2026-50259
A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. _XkbSetMapChecks() declares a fixed-siz
03:16 KSA
A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. _XkbSetMapChecks() declares a fixed-size stack buffer mapWidths[256] indexed by key type index. The helper function CheckKeyTypes() writes to this buffer at a client-controlled offset, allowing a sta…
CVE-2026-50260
A use-after-free flaw was found in the X.Org X server and Xwayland in FreeCounter(). A client that sets up multiple Sync
03:16 KSA
A use-after-free flaw was found in the X.Org X server and Xwayland in FreeCounter(). A client that sets up multiple SyncCounters and awaits on those triggers can trigger a use-after-free when destroying those counters via a second client connection. This may be used to crash the …
CVE-2026-50261
A use-after-free flaw was found in the X.Org X server and Xwayland in SyncChangeCounter(). A client that sets up multipl
03:16 KSA
A use-after-free flaw was found in the X.Org X server and Xwayland in SyncChangeCounter(). A client that sets up multiple SyncCounters can trigger a use-after-free when destroying those counters via a second client connection while changing those counters. This may be used to cra…
CVE-2026-50264
An out-of-bounds write flaw was found in the X.Org X server and Xwayland in DRIGetBuffers/DRIGetBuffersWithFormat. A cli
03:16 KSA
An out-of-bounds write flaw was found in the X.Org X server and Xwayland in DRIGetBuffers/DRIGetBuffersWithFormat. A client that requests multiple DRI2BufferBackLeft attachments and one DRI2BufferFrontLeft can trigger an out-of-bounds heap write. This may be used to crash the ser…
WinMTR 0.91 contains a denial of service vulnerability that allows attackers to crash the application by sending a malformed payload file containing a large buffer of repeated characters. Attackers can create a specially crafted input file with 238 bytes of data to trigger a buff…
Banana Slides through 0.4.0, patched in commit e8bc490, contains a path traversal vulnerability in the generate_image() function within the AI service backend that allows unauthenticated attackers to read arbitrary image-format files outside the intended uploads directory by expl…
CVE-2026-10167
A weakness has been identified in OUSL-GROUP-BrinaryBrains School Student Management System up to 1e70e5ad1125b86dca4ee0
03:16 KSA
A weakness has been identified in OUSL-GROUP-BrinaryBrains School Student Management System up to 1e70e5ad1125b86dca4ee086eb6bb121f17708b6. This impacts the function sign_auth_cookie of the file application/controllers/Login.php of the component MY_Controller. Executing a manipul…
CVE-2026-10178
A vulnerability was detected in code-projects Online Music Site 1.0. This vulnerability affects unknown code of the file
20:00 KSA
A vulnerability was detected in code-projects Online Music Site 1.0. This vulnerability affects unknown code of the file /Administrator/PHP/AdminEditAlbum.php. The manipulation of the argument ID results in sql injection. The attack may be performed from remote. The exploit is no…
A security flaw has been discovered in SourceCodester Hospitals Patient Records Management System 1.0. This impacts an unknown function of the file /classes/Users.php?f=delete. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The …
CVE-2026-10185
SQL Injection in SourceCodester Hospitals Patient Records Management System 1.0
15:07 KSA
A weakness has been identified in SourceCodester Hospitals Patient Records Management System 1.0. Affected is an unknown function of the file /classes/Users.php?f=save. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The e…
A security vulnerability has been detected in code-projects Online Hospital Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /patient.php. Such manipulation of the argument editid leads to sql injection. The attack can be executed remo…
CVE-2026-10208
A flaw has been found in code-projects Online Hospital Management System 1.php. This impacts the function login_user of
15:48 KSA
A flaw has been found in code-projects Online Hospital Management System 1.php. This impacts the function login_user of the file login_1.php. Executing a manipulation of the argument Username can lead to sql injection. The attack can be executed remotely. The exploit has been pub…
CVE-2026-10214
A weakness has been identified in zhayujie chatgpt-on-wechat up to 2.0.8. This issue affects the function _get_safety_wa
15:48 KSA
A weakness has been identified in zhayujie chatgpt-on-wechat up to 2.0.8. This issue affects the function _get_safety_warning of the file agent/tools/bash/bash.py of the component Bash Tool. Executing a manipulation can lead to os command injection. The attack can be launched rem…
A vulnerability was found in nextlevelbuilder GoClaw up to 3.11.3. This impacts the function FsBridge.WriteFile of the file internal/sandbox/fsbridge.go of the component write_file Tool. Performing a manipulation results in os command injection. The attack is possible to be carri…
A vulnerability was determined in NousResearch hermes-agent up to 2026.4.30. Affected is the function _serve_plugin_skill/skill_view of the file tools/skills_tool.py. Executing a manipulation can lead to injection. The attack may be performed from remote. The exploit has been pub…
A vulnerability was detected in raisulislamg4 student_management_system_by_php up to 310d950e09013d5133c6b9210aff9444382d16d1. This issue affects some unknown processing of the file login_check.php of the component Login. Performing a manipulation of the argument Username results…
A flaw has been found in raisulislamg4 student_management_system_by_php up to 310d950e09013d5133c6b9210aff9444382d16d1. Impacted is an unknown function of the file delete.php. Executing a manipulation of the argument user_id/course_id/teacher_id/student_id/application_id can lead…
CVE-2026-10236
SourceCodester Water Billing System Authorization Bypass in User Management
21:04 KSA
A vulnerability has been found in SourceCodester Water Billing Management System 1.0. This issue affects some unknown processing of the file /classes/Users.php?f=save of the component User Management Endpoint. Such manipulation leads to improper authorization. The attack may be l…
A security vulnerability has been detected in code-projects Smart Parking System 1.0. Affected is an unknown function of the component Admin Endpoint. Such manipulation leads to missing authentication. It is possible to launch the attack remotely. The exploit has been disclosed p…
A vulnerability was identified in itsourcecode Online Blood Bank Management System 1.0. Impacted is an unknown function of the file /admin/viewrequest.php. Such manipulation of the argument ID leads to sql injection. The attack can be executed remotely. The exploit is publicly av…
A security flaw has been discovered in itsourcecode Online Blood Bank Management System 1.0. The affected element is an unknown function of the file /admin/campsdetails.php. Performing a manipulation of the argument hospital results in sql injection. The attack is possible to be …
A weakness has been identified in itsourcecode Online House Rental System 1.0. The impacted element is an unknown function of the file /ajax.php?action=login. Executing a manipulation of the argument Username can lead to sql injection. The attack may be performed from remote. The…
CVE-2026-10252
A security vulnerability has been detected in itsourcecode Online House Rental System 1.0. This affects an unknown funct
21:04 KSA
A security vulnerability has been detected in itsourcecode Online House Rental System 1.0. This affects an unknown function of the file /manage_tenant.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has …
CVE-2026-10253
A vulnerability was detected in itsourcecode Online House Rental System 1.0. This impacts an unknown function of the fil
21:04 KSA
A vulnerability was detected in itsourcecode Online House Rental System 1.0. This impacts an unknown function of the file /manage_payment.php. The manipulation of the argument ID results in sql injection. It is possible to launch the attack remotely. The exploit is now public and…
CVE-2026-10260
A vulnerability was detected in CodeAstro Online Job Portal 1.0. The impacted element is an unknown function of the file
21:04 KSA
A vulnerability was detected in CodeAstro Online Job Portal 1.0. The impacted element is an unknown function of the file /admin/jobs-admins/delete-jobs.php. Performing a manipulation of the argument ID results in sql injection. It is possible to initiate the attack remotely. The …
CVE-2026-10261
A flaw has been found in CodeAstro Online Job Portal 1.0. This affects an unknown function of the file /users/applicatio
21:04 KSA
A flaw has been found in CodeAstro Online Job Portal 1.0. This affects an unknown function of the file /users/application_status.php. Executing a manipulation of the argument ID can lead to sql injection. It is possible to launch the attack remotely. The exploit has been publishe…
CVE-2026-10262
A vulnerability has been found in code-projects Real State Services 1.0. This impacts an unknown function of the file /l
21:04 KSA
A vulnerability has been found in code-projects Real State Services 1.0. This impacts an unknown function of the file /loginuser.php of the component Login. The manipulation of the argument Username leads to sql injection. The attack can be initiated remotely. The exploit has bee…
A vulnerability was found in SourceCodester Computer Repair Shop Management System up to 1.0. Affected is an unknown function of the file /admin/products/manage_product.php. The manipulation of the argument ID results in sql injection. The attack can be launched remotely. The exp…
A security flaw has been discovered in horizon921 mcpilot 0.1.0. The impacted element is an unknown function of the file client/src/app/api/mcp/call/route.ts of the component MCP API Call Endpoint. The manipulation of the argument serverBaseUrl results in server-side request forg…
A weakness has been identified in Enderfga claw-orchestrator up to 3.5.5. This affects the function EmbeddedServer of the file src/embedded-server.ts of the component API Endpoint. This manipulation causes missing authentication. The attack may be initiated remotely. The exploit …
A vulnerability was determined in SourceCodester SEO Meta Tag Extractor 1.0. This vulnerability affects the function get_headers of the file /index.php. This manipulation of the argument url causes server-side request forgery. It is possible to initiate the attack remotely. The e…
A vulnerability was identified in code-projects Hotel and Tourism Reservation System 1.0. This issue affects the function password_verify of the file /admin/login.php of the component Admin Login. Such manipulation of the argument Password leads to improper authentication. It is …
CVE-2026-10877
SQL Injection in SourceCodester Ship Ferry Ticket Reservation System Admin Login
03:16 KSA
A security vulnerability has been detected in SourceCodester Ship Ferry Ticket Reservation System up to 1.0. This impacts an unknown function of the file /admin/login.php of the component Admin Login. Such manipulation of the argument Username leads to sql injection. The attack c…
CVE-2026-11334
SQL Injection in CollegeManagementSystem fetch.php department_code Parameter
03:16 KSA
A vulnerability was detected in tittuvarghese CollegeManagementSystem 3e476335cfbfb9a049e09f474c7ec885f69a9df3/a38852979f7e27ae67b610dce5979500ef8ebe01. This affects an unknown function of the file dashboard_page/forms/fetch.php. Performing a manipulation of the argument departme…
A vulnerability has been found in code-projects Hotel and Tourism Reservation System 1.0. This affects an unknown function of the file /details.php. Such manipulation of the argument room leads to sql injection. The attack can be launched remotely. The exploit has been disclosed …
A vulnerability was found in code-projects Vehicle Management System 1.0. This impacts an unknown function of the file newdriver.php of the component New Driver Registration Form. Performing a manipulation of the argument photo results in unrestricted upload. The attack may be in…
CVE-2026-10586
Gutenberg Essential Blocks SSRF Vulnerability via save_ai_generated_image()
03:16 KSA
The Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & Patterns plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 6.1.3 via the `save_ai_generated_image()` function. This makes it possible for authenticated attac…
Lyrion Music Server 9.2.0 contains an unauthenticated stored cross-site scripting vulnerability in the log viewer that allows attackers to inject malicious scripts by exploiting unescaped template variables. Attackers can inject XSS payloads through search, lines, and path query …
CVE-2026-8035
Improper input validation in the NI-PAL kernel driver may allow a local authenticated user to cause a denial of service
23:16 KSA
Improper input validation in the NI-PAL kernel driver may allow a local authenticated user to cause a denial of service by triggering a crash due to a NULL pointer dereference. This vulnerability affects NI-PAL 26.3.0 and prior versions on Windows and Linux.
CVE-2026-50206
Incoming VPN network profile settings fail to process special characters safely, enabling command injection via maliciou
03:32 KSA
Incoming VPN network profile settings fail to process special characters safely, enabling command injection via malicious config files.
CVE-2026-11322
Hermes WebUI prior to v0.51.221 contains a path traversal vulnerability that allows attackers to escape the workspace bo
06:00 KSA
Hermes WebUI prior to v0.51.221 contains a path traversal vulnerability that allows attackers to escape the workspace boundary by supplying symlinks that resolve to files or directories outside the designated workspace root. Attackers can exploit the workspace file and listing AP…
TP-Link Tapo C200 v5 contains a stack-based buffer overflow flaw in RTSP authentication handling due to improper validation of Authorization header field lengths, which can be triggered by a crafted authentication request.
Successful exploitation causes the affected RTSP core se…
CVE-2026-42824
Improper neutralization of special elements used in a command ('command injection') in M365 Copilot allows an unauthoriz
06:00 KSA
Improper neutralization of special elements used in a command ('command injection') in M365 Copilot allows an unauthorized attacker to disclose information over a network.
CVE-2026-47644
Improper neutralization of special elements in output used by a downstream component ('injection') in Copilot Chat (Micr
06:00 KSA
Improper neutralization of special elements in output used by a downstream component ('injection') in Copilot Chat (Microsoft Edge) allows an unauthorized attacker to disclose information over a network.
CVE-2026-47655
Exposure of sensitive information to an unauthorized actor in Microsoft Graph allows an authorized attacker to disclose
06:00 KSA
Exposure of sensitive information to an unauthorized actor in Microsoft Graph allows an authorized attacker to disclose information over a network.
CVE-2026-49204
Hardcoded Credentials in AWS Cognito Debug Modules Enable Unauthorized Access
03:32 KSA
Leftover debug modules contain fixed credentials for internal AWS Cognito test sandboxes, risking asset exploitation.
CVE-2026-50212
Weak Validation in Device Dissociation API Enables Unauthorized Endpoint Unbinding
03:32 KSA
Weak validation logic within device dissociation API routines allows a remote entity to forcefully unbind unrelated user endpoints, causing severe denial of service.
CVE-2026-10874
A vulnerability was identified in projectworlds Online Art Gallery Shop Project 1.0. The affected element is an unknown
06:00 KSA
A vulnerability was identified in projectworlds Online Art Gallery Shop Project 1.0. The affected element is an unknown function of the file /admin/adminHome.php. The manipulation of the argument social_insta leads to sql injection. The attack may be initiated remotely. The explo…
CVE-2026-10875
A security flaw has been discovered in projectworlds Online Art Gallery Shop Project 1.0. The impacted element is an unk
06:00 KSA
A security flaw has been discovered in projectworlds Online Art Gallery Shop Project 1.0. The impacted element is an unknown function of the file /admin/adminHome.ph. The manipulation of the argument social_twitter results in sql injection. The attack may be launched remotely. Th…
CVE-2026-10876
A weakness has been identified in SourceCodester Ship Ferry Ticket Reservation System 1.0. This affects an unknown funct
07:18 KSA
A weakness has been identified in SourceCodester Ship Ferry Ticket Reservation System 1.0. This affects an unknown function of the file /admin/. This manipulation of the argument page causes improper authorization. Remote exploitation of the attack is possible. The exploit has be…
CVE-2026-10878
A vulnerability was detected in D-Link DWR-M920 1.1.50/1.1.70. Affected is the function sub_41C8E8 of the file /boafrm/f
07:18 KSA
A vulnerability was detected in D-Link DWR-M920 1.1.50/1.1.70. Affected is the function sub_41C8E8 of the file /boafrm/formSmsManage. Performing a manipulation of the argument action_value results in command injection. The attack is possible to be carried out remotely. The exploi…
CVE-2026-11333
A security vulnerability has been detected in tittuvarghese CollegeManagementSystem 3e476335cfbfb9a049e09f474c7ec885f69a
23:16 KSA
A security vulnerability has been detected in tittuvarghese CollegeManagementSystem 3e476335cfbfb9a049e09f474c7ec885f69a9df3/a38852979f7e27ae67b610dce5979500ef8ebe01. The impacted element is an unknown function of the file dashboard_page/forms/upload_student_data.php of the compo…
CVE-2026-11335
A flaw has been found in tittuvarghese CollegeManagementSystem 3e476335cfbfb9a049e09f474c7ec885f69a9df3/a38852979f7e27ae
23:16 KSA
A flaw has been found in tittuvarghese CollegeManagementSystem 3e476335cfbfb9a049e09f474c7ec885f69a9df3/a38852979f7e27ae67b610dce5979500ef8ebe01. This impacts the function session_start of the file /login-form.php. Executing a manipulation of the argument UserAuthData can lead to…
CVE-2026-11336
A vulnerability has been found in tittuvarghese CollegeManagementSystem 3e476335cfbfb9a049e09f474c7ec885f69a9df3/a388529
23:16 KSA
A vulnerability has been found in tittuvarghese CollegeManagementSystem 3e476335cfbfb9a049e09f474c7ec885f69a9df3/a38852979f7e27ae67b610dce5979500ef8ebe01. Affected is an unknown function of the file dashboard_page/admin_page.php of the component Admin Interface. The manipulation …
CVE-2026-11339
A vulnerability was detected in D-Link DWR-M920 up to 1.1.50. The affected element is the function sub_41CF20 of the fil
01:36 KSA
A vulnerability was detected in D-Link DWR-M920 up to 1.1.50. The affected element is the function sub_41CF20 of the file /boafrm/formUSSDSetup. The manipulation of the argument ussdValue results in command injection. It is possible to launch the attack remotely. The exploit is n…
CVE-2026-11341
A flaw has been found in D-Link DWR-M920 up to 1.1.50. The impacted element is the function sub_412DA0 of the file /boaf
01:36 KSA
A flaw has been found in D-Link DWR-M920 up to 1.1.50. The impacted element is the function sub_412DA0 of the file /boafrm/formIMEISetup. This manipulation of the argument IMEI_value causes os command injection. The attack can be initiated remotely. The exploit has been published…
Appsmith’s SQL query editor’s autocomplete functionality fails to sanitize database object names before rendering them in innerHTML, allowing an authenticated Developer to inject persistent XSS by a malicious table or column names triggering arbitrary code execution in the sessio…
CVE-2026-35212
OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. Versions prior to 7
19:17 KSA
OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. Versions prior to 7.260227.0 are vulnerable to XSS in the rendering of email-message observable body data. The content of the body field isn't appropriately sanitized when being r…
React Router is a router for React. In versions 7.0.0 through 7.14.0 and 6.7.0 through 6.30.3, certain URLs passed to the redirect function can trigger an open redirect to an external domain due to path values starting with // being reinterpreted as protocol-relative URLs. The le…
authentik is an open-source identity provider. Prior to version 2026.2.3, the WS-Federation provider validates the user-supplied wreply parameter using a raw string prefix check rather than proper URL parsing. An attacker who can craft a login link can supply a wreply value on a …
Lyrion Music Server 9.2.0 contains an unauthenticated reflected cross-site scripting vulnerability in the server.log endpoint that allows attackers to inject arbitrary HTML and JavaScript code through the search parameter. Attackers can craft malicious URLs with JavaScript payloa…
Lyrion Music Server 9.2.0 contains a reflected cross-site scripting vulnerability in advanced search parameters that fail to properly sanitize user input before displaying it in search forms. Attackers can inject malicious scripts through unfiltered search parameters to execute a…
CVE-2026-21017
SecTelephonyProvider Privilege Escalation via Insufficient Privilege Handling
08:02 KSA
Improper handling of insufficient privileges in SecTelephonyProvider prior to SMR Jun-2026 Release 1 allows local attackers to access privileged files.
Incorrect privilege assignment in Telephony prior to SMR Jun-2026 Release 1 allows local attackers to access sensitive information.
Improper export of android application components in SpriteWallpaper prior to SMR Jun-2026 Release 1 allows local attackers to access to sensitive information.
Improper access control in AuditLogService prior to SMR Jun-2026 Release 1 allows local attackers to access sensitive information.
CVE-2026-50262
An out-of-bounds read flaw was found in the X.Org X server and Xwayland in __glXDisp_ChangeDrawableAttributes(). A wrong
19:17 KSA
An out-of-bounds read flaw was found in the X.Org X server and Xwayland in __glXDisp_ChangeDrawableAttributes(). A wrong size validation check can read a client-controlled number of bytes, exceeding the request buffer, leading to information disclosure. A write path also exists b…
CVE-2026-50263
A use-after-free flaw was found in the X.Org X server and Xwayland in CreateSaverWindow(). A client can trigger a use-af
19:17 KSA
A use-after-free flaw was found in the X.Org X server and Xwayland in CreateSaverWindow(). A client can trigger a use-after-free read after changing window attributes and forcing the screen saver, leading to information disclosure.
CVE-2026-49192
IDOR Vulnerability in Summary Service Endpoint - Hardware Serial Number Exposure
03:32 KSA
The summary service endpoint suffers from an IDOR vulnerability where it fails to verify user ownership of hardware serial numbers, exposing device data to scraping.
A use-of-uninitialized memory vulnerability exists in libxls 1.6.3 when parsing malformed XLS files. The issue is reachable via xls_parseWorkBook() and is triggered by uninitialized heap memory originating from the OLE layer (ole2_read). The flaw is detectable with MemorySanitize…
CVE-2026-50233
Lyrion Music Server 9.2.0 Arbitrary Directory Listing via Unauthenticated Endpoint
21:10 KSA
Lyrion Music Server 9.2.0 contains an arbitrary directory listing vulnerability in its readdirectory query, exposed through both the CLI service (TCP port 9090) and the HTTP JSON-RPC endpoint (/jsonrpc.js). The query accepts a folder parameter and lists its contents with no restr…
⚠️ Threat Intelligence
33 threats
rss:Dark Reading
—
03:18 KSA
Exposed Fuel Tank Gauges Under Attack in the US
Threat actors are exploiting internet-exposed tank gauges at gas stations to gain unauthorized access and cause operational disruption. This vulnerability in industrial control systems poses significant risks to fu…
rss:The Hacker News
—
01:25 KSA
IronWorm and New Miasma Worm Variant Hit npm in Supply Chain Attacks
Multiple supply chain attacks targeted the npm ecosystem using over 50 compromised legitimate packages to distribute IronWorm information stealer and a self-spreading Miasma worm variant. Threa…
rss:BleepingComputer
—
01:25 KSA
Chinese APT deploys new malware to keep access to hacked networks
Chinese APT group UNC5221 is actively deploying multiple backdoors including Brickstorm and previously unknown malware variants Plenet and AgentPSD to maintain persistent access to compromised Mic…
rss:BleepingComputer
—
01:25 KSA
CISA: Hackers now exploit SolarWinds Serv-U flaw to crash servers
CISA has issued a warning about active exploitation of a high-severity vulnerability in SolarWinds Serv-U that allows attackers to crash servers. The flaw has been recently patched, but threat act…
rss:BleepingComputer
—
00:09 KSA
Dark web Nemesis Market vendor gets 26 years for selling drugs
A California man was sentenced to 26 years in prison for trafficking fentanyl and methamphetamine through Nemesis Market, a major dark web marketplace. This case highlights law enforcement's ability …
rss:The Hacker News
—
23:20 KSA
Android Spyware Asin Targets Arabic Users via Fake News, PDF and War Map Apps
A new Android spyware called Asin is actively targeting Arabic-speaking users through deceptive applications disguised as news, PDF readers, and war map tools. The malware was first de…
rss:SecurityWeek
—
22:36 KSA
OWASP Incubator Project Helps Developers Find and Fix Vulnerable Dependencies in Seconds
CVE Lite CLI is an open-source command-line tool that rapidly scans software projects to identify vulnerable dependencies within included packages. This OWASP incubator proj…
rss:Recorded Future
—
21:32 KSA
Why Holistic Sourcing Wins: The Numbers Behind the Recorded Future Advantage
Recorded Future's Intelligence Graph leverages holistic sourcing across over 1 million sources to provide comprehensive threat intelligence capabilities. This approach enables organizat…
rss:Dark Reading
—
21:32 KSA
Adaptive, Agentic AI Worms Loom as Next Enterprise Threat
Researchers warn of emerging AI-powered worms that can autonomously adapt to new environments and identify vulnerabilities, posing a significant threat to enterprise systems. These adaptive worms are expe…
rss:BleepingComputer
—
21:32 KSA
Over 900 US gas station tank gauge systems exposed to attacks
Over 900 automatic tank gauge (ATG) systems across the United States are exposed online and vulnerable to cyberattacks. These systems monitor fuel and chemical storage tanks in critical infrastructure…
rss:Mandiant Blog
—
20:32 KSA
Seeking Counsel: Ongoing Targeted Campaign Against US Law Firms
Mandiant identified a financially motivated data theft and extortion campaign (UNC3753/Luna Moth) targeting US law firms from January to May 2026. The threat actor conducts targeted attacks to steal…
rss:The Hacker News
—
20:32 KSA
New Threat Cluster OP-512 Targets Microsoft IIS Servers with Custom Web Shell Framework
Researchers discovered a previously unreported threat cluster OP-512 targeting Microsoft IIS servers to deploy a custom web shell framework. The group is assessed with modera…
rss:BleepingComputer
—
20:32 KSA
What 2026 DBIR Confirms: Attacks Are Living in the Browser
The 2026 Verizon DBIR reveals that phishing, malicious browser extensions, and credential theft attacks are increasingly targeting the browser layer. Organizations face significant security gaps as attac…
rss:SecurityWeek
—
19:07 KSA
In Other News: Anthropic Maps AI Threats, Unpatched Comodo Flaw, Palantir Chief Eyed for CISA
Multiple cybersecurity incidents reported including an Ultrahuman data leak, analysis of The Gentlemen ransomware, and discovery of cryptocurrency mining bundled with H…
rss:Dark Reading
—
19:07 KSA
Trump AI Order Seeks Voluntary Frontier Model Testing
The White House executive order establishes a voluntary framework allowing early government access to frontier AI models while investing in federal cybersecurity infrastructure. This initiative aims to balanc…
rss:The Hacker News
—
19:07 KSA
Only 10% of SOCs Say They’re Getting Excellent Value From AI. Here’s What the Second Wave Has to Deliver
Only 10% of Security Operations Centers (SOCs) report receiving excellent value from AI implementations, indicating a significant gap between AI investment a…
rss:SecurityWeek
—
18:16 KSA
Hackers Leak DentaQuest Information Impacting 2.6 Million
The ShinyHunters extortion group has leaked approximately 234 GB of data allegedly stolen from DentaQuest, a dental benefits administrator. The breach impacts 2.6 million individuals whose personal and he…
rss:SecurityWeek
—
17:16 KSA
Industry Reactions to New Trump AI Cybersecurity Executive Order: Feedback Friday
Industry experts provide feedback on a new executive order regarding AI cybersecurity, discussing concerns about its voluntary nature, the balance between fostering innovation and …
rss:SecurityWeek
—
17:16 KSA
Chrome 149 Patches 429 Vulnerabilities
Google Chrome version 149 addresses 429 vulnerabilities, with over 100 classified as critical or high-severity. The flaws primarily involve use-after-free memory errors and insufficient validation of untrusted input, posing…
rss:Malwarebytes Lab
—
15:23 KSA
AI: Threat, tool, or both?
The article examines rising public concerns about artificial intelligence and its role in cybersecurity. It explores the dual nature of AI as both a potential threat and a defensive tool in the cybersecurity landscape.
Source: https:/…
rss:SecurityWeek
—
15:23 KSA
Five Eyes: Chinese Spies Target Government, Military Staff With Fake Job Opportunities
Chinese intelligence operatives are conducting a sophisticated social engineering campaign, impersonating recruiters on online platforms to target government and military pers…
rss:The Hacker News
—
15:22 KSA
Hackers Exploit Critical Everest Forms Pro WordPress Plugin Flaw to Take Over Sites
Threat actors are actively exploiting CVE-2026-3300, a critical remote code execution vulnerability (CVSS 9.8) in the Everest Forms Pro WordPress plugin affecting approximately 4…
rss:SecurityWeek
—
14:36 KSA
Nightclub Giant RCI Says Data Breach Affects 40,000 Individuals
RCI, a major nightclub operator, disclosed a data breach affecting 40,000 individuals following a network intrusion detected in March. The investigation confirmed that attackers stole files during t…
rss:The Hacker News
—
14:36 KSA
FIFA World Cup 2026 Scams Are Already Live: Fake Sites, Banking Malware, and Stolen Logins
Security researchers and the FBI warn of widespread FIFA World Cup 2026-themed fraud campaigns featuring thousands of counterfeit domains, banking malware embedded in pira…
rss:The Hacker News
—
13:18 KSA
PCPJack Hijacks 230 AWS, Google Cloud, and Azure Servers for Covert SMTP Relay Network
Threat actor PCPJack has compromised 230 cloud servers across AWS, Google Cloud, and Azure to establish a covert SMTP relay network for sending unauthorized emails. Compromise…
rss:BleepingComputer
—
13:18 KSA
Cisco warns of unpatched SD-WAN zero-day exploited in attacks
Cisco has disclosed a high-severity, unpatched zero-day vulnerability (CVE-2026-20245) in Cisco Catalyst SD-WAN Manager that is actively being exploited in attacks. The vulnerability allows attackers …
rss:SecurityWeek
—
11:54 KSA
Cisco Warns of 7th SD-WAN Zero-Day Exploited in 2026
Cisco has disclosed a critical zero-day vulnerability (CVE-2026-20245) in its SD-WAN products that allows attackers to execute arbitrary commands with root privileges. No patch is currently available, leaving …
rss:Dark Reading
—
04:42 KSA
4 Critical Threats Where Attackers Have the Advantage
Gartner analysts highlight four critical emerging threats where attackers maintain tactical advantages, including deepfakes and prompt injection attacks. Organizations are urged to strengthen defenses against…
rss:Dark Reading
—
04:42 KSA
China's TA4922 Expands Cybercrime Attacks Globally
TA4922, a diverse and unfocused Chinese cybercrime group, is expanding its operations beyond East Asia to target organizations globally. The group's expansion indicates growing threats to international orga…
rss:Dark Reading
—
04:42 KSA
Rust-Written IronWorm Hits NPM Supply Chain
IronWorm malware targets developers through NPM supply chain to steal credentials and propagate across software distribution channels. The campaign employs credential theft tactics similar to previous supply chain atta…
rss:BleepingComputer
—
04:41 KSA
Brave Software releases Origin for a paid, bloat-free browsing experience
Brave has released Brave Origin, a paid minimalist browser version that removes cryptocurrency, AI, and monetization features. This represents a shift toward a cleaner, privacy-focused bro…
rss:BleepingComputer
—
04:41 KSA
Credit card theft campaign abuses Stripe to host stolen payment info
A Magecart campaign is exploiting Stripe's API infrastructure to host credit card-stealing malware and exfiltrate payment data from e-commerce checkout pages. This attack leverages legitimate p…
rss:BleepingComputer
—
04:41 KSA
Hola Browser for Windows compromised to deliver cryptominer
Hola Browser for Windows was compromised in a supply chain attack that injected a cryptocurrency miner into the application. This attack demonstrates the risk of compromised software distribution channe…
📰 Cybersecurity News
0 articles
No news aggregated today yet
This digest is updated automatically every day — Last updated: Friday, June 5, 2026
CVE Archive ·
Threats ·
News