https://shimiscyberworld.com/posts/reborn-gaming-126-breached-accounts-qxmv4/ Shimi's Cyber World en 2026-05-04T06:43:06+03:00 Reborn Gaming Breach: cPanel/WHM Vulnerability Exposes User Datadata-breach, vulnerability https://shimiscyberworld.com/posts/nvd-CVE-2026-7724/ Shimi's Cyber World en 2026-05-04T06:16:13+03:00 CVE-2026-7724 — PrefectHQ Prefect Vulnerabilityvulnerability, cve, medium-severity, cwe-362, cwe-367 https://shimiscyberworld.com/posts/nvd-CVE-2026-7723/ Shimi's Cyber World en 2026-05-04T06:16:13+03:00 CVE-2026-7723: PrefectHQ Prefect WebSocket Lacks Authenticationvulnerability, cve, high-severity, cwe-287, cwe-306 https://shimiscyberworld.com/posts/nvd-CVE-2026-7722/ Shimi's Cyber World en 2026-05-04T06:16:12+03:00 CVE-2026-7722 — PrefectHQ Prefect Vulnerabilityvulnerability, cve, medium-severity, cwe-287 https://shimiscyberworld.com/posts/nvd-CVE-2026-7721/ Shimi's Cyber World en 2026-05-04T06:16:12+03:00 CVE-2026-7721 — Totolink WA300 5.2cu.7112_B20190227 Command Injectionvulnerability, cve, medium-severity, command-injection, cwe-74, cwe-77 https://shimiscyberworld.com/posts/nvd-CVE-2026-7720/ Shimi's Cyber World en 2026-05-04T05:15:58+03:00 CVE-2026-7720 — Command Injectionvulnerability, cve, medium-severity, command-injection, cwe-74, cwe-77 https://shimiscyberworld.com/posts/nvd-CVE-2026-7719/ Shimi's Cyber World en 2026-05-04T05:15:58+03:00 Totolink WA300 Critical Buffer Overflow (CVE-2026-7719) Exploitedvulnerability, cve, critical, high-severity, buffer-overflow, cwe-119, cwe-120 https://shimiscyberworld.com/posts/nvd-CVE-2026-7718/ Shimi's Cyber World en 2026-05-04T05:15:58+03:00 CVE-2026-7718 — Totolink WA300 5.2cu.7112_B20190227 Command Injectionvulnerability, cve, medium-severity, command-injection, cwe-74, cwe-77 https://shimiscyberworld.com/posts/nvd-CVE-2026-7713/ Shimi's Cyber World en 2026-05-04T03:16:40+03:00 CVE-2026-7713 — Crocodilestick Calibre-Web-Automated Vulnerabilityvulnerability, cve, medium-severity, cwe-266, cwe-285 https://shimiscyberworld.com/posts/nvd-CVE-2026-7712/ Shimi's Cyber World en 2026-05-04T03:16:39+03:00 CVE-2026-7712 — MindsDB Insecure Deserializationvulnerability, cve, medium-severity, insecure-deserialization, cwe-20, cwe-502 https://shimiscyberworld.com/posts/nvd-CVE-2026-7711/ Shimi's Cyber World en 2026-05-04T03:16:39+03:00 MindsDB Unrestricted File Upload (CVE-2026-7711) Poses Remote Threatvulnerability, cve, high-severity, unrestricted-file-upload, cwe-284, cwe-434 https://shimiscyberworld.com/posts/nvd-CVE-2026-7710/ Shimi's Cyber World en 2026-05-04T03:16:39+03:00 CVE-2026-7710: YunaiV yudao-cloud Improper Authentication Flawvulnerability, cve, high-severity, cwe-287 https://shimiscyberworld.com/posts/nvd-CVE-2026-6948/ Shimi's Cyber World en 2026-05-04T03:16:39+03:00 CVE-2026-6948 — Velociraptor versions prior to 0.76.4 contain a resourcevulnerability, cve, medium-severity, cwe-770 https://shimiscyberworld.com/posts/nvd-CVE-2026-7709/ Shimi's Cyber World en 2026-05-04T02:16:42+03:00 CVE-2026-7709 — Janeczku Calibre-Web Vulnerabilityvulnerability, cve, medium-severity, cwe-266, cwe-285 https://shimiscyberworld.com/posts/nvd-CVE-2026-7708/ Shimi's Cyber World en 2026-05-04T02:16:42+03:00 CVE-2026-7708 — Denial of Servicevulnerability, cve, medium-severity, denial-of-service, cwe-404 https://shimiscyberworld.com/posts/nvd-CVE-2026-7707/ Shimi's Cyber World en 2026-05-04T02:16:42+03:00 CVE-2026-7707 — Open5GS Denial of Servicevulnerability, cve, medium-severity, denial-of-service, cwe-404 https://shimiscyberworld.com/posts/nvd-CVE-2026-7706/ Shimi's Cyber World en 2026-05-04T02:16:41+03:00 CVE-2026-7706 — Open5GS Denial of Servicevulnerability, cve, medium-severity, denial-of-service, cwe-404 https://shimiscyberworld.com/posts/nvd-CVE-2026-7705/ Shimi's Cyber World en 2026-05-04T02:16:41+03:00 CVE-2026-7705 — JD Cloud JDCOS 4.5.1.R4518 Command Injectionvulnerability, cve, medium-severity, command-injection, cwe-74, cwe-77 https://shimiscyberworld.com/posts/marcus-millichap-1-837-078-breached-accounts-cqfcx/ Shimi's Cyber World en 2026-05-04T01:53:12+03:00 Marcus & Millichap Breach: ShinyHunters Leaks 1.8M Recordsdata-breach, tools https://shimiscyberworld.com/posts/instructure-confirms-data-breach-shinyhunters-claims-attack-hwvmu/ Shimi's Cyber World en 2026-05-04T01:16:27+03:00 Instructure Confirms Data Breach as ShinyHunters Claims Attackthreat-intel, data-breach, malware https://shimiscyberworld.com/posts/daily-digest/ Shimi's Cyber World en 2026-05-03T23:00:00+03:00 Daily Security Digest — 2026-05-03daily-digest, vulnerability, cve, high-severity, sql-injection, cwe-74, cwe-89, command-injection, cwe-77, cwe-78 https://shimiscyberworld.com/posts/microsoft-defender-wrongly-flags-digicert-certs-as-trojan-wi-aktp2/ Shimi's Cyber World en 2026-05-03T21:11:25+03:00 Microsoft Defender Flags DigiCert Certificates as Trojanthreat-intel, data-breach, malware, microsoft https://shimiscyberworld.com/posts/nvd-CVE-2026-7704/ Shimi's Cyber World en 2026-05-03T20:16:13+03:00 CVE-2026-7704 — AV Stumpfl Pixera Two Media Server Path Traversalvulnerability, cve, medium-severity, path-traversal, cwe-22 https://shimiscyberworld.com/posts/nvd-CVE-2026-7703/ Shimi's Cyber World en 2026-05-03T20:16:13+03:00 AV Stumpfl Pixera Two Media Server Websocket API Code Injectionvulnerability, cve, high-severity, cwe-74, cwe-94 https://shimiscyberworld.com/posts/us-military-reaches-deals-with-7-tech-companies-to-use-their-7pkym/ Shimi's Cyber World en 2026-05-03T19:21:36+03:00 US Military Taps Google, Microsoft, AWS for Classified AIthreat-intel, vulnerability, microsoft https://shimiscyberworld.com/posts/nvd-CVE-2026-7702/ Shimi's Cyber World en 2026-05-03T19:15:57+03:00 CVE-2026-7702 — Toeverything AFFiNE Vulnerabilityvulnerability, cve, medium-severity, cwe-285, cwe-639 https://shimiscyberworld.com/posts/nvd-CVE-2026-7701/ Shimi's Cyber World en 2026-05-03T19:15:57+03:00 CVE-2026-7701 — Telegram Desktop Null Pointer Dereferencevulnerability, cve, medium-severity, null-pointer-dereference, cwe-404, cwe-476 https://shimiscyberworld.com/posts/nvd-CVE-2026-7700/ Shimi's Cyber World en 2026-05-03T18:15:59+03:00 CVE-2026-7700 — The Function Eval Of The File Src/Lfx/Src/Lfx/Components/Llm Vulnerabilityvulnerability, cve, medium-severity, cwe-74, cwe-94 https://shimiscyberworld.com/posts/nvd-CVE-2026-7699/ Shimi's Cyber World en 2026-05-03T18:15:59+03:00 CVE-2026-7699 — Dromara MaxKey SQL Injectionvulnerability, cve, medium-severity, sql-injection, cwe-74, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-7698/ Shimi's Cyber World en 2026-05-03T17:16:27+03:00 Tiandy Easy7 RCE: Unauthenticated OS Command Injection via updateDbBackupInfovulnerability, cve, high-severity, command-injection, cwe-77, cwe-78 https://shimiscyberworld.com/posts/nvd-CVE-2026-7697/ Shimi's Cyber World en 2026-05-03T17:16:26+03:00 CVE-2026-7697 — SQL Injectionvulnerability, cve, medium-severity, sql-injection, cwe-74, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-7696/ Shimi's Cyber World en 2026-05-03T16:16:09+03:00 CVE-2026-7696 — Acrel Electrical EEMS Enterprise Power Operation And Mainten Unrestricted File Uploadvulnerability, cve, medium-severity, unrestricted-file-upload, cwe-284, cwe-434 https://shimiscyberworld.com/posts/nvd-CVE-2026-7695/ Shimi's Cyber World en 2026-05-03T16:16:08+03:00 Acrel Electrical EEMS Platform Hit by High-Severity SQL Injectionvulnerability, cve, high-severity, sql-injection, cwe-74, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-7694/ Shimi's Cyber World en 2026-05-03T15:15:59+03:00 Acrel Electrical ECEMS SQLi (CVE-2026-7694) Exposes Microgrid Systemsvulnerability, cve, high-severity, sql-injection, cwe-74, cwe-89 https://shimiscyberworld.com/posts/incd-alert_1993/ Shimi's Cyber World en 2026-05-03T15:00:00+03:00 Targeted Phishing Campaign Active in Israel Exploits Compromised Email Accountsincd, israel, advisory, alert https://shimiscyberworld.com/posts/nvd-CVE-2026-7692/ Shimi's Cyber World en 2026-05-03T14:16:13+03:00 CVE-2026-7692 — Wavlink WL-WN570HA1 R70HA1 V1410_221110 Command Injectionvulnerability, cve, medium-severity, command-injection, cwe-74, cwe-77 https://shimiscyberworld.com/posts/nvd-CVE-2026-7691/ Shimi's Cyber World en 2026-05-03T14:16:13+03:00 CVE-2026-7691 — Wavlink WL-WN570HA1 R70HA1 V1410_221110 Command Injectionvulnerability, cve, medium-severity, command-injection, cwe-74, cwe-77 https://shimiscyberworld.com/posts/nvd-CVE-2026-7690/ Shimi's Cyber World en 2026-05-03T13:16:17+03:00 CVE-2026-7690 — The Function Set_sys_adm Of The File /Cgi-Bin/Adm.Cgi Command Injectionvulnerability, cve, medium-severity, command-injection, cwe-74, cwe-77 https://shimiscyberworld.com/posts/nvd-CVE-2026-7688/ Shimi's Cyber World en 2026-05-03T13:16:17+03:00 CVE-2026-7688 — Dolibarr ERP CRM SQL Injectionvulnerability, cve, medium-severity, sql-injection, cwe-74, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-7686/ Shimi's Cyber World en 2026-05-03T11:16:01+03:00 CVE-2026-7686 — Eyeo Adblock Plus Improper Access Controlvulnerability, cve, medium-severity, improper-access-control, cwe-266, cwe-284 https://shimiscyberworld.com/posts/nvd-CVE-2026-7685/ Shimi's Cyber World en 2026-05-03T10:16:25+03:00 Edimax BR-6208AC Buffer Overflow: Remote Exploit Public (CVE-2026-7685)vulnerability, cve, high-severity, buffer-overflow, cwe-119, cwe-120 https://shimiscyberworld.com/posts/nvd-CVE-2026-7684/ Shimi's Cyber World en 2026-05-03T10:16:25+03:00 Edimax BR-6428nC Buffer Overflow (CVE-2026-7684) Exposed, High Severityvulnerability, cve, high-severity, buffer-overflow, cwe-119, cwe-120 https://shimiscyberworld.com/posts/nvd-CVE-2026-7683/ Shimi's Cyber World en 2026-05-03T10:16:25+03:00 CVE-2026-7683 — An Unknown Function Of The File /Goform/SetWAN Of The Compon Command Injectionvulnerability, cve, medium-severity, command-injection, cwe-74, cwe-77 https://shimiscyberworld.com/posts/nvd-CVE-2026-7682/ Shimi's Cyber World en 2026-05-03T10:16:24+03:00 CVE-2026-7682 — Edimax BR-6208AC Command Injectionvulnerability, cve, medium-severity, command-injection, cwe-74, cwe-77 https://shimiscyberworld.com/posts/nvd-CVE-2026-7681/ Shimi's Cyber World en 2026-05-03T09:15:58+03:00 CVE-2026-7681 — Jsbroks COCO Annotator Vulnerabilityvulnerability, cve, medium-severity, cwe-285, cwe-639 https://shimiscyberworld.com/posts/nvd-CVE-2026-7680/ Shimi's Cyber World en 2026-05-03T09:15:57+03:00 CVE-2026-7680 — Path Traversalvulnerability, cve, medium-severity, path-traversal, cwe-22 https://shimiscyberworld.com/posts/nvd-CVE-2026-5063/ Shimi's Cyber World en 2026-05-03T09:15:57+03:00 CVE-2026-5063: NEX-Forms WordPress Plugin Stored XSSvulnerability, cve, high-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-7679/ Shimi's Cyber World en 2026-05-03T08:15:59+03:00 YunaiV yudao-cloud Authentication Bypass (CVE-2026-7679) Publicly Exploitedvulnerability, cve, high-severity, cwe-287 https://shimiscyberworld.com/posts/nvd-CVE-2026-7678/ Shimi's Cyber World en 2026-05-03T08:15:59+03:00 CVE-2026-7678 — YunaiV Yudao-Cloud SQL Injectionvulnerability, cve, medium-severity, sql-injection, cwe-74, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-7676/ Shimi's Cyber World en 2026-05-03T08:15:58+03:00 CVE-2026-7676 — Kerwincui FastBee Path Traversalvulnerability, cve, medium-severity, path-traversal, cwe-22 https://shimiscyberworld.com/posts/nvd-CVE-2026-7675/ Shimi's Cyber World en 2026-05-03T06:16:15+03:00 CVE-2026-7675: Shenzhen Libituo LBT-T300-HW1 Buffer Overflow Exposedvulnerability, cve, high-severity, buffer-overflow, cwe-119, cwe-120 https://shimiscyberworld.com/posts/nvd-CVE-2026-7674/ Shimi's Cyber World en 2026-05-03T05:17:12+03:00 CVE-2026-7674: Libituo LBT-T300-HW1 Buffer Overflow Poses Remote Riskvulnerability, cve, high-severity, buffer-overflow, cwe-119, cwe-120 https://shimiscyberworld.com/posts/nvd-CVE-2026-7673/ Shimi's Cyber World en 2026-05-03T05:17:12+03:00 CVE-2026-7673 — Crmeb_java Unrestricted File Uploadvulnerability, cve, medium-severity, unrestricted-file-upload, cwe-284, cwe-434 https://shimiscyberworld.com/posts/nvd-CVE-2026-7672/ Shimi's Cyber World en 2026-05-03T03:16:16+03:00 CVE-2026-7672 — Youlaitech Youlai-Boot SQL Injectionvulnerability, cve, medium-severity, sql-injection, cwe-74, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-7670/ Shimi's Cyber World en 2026-05-03T02:16:16+03:00 Jinher OA 1.0 SQL Injection (CVE-2026-7670) Exposes Data Remotelyvulnerability, cve, high-severity, sql-injection, cwe-74, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-7669/ Shimi's Cyber World en 2026-05-03T01:16:24+03:00 CVE-2026-7669 — Sgl-Project SGLang Insecure Deserializationvulnerability, cve, medium-severity, insecure-deserialization, cwe-20, cwe-502 https://shimiscyberworld.com/posts/nvd-CVE-2026-7668/ Shimi's Cyber World en 2026-05-03T00:16:07+03:00 MikroTik RouterOS 6.49.8 SCEP Endpoint Vulnerability (CVE-2026-7668)vulnerability, cve, high-severity, out-of-bounds-1, cwe-119, cwe-125 https://shimiscyberworld.com/posts/daily-digest/ Shimi's Cyber World en 2026-05-02T23:00:00+03:00 Daily Security Digest — 2026-05-02daily-digest, vulnerability, cve, high-severity, sql-injection, cwe-74, cwe-89, command-injection, cwe-77, cwe-78 https://shimiscyberworld.com/posts/telegram-1707304340-2304/ Shimi's Cyber World en 2026-05-02T21:16:45+03:00 Lapsus$ Claims Checkmarx Breach, Google Adjusts Bug Bounty, Blackwater Hits Hospitalsisrael, vulnerability, data-breach, cloud https://shimiscyberworld.com/posts/nvd-CVE-2026-7644/ Shimi's Cyber World en 2026-05-02T18:16:14+03:00 ChatGPTNextWeb NextChat Improper Authorization Vulnerability (CVE-2026-7644)vulnerability, cve, high-severity, cwe-266, cwe-285 https://shimiscyberworld.com/posts/nvd-CVE-2026-7643/ Shimi's Cyber World en 2026-05-02T18:16:14+03:00 CVE-2026-7643 — ChatGPTNextWeb NextChat Vulnerabilityvulnerability, cve, medium-severity, cwe-346, cwe-942 https://shimiscyberworld.com/posts/nvd-CVE-2026-7642/ Shimi's Cyber World en 2026-05-02T18:16:14+03:00 CVE-2026-7642 — Pskill9 Website-Downloader Command Injectionvulnerability, cve, medium-severity, command-injection, cwe-77, cwe-78 https://shimiscyberworld.com/posts/nvd-CVE-2026-7633/ Shimi's Cyber World en 2026-05-02T18:16:13+03:00 CVE-2026-7633 — Totolink N300RH 6.1c.1353_B20190305 Vulnerabilityvulnerability, cve, medium-severity, cwe-73 https://shimiscyberworld.com/posts/nvd-CVE-2026-7632/ Shimi's Cyber World en 2026-05-02T17:16:18+03:00 CVE-2026-7632: SQL Injection in Online Hospital Management Systemvulnerability, cve, high-severity, sql-injection, cwe-74, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-7631/ Shimi's Cyber World en 2026-05-02T17:16:18+03:00 CVE-2026-7631 — Code-Projects Online Hospital Management System Vulnerabilityvulnerability, cve, medium-severity, cwe-266, cwe-285 https://shimiscyberworld.com/posts/nvd-CVE-2026-7630/ Shimi's Cyber World en 2026-05-02T17:16:18+03:00 CVE-2026-7630: InnoShop Improper Authentication Exposes Installation Endpointvulnerability, cve, high-severity, cwe-287 https://shimiscyberworld.com/posts/nvd-CVE-2026-7629/ Shimi's Cyber World en 2026-05-02T17:16:17+03:00 CVE-2026-7629 — Kleneway Awesome-Cursor-Mpc-Server Command Injectionvulnerability, cve, medium-severity, command-injection, cwe-74, cwe-77 https://shimiscyberworld.com/posts/nvd-CVE-2026-3504/ Shimi's Cyber World en 2026-05-02T17:16:17+03:00 CVE-2026-3504 — The Dokan: AI Powered WooCommerce Multivendor Marketplacevulnerability, cve, medium-severity, cwe-200 https://shimiscyberworld.com/posts/nvd-CVE-2026-2554/ Shimi's Cyber World en 2026-05-02T17:16:17+03:00 WCFM Frontend Manager: Critical IDOR Allows Admin Deletionvulnerability, cve, high-severity, cwe-639 https://shimiscyberworld.com/posts/nvd-CVE-2026-0703/ Shimi's Cyber World en 2026-05-02T17:16:17+03:00 CVE-2026-0703 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-7628/ Shimi's Cyber World en 2026-05-02T15:16:17+03:00 CVE-2026-7628 — CrazyrabbitLTC Mcp-Code-Review-Server Command Injectionvulnerability, cve, medium-severity, command-injection, cwe-74, cwe-77 https://shimiscyberworld.com/posts/nvd-CVE-2026-6817/ Shimi's Cyber World en 2026-05-02T15:16:17+03:00 CVE-2026-6817 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-6525/ Shimi's Cyber World en 2026-05-02T15:16:16+03:00 CVE-2026-6525 — IEEE 802.11 protocol dissector crash in Wireshark 4.6.0 tovulnerability, cve, medium-severity, cwe-476 https://shimiscyberworld.com/posts/nvd-CVE-2026-6320/ Shimi's Cyber World en 2026-05-02T15:16:16+03:00 WordPress Salon Booking Plugin: Arbitrary File Read via Email Attachmentsvulnerability, cve, high-severity, arbitrary-file-access, cwe-22 https://shimiscyberworld.com/posts/nvd-CVE-2026-4790/ Shimi's Cyber World en 2026-05-02T15:16:16+03:00 CVE-2026-4790 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-4100/ Shimi's Cyber World en 2026-05-02T15:16:16+03:00 Paid Memberships Pro Plugin: Stripe Webhook Vulnerability CVE-2026-4100vulnerability, cve, high-severity, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2026-4062/ Shimi's Cyber World en 2026-05-02T15:16:16+03:00 WordPress Geo Mashup Plugin: Unauthenticated SQL Injection via 'object_ids'vulnerability, cve, high-severity, sql-injection, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-4061/ Shimi's Cyber World en 2026-05-02T15:16:16+03:00 CVE-2026-4061: Geo Mashup WordPress Plugin SQL Injectionvulnerability, cve, high-severity, sql-injection, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-4060/ Shimi's Cyber World en 2026-05-02T15:16:15+03:00 WordPress Geo Mashup Plugin SQLi via 'sort' Parameter (CVE-2026-4060)vulnerability, cve, high-severity, sql-injection, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-7627/ Shimi's Cyber World en 2026-05-02T14:15:58+03:00 CVE-2026-7627 — 8nite Metatrader-4-Mcp Path Traversalvulnerability, cve, medium-severity, path-traversal, cwe-22 https://shimiscyberworld.com/posts/nvd-CVE-2026-7612/ Shimi's Cyber World en 2026-05-02T13:16:19+03:00 CVE-2026-7612 — SQL Injectionvulnerability, cve, medium-severity, sql-injection, cwe-74, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-7609/ Shimi's Cyber World en 2026-05-02T13:16:19+03:00 CVE-2026-7609 — TRENDnet TEW-821DAP Command Injectionvulnerability, cve, medium-severity, command-injection, cwe-77, cwe-78 https://shimiscyberworld.com/posts/nvd-CVE-2026-7491/ Shimi's Cyber World en 2026-05-02T13:16:19+03:00 Zyosoft School App IOD Vulnerability Exposes Student Datavulnerability, cve, high-severity, cwe-639 https://shimiscyberworld.com/posts/nvd-CVE-2026-7490/ Shimi's Cyber World en 2026-05-02T13:16:18+03:00 Sunnet CTMS/CPAS Arbitrary File Upload Allows RCEvulnerability, cve, high-severity, code-execution, cwe-434 https://shimiscyberworld.com/posts/nvd-CVE-2026-7489/ Shimi's Cyber World en 2026-05-02T13:16:18+03:00 Sunnet CTMS SQL Injection (CVE-2026-7489) Exposes Databasesvulnerability, cve, high-severity, sql-injection, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-5077/ Shimi's Cyber World en 2026-05-02T13:16:17+03:00 CVE-2026-5077 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-7608/ Shimi's Cyber World en 2026-05-02T12:16:22+03:00 CVE-2026-7608 — TRENDnet TEW-821DAP Command Injectionvulnerability, cve, medium-severity, command-injection, cwe-77, cwe-78 https://shimiscyberworld.com/posts/nvd-CVE-2026-5324/ Shimi's Cyber World en 2026-05-02T12:16:22+03:00 Brizy WordPress Plugin CVE-2026-5324: Unauthenticated Stored XSSvulnerability, cve, high-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-4024/ Shimi's Cyber World en 2026-05-02T12:16:22+03:00 CVE-2026-4024 — The Royal Addons for Elementor plugin for WordPress isvulnerability, cve, medium-severity, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2026-7649/ Shimi's Cyber World en 2026-05-02T11:16:28+03:00 ARMember WordPress Plugin Vulnerable to SQL Injectionvulnerability, cve, high-severity, sql-injection, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-7607/ Shimi's Cyber World en 2026-05-02T11:16:28+03:00 TRENDnet TEW-821DAP Buffer Overflow (CVE-2026-7607) Poses Risk to EOL Devicesvulnerability, cve, high-severity, buffer-overflow, cwe-119, cwe-120 https://shimiscyberworld.com/posts/nvd-CVE-2026-6457/ Shimi's Cyber World en 2026-05-02T11:16:27+03:00 CVE-2026-6457 — SQL Injectionvulnerability, cve, medium-severity, sql-injection, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-6449/ Shimi's Cyber World en 2026-05-02T11:16:27+03:00 CVE-2026-6449 — The Booking for Appointments and Events Calendar – Ameliavulnerability, cve, medium-severity, cwe-285 https://shimiscyberworld.com/posts/nvd-CVE-2026-6229/ Shimi's Cyber World en 2026-05-02T11:16:27+03:00 CVE-2026-6229: Royal Elementor Addons Plugin Vulnerable to SSRFvulnerability, cve, high-severity, server-side-request-forgery, cwe-918 https://shimiscyberworld.com/posts/nvd-CVE-2026-4650/ Shimi's Cyber World en 2026-05-02T11:16:27+03:00 CVE-2026-4650 — The FundPress – WordPress Donation Plugin for WordPress isvulnerability, cve, medium-severity, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2026-2052/ Shimi's Cyber World en 2026-05-02T11:16:27+03:00 CVE-2026-2052: WordPress Plugin RCE Exposes Sites to Contributorsvulnerability, cve, high-severity, remote-code-execution, cwe-94 https://shimiscyberworld.com/posts/nvd-CVE-2026-7605/ Shimi's Cyber World en 2026-05-02T10:16:20+03:00 CVE-2026-7605 — JeecgBoot Server-Side Request Forgeryvulnerability, cve, medium-severity, server-side-request-forgery, cwe-918 https://shimiscyberworld.com/posts/trellix-confirms-source-code-breach-with-unauthorized-reposi-goqwr/ Shimi's Cyber World en 2026-05-02T09:41:00+03:00 Trellix Confirms Source Code Breach After Unauthorized Repository Accessthreat-intel, vulnerability, data-breach https://shimiscyberworld.com/posts/nvd-CVE-2026-7647/ Shimi's Cyber World en 2026-05-02T09:16:04+03:00 WordPress Profile Builder Pro: Unauthenticated PHP Object Injection Risks Site Takeovervulnerability, cve, high-severity, insecure-deserialization, cwe-502 https://shimiscyberworld.com/posts/nvd-CVE-2026-7049/ Shimi's Cyber World en 2026-05-02T09:16:04+03:00 PixelYourSite Pro Plugin SSRF Vulnerability (CVE-2026-7049)vulnerability, cve, high-severity, server-side-request-forgery, cwe-918 https://shimiscyberworld.com/posts/nvd-CVE-2026-6916/ Shimi's Cyber World en 2026-05-02T09:16:04+03:00 CVE-2026-6916 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-6812/ Shimi's Cyber World en 2026-05-02T09:16:04+03:00 CVE-2026-6812 — Server-Side Request Forgeryvulnerability, cve, medium-severity, server-side-request-forgery, cwe-918 https://shimiscyberworld.com/posts/nvd-CVE-2026-6447/ Shimi's Cyber World en 2026-05-02T09:16:04+03:00 CVE-2026-6447 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-5113/ Shimi's Cyber World en 2026-05-02T09:16:04+03:00 CVE-2026-5113: Gravity Forms XSS via Flawed Consent Field Validationvulnerability, cve, high-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-5112/ Shimi's Cyber World en 2026-05-02T09:16:03+03:00 Gravity Forms Plugin: Unauthenticated Stored XSS Puts WordPress Admins at Riskvulnerability, cve, high-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-5111/ Shimi's Cyber World en 2026-05-02T09:16:03+03:00 CVE-2026-5111: Gravity Forms Plugin Hit by Stored XSSvulnerability, cve, high-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-5110/ Shimi's Cyber World en 2026-05-02T09:16:03+03:00 Gravity Forms Plugin: Unauthenticated Stored XSS in WordPressvulnerability, cve, high-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-5109/ Shimi's Cyber World en 2026-05-02T09:16:03+03:00 Gravity Forms Plugin Stored XSS: Unauthenticated Attackers Inject Scriptsvulnerability, cve, high-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/zenbusiness-5-118-184-breached-accounts-uengp/ Shimi's Cyber World en 2026-05-02T08:53:38+03:00 ZenBusiness Breach: ShinyHunters Exfiltrates 5M Records from Snowflake, Mixpanel, Salesforcedata-breach, ransomware, tools https://shimiscyberworld.com/posts/telegram-1542954397-4557/ Shimi's Cyber World en 2026-05-02T08:40:01+03:00 Anthropic Launches Claude Security: AI for AppSec Vulnerability Detection https://shimiscyberworld.com/posts/nvd-CVE-2026-7641/ Shimi's Cyber World en 2026-05-02T08:16:01+03:00 CVE-2026-7641: WordPress Multisite Privilege Escalation Via Pluginvulnerability, cve, high-severity, privilege-escalation, cwe-269 https://shimiscyberworld.com/posts/nvd-CVE-2026-7604/ Shimi's Cyber World en 2026-05-02T08:16:01+03:00 CVE-2026-7604 — JeecgBoot Server-Side Request Forgeryvulnerability, cve, medium-severity, server-side-request-forgery, cwe-918 https://shimiscyberworld.com/posts/nvd-CVE-2026-7603/ Shimi's Cyber World en 2026-05-02T08:16:01+03:00 CVE-2026-7603 — Server-Side Request Forgeryvulnerability, cve, medium-severity, server-side-request-forgery, cwe-918 https://shimiscyberworld.com/posts/nvd-CVE-2026-7458/ Shimi's Cyber World en 2026-05-02T08:16:01+03:00 CVE-2026-7458: WordPress Plugin Auth Bypass Exposes Adminsvulnerability, cve, critical, high-severity, authentication-bypass, cwe-288 https://shimiscyberworld.com/posts/nvd-CVE-2026-6963/ Shimi's Cyber World en 2026-05-02T08:16:01+03:00 CVE-2026-6963: WordPress WP Mail Gateway Plugin Allows Privilege Escalationvulnerability, cve, high-severity, privilege-escalation, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2026-6446/ Shimi's Cyber World en 2026-05-02T08:16:01+03:00 CVE-2026-6446 — The My Social Feeds – Social Feeds Embedder plugin forvulnerability, cve, medium-severity, cwe-522 https://shimiscyberworld.com/posts/nvd-CVE-2026-4882/ Shimi's Cyber World en 2026-05-02T08:16:00+03:00 CVE-2026-4882: WordPress Plugin Arbitrary File Upload Critical Flawvulnerability, cve, critical, high-severity, remote-code-execution, cwe-434 https://shimiscyberworld.com/posts/nvd-CVE-2026-4658/ Shimi's Cyber World en 2026-05-02T08:16:00+03:00 CVE-2026-4658 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2025-14726/ Shimi's Cyber World en 2026-05-02T08:16:00+03:00 CVE-2025-14726 — The Widgets for Social Photo Feed plugin for WordPress isvulnerability, cve, medium-severity, cwe-200