https://shimiscyberworld.com/posts/trump-s-cyber-ambassador-nominee-advances-to-full-senate-vot-27elz/ Shimi's Cyber World en 2026-04-30T19:34:00+03:00 Trump's Cyber Ambassador Nominee Advances to Full Senate Votethreat-intel, data-breach, government https://shimiscyberworld.com/posts/telegram-1542954397-4553/ Shimi's Cyber World en 2026-04-30T19:32:51+03:00 AI Agent Wipes Production Database and Backups for PocketOSidentity, ai-security https://shimiscyberworld.com/posts/fbi-links-cybercriminals-to-sharp-surge-in-cargo-theft-attac-6itos/ Shimi's Cyber World en 2026-04-30T19:32:18+03:00 FBI Warns of Cyber-Enabled Cargo Theft Surge, $725M Losses Projectedthreat-intel, data-breach, malware https://shimiscyberworld.com/posts/france-investigates-15-year-old-over-alleged-hack-of-nationa-qjps2/ Shimi's Cyber World en 2026-04-30T19:28:00+03:00 France Investigates Teen Over National ID Agency Data Breachthreat-intel, data-breach, government, identity https://shimiscyberworld.com/posts/nvd-CVE-2026-5174/ Shimi's Cyber World en 2026-04-30T19:16:44+03:00 MOVEit Automation Privilege Escalation (CVE-2026-5174)vulnerability, cve, high-severity, privilege-escalation, cwe-20 https://shimiscyberworld.com/posts/nvd-CVE-2026-4670/ Shimi's Cyber World en 2026-04-30T19:16:44+03:00 MOVEit Automation Critical Authentication Bypass (CVE-2026-4670)vulnerability, cve, critical, high-severity, authentication-bypass, cwe-305 https://shimiscyberworld.com/posts/telegram-1542954397-4552/ Shimi's Cyber World en 2026-04-30T18:20:19+03:00 AI Bots Drive 12X Surge in Daily Attacks, Over Half of Web Traffic is Automatedthreat-intel, the-independent https://shimiscyberworld.com/posts/nvd-CVE-2026-7500/ Shimi's Cyber World en 2026-04-30T18:16:23+03:00 CVE-2026-7500 — When Keycloak is started withvulnerability, cve, medium-severity, cwe-425 https://shimiscyberworld.com/posts/nvd-CVE-2026-7246/ Shimi's Cyber World en 2026-04-30T17:16:36+03:00 Pallets Click CVE-2026-7246: Command Injection from Unprivileged Accountsvulnerability, cve, high-severity, command-injection, cwe-77 https://shimiscyberworld.com/posts/nvd-CVE-2026-7163/ Shimi's Cyber World en 2026-04-30T17:16:36+03:00 CVE-2026-7163 — The Assisted-Service REST API, An Optional Assisted Installe Vulnerabilityvulnerability, cve, medium-severity, cwe-312 https://shimiscyberworld.com/posts/nvd-CVE-2026-2892/ Shimi's Cyber World en 2026-04-30T17:16:29+03:00 Otter Blocks WordPress Plugin Vulnerable to Purchase Bypass (CVE-2026-2892)vulnerability, cve, high-severity, cwe-285 https://shimiscyberworld.com/posts/threatsday-bulletin-sms-blaster-busts-openemr-flaws-600k-84jfh/ Shimi's Cyber World en 2026-04-30T16:55:00+03:00 Fake Cell Towers and Sneaky Installers: New Threats Emergethreat-intel, vulnerability, cloud, tools, the-hacker-news https://shimiscyberworld.com/posts/moldova-s-health-insurance-agency-reports-possible-data-leak-d0t29/ Shimi's Cyber World en 2026-04-30T16:37:00+03:00 Moldova Health Insurance Agency Reports Possible Data Leak After Cyberattackthreat-intel, data-breach, government https://shimiscyberworld.com/posts/nvd-CVE-2026-7402/ Shimi's Cyber World en 2026-04-30T16:16:06+03:00 MeWare PDKS Flooding Vulnerability: CVE-2026-7402 Impacts Time & Attendance Systemsvulnerability, cve, high-severity, cwe-799 https://shimiscyberworld.com/posts/nvd-CVE-2026-7399/ Shimi's Cyber World en 2026-04-30T16:16:06+03:00 MeWare PDKS Authorization Bypass (CVE-2026-7399) Exposes High-Risk Privilege Abusevulnerability, cve, high-severity, cwe-639 https://shimiscyberworld.com/posts/nvd-CVE-2026-7382/ Shimi's Cyber World en 2026-04-30T16:16:06+03:00 CVE-2026-7382 — MeWare Software Development Inc. PDKS Vulnerabilityvulnerability, cve, medium-severity, cwe-200, cwe-359 https://shimiscyberworld.com/posts/new-python-backdoor-uses-tunneling-service-to-steal-browser-ei1dl/ Shimi's Cyber World en 2026-04-30T15:36:00+03:00 DEEP#DOOR Python Backdoor Disables Security Controls for Credential Theftthreat-intel, vulnerability, malware, cloud, microsoft, identity, tools https://shimiscyberworld.com/posts/nvd-CVE-2026-41882/ Shimi's Cyber World en 2026-04-30T15:16:24+03:00 JetBrains IntelliJ IDEA Vulnerability Allows Arbitrary File Readingvulnerability, cve, high-severity, cwe-59 https://shimiscyberworld.com/posts/enocean-smartserver-flaws-expose-buildings-to-remote-hacking-q04hq/ Shimi's Cyber World en 2026-04-30T14:57:31+03:00 EnOcean SmartServer Vulnerabilities Enable Building System Hackingthreat-intel, vulnerability, cloud https://shimiscyberworld.com/posts/etherrat-distribution-spoofing-administrative-tools-via-gith-mmur8/ Shimi's Cyber World en 2026-04-30T14:30:00+03:00 EtherRAT Campaign Spoofs Admin Tools via GitHub Facadesthreat-intel, vulnerability, tools https://shimiscyberworld.com/posts/critical-cpanel-whm-vulnerability-exploited-as-zero-day-fo-s3kuu/ Shimi's Cyber World en 2026-04-30T14:10:30+03:00 cPanel & WHM Zero-Day Exploited for Months, Granting Admin Accessthreat-intel, vulnerability, identity https://shimiscyberworld.com/posts/nvd-CVE-2026-6498/ Shimi's Cyber World en 2026-04-30T13:16:02+03:00 CVE-2026-6498 — The Five Star Restaurant Reservations plugin for WordPressvulnerability, cve, medium-severity, cwe-345 https://shimiscyberworld.com/posts/nvd-CVE-2026-42800/ Shimi's Cyber World en 2026-04-30T13:16:02+03:00 CVE-2026-42800: High-Severity Null Pointer Dereference in ASR Lapwing_Linuxvulnerability, cve, high-severity, null-pointer-dereference, cwe-476 https://shimiscyberworld.com/posts/new-linux-copy-fail-vulnerability-enables-root-access-on-m-avzxo/ Shimi's Cyber World en 2026-04-30T12:24:00+03:00 Linux 'Copy Fail' Vulnerability Grants Root Accessthreat-intel, vulnerability https://shimiscyberworld.com/posts/nvd-CVE-2026-42799/ Shimi's Cyber World en 2026-04-30T12:16:03+03:00 CVE-2026-42799: ASR Kestrel Out-of-Bounds Read Flaw Exposes Systemsvulnerability, cve, high-severity, out-of-bounds-1, cwe-125 https://shimiscyberworld.com/posts/nvd-CVE-2026-22070/ Shimi's Cyber World en 2026-04-30T12:16:02+03:00 ColorOS Assistant CVE-2026-22070: Unauthenticated Path Traversal Riskvulnerability, cve, high-severity, path-traversal, cwe-23 https://shimiscyberworld.com/posts/sandhills-medical-says-ransomware-breach-affects-170-000-1xudy/ Shimi's Cyber World en 2026-04-30T11:35:59+03:00 Sandhills Medical Discloses Inc Ransomware Breach Affecting 170,000 Patientsthreat-intel, vulnerability, malware, ransomware, data-breach https://shimiscyberworld.com/posts/nvd-CVE-2026-6521/ Shimi's Cyber World en 2026-04-30T10:16:39+03:00 CVE-2026-6521 — Denial of Servicevulnerability, cve, medium-severity, denial-of-service, cwe-835 https://shimiscyberworld.com/posts/nvd-CVE-2026-6520/ Shimi's Cyber World en 2026-04-30T10:16:39+03:00 CVE-2026-6520 — Denial of Servicevulnerability, cve, medium-severity, denial-of-service, cwe-835 https://shimiscyberworld.com/posts/nvd-CVE-2026-6519/ Shimi's Cyber World en 2026-04-30T10:16:39+03:00 CVE-2026-6519 — Denial of Servicevulnerability, cve, medium-severity, denial-of-service, cwe-835 https://shimiscyberworld.com/posts/nvd-CVE-2026-5657/ Shimi's Cyber World en 2026-04-30T10:16:38+03:00 CVE-2026-5657 — Denial of Servicevulnerability, cve, medium-severity, denial-of-service, cwe-415 https://shimiscyberworld.com/posts/nvd-CVE-2026-5655/ Shimi's Cyber World en 2026-04-30T10:16:38+03:00 CVE-2026-5655 — Denial of Servicevulnerability, cve, medium-severity, denial-of-service, cwe-416 https://shimiscyberworld.com/posts/nvd-CVE-2026-5654/ Shimi's Cyber World en 2026-04-30T10:16:38+03:00 CVE-2026-5654 — Denial of Servicevulnerability, cve, medium-severity, denial-of-service, cwe-121 https://shimiscyberworld.com/posts/nvd-CVE-2026-5653/ Shimi's Cyber World en 2026-04-30T10:16:38+03:00 CVE-2026-5653 — Denial of Servicevulnerability, cve, medium-severity, denial-of-service, cwe-122 https://shimiscyberworld.com/posts/nvd-CVE-2026-5409/ Shimi's Cyber World en 2026-04-30T10:16:38+03:00 CVE-2026-5409 — Denial of Servicevulnerability, cve, medium-severity, denial-of-service, cwe-674 https://shimiscyberworld.com/posts/nvd-CVE-2026-5408/ Shimi's Cyber World en 2026-04-30T10:16:38+03:00 CVE-2026-5408 — Denial of Servicevulnerability, cve, medium-severity, denial-of-service, cwe-674 https://shimiscyberworld.com/posts/nvd-CVE-2026-5407/ Shimi's Cyber World en 2026-04-30T10:16:38+03:00 CVE-2026-5407 — Denial of Servicevulnerability, cve, medium-severity, denial-of-service, cwe-835 https://shimiscyberworld.com/posts/nvd-CVE-2026-5406/ Shimi's Cyber World en 2026-04-30T10:16:37+03:00 CVE-2026-5406 — Denial of Servicevulnerability, cve, medium-severity, denial-of-service, cwe-674 https://shimiscyberworld.com/posts/nvd-CVE-2026-5402/ Shimi's Cyber World en 2026-04-30T10:16:37+03:00 Wireshark TLS Dissector Heap Overflow (CVE-2026-5402) Enables DoS, RCEvulnerability, cve, high-severity, code-execution, cwe-122 https://shimiscyberworld.com/posts/nvd-CVE-2026-5401/ Shimi's Cyber World en 2026-04-30T10:16:37+03:00 CVE-2026-5401 — Denial of Servicevulnerability, cve, medium-severity, denial-of-service, cwe-674 https://shimiscyberworld.com/posts/nvd-CVE-2026-5299/ Shimi's Cyber World en 2026-04-30T10:16:37+03:00 CVE-2026-5299 — Denial of Servicevulnerability, cve, medium-severity, denial-of-service, cwe-674 https://shimiscyberworld.com/posts/nvd-CVE-2026-41226/ Shimi's Cyber World en 2026-04-30T10:16:37+03:00 CVE-2026-41226 — Open Redirectvulnerability, cve, medium-severity, open-redirect, cwe-601 https://shimiscyberworld.com/posts/google-fixes-cvss-10-gemini-cli-ci-rce-and-cursor-flaws-enab-bv4bq/ Shimi's Cyber World en 2026-04-30T10:07:00+03:00 Google Gemini CLI RCE: CVSS 10 Flaw Exposes CI/CD to Attackthreat-intel, vulnerability, cloud, tools https://shimiscyberworld.com/posts/nvd-CVE-2026-7379/ Shimi's Cyber World en 2026-04-30T09:16:17+03:00 CVE-2026-7379 — Denial of Servicevulnerability, cve, medium-severity, denial-of-service, cwe-401 https://shimiscyberworld.com/posts/nvd-CVE-2026-7378/ Shimi's Cyber World en 2026-04-30T09:16:17+03:00 CVE-2026-7378 — Denial of Servicevulnerability, cve, medium-severity, denial-of-service, cwe-122 https://shimiscyberworld.com/posts/nvd-CVE-2026-7376/ Shimi's Cyber World en 2026-04-30T09:16:17+03:00 CVE-2026-7376 — Denial of Servicevulnerability, cve, medium-severity, denial-of-service, cwe-476 https://shimiscyberworld.com/posts/nvd-CVE-2026-7375/ Shimi's Cyber World en 2026-04-30T09:16:16+03:00 CVE-2026-7375 — Denial of Servicevulnerability, cve, medium-severity, denial-of-service, cwe-835 https://shimiscyberworld.com/posts/nvd-CVE-2026-6868/ Shimi's Cyber World en 2026-04-30T09:16:16+03:00 CVE-2026-6868 — Denial of Servicevulnerability, cve, medium-severity, denial-of-service, cwe-121 https://shimiscyberworld.com/posts/nvd-CVE-2025-13030/ Shimi's Cyber World en 2026-04-30T09:16:14+03:00 CVE-2025-13030: django-mdeditor Vulnerable to Code Execution via Image Uploadvulnerability, cve, high-severity, code-execution, cwe-306 https://shimiscyberworld.com/posts/telegram-1427288221-8854/ Shimi's Cyber World en 2026-04-30T07:18:04+03:00 Iranian Group Claims 30TB Breach of Israeli Company IMCO Industriesisrael https://shimiscyberworld.com/posts/nvd-CVE-2026-7470/ Shimi's Cyber World en 2026-04-30T06:16:01+03:00 CVE-2026-7470: Tenda 4G300 Router Vulnerable to Remote Stack Overflowvulnerability, cve, high-severity, buffer-overflow, cwe-119, cwe-121 https://shimiscyberworld.com/posts/nvd-CVE-2026-7469/ Shimi's Cyber World en 2026-04-30T05:16:06+03:00 CVE-2026-7469 — Tenda 4G300 US_4G300V1.0Mt_V1.01.42_CN_TDC01 Command Injectionvulnerability, cve, medium-severity, command-injection, cwe-74, cwe-77 https://shimiscyberworld.com/posts/nvd-CVE-2026-7468/ Shimi's Cyber World en 2026-04-30T04:16:03+03:00 CVE-2026-7468: Improper Access Control Flaw in 1024-lab smart-adminvulnerability, cve, high-severity, improper-access-control, cwe-266, cwe-284 https://shimiscyberworld.com/posts/nvd-CVE-2026-7447/ Shimi's Cyber World en 2026-04-30T04:16:02+03:00 CVE-2026-7447 — SourceCodester Pet Grooming Management Software SQL Injectionvulnerability, cve, medium-severity, sql-injection, cwe-74, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-7446/ Shimi's Cyber World en 2026-04-30T03:16:23+03:00 CVE-2026-7446: VetCoders mcp-server-semgrep OS Command Injectionvulnerability, cve, high-severity, command-injection, cwe-77, cwe-78 https://shimiscyberworld.com/posts/nvd-CVE-2026-7445/ Shimi's Cyber World en 2026-04-30T03:16:23+03:00 CVE-2026-7445 — ZachHandley ZMCPTools Path Traversalvulnerability, cve, medium-severity, path-traversal, cwe-22 https://shimiscyberworld.com/posts/nvd-CVE-2026-7443/ Shimi's Cyber World en 2026-04-30T02:16:20+03:00 CVE-2026-7443: BurtTheCoder mcp-dnstwist OS Command Injectionvulnerability, cve, high-severity, command-injection, cwe-77, cwe-78 https://shimiscyberworld.com/posts/nvd-CVE-2026-7420/ Shimi's Cyber World en 2026-04-30T02:16:20+03:00 CVE-2026-7420: UTT HiPER 1250GW Buffer Overflow Exploitable Remotelyvulnerability, cve, high-severity, buffer-overflow, cwe-119, cwe-120 https://shimiscyberworld.com/posts/nvd-CVE-2026-7419/ Shimi's Cyber World en 2026-04-30T02:16:20+03:00 UTT HiPER 1250GW CVE-2026-7419: Remote Buffer Overflow Exploitablevulnerability, cve, high-severity, buffer-overflow, cwe-119, cwe-120 https://shimiscyberworld.com/posts/official-sap-npm-packages-compromised-to-steal-credentials-uiepq/ Shimi's Cyber World en 2026-04-30T01:43:44+03:00 SAP npm Packages Compromised in Supply-Chain Attackthreat-intel, data-breach, malware, identity https://shimiscyberworld.com/posts/house-approves-spy-program-on-second-attempt-senate-fate-mu-3dg2q/ Shimi's Cyber World en 2026-04-30T01:41:00+03:00 House Renews Section 702 FISA, Senate Fate Uncertainthreat-intel, data-breach, government https://shimiscyberworld.com/posts/nvd-CVE-2026-7418/ Shimi's Cyber World en 2026-04-30T01:16:22+03:00 UTT HiPER 1250GW: High-Severity Buffer Overflow (CVE-2026-7418)vulnerability, cve, high-severity, buffer-overflow, cwe-119, cwe-120 https://shimiscyberworld.com/posts/nvd-CVE-2026-7417/ Shimi's Cyber World en 2026-04-30T01:16:22+03:00 Algovate xhs-mcp SSRF Vulnerability (CVE-2026-7417) Publicly Disclosedvulnerability, cve, high-severity, server-side-request-forgery, cwe-918 https://shimiscyberworld.com/posts/nvd-CVE-2026-7416/ Shimi's Cyber World en 2026-04-30T01:16:22+03:00 PolarVista xcode-mcp-server Suffers High-Severity OS Command Injectionvulnerability, cve, high-severity, command-injection, cwe-77, cwe-78 https://shimiscyberworld.com/posts/nvd-CVE-2026-7410/ Shimi's Cyber World en 2026-04-30T01:16:22+03:00 CVE-2026-7410 — SourceCodester Pizzafy Ecommerce System SQL Injectionvulnerability, cve, medium-severity, sql-injection, cwe-74, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-7409/ Shimi's Cyber World en 2026-04-30T01:16:21+03:00 CVE-2026-7409 — SourceCodester Pizzafy Ecommerce System SQL Injectionvulnerability, cve, medium-severity, sql-injection, cwe-74, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-7408/ Shimi's Cyber World en 2026-04-30T00:16:22+03:00 CVE-2026-7408 — SourceCodester Pizzafy Ecommerce System SQL Injectionvulnerability, cve, medium-severity, sql-injection, cwe-74, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-7407/ Shimi's Cyber World en 2026-04-30T00:16:22+03:00 CVE-2026-7407 — SourceCodester Pizzafy Ecommerce System SQL Injectionvulnerability, cve, medium-severity, sql-injection, cwe-74, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-7404/ Shimi's Cyber World en 2026-04-30T00:16:22+03:00 CVE-2026-7404: mcpo-simple-server Vulnerability Exposes Data via Path Traversalvulnerability, cve, high-severity, path-traversal, cwe-22, cwe-23 https://shimiscyberworld.com/posts/nvd-CVE-2026-7403/ Shimi's Cyber World en 2026-04-30T00:16:22+03:00 CVE-2026-7403 — Geldata Gel-Mcp Path Traversalvulnerability, cve, medium-severity, path-traversal, cwe-22 https://shimiscyberworld.com/posts/nvd-CVE-2026-1858/ Shimi's Cyber World en 2026-04-30T00:16:20+03:00 CVE-2026-1858 — wget2 accepts a server certificate with incorrect Key Usagevulnerability, cve, medium-severity, cwe-20 https://shimiscyberworld.com/posts/researchers-built-a-chatbot-that-only-knows-the-world-before-cchcy/ Shimi's Cyber World en 2026-04-29T23:58:30+03:00 Researchers Build LLM Limited to Pre-1931 Knowledge for Bias Studymalware, threat-intel, ransomware, data-breach, cloud, identity, ai-security, tools https://shimiscyberworld.com/posts/us-china-partner-on-scam-center-takedown-in-dubai-17mq8/ Shimi's Cyber World en 2026-04-29T23:51:00+03:00 US, China Partner on Dubai Scam Center Takedownthreat-intel, data-breach, government https://shimiscyberworld.com/posts/hackers-exploit-rce-flaws-in-qinglong-task-scheduler-for-cry-1kr1n/ Shimi's Cyber World en 2026-04-29T23:50:35+03:00 Qinglong Task Scheduler Exploited for Cryptomining via RCE Flawsthreat-intel, data-breach, malware, vulnerability, cloud, identity, tools, bleepingcomputer https://shimiscyberworld.com/posts/nvd-CVE-2026-7426/ Shimi's Cyber World en 2026-04-29T23:16:32+03:00 CVE-2026-7426: FreeRTOS-Plus-TCP IPv6 RA Heap Overflowvulnerability, cve, high-severity, buffer-overflow, cwe-787 https://shimiscyberworld.com/posts/nvd-CVE-2026-34965/ Shimi's Cyber World en 2026-04-29T23:16:29+03:00 CVE-2026-34965: Cockpit CMS RCE via PHP Code Injectionvulnerability, cve, high-severity, remote-code-execution, cwe-94 https://shimiscyberworld.com/posts/nvd-CVE-2018-25318/ Shimi's Cyber World en 2026-04-29T23:16:27+03:00 CVE-2018-25318: Tenda Router Vulnerability Allows DNS Hijackingvulnerability, cve, critical, high-severity, cwe-290 https://shimiscyberworld.com/posts/nvd-CVE-2018-25317/ Shimi's Cyber World en 2026-04-29T23:16:27+03:00 Tenda Routers: CVE-2018-25317 Allows Unauthenticated DNS Hijackingvulnerability, cve, critical, high-severity, cwe-290 https://shimiscyberworld.com/posts/nvd-CVE-2018-25316/ Shimi's Cyber World en 2026-04-29T23:16:27+03:00 CVE-2018-25316: Tenda Router Flaw Exposes DNS Hijacking Riskvulnerability, cve, critical, high-severity, cwe-290 https://shimiscyberworld.com/posts/nvd-CVE-2018-25315/ Shimi's Cyber World en 2026-04-29T23:16:27+03:00 CVE-2018-25315: Alloksoft Video Joiner Buffer Overflow Allows Code Executionvulnerability, cve, high-severity, code-execution, cwe-120 https://shimiscyberworld.com/posts/nvd-CVE-2018-25314/ Shimi's Cyber World en 2026-04-29T23:16:27+03:00 CVE-2018-25314: Alloksoft WMV Converter Buffer Overflow Allows Local Code Executionvulnerability, cve, high-severity, buffer-overflow, cwe-120 https://shimiscyberworld.com/posts/nvd-CVE-2018-25308/ Shimi's Cyber World en 2026-04-29T23:16:26+03:00 BuddyPress RCE: Authenticated Users Can Delete Arbitrary Filesvulnerability, cve, high-severity, remote-code-execution, cwe-22 https://shimiscyberworld.com/posts/nvd-CVE-2018-25307/ Shimi's Cyber World en 2026-04-29T23:16:26+03:00 SysGauge Pro 4.6.12 Vulnerability Allows Local Code Executionvulnerability, cve, high-severity, buffer-overflow, cwe-120 https://shimiscyberworld.com/posts/nvd-CVE-2018-25304/ Shimi's Cyber World en 2026-04-29T23:16:25+03:00 Free Download Manager CVE-2018-25304: Local Buffer Overflow Allows Code Executionvulnerability, cve, high-severity, buffer-overflow, cwe-120 https://shimiscyberworld.com/posts/nvd-CVE-2018-25303/ Shimi's Cyber World en 2026-04-29T23:16:25+03:00 CVE-2018-25303: Allok Video to DVD Burner Stack Overflowvulnerability, cve, high-severity, code-execution, cwe-121 https://shimiscyberworld.com/posts/nvd-CVE-2018-25302/ Shimi's Cyber World en 2026-04-29T23:16:25+03:00 CVE-2018-25302: Allok AVI to DVD Converter Buffer Overflowvulnerability, cve, high-severity, code-execution, cwe-120 https://shimiscyberworld.com/posts/nvd-CVE-2018-25301/ Shimi's Cyber World en 2026-04-29T23:16:25+03:00 CVE-2018-25301: Easy MPEG to DVD Burner Local Buffer Overflowvulnerability, cve, high-severity, buffer-overflow, cwe-120 https://shimiscyberworld.com/posts/nvd-CVE-2018-25300/ Shimi's Cyber World en 2026-04-29T23:16:25+03:00 CVE-2018-25300: XATABoost CMS SQL Injection Allows Unauthenticated Data Extractionvulnerability, cve, high-severity, sql-injection, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2018-25299/ Shimi's Cyber World en 2026-04-29T23:16:25+03:00 CVE-2018-25299: Prime95 Local Buffer Overflow Allows Arbitrary Code Executionvulnerability, cve, high-severity, buffer-overflow, cwe-120 https://shimiscyberworld.com/posts/reverse-engineering-with-ai-unearths-high-severity-github-bu-htoqy/ Shimi's Cyber World en 2026-04-29T23:08:17+03:00 AI Reverse Engineering Unearths High-Severity GitHub Bugthreat-intel, tools, vulnerability https://shimiscyberworld.com/posts/daily-digest/ Shimi's Cyber World en 2026-04-29T23:00:00+03:00 Daily Security Digest — 2026-04-29daily-digest, vulnerability, cve, high-severity, cwe-862, improper-access-control, cwe-266, cwe-269, cwe-284, cwe-59 https://shimiscyberworld.com/posts/ai-finds-38-security-flaws-in-electronic-health-record-platf-g54ev/ Shimi's Cyber World en 2026-04-29T22:32:42+03:00 AI Spots 38 Critical Flaws in OpenEMR Healthcare Platformthreat-intel, tools, cloud https://shimiscyberworld.com/posts/nvd-CVE-2026-7466/ Shimi's Cyber World en 2026-04-29T22:16:27+03:00 AgentFlow RCE Vulnerability (CVE-2026-7466) Allows Local Code Executionvulnerability, cve, high-severity, code-execution, cwe-94 https://shimiscyberworld.com/posts/nvd-CVE-2026-7439/ Shimi's Cyber World en 2026-04-29T22:16:26+03:00 CVE-2026-7439 — AgentFlow's local web API accepts non-JSON content types onvulnerability, cve, medium-severity, cwe-346 https://shimiscyberworld.com/posts/nvd-CVE-2026-7424/ Shimi's Cyber World en 2026-04-29T22:16:26+03:00 CVE-2026-7424: FreeRTOS-Plus-TCP DHCPv6 Vulnerability Leads to DoSvulnerability, cve, high-severity, denial-of-service, cwe-191 https://shimiscyberworld.com/posts/nvd-CVE-2026-7423/ Shimi's Cyber World en 2026-04-29T22:16:26+03:00 CVE-2026-7423 — Denial of Servicevulnerability, cve, medium-severity, denial-of-service, cwe-191 https://shimiscyberworld.com/posts/nvd-CVE-2026-7422/ Shimi's Cyber World en 2026-04-29T22:16:26+03:00 CVE-2026-7422 — Insufficient packet validation in FreeRTOS-Plus-TCP beforevulnerability, cve, medium-severity, cwe-290 https://shimiscyberworld.com/posts/nvd-CVE-2026-7398/ Shimi's Cyber World en 2026-04-29T22:16:26+03:00 CVE-2026-7398: Path Traversal in BioinfoMCP Upload Endpointvulnerability, cve, high-severity, path-traversal, cwe-22 https://shimiscyberworld.com/posts/nvd-CVE-2026-7397/ Shimi's Cyber World en 2026-04-29T22:16:26+03:00 CVE-2026-7397 — NousResearch Hermes-Agent Vulnerabilityvulnerability, cve, medium-severity, cwe-59, cwe-61 https://shimiscyberworld.com/posts/nvd-CVE-2026-41499/ Shimi's Cyber World en 2026-04-29T22:16:23+03:00 CVE-2026-41499 — Out-of-Bounds $1vulnerability, cve, medium-severity, out-of-bounds-1, cwe-124, cwe-191 https://shimiscyberworld.com/posts/nvd-CVE-2026-30893/ Shimi's Cyber World en 2026-04-29T22:16:23+03:00 Wazuh CVE-2026-30893: Critical Path Traversal to RCEvulnerability, cve, critical, high-severity, code-execution, cwe-22, cwe-73 https://shimiscyberworld.com/posts/nvd-CVE-2026-28221/ Shimi's Cyber World en 2026-04-29T22:16:23+03:00 CVE-2026-28221 — Buffer Overflowvulnerability, cve, medium-severity, buffer-overflow, cwe-121, cwe-400 https://shimiscyberworld.com/posts/nvd-CVE-2026-27105/ Shimi's Cyber World en 2026-04-29T22:16:22+03:00 CVE-2026-27105 — Arbitrary File Accessvulnerability, cve, medium-severity, arbitrary-file-access, cwe-59 https://shimiscyberworld.com/posts/nvd-CVE-2026-26206/ Shimi's Cyber World en 2026-04-29T22:16:22+03:00 CVE-2026-26206 — Wazuh is a free and open source platform used for threatvulnerability, cve, medium-severity, cwe-307, cwe-362, cwe-367 https://shimiscyberworld.com/posts/nvd-CVE-2026-7396/ Shimi's Cyber World en 2026-04-29T21:16:05+03:00 CVE-2026-7396 — NousResearch Hermes-Agent Path Traversalvulnerability, cve, medium-severity, path-traversal, cwe-22 https://shimiscyberworld.com/posts/nvd-CVE-2026-7394/ Shimi's Cyber World en 2026-04-29T21:16:05+03:00 CVE-2026-7394 — SQL Injectionvulnerability, cve, medium-severity, sql-injection, cwe-74, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-5712/ Shimi's Cyber World en 2026-04-29T21:16:05+03:00 IdentityIQ CVE-2026-5712: Authenticated Users Can Edit Rolesvulnerability, cve, high-severity, cwe-863 https://shimiscyberworld.com/posts/nvd-CVE-2026-26204/ Shimi's Cyber World en 2026-04-29T21:16:04+03:00 CVE-2026-26204 — Denial of Servicevulnerability, cve, medium-severity, denial-of-service, cwe-124, cwe-191 https://shimiscyberworld.com/posts/nvd-CVE-2026-7393/ Shimi's Cyber World en 2026-04-29T20:16:42+03:00 CVE-2026-7393 — SourceCodester Pizzafy Ecommerce System Unrestricted File Uploadvulnerability, cve, medium-severity, unrestricted-file-upload, cwe-284, cwe-434 https://shimiscyberworld.com/posts/nvd-CVE-2026-7392/ Shimi's Cyber World en 2026-04-29T20:16:41+03:00 CVE-2026-7392 — SourceCodester Pharmacy Sales And Inventory System SQL Injectionvulnerability, cve, medium-severity, sql-injection, cwe-74, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-7391/ Shimi's Cyber World en 2026-04-29T20:16:41+03:00 CVE-2026-7391 — SourceCodester Pharmacy Sales And Inventory System SQL Injectionvulnerability, cve, medium-severity, sql-injection, cwe-74, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-6915/ Shimi's Cyber World en 2026-04-29T20:16:41+03:00 CVE-2026-6915 — An authorization flaw in the user management command couldvulnerability, cve, medium-severity, cwe-1284 https://shimiscyberworld.com/posts/nvd-CVE-2026-6914/ Shimi's Cyber World en 2026-04-29T20:16:41+03:00 CVE-2026-6914 — Computing the MD5 checksum of a malformed BSON object undervulnerability, cve, medium-severity, cwe-191 https://shimiscyberworld.com/posts/nvd-CVE-2026-0206/ Shimi's Cyber World en 2026-04-29T20:16:40+03:00 CVE-2026-0206 — Buffer Overflowvulnerability, cve, medium-severity, buffer-overflow, cwe-121 https://shimiscyberworld.com/posts/nvd-CVE-2026-0205/ Shimi's Cyber World en 2026-04-29T20:16:40+03:00 CVE-2026-0205 — SonicOS Path Traversalvulnerability, cve, medium-severity, path-traversal, cwe-35 https://shimiscyberworld.com/posts/nvd-CVE-2026-0204/ Shimi's Cyber World en 2026-04-29T20:16:40+03:00 SonicOS Access Control Bypass (CVE-2026-0204) Rated High Severityvulnerability, cve, high-severity, cwe-306, cwe-1390 https://shimiscyberworld.com/posts/sap-npm-packages-compromised-by-mini-shai-hulud-credential-4sc03/ Shimi's Cyber World en 2026-04-29T19:26:00+03:00 SAP npm Packages Compromised by "Mini Shai-Hulud" Credential Stealing Malwarethreat-intel, vulnerability, malware, cloud, identity https://shimiscyberworld.com/posts/nvd-CVE-2026-7389/ Shimi's Cyber World en 2026-04-29T19:16:29+03:00 CVE-2026-7389: EyouCMS SQL Injection Vulnerability Exposedvulnerability, cve, high-severity, sql-injection, cwe-74, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-7388/ Shimi's Cyber World en 2026-04-29T19:16:29+03:00 CVE-2026-7388 — A weakness has been identified in EyouCMS up to 1.7.9.vulnerability, cve, medium-severity, cwe-74, cwe-94 https://shimiscyberworld.com/posts/nvd-CVE-2026-7386/ Shimi's Cyber World en 2026-04-29T19:16:29+03:00 CVE-2026-7386: fatbobman mail-mcp-bridge Path Traversal Vulnerabilityvulnerability, cve, high-severity, path-traversal, cwe-22 https://shimiscyberworld.com/posts/nvd-CVE-2026-6849/ Shimi's Cyber World en 2026-04-29T19:16:28+03:00 Pardus OS My Computer Vulnerability Allows OS Command Injectionvulnerability, cve, high-severity, command-injection, cwe-78 https://shimiscyberworld.com/posts/nvd-CVE-2026-5166/ Shimi's Cyber World en 2026-04-29T19:16:26+03:00 CVE-2026-5166: Critical Path Traversal in TUBITAK Pardus Software Centervulnerability, cve, critical, high-severity, path-traversal, cwe-22 https://shimiscyberworld.com/posts/nvd-CVE-2026-42198/ Shimi's Cyber World en 2026-04-29T19:16:25+03:00 pgjdbc Client-Side DoS: Malicious Servers Can Exhaust CPU via SCRAM-SHA-256vulnerability, cve, high-severity, denial-of-service, cwe-770 https://shimiscyberworld.com/posts/nvd-CVE-2026-41940/ Shimi's Cyber World en 2026-04-29T19:16:25+03:00 cPanel & WHM Critical Authentication Bypass (CVE-2026-41940)vulnerability, cve, critical, high-severity, authentication-bypass, cwe-306 https://shimiscyberworld.com/posts/cpanel-whm-emergency-update-fixes-critical-auth-bypass-bug-hr31j/ Shimi's Cyber World en 2026-04-29T18:51:44+03:00 cPanel, WHM Emergency Patch Fixes Critical Auth Bypassthreat-intel, data-breach, malware, vulnerability, identity https://shimiscyberworld.com/posts/european-commission-accuses-meta-of-breaching-child-safety-r-ozmby/ Shimi's Cyber World en 2026-04-29T18:47:00+03:00 European Commission Accuses Meta of Child Safety Breaches Under DSAthreat-intel, data-breach, government https://shimiscyberworld.com/posts/vect-2-0-ransomware-acts-as-wiper-thanks-to-design-error-oj9u5/ Shimi's Cyber World en 2026-04-29T18:23:53+03:00 Vect 2.0 Ransomware Acts as Wiper Due to Design Errorthreat-intel, tools, malware, ransomware https://shimiscyberworld.com/posts/nvd-CVE-2026-7384/ Shimi's Cyber World en 2026-04-29T18:16:11+03:00 CVE-2026-7384 — Ezequiroga Mcp-Bases 357ca19c7a49a9b9cb2ef639b366f03aba8bea3 Path Traversalvulnerability, cve, high-severity, path-traversal, cwe-22 https://shimiscyberworld.com/posts/nvd-CVE-2026-5161/ Shimi's Cyber World en 2026-04-29T18:16:08+03:00 CVE-2026-5161: Pardus About Suffers High-Severity Symlink Vulnerabilityvulnerability, cve, high-severity, cwe-59 https://shimiscyberworld.com/posts/nvd-CVE-2026-5141/ Shimi's Cyber World en 2026-04-29T18:16:07+03:00 CVE-2026-5141: Pardus Software Center Vulnerability Allows Privileged Process Hijackingvulnerability, cve, high-severity, improper-access-control, cwe-266, cwe-269, cwe-284 https://shimiscyberworld.com/posts/nvd-CVE-2026-41952/ Shimi's Cyber World en 2026-04-29T18:16:06+03:00 Acronis DLP and Cyber Protect Agent Vulnerable to Privilege Escalation (CVE-2026-41952)vulnerability, cve, high-severity, privilege-escalation, cwe-123 https://shimiscyberworld.com/posts/nvd-CVE-2026-41220/ Shimi's Cyber World en 2026-04-29T18:16:05+03:00 Acronis DLP, Cyber Protect Agent Vulnerable to Local Privilege Escalation (CVE-2026-41220)vulnerability, cve, high-severity, privilege-escalation, cwe-787 https://shimiscyberworld.com/posts/nvd-CVE-2026-25852/ Shimi's Cyber World en 2026-04-29T18:16:05+03:00 CVE-2026-25852 — Privilege Escalationvulnerability, cve, medium-severity, privilege-escalation, cwe-427 https://shimiscyberworld.com/posts/new-wave-of-dprk-attacks-uses-ai-inserted-npm-malware-fake-ian3i/ Shimi's Cyber World en 2026-04-29T17:43:00+03:00 DPRK Uses AI-Inserted npm Malware, Targeting Developersthreat-intel, vulnerability, malware, ai-security https://shimiscyberworld.com/posts/swiss-police-arrest-10-suspected-members-of-nigeria-linked-c-2qt9f/ Shimi's Cyber World en 2026-04-29T17:15:00+03:00 Black Axe: Swiss Police Arrest 10 Suspected Membersthreat-intel, data-breach, government https://shimiscyberworld.com/posts/learning-from-the-vercel-breach-shadow-ai-oauth-sprawl-3uywm/ Shimi's Cyber World en 2026-04-29T16:05:14+03:00 Vercel Breach Highlights OAuth App Risks and Shadow AI Threatsthreat-intel, data-breach, malware, identity https://shimiscyberworld.com/posts/lotus-wiper-attack-targeted-venezuelan-energy-firms-utiliti-hhfv0/ Shimi's Cyber World en 2026-04-29T16:00:00+03:00 Lotus Wiper Targets Venezuelan Energy, Utilities with Sophisticated LotLthreat-intel, tools, malware https://shimiscyberworld.com/posts/github-fixes-rce-flaw-that-gave-access-to-millions-of-privat-xvj23/ Shimi's Cyber World en 2026-04-29T15:41:17+03:00 GitHub RCE Flaw Could Have Exposed Millions of Private Repositoriesthreat-intel, data-breach, malware, vulnerability, tools https://shimiscyberworld.com/posts/webinar-how-to-automate-exposure-validation-to-match-the-sp-ynxh4/ Shimi's Cyber World en 2026-04-29T15:02:00+03:00 AI Automates Attacks: Autonomous Agents Target Active Directory in Minutesthreat-intel, vulnerability, microsoft, identity, phishing https://shimiscyberworld.com/posts/incd-alert_1992/ Shimi's Cyber World en 2026-04-29T15:00:00+03:00 Unidentified RMM Tool Exploited in Active Attacks Against Israeli Organizationsincd, israel, advisory, alert https://shimiscyberworld.com/posts/what-to-look-for-in-an-exposure-management-platform-and-wha-zhxzs/ Shimi's Cyber World en 2026-04-29T14:30:00+03:00 Exposure Management Platforms Fall Short: Context is Key, Not Just Countsthreat-intel, vulnerability https://shimiscyberworld.com/posts/cisa-orders-feds-to-patch-windows-flaw-exploited-as-zero-day-47f0x/ Shimi's Cyber World en 2026-04-29T13:29:31+03:00 CISA Mandates Urgent Patching for Windows Zero-Day Exploited in Attacksthreat-intel, data-breach, malware, vulnerability, microsoft https://shimiscyberworld.com/posts/critical-cpanel-authentication-vulnerability-identified-up-10tps/ Shimi's Cyber World en 2026-04-29T12:37:00+03:00 Critical cPanel Authentication Flaw Exposes Serversthreat-intel, vulnerability, identity, tools https://shimiscyberworld.com/posts/nvd-CVE-2026-4019/ Shimi's Cyber World en 2026-04-29T12:16:25+03:00 CVE-2026-4019 — The Complianz – GDPR/CCPA Cookie Consent plugin forvulnerability, cve, medium-severity, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2026-42412/ Shimi's Cyber World en 2026-04-29T12:16:24+03:00 CVE-2026-42412 — WeDevs WP User Frontend Vulnerabilityvulnerability, cve, medium-severity, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2025-10503/ Shimi's Cyber World en 2026-04-29T12:16:23+03:00 CVE-2025-10503 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-42377/ Shimi's Cyber World en 2026-04-29T11:16:18+03:00 SureForms Pro Vulnerability CVE-2026-42377 Exposes Access Control Flawsvulnerability, cve, high-severity, cwe-862 https://shimiscyberworld.com/posts/telegram-1427288221-8849/ Shimi's Cyber World en 2026-04-29T10:02:16+03:00 Cyber News - Erez Dasa: Unattributed Foreign Login Triggered Investigationisrael, cybersafe https://shimiscyberworld.com/posts/telegram-1427288221-8847/ Shimi's Cyber World en 2026-04-29T09:02:28+03:00 Vect Ransomware: Bug Turns Encryption into Irreversible Data Wiperisrael https://shimiscyberworld.com/posts/nvd-CVE-2026-35155/ Shimi's Cyber World en 2026-04-29T08:16:04+03:00 Dell iDRAC10 Vulnerability: Low-Privilege Race Condition Grants High Accessvulnerability, cve, high-severity, race-condition, cwe-522 https://shimiscyberworld.com/posts/nvd-CVE-2026-42615/ Shimi's Cyber World en 2026-04-29T07:16:41+03:00 GCHQ CyberChef XSS Vulnerability (CVE-2026-42615) Identifiedvulnerability, cve, high-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-23773/ Shimi's Cyber World en 2026-04-29T07:16:40+03:00 CVE-2026-23773 — Server-Side Request Forgeryvulnerability, cve, medium-severity, server-side-request-forgery, cwe-918 https://shimiscyberworld.com/posts/nvd-CVE-2026-42167/ Shimi's Cyber World en 2026-04-29T02:16:20+03:00 CVE-2026-42167: ProFTPD mod_sql RCE Via Log Expansionvulnerability, cve, high-severity, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-7319/ Shimi's Cyber World en 2026-04-29T01:16:52+03:00 CVE-2026-7319: Path Traversal in elinsky execution-system-mcp Poses Remote Riskvulnerability, cve, high-severity, path-traversal, cwe-22 https://shimiscyberworld.com/posts/nvd-CVE-2026-7318/ Shimi's Cyber World en 2026-04-29T01:16:51+03:00 CVE-2026-7318 — Elie Mcp-Project Path Traversalvulnerability, cve, medium-severity, path-traversal, cwe-22 https://shimiscyberworld.com/posts/nvd-CVE-2026-7317/ Shimi's Cyber World en 2026-04-29T01:16:51+03:00 CVE-2026-7317 — Grav CMS Insecure Deserializationvulnerability, cve, medium-severity, insecure-deserialization, cwe-20, cwe-502 https://shimiscyberworld.com/posts/nvd-CVE-2026-7316/ Shimi's Cyber World en 2026-04-29T01:16:51+03:00 CVE-2026-7316: Aider-mcp Command Injection Exposes AI Dev Workflowsvulnerability, cve, high-severity, command-injection, cwe-74, cwe-77 https://shimiscyberworld.com/posts/nvd-CVE-2026-7315/ Shimi's Cyber World en 2026-04-29T01:16:51+03:00 CVE-2026-7315: eiceblue spire-pdf-mcp-server Path Traversal Vulnerabilityvulnerability, cve, high-severity, path-traversal, cwe-22 https://shimiscyberworld.com/posts/nvd-CVE-2026-7314/ Shimi's Cyber World en 2026-04-29T01:16:51+03:00 CVE-2026-7314: eiceblue spire-doc-mcp-server Path Traversal Publicly Exploitedvulnerability, cve, high-severity, path-traversal, cwe-22 https://shimiscyberworld.com/posts/nvd-CVE-2026-7306/ Shimi's Cyber World en 2026-04-29T01:16:51+03:00 CVE-2026-7306 — Xuxueli Xxl-Job Vulnerabilityvulnerability, cve, medium-severity, cwe-320, cwe-321 https://shimiscyberworld.com/posts/nvd-CVE-2026-7305/ Shimi's Cyber World en 2026-04-29T01:16:50+03:00 CVE-2026-7305 — Server-Side Request Forgeryvulnerability, cve, medium-severity, server-side-request-forgery, cwe-918 https://shimiscyberworld.com/posts/nvd-CVE-2026-41649/ Shimi's Cyber World en 2026-04-29T01:16:49+03:00 Outline Insecure Direct Object Reference (CVE-2026-41649) Exposes Documentsvulnerability, cve, high-severity, cwe-639 https://shimiscyberworld.com/posts/nvd-CVE-2026-33467/ Shimi's Cyber World en 2026-04-29T01:16:48+03:00 CVE-2026-33467 — Improper Verification of Cryptographic Signature (CWE-347)vulnerability, cve, medium-severity, cwe-347 https://shimiscyberworld.com/posts/spy-agency-officials-say-job-loss-anxiety-moving-fast-safe-x3o7u/ Shimi's Cyber World en 2026-04-29T00:43:20+03:00 NGA Grapples with AI Workforce Overhaul and Job Anxietythreat-intel, policy, government, microsoft, tools https://shimiscyberworld.com/posts/hackers-are-exploiting-a-critical-litellm-pre-auth-sqli-flaw-kdccf/ Shimi's Cyber World en 2026-04-29T00:07:23+03:00 LiteLLM Pre-Auth SQLi Actively Exploited: CVE-2026-42208threat-intel, data-breach, malware, vulnerability, ai-security https://shimiscyberworld.com/posts/nsa-chief-during-snowden-affair-shares-regrets-reflections-pagdy/ Shimi's Cyber World en 2026-04-28T23:38:59+03:00 NSA Chief Reflects on Snowden Leaks: Lessons for CISOsthreat-intel, tools https://shimiscyberworld.com/posts/daily-digest/ Shimi's Cyber World en 2026-04-28T23:00:00+03:00 Daily Security Digest — 2026-04-28daily-digest, vulnerability, cve, critical, high-severity, command-injection, cwe-77, cwe-78, privilege-escalation, cwe-269 https://shimiscyberworld.com/posts/nvd-CVE-2026-42431/ Shimi's Cyber World en 2026-04-28T22:37:47+03:00 CVE-2026-42431: OpenClaw Vulnerability Allows Persistent Browser Profile Mutationvulnerability, cve, high-severity, cwe-863 https://shimiscyberworld.com/posts/nvd-CVE-2026-42426/ Shimi's Cyber World en 2026-04-28T22:37:46+03:00 OpenClaw CVE-2026-42426: Improper Authorization Allows Node Pairing Bypassvulnerability, cve, high-severity, cwe-863 https://shimiscyberworld.com/posts/nvd-CVE-2026-42422/ Shimi's Cyber World en 2026-04-28T22:37:45+03:00 OpenClaw CVE-2026-42422: Role Bypass Allows Unapproved Token Mintingvulnerability, cve, high-severity, cwe-863 https://shimiscyberworld.com/posts/nvd-CVE-2026-41914/ Shimi's Cyber World en 2026-04-28T22:37:45+03:00 OpenClaw QQ Bot SSRF Vulnerability Bypasses Protections (CVE-2026-41914)vulnerability, cve, high-severity, server-side-request-forgery, cwe-918 https://shimiscyberworld.com/posts/nvd-CVE-2026-41404/ Shimi's Cyber World en 2026-04-28T22:37:43+03:00 OpenClaw Privilege Escalation via Incomplete Scope Clearing (CVE-2026-41404)vulnerability, cve, high-severity, privilege-escalation, cwe-863 https://shimiscyberworld.com/posts/nvd-CVE-2026-41394/ Shimi's Cyber World en 2026-04-28T22:37:42+03:00 OpenClaw CVE-2026-41394: Authentication Bypass Grants Operator Write Scopesvulnerability, cve, high-severity, authentication-bypass, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2026-41387/ Shimi's Cyber World en 2026-04-28T22:37:41+03:00 OpenClaw Incomplete Host Environment Sanitization Allows Package Overridesvulnerability, cve, high-severity, cwe-183 https://shimiscyberworld.com/posts/nvd-CVE-2026-41386/ Shimi's Cyber World en 2026-04-28T22:37:41+03:00 OpenClaw Privilege Escalation: Critical Flaw in Device Pairingvulnerability, cve, critical, high-severity, privilege-escalation, cwe-648 https://shimiscyberworld.com/posts/nvd-CVE-2026-41384/ Shimi's Cyber World en 2026-04-28T22:37:41+03:00 OpenClaw CLI Vulnerability Allows Code Execution via Environment Variable Injectionvulnerability, cve, high-severity, code-execution, cwe-15 https://shimiscyberworld.com/posts/nvd-CVE-2026-41383/ Shimi's Cyber World en 2026-04-28T22:37:41+03:00 CVE-2026-41383: OpenClaw Arbitrary Directory Deletion Flaw Exposes Remote Datavulnerability, cve, high-severity, cwe-22 https://shimiscyberworld.com/posts/nvd-CVE-2026-41378/ Shimi's Cyber World en 2026-04-28T22:37:40+03:00 OpenClaw Privilege Escalation (CVE-2026-41378) Allows RCE via Paired Nodesvulnerability, cve, high-severity, remote-code-execution, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2026-3893/ Shimi's Cyber World en 2026-04-28T22:37:39+03:00 CVE-2026-3893: Carlson VASCO-B GNSS Receiver Lacks Authenticationvulnerability, cve, critical, high-severity, cwe-306 https://shimiscyberworld.com/posts/nvd-CVE-2026-24222/ Shimi's Cyber World en 2026-04-28T22:36:45+03:00 NVIDIA NeMoClaw Vulnerability Exposes Host Environment Variablesvulnerability, cve, high-severity, information-disclosure, cwe-497 https://shimiscyberworld.com/posts/nvd-CVE-2026-24186/ Shimi's Cyber World en 2026-04-28T22:36:45+03:00 NVIDIA FLARE SDK Vulnerability: Untrusted Deserialization Leads to RCEvulnerability, cve, high-severity, code-execution, cwe-502 https://shimiscyberworld.com/posts/nvd-CVE-2026-24178/ Shimi's Cyber World en 2026-04-28T22:36:45+03:00 NVIDIA NVFlare Dashboard: Critical Auth Bypass Puts Systems at Riskvulnerability, cve, critical, high-severity, code-execution, cwe-639 https://shimiscyberworld.com/posts/vidar-rises-to-top-of-chaotic-infostealer-market-emmj1/ Shimi's Cyber World en 2026-04-28T22:07:16+03:00 Vidar Infostealer Dominates Post-Takedown Market Vacuumthreat-intel, tools, malware https://shimiscyberworld.com/posts/telegram-1542954397-4548/ Shimi's Cyber World en 2026-04-28T21:03:18+03:00 XChat Lacks True E2E, Metadata Exposure Persists https://shimiscyberworld.com/posts/telegram-1427288221-8844/ Shimi's Cyber World en 2026-04-28T20:53:48+03:00 GitHub RCE Vulnerability Exposes Millions of Repositoriesisrael https://shimiscyberworld.com/posts/telegram-1427288221-8843/ Shimi's Cyber World en 2026-04-28T20:42:07+03:00 Ynet, Population Authority Project Pulled Over Data Exposure Flawisrael https://shimiscyberworld.com/posts/brazilian-lofygang-resurfaces-after-three-years-with-minecra-g3nbk/ Shimi's Cyber World en 2026-04-28T20:39:00+03:00 LofyGang Resurfaces, Targets Minecraft Players with LofyStealer Malwarethreat-intel, vulnerability, malware https://shimiscyberworld.com/posts/cyber-command-nsa-chief-warns-foreign-adversaries-likely-to-2x8o0/ Shimi's Cyber World en 2026-04-28T20:26:00+03:00 Cyber Command Warns Foreign Adversaries Targeting Midterm Electionsthreat-intel, data-breach, government