https://shimiscyberworld.com/posts/daily-digest/ Shimi's Cyber World en 2026-05-10T23:00:00+03:00 Daily Security Digest — 2026-05-10daily-digest, vulnerability, cve, critical, high-severity, cwe-290, privilege-escalation, cwe-862, remote-code-execution, cwe-306 https://shimiscyberworld.com/posts/telegram-1427288221-8905/ Shimi's Cyber World en 2026-05-10T19:01:33+03:00 ShinyHunters Ransomware Disrupts Instructure Canvas, Forces Payoutisrael https://shimiscyberworld.com/posts/nvd-CVE-2022-50944/ Shimi's Cyber World en 2026-05-10T16:16:32+03:00 Aero CMS 0.0.1 Vulnerability Allows Authenticated PHP Code Injectionvulnerability, cve, high-severity, cwe-94 https://shimiscyberworld.com/posts/nvd-CVE-2021-47949/ Shimi's Cyber World en 2026-05-10T16:16:31+03:00 CyberPanel 2.1 RCE via Symlink Attack (CVE-2021-47949)vulnerability, cve, high-severity, arbitrary-file-access, cwe-59 https://shimiscyberworld.com/posts/nvd-CVE-2021-47943/ Shimi's Cyber World en 2026-05-10T16:16:30+03:00 TextPattern CMS RCE (CVE-2021-47943) Allows Authenticated Attackers to Execute Commandsvulnerability, cve, high-severity, remote-code-execution, cwe-434 https://shimiscyberworld.com/posts/nvd-CVE-2021-47941/ Shimi's Cyber World en 2026-05-10T16:16:30+03:00 WordPress Plugin Survey & Poll SQLi Puts Data at Riskvulnerability, cve, high-severity, sql-injection, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2021-47940/ Shimi's Cyber World en 2026-05-10T16:16:30+03:00 WordPress Plugin Download From Files: Critical Unauthenticated File Uploadvulnerability, cve, critical, high-severity, arbitrary-file-access, cwe-306 https://shimiscyberworld.com/posts/nvd-CVE-2021-47939/ Shimi's Cyber World en 2026-05-10T16:16:30+03:00 Evolution CMS RCE (CVE-2021-47939) Allows Authenticated Code Executionvulnerability, cve, high-severity, remote-code-execution, cwe-94 https://shimiscyberworld.com/posts/nvd-CVE-2021-47938/ Shimi's Cyber World en 2026-05-10T16:16:30+03:00 ImpressCMS 1.4.2 RCE: Authenticated Attackers Can Execute Arbitrary Codevulnerability, cve, high-severity, remote-code-execution, cwe-94 https://shimiscyberworld.com/posts/nvd-CVE-2021-47937/ Shimi's Cyber World en 2026-05-10T16:16:29+03:00 e107 CMS RCE (CVE-2021-47937) Allows Authenticated Theme Uploads to Drop Web Shellsvulnerability, cve, high-severity, remote-code-execution, cwe-434 https://shimiscyberworld.com/posts/nvd-CVE-2021-47936/ Shimi's Cyber World en 2026-05-10T16:16:29+03:00 OpenCATS 0.9.4 Critical RCE via Malicious Resume Uploadsvulnerability, cve, critical, high-severity, remote-code-execution, cwe-306 https://shimiscyberworld.com/posts/nvd-CVE-2021-47935/ Shimi's Cyber World en 2026-05-10T16:16:29+03:00 Sentry 8.2.0 RCE: Authenticated Superusers Can Execute Arbitrary Codevulnerability, cve, high-severity, remote-code-execution, cwe-94 https://shimiscyberworld.com/posts/nvd-CVE-2021-47933/ Shimi's Cyber World en 2026-05-10T16:16:29+03:00 WordPress MStore API Critical RCE: Unauthenticated File Uploadvulnerability, cve, critical, high-severity, remote-code-execution, cwe-306 https://shimiscyberworld.com/posts/nvd-CVE-2021-47932/ Shimi's Cyber World en 2026-05-10T16:16:29+03:00 WordPress TheCartPress Unauthenticated Admin Creation (CVE-2021-47932)vulnerability, cve, critical, high-severity, privilege-escalation, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2021-47930/ Shimi's Cyber World en 2026-05-10T16:16:29+03:00 CVE-2021-47930: Unauthenticated SQLi in Balbooa Joomla Forms Buildervulnerability, cve, high-severity, sql-injection, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2021-47928/ Shimi's Cyber World en 2026-05-10T16:16:28+03:00 Opencart TMD Vendor System Blind SQLi Exposes User Datavulnerability, cve, high-severity, sql-injection, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2021-47923/ Shimi's Cyber World en 2026-05-10T16:16:28+03:00 OpenCart 3.0.3.8 Session Fixation Vulnerability (CVE-2021-47923) Rated Criticalvulnerability, cve, critical, high-severity, cwe-290 https://shimiscyberworld.com/posts/telegram-1427288221-8904/ Shimi's Cyber World en 2026-05-10T15:39:32+03:00 IDF Certificate Generator Exposes Rank and Unit Creationisrael https://shimiscyberworld.com/posts/nvd-CVE-2026-8244/ Shimi's Cyber World en 2026-05-10T13:16:13+03:00 CVE-2026-8244 — Industrial Application Software IAS Canias ERP Vulnerabilityvulnerability, cve, medium-severity, cwe-287 https://shimiscyberworld.com/posts/nvd-CVE-2026-8243/ Shimi's Cyber World en 2026-05-10T12:16:32+03:00 CVE-2026-8243 — An Unknown Function Of The Component JNLP Deployment Endpoin Vulnerabilityvulnerability, cve, medium-severity, cwe-320, cwe-321 https://shimiscyberworld.com/posts/nvd-CVE-2026-8241/ Shimi's Cyber World en 2026-05-10T12:16:31+03:00 CVE-2026-8241 — Industrial Application Software IAS Canias ERP Vulnerabilityvulnerability, cve, medium-severity, cwe-266, cwe-285 https://shimiscyberworld.com/posts/nvd-CVE-2026-8235/ Shimi's Cyber World en 2026-05-10T10:16:08+03:00 CVE-2026-8235 — 8421bit MiniClaw 0.8.0/0.9.0 Command Injectionvulnerability, cve, medium-severity, command-injection, cwe-77, cwe-78 https://shimiscyberworld.com/posts/nvd-CVE-2026-8234/ Shimi's Cyber World en 2026-05-10T10:16:08+03:00 EFM ipTIME A8004T Vulnerability: Remote Stack-Based Buffer Overflow Disclosedvulnerability, cve, high-severity, buffer-overflow, cwe-119, cwe-121 https://shimiscyberworld.com/posts/nvd-CVE-2026-8233/ Shimi's Cyber World en 2026-05-10T09:16:08+03:00 CVE-2026-8233 — Improper Access Controlvulnerability, cve, medium-severity, improper-access-control, cwe-266, cwe-284 https://shimiscyberworld.com/posts/nvd-CVE-2026-8231/ Shimi's Cyber World en 2026-05-10T09:16:08+03:00 CVE-2026-8231 — CodeAstro Online Catering Ordering System SQL Injectionvulnerability, cve, medium-severity, sql-injection, cwe-74, cwe-89 https://shimiscyberworld.com/posts/telegram-1542954397-4575/ Shimi's Cyber World en 2026-05-10T08:30:48+03:00 Europol Under Fire for Shadow IT System Exposing Sensitive Data https://shimiscyberworld.com/posts/nvd-CVE-2026-8230/ Shimi's Cyber World en 2026-05-10T08:16:12+03:00 CVE-2026-8230 — Wavlink NU516U1 Command Injectionvulnerability, cve, medium-severity, command-injection, cwe-77, cwe-78 https://shimiscyberworld.com/posts/nvd-CVE-2026-8229/ Shimi's Cyber World en 2026-05-10T08:16:12+03:00 CVE-2026-8229 — Wavlink NU516U1 Command Injectionvulnerability, cve, medium-severity, command-injection, cwe-77, cwe-78 https://shimiscyberworld.com/posts/nvd-CVE-2026-8228/ Shimi's Cyber World en 2026-05-10T08:16:12+03:00 CVE-2026-8228 — Wavlink NU516U1 Command Injectionvulnerability, cve, medium-severity, command-injection, cwe-77, cwe-78 https://shimiscyberworld.com/posts/nvd-CVE-2026-8227/ Shimi's Cyber World en 2026-05-10T08:16:12+03:00 CVE-2026-8227 — The Function WzdapMesh Of The File /Cgi-Bin/Adm.Cgi Command Injectionvulnerability, cve, medium-severity, command-injection, cwe-77, cwe-78 https://shimiscyberworld.com/posts/nvd-CVE-2026-8226/ Shimi's Cyber World en 2026-05-10T08:16:12+03:00 CVE-2026-8226 — Open5GS Denial of Servicevulnerability, cve, medium-severity, denial-of-service, cwe-404 https://shimiscyberworld.com/posts/nvd-CVE-2026-8225/ Shimi's Cyber World en 2026-05-10T08:16:12+03:00 CVE-2026-8225 — Open5GS Denial of Servicevulnerability, cve, medium-severity, denial-of-service, cwe-404 https://shimiscyberworld.com/posts/nvd-CVE-2026-8224/ Shimi's Cyber World en 2026-05-10T06:16:09+03:00 CVE-2026-8224 — Denial of Servicevulnerability, cve, medium-severity, denial-of-service, cwe-404 https://shimiscyberworld.com/posts/nvd-CVE-2026-8223/ Shimi's Cyber World en 2026-05-10T06:16:08+03:00 CVE-2026-8223 — Open5GS Denial of Servicevulnerability, cve, medium-severity, denial-of-service, cwe-404 https://shimiscyberworld.com/posts/nvd-CVE-2026-8222/ Shimi's Cyber World en 2026-05-10T06:16:08+03:00 CVE-2026-8222 — Open5GS Denial of Servicevulnerability, cve, medium-severity, denial-of-service, cwe-404 https://shimiscyberworld.com/posts/nvd-CVE-2026-8217/ Shimi's Cyber World en 2026-05-10T05:16:08+03:00 CVE-2026-8217 — Industrial Application Software IAS Canias ERP Command Injectionvulnerability, cve, medium-severity, command-injection, cwe-77, cwe-78 https://shimiscyberworld.com/posts/nvd-CVE-2026-8216/ Shimi's Cyber World en 2026-05-10T04:16:08+03:00 CVE-2026-8216: Canias ERP Remote Authentication Bypass Exposes Critical Systemsvulnerability, cve, high-severity, cwe-287 https://shimiscyberworld.com/posts/nvd-CVE-2026-8215/ Shimi's Cyber World en 2026-05-10T04:16:08+03:00 CVE-2026-8215 — The Function IasRequestFileEvent Of The Component RMI Interf Path Traversalvulnerability, cve, medium-severity, path-traversal, cwe-22 https://shimiscyberworld.com/posts/nvd-CVE-2026-8214/ Shimi's Cyber World en 2026-05-10T04:16:07+03:00 CVE-2026-8214 — Industrial Application Software IAS Canias ERP Vulnerabilityvulnerability, cve, medium-severity, cwe-287 https://shimiscyberworld.com/posts/nvd-CVE-2026-8213/ Shimi's Cyber World en 2026-05-10T02:16:33+03:00 CVE-2026-8213 — OSGeo Gdal Buffer Overflowvulnerability, cve, medium-severity, buffer-overflow, cwe-119, cwe-122 https://shimiscyberworld.com/posts/nvd-CVE-2026-8212/ Shimi's Cyber World en 2026-05-10T02:16:33+03:00 CVE-2026-8212 — OSGeo Gdal Buffer Overflowvulnerability, cve, medium-severity, buffer-overflow, cwe-119, cwe-122 https://shimiscyberworld.com/posts/nvd-CVE-2026-8211/ Shimi's Cyber World en 2026-05-10T02:16:32+03:00 CVE-2026-8211 — Codelibs Fess Vulnerabilityvulnerability, cve, medium-severity, cwe-74, cwe-94 https://shimiscyberworld.com/posts/nvd-CVE-2026-45184/ Shimi's Cyber World en 2026-05-10T02:16:32+03:00 CVE-2026-45184 — Kdenlive before 26.04.1 allows dangerous proxy parametersvulnerability, cve, medium-severity, cwe-829 https://shimiscyberworld.com/posts/nvd-CVE-2026-45181/ Shimi's Cyber World en 2026-05-10T01:16:08+03:00 CVE-2026-45181 — Hex-Rays IDA Pro 9.2 and 9.3 before 9.3sp2 does not blockvulnerability, cve, medium-severity, cwe-88 https://shimiscyberworld.com/posts/nvd-CVE-2026-8210/ Shimi's Cyber World en 2026-05-10T00:16:26+03:00 CVE-2026-8210 — Aandrew-Me Tgpt Command Injectionvulnerability, cve, medium-severity, command-injection, cwe-74, cwe-77 https://shimiscyberworld.com/posts/nvd-CVE-2026-8195/ Shimi's Cyber World en 2026-05-09T23:16:30+03:00 CVE-2026-8195 — JeecgBoot Vulnerabilityvulnerability, cve, medium-severity, cwe-79, cwe-94 https://shimiscyberworld.com/posts/nvd-CVE-2026-8194/ Shimi's Cyber World en 2026-05-09T23:16:30+03:00 CVE-2026-8194 — OsTicket Vulnerabilityvulnerability, cve, medium-severity, cwe-352, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2026-42606/ Shimi's Cyber World en 2026-05-09T23:16:30+03:00 AzuraCast CVE-2026-42606: Unauthenticated Account Takeover Via X-Forwarded-Host Poisoningvulnerability, cve, high-severity, cwe-640 https://shimiscyberworld.com/posts/nvd-CVE-2026-42605/ Shimi's Cyber World en 2026-05-09T23:16:30+03:00 AzuraCast RCE via Path Traversal (CVE-2026-42605)vulnerability, cve, high-severity, remote-code-execution, cwe-22 https://shimiscyberworld.com/posts/nvd-CVE-2026-42576/ Shimi's Cyber World en 2026-05-09T23:16:29+03:00 CVE-2026-42576 — Any Workflow That Initializes The APK Database And Fetches R Vulnerabilityvulnerability, cve, medium-severity, cwe-704 https://shimiscyberworld.com/posts/nvd-CVE-2026-42575/ Shimi's Cyber World en 2026-05-09T23:16:29+03:00 CVE-2026-42575: apko Container Builder Silently Accepts Malicious Packagesvulnerability, cve, high-severity, cwe-345, cwe-494 https://shimiscyberworld.com/posts/nvd-CVE-2026-42574/ Shimi's Cyber World en 2026-05-09T23:16:29+03:00 CVE-2026-42574: apko Symlink Traversal Allows Host Path Writesvulnerability, cve, high-severity, cwe-22, cwe-59 https://shimiscyberworld.com/posts/nvd-CVE-2026-42569/ Shimi's Cyber World en 2026-05-09T23:16:29+03:00 phpVMS Critical Vulnerability (CVE-2026-42569) Allows Unauthenticated Accessvulnerability, cve, critical, high-severity, cwe-284, cwe-306, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2026-42562/ Shimi's Cyber World en 2026-05-09T23:16:28+03:00 Plainpad CVE-2026-42562 Allows Low-Privilege Admin Escalationvulnerability, cve, high-severity, cwe-269 https://shimiscyberworld.com/posts/daily-digest/ Shimi's Cyber World en 2026-05-09T23:00:00+03:00 Daily Security Digest — 2026-05-09daily-digest, vulnerability, cve, critical, high-severity, cwe-347, privilege-escalation, cwe-284, cwe-639, cwe-94 https://shimiscyberworld.com/posts/jdownloader-site-hacked-to-replace-installers-with-python-ra-mdbd4/ Shimi's Cyber World en 2026-05-09T22:27:58+03:00 JDownloader Site Compromised, Distributes Python RAT Malwarethreat-intel, data-breach, malware, microsoft https://shimiscyberworld.com/posts/nvd-CVE-2026-8193/ Shimi's Cyber World en 2026-05-09T22:16:10+03:00 CVE-2026-8193 — Some Unknown Processing Of The File Config/Dompdf.Php Of The Server-Side Request Forgeryvulnerability, cve, medium-severity, server-side-request-forgery, cwe-918 https://shimiscyberworld.com/posts/nvd-CVE-2026-8192/ Shimi's Cyber World en 2026-05-09T22:16:10+03:00 CVE-2026-8192 — Wavlink NU516U1 M16U1_V240425 Command Injectionvulnerability, cve, medium-severity, command-injection, cwe-77, cwe-78 https://shimiscyberworld.com/posts/nvd-CVE-2026-8191/ Shimi's Cyber World en 2026-05-09T22:16:09+03:00 CVE-2026-8191 — Wavlink NU516U1 M16U1_V240425 Command Injectionvulnerability, cve, medium-severity, command-injection, cwe-77, cwe-78 https://shimiscyberworld.com/posts/nvd-CVE-2026-8190/ Shimi's Cyber World en 2026-05-09T21:16:22+03:00 CVE-2026-8190 — Command Injectionvulnerability, cve, medium-severity, command-injection, cwe-77, cwe-78 https://shimiscyberworld.com/posts/nvd-CVE-2026-8189/ Shimi's Cyber World en 2026-05-09T20:16:08+03:00 CVE-2026-8189 — Wavlink NU516U1 M16U1_V240425 Command Injectionvulnerability, cve, medium-severity, command-injection, cwe-77, cwe-78 https://shimiscyberworld.com/posts/nvd-CVE-2026-8188/ Shimi's Cyber World en 2026-05-09T19:16:08+03:00 CVE-2026-8188 — Wavlink NU516U1 M16U1_V240425 Command Injectionvulnerability, cve, medium-severity, command-injection, cwe-77, cwe-78 https://shimiscyberworld.com/posts/nvd-CVE-2026-8198/ Shimi's Cyber World en 2026-05-09T16:16:43+03:00 CVE-2026-8198 — Authentication Bypassvulnerability, cve, medium-severity, authentication-bypass, cwe-200 https://shimiscyberworld.com/posts/nvd-CVE-2026-8186/ Shimi's Cyber World en 2026-05-09T15:16:08+03:00 CVE-2026-8186 — Open5GS Out-of-Bounds $1vulnerability, cve, medium-severity, out-of-bounds-1, cwe-119, cwe-125 https://shimiscyberworld.com/posts/nvd-CVE-2026-8187/ Shimi's Cyber World en 2026-05-09T14:16:28+03:00 CVE-2026-8187 — Open5GS Vulnerabilityvulnerability, cve, medium-severity, cwe-400, cwe-404 https://shimiscyberworld.com/posts/nvd-CVE-2026-8185/ Shimi's Cyber World en 2026-05-09T14:16:28+03:00 CVE-2026-8185 — UGREEN CM933 Vulnerabilityvulnerability, cve, medium-severity, cwe-287, cwe-306 https://shimiscyberworld.com/posts/nvd-CVE-2026-3828/ Shimi's Cyber World en 2026-05-09T12:16:09+03:00 Hikvision Switches: Authenticated RCE in Discontinued Productsvulnerability, cve, high-severity https://shimiscyberworld.com/posts/nvd-CVE-2026-32683/ Shimi's Cyber World en 2026-05-09T12:16:08+03:00 CVE-2026-32683 — Some EZVIZ products utilize older versions of cloud featurevulnerability, cve, medium-severity https://shimiscyberworld.com/posts/nvd-CVE-2026-1749/ Shimi's Cyber World en 2026-05-09T12:16:08+03:00 CVE-2026-1749 — Some HikCentral Professional Versions. This Vulnerabilityvulnerability, cve, medium-severity https://shimiscyberworld.com/posts/cpanel-whm-release-fixes-for-three-new-vulnerabilities-pa-2ycdm/ Shimi's Cyber World en 2026-05-09T10:16:00+03:00 cPanel, WHM Patch Three New Vulnerabilities: Privilege Escalation, RCE Risksthreat-intel, vulnerability, tools https://shimiscyberworld.com/posts/nvd-CVE-2026-42560/ Shimi's Cyber World en 2026-05-09T09:16:10+03:00 CVE-2026-42560: Critical Patreon OAuth Flaw Merges User Identitiesvulnerability, cve, critical, high-severity, cwe-287 https://shimiscyberworld.com/posts/nvd-CVE-2026-42301/ Shimi's Cyber World en 2026-05-09T07:16:25+03:00 CVE-2026-42301: Malicious Code Execution Via pyp2spec RPM Generationvulnerability, cve, high-severity, cwe-20, cwe-94 https://shimiscyberworld.com/posts/nvd-CVE-2026-42296/ Shimi's Cyber World en 2026-05-09T07:16:25+03:00 CVE-2026-42296: Argo Workflows Bypass Grants Host Network Accessvulnerability, cve, high-severity, cwe-863 https://shimiscyberworld.com/posts/nvd-CVE-2026-41311/ Shimi's Cyber World en 2026-05-09T07:16:21+03:00 LiquidJS CVE-2026-41311: DoS Vulnerability in Template Enginevulnerability, cve, high-severity, denial-of-service, cwe-674 https://shimiscyberworld.com/posts/nvd-CVE-2026-7652/ Shimi's Cyber World en 2026-05-09T06:16:15+03:00 CVE-2026-7652 — The LatePoint plugin for WordPress is vulnerable to Accountvulnerability, cve, medium-severity, cwe-640 https://shimiscyberworld.com/posts/nvd-CVE-2026-6667/ Shimi's Cyber World en 2026-05-09T04:16:09+03:00 CVE-2026-6667 — PgBouncer before 1.25.2 did not perform an appropriatevulnerability, cve, medium-severity, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2026-6666/ Shimi's Cyber World en 2026-05-09T04:16:09+03:00 CVE-2026-6666 — A possible null pointer reference in PgBouncer beforevulnerability, cve, medium-severity, cwe-476 https://shimiscyberworld.com/posts/nvd-CVE-2026-6665/ Shimi's Cyber World en 2026-05-09T04:16:09+03:00 PgBouncer SCRAM Vulnerability (CVE-2026-6665) Allows Stack Overflowvulnerability, cve, high-severity, cwe-121 https://shimiscyberworld.com/posts/nvd-CVE-2026-6664/ Shimi's Cyber World en 2026-05-09T04:16:08+03:00 PgBouncer Integer Overflow (CVE-2026-6664) Leads to Remote Crashvulnerability, cve, high-severity, integer-overflow, cwe-190 https://shimiscyberworld.com/posts/nvd-CVE-2026-41705/ Shimi's Cyber World en 2026-05-09T04:16:08+03:00 CVE-2026-41705: Spring AI MilvusVectorStore Vulnerable to Filter Injectionvulnerability, cve, high-severity, cwe-917 https://shimiscyberworld.com/posts/nvd-CVE-2026-44313/ Shimi's Cyber World en 2026-05-09T03:16:29+03:00 Linkwarden SSRF Vulnerability (CVE-2026-44313) Allows Internal Network Accessvulnerability, cve, critical, high-severity, server-side-request-forgery, cwe-918 https://shimiscyberworld.com/posts/nvd-CVE-2026-45130/ Shimi's Cyber World en 2026-05-09T02:16:40+03:00 CVE-2026-45130 — Buffer Overflowvulnerability, cve, medium-severity, buffer-overflow, cwe-122, cwe-190 https://shimiscyberworld.com/posts/nvd-CVE-2026-42556/ Shimi's Cyber World en 2026-05-09T02:16:39+03:00 CVE-2026-42556: Postiz AI Tool Vulnerability Allows Stored XSSvulnerability, cve, high-severity, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-42454/ Shimi's Cyber World en 2026-05-09T02:16:39+03:00 Termix RCE via Container ID Injection (CVE-2026-42454)vulnerability, cve, critical, high-severity, remote-code-execution, cwe-78 https://shimiscyberworld.com/posts/nvd-CVE-2026-42452/ Shimi's Cyber World en 2026-05-09T02:16:38+03:00 Termix CVE-2026-42452 Bypasses 2FA with Temporary JWTvulnerability, cve, high-severity, cwe-304 https://shimiscyberworld.com/posts/nvd-CVE-2026-42354/ Shimi's Cyber World en 2026-05-09T02:16:38+03:00 Sentry SAML SSO Critical Vulnerability Allows Account Takeover (CVE-2026-42354)vulnerability, cve, critical, high-severity, cwe-290 https://shimiscyberworld.com/posts/nvd-CVE-2026-42352/ Shimi's Cyber World en 2026-05-09T02:16:38+03:00 pygeoapi RCE: OGC API Vulnerability Exposes Internal Servicesvulnerability, cve, high-severity, cwe-918 https://shimiscyberworld.com/posts/nvd-CVE-2026-42351/ Shimi's Cyber World en 2026-05-09T02:16:38+03:00 CVE-2026-42351: pygeoapi Path Traversal Exposes Directoriesvulnerability, cve, high-severity, cwe-22 https://shimiscyberworld.com/posts/nvd-CVE-2026-42346/ Shimi's Cyber World en 2026-05-09T02:16:37+03:00 CVE-2026-42346 — Server-Side Request Forgeryvulnerability, cve, medium-severity, server-side-request-forgery, cwe-918 https://shimiscyberworld.com/posts/nvd-CVE-2026-42345/ Shimi's Cyber World en 2026-05-09T02:16:37+03:00 FastGPT Vulnerability: Cloud Metadata Bypass via URL Encoding (CVE-2026-42345)vulnerability, cve, high-severity, cwe-918 https://shimiscyberworld.com/posts/nvd-CVE-2026-42302/ Shimi's Cyber World en 2026-05-09T02:16:36+03:00 CVE-2026-42302: FastGPT Agent Sandbox RCEvulnerability, cve, critical, high-severity, remote-code-execution, cwe-306 https://shimiscyberworld.com/posts/nvd-CVE-2026-42298/ Shimi's Cyber World en 2026-05-09T02:16:36+03:00 CVE-2026-42298: Critical RCE in Postiz AI Scheduling Toolvulnerability, cve, critical, high-severity, cwe-94 https://shimiscyberworld.com/posts/nvd-CVE-2026-42291/ Shimi's Cyber World en 2026-05-09T02:16:36+03:00 CVE-2026-42291 — SysReptor is a fully customizable pentest reportingvulnerability, cve, medium-severity, cwe-639 https://shimiscyberworld.com/posts/nvd-CVE-2026-42224/ Shimi's Cyber World en 2026-05-09T02:16:35+03:00 CVE-2026-42224: ipl/web XSS Vulnerability Impacts Icinga Webvulnerability, cve, high-severity, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-41520/ Shimi's Cyber World en 2026-05-09T02:16:35+03:00 CVE-2026-41520: Cilium Bugtool Leaks Sensitive WireGuard Datavulnerability, cve, high-severity, cwe-200, cwe-312 https://shimiscyberworld.com/posts/nvd-CVE-2026-41432/ Shimi's Cyber World en 2026-05-09T02:16:35+03:00 CVE-2026-41432: LLM Gateway Stripe Webhook Flaw Allows Quota Forgeryvulnerability, cve, high-severity, cwe-345, cwe-863, cwe-1188 https://shimiscyberworld.com/posts/nvd-CVE-2026-42209/ Shimi's Cyber World en 2026-05-09T01:16:32+03:00 CVE-2026-42209 — Denial of Servicevulnerability, cve, medium-severity, denial-of-service, cwe-369 https://shimiscyberworld.com/posts/nvd-CVE-2026-42205/ Shimi's Cyber World en 2026-05-09T01:16:31+03:00 CVE-2026-42205: Avo Framework Privilege Escalation in Ruby on Rails Admin Panelsvulnerability, cve, high-severity, privilege-escalation, cwe-284, cwe-639 https://shimiscyberworld.com/posts/nvd-CVE-2026-42202/ Shimi's Cyber World en 2026-05-09T01:16:31+03:00 CVE-2026-42202 — nova-toggle-5 enables fliping booleans in the index. Priorvulnerability, cve, medium-severity, cwe-285 https://shimiscyberworld.com/posts/nvd-CVE-2026-42199/ Shimi's Cyber World en 2026-05-09T01:16:31+03:00 CVE-2026-42199 — Integer Overflowvulnerability, cve, medium-severity, integer-overflow, cwe-190 https://shimiscyberworld.com/posts/nvd-CVE-2026-42193/ Shimi's Cyber World en 2026-05-09T01:16:31+03:00 CVE-2026-42193: Plunk Email Platform Critical Unauthenticated Webhook Forgeryvulnerability, cve, critical, high-severity, cwe-347 https://shimiscyberworld.com/posts/nvd-CVE-2026-42192/ Shimi's Cyber World en 2026-05-09T01:16:31+03:00 CVE-2026-42192 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-44400/ Shimi's Cyber World en 2026-05-09T00:16:28+03:00 MailEnable WebAdmin Vulnerability Bypasses Authentication (CVE-2026-44400)vulnerability, cve, high-severity, cwe-639 https://shimiscyberworld.com/posts/nvd-CVE-2026-7807/ Shimi's Cyber World en 2026-05-08T23:16:32+03:00 SmarterTools SmarterMail CVE-2026-7807: Local File Inclusion Exposes Passwordsvulnerability, cve, high-severity, cwe-22 https://shimiscyberworld.com/posts/nvd-CVE-2026-42282/ Shimi's Cyber World en 2026-05-08T23:16:31+03:00 CVE-2026-42282 — n8n-MCP is an MCP server that provides AI assistants accessvulnerability, cve, medium-severity, cwe-532 https://shimiscyberworld.com/posts/nvd-CVE-2026-42190/ Shimi's Cyber World en 2026-05-08T23:16:31+03:00 CVE-2026-42190 — RedwoodSDK is a server-first React framework. From versionvulnerability, cve, medium-severity, cwe-352 https://shimiscyberworld.com/posts/nvd-CVE-2026-42189/ Shimi's Cyber World en 2026-05-08T23:16:31+03:00 CVE-2026-42189: Russh SSH Library DoS Vulnerabilityvulnerability, cve, high-severity, cwe-770, cwe-789 https://shimiscyberworld.com/posts/nvd-CVE-2026-42185/ Shimi's Cyber World en 2026-05-08T23:16:31+03:00 CVE-2026-42185 — People is an application to handle users and teams, andvulnerability, cve, medium-severity, cwe-269 https://shimiscyberworld.com/posts/nvd-CVE-2026-42181/ Shimi's Cyber World en 2026-05-08T23:16:31+03:00 CVE-2026-42181 — Lemmy is a link aggregator and forum for the fediverse.vulnerability, cve, medium-severity, cwe-918 https://shimiscyberworld.com/posts/nvd-CVE-2026-42180/ Shimi's Cyber World en 2026-05-08T23:16:31+03:00 CVE-2026-42180 — Lemmy is a link aggregator and forum for the fediverse.vulnerability, cve, medium-severity, cwe-918 https://shimiscyberworld.com/posts/nvd-CVE-2026-42176/ Shimi's Cyber World en 2026-05-08T23:16:30+03:00 CVE-2026-42176 — Scoold is a Q&A and a knowledge sharing platform for teams.vulnerability, cve, medium-severity, cwe-306 https://shimiscyberworld.com/posts/nvd-CVE-2026-41495/ Shimi's Cyber World en 2026-05-08T23:16:30+03:00 CVE-2026-41495 — n8n-MCP is an MCP server that provides AI assistants accessvulnerability, cve, medium-severity, cwe-532