https://shimiscyberworld.com/posts/nvd-CVE-2026-8098/ Shimi's Cyber World en 2026-05-08T00:16:30+03:00 CVE-2026-8098: SQL Injection in code-projects Feedback System 1.0vulnerability, cve, high-severity, sql-injection, cwe-74, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-8097/ Shimi's Cyber World en 2026-05-08T00:16:30+03:00 CVE-2026-8097 — CodeAstro Online Classroom SQL Injectionvulnerability, cve, medium-severity, sql-injection, cwe-74, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-42449/ Shimi's Cyber World en 2026-05-08T00:16:30+03:00 CVE-2026-42449: n8n-MCP SSRF Bypasses IPv6 Checksvulnerability, cve, high-severity, server-side-request-forgery, cwe-918 https://shimiscyberworld.com/posts/nvd-CVE-2026-42047/ Shimi's Cyber World en 2026-05-08T00:16:29+03:00 CVE-2026-42047: Inngest Exposes Environment Variables via HTTP Handlervulnerability, cve, high-severity, cwe-200, cwe-497 https://shimiscyberworld.com/posts/nvd-CVE-2026-41692/ Shimi's Cyber World en 2026-05-08T00:16:29+03:00 CVE-2026-41692 — i18nextify is a JavaScript library that adds websitevulnerability, cve, medium-severity, cwe-79, cwe-94 https://shimiscyberworld.com/posts/nvd-CVE-2026-41691/ Shimi's Cyber World en 2026-05-08T00:16:29+03:00 CVE-2026-41691 — Path Traversalvulnerability, cve, medium-severity, path-traversal, cwe-22, cwe-74 https://shimiscyberworld.com/posts/nvd-CVE-2026-8087/ Shimi's Cyber World en 2026-05-07T23:16:45+03:00 CVE-2026-8087 — OSGeo Gdal Buffer Overflowvulnerability, cve, medium-severity, buffer-overflow, cwe-119, cwe-122 https://shimiscyberworld.com/posts/nvd-CVE-2026-43510/ Shimi's Cyber World en 2026-05-07T23:16:44+03:00 CVE-2026-43510: CISA's manage.get.gov Domain Manager Vulnerabilityvulnerability, cve, high-severity, cwe-266 https://shimiscyberworld.com/posts/nvd-CVE-2026-42241/ Shimi's Cyber World en 2026-05-07T23:16:44+03:00 CVE-2026-42241 — Applications Using ParquetSharp To Read Untrusted Parquet Fi Vulnerabilityvulnerability, cve, medium-severity, cwe-789 https://shimiscyberworld.com/posts/nvd-CVE-2026-42239/ Shimi's Cyber World en 2026-05-07T23:16:44+03:00 Budibase Low-Code Platform Vulnerability Allows Full Account Takeover via XSSvulnerability, cve, high-severity, cross-site-scripting-xss, cwe-1004 https://shimiscyberworld.com/posts/daily-digest/ Shimi's Cyber World en 2026-05-07T23:00:00+03:00 Daily Security Digest — 2026-05-07daily-digest, vulnerability, cve, critical, high-severity, cwe-346, cross-site-scripting-xss, cwe-79, denial-of-service, cwe-476 https://shimiscyberworld.com/posts/nvd-CVE-2026-8086/ Shimi's Cyber World en 2026-05-07T22:16:03+03:00 CVE-2026-8086 — OSGeo Gdal Buffer Overflowvulnerability, cve, medium-severity, buffer-overflow, cwe-119, cwe-122 https://shimiscyberworld.com/posts/nvd-CVE-2026-8083/ Shimi's Cyber World en 2026-05-07T22:16:02+03:00 CVE-2026-8083: SQL Injection in SourceCodester Pharmacy Systemvulnerability, cve, high-severity, sql-injection, cwe-74, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-44742/ Shimi's Cyber World en 2026-05-07T22:16:02+03:00 CVE-2026-44742: Postorius HTML Injection Exploited In The Wildvulnerability, cve, high-severity, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-44244/ Shimi's Cyber World en 2026-05-07T22:16:02+03:00 GitPython CVE-2026-44244 Allows Remote Code Execution via HooksPath Injectionvulnerability, cve, high-severity, cwe-94 https://shimiscyberworld.com/posts/nvd-CVE-2026-42284/ Shimi's Cyber World en 2026-05-07T22:16:01+03:00 CVE-2026-42284: GitPython Vulnerability Allows Remote Code Execution Via Malicious Clonesvulnerability, cve, high-severity, cwe-88 https://shimiscyberworld.com/posts/nvd-CVE-2026-42215/ Shimi's Cyber World en 2026-05-07T22:16:01+03:00 CVE-2026-42215: GitPython Arbitrary Command Execution Vulnerabilityvulnerability, cve, high-severity, cwe-78 https://shimiscyberworld.com/posts/nvd-CVE-2026-42214/ Shimi's Cyber World en 2026-05-07T22:16:01+03:00 NotepadNext CVE-2026-42214: Arbitrary Command Execution via Malicious Extensionsvulnerability, cve, high-severity, cwe-94 https://shimiscyberworld.com/posts/nvd-CVE-2026-41906/ Shimi's Cyber World en 2026-05-07T22:16:01+03:00 FreeScout CVE-2026-41906: Agent Can Expose Hidden Customer Datavulnerability, cve, high-severity, cwe-639 https://shimiscyberworld.com/posts/nvd-CVE-2026-41905/ Shimi's Cyber World en 2026-05-07T22:16:01+03:00 FreeScout CVE-2026-41905: Server-Side Request Forgery via Redirect Logicvulnerability, cve, high-severity, cwe-918 https://shimiscyberworld.com/posts/nvd-CVE-2026-41904/ Shimi's Cyber World en 2026-05-07T22:16:01+03:00 CVE-2026-41904: FreeScout XSS Delivers Payloads via Auto-Replyvulnerability, cve, high-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-41903/ Shimi's Cyber World en 2026-05-07T22:16:00+03:00 CVE-2026-41903 — FreeScout is a free help desk and shared inbox built withvulnerability, cve, medium-severity, cwe-863 https://shimiscyberworld.com/posts/nvd-CVE-2026-41902/ Shimi's Cyber World en 2026-05-07T22:16:00+03:00 CVE-2026-41902: FreeScout Invite Hash Vulnerability Allows Permanent Account Takeovervulnerability, cve, critical, high-severity, cwe-613 https://shimiscyberworld.com/posts/nvd-CVE-2026-8081/ Shimi's Cyber World en 2026-05-07T21:16:27+03:00 CVE-2026-8081 — Router-For-Me CLIProxyAPI Server-Side Request Forgeryvulnerability, cve, medium-severity, server-side-request-forgery, cwe-918 https://shimiscyberworld.com/posts/nvd-CVE-2026-37709/ Shimi's Cyber World en 2026-05-07T21:16:19+03:00 Snipe-IT CVE-2026-37709: Critical RCE via Insecure Permissionsvulnerability, cve, critical, high-severity, cwe-284 https://shimiscyberworld.com/posts/telegram-1542954397-4572/ Shimi's Cyber World en 2026-05-07T21:03:42+03:00 Anonymous Claims Control Over Three Chinese Satellites https://shimiscyberworld.com/posts/pcpjack-credential-stealer-exploits-5-cves-to-spread-worm-li-mu956/ Shimi's Cyber World en 2026-05-07T20:45:00+03:00 PCPJack Credential Stealer Exploits 5 CVEs for Cloud Worm-Like Spreadthreat-intel, vulnerability, malware, data-breach, cloud, identity, tools, the-hacker-news https://shimiscyberworld.com/posts/nvd-CVE-2026-7415/ Shimi's Cyber World en 2026-05-07T20:15:59+03:00 CVE-2026-7415: Yarbo Robot Firmware Exposes Sensitive Data via Anonymous MQTTvulnerability, cve, critical, high-severity, cwe-306 https://shimiscyberworld.com/posts/nvd-CVE-2026-7414/ Shimi's Cyber World en 2026-05-07T20:15:59+03:00 Yarbo Firmware v2.3.9 Critical Hardcoded Credential Vulnerabilityvulnerability, cve, critical, high-severity, cwe-798 https://shimiscyberworld.com/posts/nvd-CVE-2026-7413/ Shimi's Cyber World en 2026-05-07T20:15:59+03:00 CVE-2026-7413: Hidden Backdoor Found in Yarbo Firmwarevulnerability, cve, high-severity, cwe-912 https://shimiscyberworld.com/posts/has-cisa-finally-found-its-new-leader-in-tom-parker-5seag/ Shimi's Cyber World en 2026-05-07T19:55:12+03:00 Tom Parker Tipped for CISA Leadership Rolethreat-intel, tools https://shimiscyberworld.com/posts/palo-alto-zero-day-exploited-in-campaign-bearing-hallmarks-o-23gll/ Shimi's Cyber World en 2026-05-07T18:31:12+03:00 Palo Alto Networks Zero-Day Exploited by Suspected Chinese State Actorthreat-intel, vulnerability https://shimiscyberworld.com/posts/ivanti-warns-of-new-epmm-flaw-exploited-in-zero-day-attacks-rm9dt/ Shimi's Cyber World en 2026-05-07T18:20:51+03:00 Ivanti EPMM RCE Vulnerability Exploited in Zero-Day Attacksthreat-intel, data-breach, malware, vulnerability https://shimiscyberworld.com/posts/nvd-CVE-2026-44264/ Shimi's Cyber World en 2026-05-07T18:16:10+03:00 CVE-2026-44264 — Weblate is a web based localization tool. Prior to versionvulnerability, cve, medium-severity, cwe-80 https://shimiscyberworld.com/posts/nvd-CVE-2026-44263/ Shimi's Cyber World en 2026-05-07T18:16:10+03:00 CVE-2026-44263 — Weblate is a web based localization tool. Prior to versionvulnerability, cve, medium-severity, cwe-203 https://shimiscyberworld.com/posts/nvd-CVE-2026-42011/ Shimi's Cyber World en 2026-05-07T18:16:09+03:00 gnutls CVE-2026-42011: Certificate Validation Bypass Poses MITM Riskvulnerability, cve, high-severity, cwe-295 https://shimiscyberworld.com/posts/nvd-CVE-2026-41689/ Shimi's Cyber World en 2026-05-07T18:16:09+03:00 CVE-2026-41689 — Wallos is an open-source, self-hostable personalvulnerability, cve, medium-severity, cwe-863, cwe-918 https://shimiscyberworld.com/posts/nvd-CVE-2026-41688/ Shimi's Cyber World en 2026-05-07T18:16:09+03:00 CVE-2026-41688: Wallos SSRF Bypass via DNS Rebindingvulnerability, cve, high-severity, server-side-request-forgery, cwe-918 https://shimiscyberworld.com/posts/nvd-CVE-2026-41687/ Shimi's Cyber World en 2026-05-07T18:16:09+03:00 CVE-2026-41687 — Server-Side Request Forgeryvulnerability, cve, medium-severity, server-side-request-forgery, cwe-918 https://shimiscyberworld.com/posts/nvd-CVE-2026-41650/ Shimi's Cyber World en 2026-05-07T18:16:07+03:00 CVE-2026-41650 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-91 https://shimiscyberworld.com/posts/nvd-CVE-2026-41519/ Shimi's Cyber World en 2026-05-07T18:16:07+03:00 CVE-2026-41519 — Weblate is a web based localization tool. Prior to versionvulnerability, cve, medium-severity, cwe-613 https://shimiscyberworld.com/posts/nvd-CVE-2026-41505/ Shimi's Cyber World en 2026-05-07T18:16:07+03:00 CVE-2026-41505: RELATE Courseware Package Suffers Predictable Token Generation Flawvulnerability, cve, high-severity, cwe-330, cwe-338 https://shimiscyberworld.com/posts/nvd-CVE-2026-41422/ Shimi's Cyber World en 2026-05-07T18:16:06+03:00 Daptin Headless CMS SQLi Puts Data at High Riskvulnerability, cve, high-severity, cwe-89 https://shimiscyberworld.com/posts/north-carolina-man-pleads-guilty-to-doxxing-supreme-court-ju-ur6p9/ Shimi's Cyber World en 2026-05-07T18:00:00+03:00 North Carolina Man Pleads Guilty to Doxxing Supreme Court Justicesthreat-intel, data-breach, government https://shimiscyberworld.com/posts/telegram-1373735086-5020/ Shimi's Cyber World en 2026-05-07T17:37:59+03:00 Ransomware Groups Aggressively Target Healthcare Sector Globallydarkweb, threat-intel, ransomware, malware, darkfeed https://shimiscyberworld.com/posts/claude-code-oauth-tokens-can-be-stolen-through-stealthy-mcp-1mzs9/ Shimi's Cyber World en 2026-05-07T17:33:06+03:00 Claude Code OAuth Tokens Vulnerable to Stealthy MCP Hijackingthreat-intel, vulnerability, identity https://shimiscyberworld.com/posts/nvd-CVE-2026-6795/ Shimi's Cyber World en 2026-05-07T17:16:04+03:00 DivvyDrive Open Redirect Vulnerability CVE-2026-6795 Rated Criticalvulnerability, cve, critical, high-severity, open-redirect, cwe-601 https://shimiscyberworld.com/posts/nvd-CVE-2026-41685/ Shimi's Cyber World en 2026-05-07T17:16:03+03:00 CVE-2026-41685 — Incus is a system container and virtual machine manager.vulnerability, cve, medium-severity, cwe-770 https://shimiscyberworld.com/posts/nvd-CVE-2026-41684/ Shimi's Cyber World en 2026-05-07T17:16:03+03:00 CVE-2026-41684 — Incus is a system container and virtual machine manager.vulnerability, cve, medium-severity, cwe-476 https://shimiscyberworld.com/posts/nvd-CVE-2026-41647/ Shimi's Cyber World en 2026-05-07T17:16:03+03:00 CVE-2026-41647 — Incus is a system container and virtual machine manager.vulnerability, cve, medium-severity, cwe-476 https://shimiscyberworld.com/posts/nvd-CVE-2026-41589/ Shimi's Cyber World en 2026-05-07T17:16:02+03:00 CVE-2026-41589: Critical Path Traversal in Wish SSH Server SCP Middlewarevulnerability, cve, critical, high-severity, path-traversal, cwe-22 https://shimiscyberworld.com/posts/nvd-CVE-2026-41554/ Shimi's Cyber World en 2026-05-07T17:16:02+03:00 Bricks Builder Flaw: CVE-2026-41554 Exposes Websites to Reflected XSSvulnerability, cve, high-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-41490/ Shimi's Cyber World en 2026-05-07T17:16:02+03:00 Dagster Orchestration Platform Vulnerable to SQL Injection via Dynamic Partitionsvulnerability, cve, high-severity, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2025-14341/ Shimi's Cyber World en 2026-05-07T17:16:00+03:00 CVE-2025-14341: DivvyDrive Vulnerability Allows Excessive Allocation, Floodingvulnerability, cve, high-severity, cwe-770, cwe-915 https://shimiscyberworld.com/posts/one-click-total-shutdown-the-patient-zero-webinar-on-kil-imnwl/ Shimi's Cyber World en 2026-05-07T16:50:00+03:00 AI-Powered Phishing: The 'Patient Zero' Threat to Enterprise Securitythreat-intel, vulnerability, data-breach, the-hacker-news https://shimiscyberworld.com/posts/attackers-could-exploit-ai-vision-models-using-imperceptible-h4msp/ Shimi's Cyber World en 2026-05-07T16:45:53+03:00 Cisco Researchers Expose Pixel-Level Attacks on AI Vision Modelsthreat-intel, vulnerability, ai-security https://shimiscyberworld.com/posts/nvd-CVE-2026-6002/ Shimi's Cyber World en 2026-05-07T16:16:13+03:00 DivvyDrive XSS Vulnerability (CVE-2026-6002) Poses High Riskvulnerability, cve, high-severity, cross-site-scripting-xss, cwe-80 https://shimiscyberworld.com/posts/nvd-CVE-2026-5791/ Shimi's Cyber World en 2026-05-07T16:16:13+03:00 DivvyDrive Critical CSRF Vulnerability: CVE-2026-5791 Poses Remote Attack Riskvulnerability, cve, critical, high-severity, cwe-352 https://shimiscyberworld.com/posts/nvd-CVE-2026-5784/ Shimi's Cyber World en 2026-05-07T16:16:13+03:00 DivvyDrive Stored XSS Vulnerability (CVE-2026-5784) Poses High Riskvulnerability, cve, high-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/ai-coding-agents-could-fuel-next-supply-chain-crisis-fmgkw/ Shimi's Cyber World en 2026-05-07T16:00:00+03:00 AI Coding Agents Fuel Next Supply Chain Crisis with 'TrustFall' Attacksthreat-intel, vulnerability, securityweek https://shimiscyberworld.com/posts/polish-intelligence-warns-hackers-attacked-water-treatment-c-ctbni/ Shimi's Cyber World en 2026-05-07T15:38:00+03:00 Polish Intelligence Warns of Attacks on Water Treatment Systemsthreat-intel, data-breach, government https://shimiscyberworld.com/posts/nvd-CVE-2026-6508/ Shimi's Cyber World en 2026-05-07T15:16:18+03:00 CVE-2026-6508: Liderahenk Origin Validation Error Allows Critical Accessvulnerability, cve, critical, high-severity, cwe-346 https://shimiscyberworld.com/posts/nvd-CVE-2026-42285/ Shimi's Cyber World en 2026-05-07T15:16:18+03:00 CVE-2026-42285: Critical GoBGP Flaw Allows Remote Crash via Malformed UPDATEvulnerability, cve, high-severity, cwe-476 https://shimiscyberworld.com/posts/nvd-CVE-2026-42010/ Shimi's Cyber World en 2026-05-07T15:16:17+03:00 CVE-2026-42010: GnuTLS RSA-PSK NUL Byte Authentication Bypassvulnerability, cve, high-severity, authentication-bypass https://shimiscyberworld.com/posts/nvd-CVE-2026-41643/ Shimi's Cyber World en 2026-05-07T15:16:17+03:00 CVE-2026-41643: GoBGP Remote DoS Vulnerability Exposes Network Infrastructurevulnerability, cve, high-severity, denial-of-service, cwe-129 https://shimiscyberworld.com/posts/nvd-CVE-2026-41642/ Shimi's Cyber World en 2026-05-07T15:16:17+03:00 GoBGP DoS Vulnerability (CVE-2026-41642) Patched in Version 4.4.0vulnerability, cve, high-severity, denial-of-service, cwe-476 https://shimiscyberworld.com/posts/nvd-CVE-2026-3953/ Shimi's Cyber World en 2026-05-07T15:16:16+03:00 CVE-2026-3953: Gosoft Proticaret E-Commerce XSS Vulnerabilityvulnerability, cve, high-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/threatsday-bulletin-edge-plaintext-passwords-ics-0-days-p-7p25i/ Shimi's Cyber World en 2026-05-07T14:33:00+03:00 Old-School Attacks Still Win: Credential Dumps and Weak Defenses Plague 2026threat-intel, vulnerability, the-hacker-news https://shimiscyberworld.com/posts/nvd-CVE-2026-27415/ Shimi's Cyber World en 2026-05-07T14:15:59+03:00 CVE-2026-27415 — PluginUs.Net BEAR Vulnerabilityvulnerability, cve, medium-severity, cwe-352 https://shimiscyberworld.com/posts/telegram-1427288221-8889/ Shimi's Cyber World en 2026-05-07T14:09:25+03:00 MedusaLocker Ransomware Group Details Financial Motivation, Operational Shiftsisrael, telegram https://shimiscyberworld.com/posts/day-zero-readiness-the-operational-gaps-that-break-incident-h2q7a/ Shimi's Cyber World en 2026-05-07T13:54:00+03:00 Incident Response Retainers Aren't Readiness: The Operational Gapthreat-intel, vulnerability, the-hacker-news https://shimiscyberworld.com/posts/gemini-cli-vulnerability-could-have-led-to-code-execution-s-ite2y/ Shimi's Cyber World en 2026-05-07T13:39:34+03:00 Gemini CLI Vulnerability: Prompt Injection Leads to Code Executionthreat-intel, vulnerability, ai-security, tools, securityweek https://shimiscyberworld.com/posts/pypi-packages-deliver-zichatbot-malware-via-zulip-apis-on-wi-g5ity/ Shimi's Cyber World en 2026-05-07T12:20:00+03:00 PyPI Packages Deliver ZiChatBot Malware to Windows and Linuxthreat-intel, vulnerability, malware, microsoft https://shimiscyberworld.com/posts/nvd-CVE-2026-44407/ Shimi's Cyber World en 2026-05-07T12:16:27+03:00 CVE-2026-44407 — Denial of Servicevulnerability, cve, medium-severity, denial-of-service, cwe-134 https://shimiscyberworld.com/posts/nvd-CVE-2026-27421/ Shimi's Cyber World en 2026-05-07T12:16:27+03:00 CVE-2026-27421 — WProyal Royal Elementor Addons Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-27416/ Shimi's Cyber World en 2026-05-07T12:16:27+03:00 CVE-2026-27416 — BPlugins PDF Poster Vulnerabilityvulnerability, cve, medium-severity, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2026-27329/ Shimi's Cyber World en 2026-05-07T12:16:27+03:00 CVE-2026-27329 — YITH YITH WooCommerce Wishlist Vulnerabilityvulnerability, cve, medium-severity, cwe-639 https://shimiscyberworld.com/posts/nvd-CVE-2026-25468/ Shimi's Cyber World en 2026-05-07T12:16:27+03:00 CVE-2026-25468 — WeDevs Happy Addons For Elementor Vulnerabilityvulnerability, cve, medium-severity, cwe-497 https://shimiscyberworld.com/posts/nvd-CVE-2026-25436/ Shimi's Cyber World en 2026-05-07T12:16:26+03:00 CVE-2026-25436 — WProyal Royal Elementor Addons Vulnerabilityvulnerability, cve, medium-severity, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2025-68604/ Shimi's Cyber World en 2026-05-07T12:16:26+03:00 CVE-2025-68604 — WPGraphQL Vulnerabilityvulnerability, cve, medium-severity, cwe-352 https://shimiscyberworld.com/posts/nvd-CVE-2025-68060/ Shimi's Cyber World en 2026-05-07T12:16:26+03:00 CVE-2025-68060: High-Severity SQL Injection in WPMart Team Member Pluginvulnerability, cve, high-severity, sql-injection, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2025-66105/ Shimi's Cyber World en 2026-05-07T12:16:26+03:00 CVE-2025-66105 — Magepeople Inc. Bus Ticket Booking With Seat Reservation Vulnerabilityvulnerability, cve, medium-severity, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2025-62127/ Shimi's Cyber World en 2026-05-07T12:16:26+03:00 CVE-2025-62127 — WEN Themes WEN Logo Slider Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2025-2514/ Shimi's Cyber World en 2026-05-07T12:16:26+03:00 CVE-2025-2514 — Hitachi Virtual Storage Platform G130, G150, G350, G370, G70 Vulnerabilityvulnerability, cve, medium-severity, cwe-307 https://shimiscyberworld.com/posts/nvd-CVE-2025-1978/ Shimi's Cyber World en 2026-05-07T12:16:26+03:00 CVE-2025-1978: Hitachi Storage RCE Vulnerability Exposes Enterprise Datavulnerability, cve, high-severity, remote-code-execution, cwe-94 https://shimiscyberworld.com/posts/nvd-CVE-2024-43384/ Shimi's Cyber World en 2026-05-07T12:16:24+03:00 CVE-2024-43384: Root Password Exposure via Improper Information Removalvulnerability, cve, high-severity, cwe-212 https://shimiscyberworld.com/posts/nvd-CVE-2026-44406/ Shimi's Cyber World en 2026-05-07T11:16:00+03:00 CVE-2026-44406 — Code Executionvulnerability, cve, medium-severity, code-execution, cwe-427 https://shimiscyberworld.com/posts/nvd-CVE-2025-9661/ Shimi's Cyber World en 2026-05-07T11:16:00+03:00 Hitachi VSP One Block OS Command Injection (CVE-2025-9661) CVSS 8.1vulnerability, cve, high-severity, command-injection, cwe-78 https://shimiscyberworld.com/posts/woflow-447-593-breached-accounts-rhbn4/ Shimi's Cyber World en 2026-05-07T09:48:33+03:00 Woflow Data Breach: ShinyHunters Exposes 447K Accountsdata-breach https://shimiscyberworld.com/posts/nvd-CVE-2026-8063/ Shimi's Cyber World en 2026-05-07T09:16:05+03:00 CVE-2026-8063 — Null Pointer Dereferencevulnerability, cve, medium-severity, null-pointer-dereference, cwe-476 https://shimiscyberworld.com/posts/nvd-CVE-2026-7252/ Shimi's Cyber World en 2026-05-07T09:16:05+03:00 WP-Optimize Plugin Flaw Allows Arbitrary File Deletion, RCE via wp-config.phpvulnerability, cve, high-severity, remote-code-execution, cwe-22 https://shimiscyberworld.com/posts/nvd-CVE-2026-6692/ Shimi's Cyber World en 2026-05-07T09:16:05+03:00 CVE-2026-6692: WordPress Slider Revolution RCE Vulnerabilityvulnerability, cve, high-severity, remote-code-execution, cwe-434 https://shimiscyberworld.com/posts/nvd-CVE-2026-4348/ Shimi's Cyber World en 2026-05-07T09:16:05+03:00 CVE-2026-4348: Unauthenticated SQLi in BetterDocs Pro WordPress Pluginvulnerability, cve, high-severity, sql-injection, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-41641/ Shimi's Cyber World en 2026-05-07T09:16:05+03:00 NocoBase SQL Injection Bypass (CVE-2026-41641) Exposes Datavulnerability, cve, high-severity, cwe-89, cwe-284 https://shimiscyberworld.com/posts/nvd-CVE-2026-41413/ Shimi's Cyber World en 2026-05-07T09:16:04+03:00 CVE-2026-41413 — Istio is an open platform to connect, manage, and securevulnerability, cve, medium-severity, cwe-918 https://shimiscyberworld.com/posts/nvd-CVE-2026-41143/ Shimi's Cyber World en 2026-05-07T09:16:04+03:00 YesWiki SQL Injection (CVE-2026-41143) Risks Data Exposurevulnerability, cve, high-severity, sql-injection, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-41139/ Shimi's Cyber World en 2026-05-07T09:16:04+03:00 Math.js Arbitrary Code Execution via Expression Parser (CVE-2026-41139)vulnerability, cve, high-severity, cwe-915 https://shimiscyberworld.com/posts/nvd-CVE-2026-6214/ Shimi's Cyber World en 2026-05-07T07:16:35+03:00 CVE-2026-6214 — The Forminator Forms plugin for WordPress is vulnerable tovulnerability, cve, medium-severity, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2026-42194/ Shimi's Cyber World en 2026-05-07T07:16:34+03:00 CVE-2026-42194 — Server-Side Request Forgeryvulnerability, cve, medium-severity, server-side-request-forgery, cwe-918 https://shimiscyberworld.com/posts/nvd-CVE-2026-41671/ Shimi's Cyber World en 2026-05-07T07:16:32+03:00 CVE-2026-41671 — Authentication Bypassvulnerability, cve, medium-severity, authentication-bypass, cwe-287 https://shimiscyberworld.com/posts/nvd-CVE-2026-41670/ Shimi's Cyber World en 2026-05-07T07:16:30+03:00 CVE-2026-41670: Admidio SAML IdP Bypass Exposes User Datavulnerability, cve, high-severity, cwe-20, cwe-601 https://shimiscyberworld.com/posts/nvd-CVE-2026-41669/ Shimi's Cyber World en 2026-05-07T07:16:30+03:00 CVE-2026-41669: Admidio SAML Signature Bypass Puts User Management at Riskvulnerability, cve, high-severity, cwe-347 https://shimiscyberworld.com/posts/nvd-CVE-2026-41661/ Shimi's Cyber World en 2026-05-07T07:16:29+03:00 CVE-2026-41661 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-41660/ Shimi's Cyber World en 2026-05-07T07:16:29+03:00 Admidio CVE-2026-41660: Logic Error Allows 2FA Bypass for Admin Accountsvulnerability, cve, high-severity, cwe-863 https://shimiscyberworld.com/posts/nvd-CVE-2026-41658/ Shimi's Cyber World en 2026-05-07T07:16:29+03:00 CVE-2026-41658 — Admidio is an open-source user management solution. Priorvulnerability, cve, medium-severity, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2026-41655/ Shimi's Cyber World en 2026-05-07T07:16:28+03:00 CVE-2026-41655 — Path Traversalvulnerability, cve, medium-severity, path-traversal, cwe-22 https://shimiscyberworld.com/posts/nvd-CVE-2026-41640/ Shimi's Cyber World en 2026-05-07T07:16:28+03:00 CVE-2026-41640: NocoBase No-Code Platform SQL Injectionvulnerability, cve, high-severity, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-41201/ Shimi's Cyber World en 2026-05-07T07:16:26+03:00 CVE-2026-41201: Critical CI4MS Account Takeover Via Stored XSSvulnerability, cve, critical, high-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-41142/ Shimi's Cyber World en 2026-05-07T07:16:26+03:00 CVE-2026-41142: OpenEXR Integer Overflow Leads to Heap OOB Writevulnerability, cve, high-severity, integer-overflow, cwe-190 https://shimiscyberworld.com/posts/nvd-CVE-2026-41002/ Shimi's Cyber World en 2026-05-07T07:16:25+03:00 Spring Cloud Config Server Vulnerable to TOCTOU Attacks (CVE-2026-41002)vulnerability, cve, high-severity, cwe-367 https://shimiscyberworld.com/posts/nvd-CVE-2026-40982/ Shimi's Cyber World en 2026-05-07T07:16:24+03:00 Spring Cloud Config Vulnerability CVE-2026-40982 Allows Directory Traversalvulnerability, cve, critical, high-severity, path-traversal, cwe-22 https://shimiscyberworld.com/posts/nvd-CVE-2026-40981/ Shimi's Cyber World en 2026-05-07T07:16:24+03:00 CVE-2026-40981: Spring Cloud Config Exposes GCP Secretsvulnerability, cve, high-severity, cwe-639 https://shimiscyberworld.com/posts/nvd-CVE-2026-4807/ Shimi's Cyber World en 2026-05-07T06:16:08+03:00 CVE-2026-4807 — The Appointment Booking Calendar plugin for WordPress isvulnerability, cve, medium-severity, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2026-6222/ Shimi's Cyber World en 2026-05-07T05:16:37+03:00 CVE-2026-6222 — The Forminator Forms plugin for WordPress is vulnerable tovulnerability, cve, medium-severity, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2026-40003/ Shimi's Cyber World en 2026-05-07T05:16:03+03:00 CVE-2026-40003 — Code Executionvulnerability, cve, medium-severity, code-execution, cwe-787 https://shimiscyberworld.com/posts/north-korean-hackers-targeted-ethnic-koreans-in-china-with-a-941im/ Shimi's Cyber World en 2026-05-07T03:12:00+03:00 North Korean APT37 Targets Ethnic Koreans in China with BirdCall Malwarethreat-intel, data-breach, government, malware https://shimiscyberworld.com/posts/nvd-CVE-2026-41484/ Shimi's Cyber World en 2026-05-07T01:16:26+03:00 CVE-2026-41484 — OpenTelemetry.Exporter.OneCollector is a .NET exporter thatvulnerability, cve, medium-severity, cwe-770 https://shimiscyberworld.com/posts/nvd-CVE-2026-41483/ Shimi's Cyber World en 2026-05-07T01:16:25+03:00 CVE-2026-41483 — OpenTelemetry.Resources.Azure is the .NET resource detectorvulnerability, cve, medium-severity, cwe-770 https://shimiscyberworld.com/posts/nvd-CVE-2026-41417/ Shimi's Cyber World en 2026-05-07T01:16:25+03:00 CVE-2026-41417 — Netty allows request-line validation to be bypassed when avulnerability, cve, medium-severity, cwe-93, cwe-444 https://shimiscyberworld.com/posts/nvd-CVE-2026-41310/ Shimi's Cyber World en 2026-05-07T01:16:25+03:00 CVE-2026-41310 — OpenTelemetry.Exporter.Zipkin is the .NET Zipkin exportervulnerability, cve, medium-severity, cwe-400, cwe-770 https://shimiscyberworld.com/posts/nvd-CVE-2026-40296/ Shimi's Cyber World en 2026-05-07T01:16:25+03:00 CVE-2026-40296 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-40281/ Shimi's Cyber World en 2026-05-07T00:16:01+03:00 Gotenberg PDF API Vulnerability CVE-2026-40281 Allows Arbitrary File Overwritevulnerability, cve, critical, high-severity, arbitrary-file-access, cwe-88 https://shimiscyberworld.com/posts/mirai-based-xlabs-v1-botnet-exploits-adb-to-hijack-iot-devic-xqkjl/ Shimi's Cyber World en 2026-05-06T23:21:00+03:00 Mirai-Based xlabs_v1 Botnet Exploits ADB to Hijack IoT Devicesthreat-intel, vulnerability, malware, data-breach, the-hacker-news https://shimiscyberworld.com/posts/nvd-CVE-2026-8032/ Shimi's Cyber World en 2026-05-06T23:16:36+03:00 PicoTronica e-Clinic Healthcare System Hard-Coded Credential Vulnerability (CVE-2026-8032)vulnerability, cve, high-severity, cwe-259, cwe-798 https://shimiscyberworld.com/posts/nvd-CVE-2026-44118/ Shimi's Cyber World en 2026-05-06T23:16:35+03:00 OpenClaw CVE-2026-44118: Loopback Owner Context Spoofing Vulnerabilityvulnerability, cve, high-severity, cwe-290 https://shimiscyberworld.com/posts/nvd-CVE-2026-44116/ Shimi's Cyber World en 2026-05-06T23:16:35+03:00 OpenClaw Zalo Plugin SSRF Vulnerability (CVE-2026-44116) Poses High Riskvulnerability, cve, high-severity, server-side-request-forgery, cwe-918 https://shimiscyberworld.com/posts/nvd-CVE-2026-44115/ Shimi's Cyber World en 2026-05-06T23:16:35+03:00 CVE-2026-44115: OpenClaw Vulnerability Allows Shell Expansion Bypassvulnerability, cve, high-severity, cwe-184 https://shimiscyberworld.com/posts/nvd-CVE-2026-44114/ Shimi's Cyber World en 2026-05-06T23:16:35+03:00 OpenClaw Vulnerability: Environment Namespace Override Poses Supply Chain Riskvulnerability, cve, high-severity, cwe-184 https://shimiscyberworld.com/posts/nvd-CVE-2026-44110/ Shimi's Cyber World en 2026-05-06T23:16:34+03:00 OpenClaw Authorization Bypass (CVE-2026-44110) Exposes Room Controlvulnerability, cve, high-severity, cwe-863 https://shimiscyberworld.com/posts/nvd-CVE-2026-44109/ Shimi's Cyber World en 2026-05-06T23:16:34+03:00 OpenClaw Authentication Bypass: Critical Vulnerability in Feishu Webhookvulnerability, cve, critical, high-severity, authentication-bypass, cwe-1188 https://shimiscyberworld.com/posts/nvd-CVE-2026-43585/ Shimi's Cyber World en 2026-05-06T23:16:34+03:00 OpenClaw Vulnerability Allows Revoked Bearer Tokens to Remain Validvulnerability, cve, high-severity, cwe-672 https://shimiscyberworld.com/posts/nvd-CVE-2026-43584/ Shimi's Cyber World en 2026-05-06T23:16:34+03:00 CVE-2026-43584: OpenClaw Environment Variable Vulnerability Allows Execution Hijackvulnerability, cve, high-severity, cwe-184 https://shimiscyberworld.com/posts/nvd-CVE-2026-43581/ Shimi's Cyber World en 2026-05-06T23:16:33+03:00 CVE-2026-43581: Critical OpenClaw Sandbox Vulnerability Exposes DevToolsvulnerability, cve, critical, high-severity, cwe-1188 https://shimiscyberworld.com/posts/nvd-CVE-2026-43580/ Shimi's Cyber World en 2026-05-06T23:16:33+03:00 CVE-2026-43580: OpenClaw Vulnerability Bypasses SSRF Protectionsvulnerability, cve, high-severity, server-side-request-forgery, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2026-43578/ Shimi's Cyber World en 2026-05-06T23:16:33+03:00 CVE-2026-43578: OpenClaw Privilege Escalation Hits Critical Severityvulnerability, cve, critical, high-severity, privilege-escalation, cwe-184 https://shimiscyberworld.com/posts/nvd-CVE-2026-43577/ Shimi's Cyber World en 2026-05-06T23:16:33+03:00 CVE-2026-43577 — OpenClaw before 2026.4.9 contains a file read vulnerabilityvulnerability, cve, medium-severity, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2026-43576/ Shimi's Cyber World en 2026-05-06T23:16:33+03:00 OpenClaw SSRF Vulnerability (CVE-2026-43576) Allows Untrusted Pivotingvulnerability, cve, high-severity, server-side-request-forgery, cwe-601, cwe-918 https://shimiscyberworld.com/posts/nvd-CVE-2026-43575/ Shimi's Cyber World en 2026-05-06T23:16:33+03:00 CVE-2026-43575: OpenClaw Critical Auth Bypass Exposes Browser Sessionsvulnerability, cve, critical, high-severity, authentication-bypass, cwe-862 https://shimiscyberworld.com/posts/daily-digest/ Shimi's Cyber World en 2026-05-06T23:00:00+03:00 Daily Security Digest — 2026-05-06daily-digest, vulnerability, cve, high-severity, denial-of-service, remote-code-execution, cwe-94, cross-site-scripting-xss, cwe-79, sql-injection https://shimiscyberworld.com/posts/nvd-CVE-2026-8031/ Shimi's Cyber World en 2026-05-06T22:16:53+03:00 CVE-2026-8031 — PicoTronica E-Clinic Healthcare System ECHS Vulnerabilityvulnerability, cve, medium-severity, cwe-287, cwe-306 https://shimiscyberworld.com/posts/nvd-CVE-2026-41938/ Shimi's Cyber World en 2026-05-06T22:16:37+03:00 CVE-2026-41938: Vvveb Unrestricted File Upload Leads to RCEvulnerability, cve, high-severity, remote-code-execution, cwe-434 https://shimiscyberworld.com/posts/nvd-CVE-2026-41936/ Shimi's Cyber World en 2026-05-06T22:16:37+03:00 CVE-2026-41936: Vvveb XXE Allows File Disclosure, Privilege Escalationvulnerability, cve, high-severity, privilege-escalation, cwe-611 https://shimiscyberworld.com/posts/nvd-CVE-2026-41934/ Shimi's Cyber World en 2026-05-06T22:16:37+03:00 Vvveb RCE: Authenticated Users Can Achieve Unauthenticated Code Executionvulnerability, cve, high-severity, remote-code-execution, cwe-184 https://shimiscyberworld.com/posts/nvd-CVE-2026-41931/ Shimi's Cyber World en 2026-05-06T22:16:37+03:00 CVE-2026-41931 — Information Disclosurevulnerability, cve, medium-severity, information-disclosure, cwe-209, cwe-1188 https://shimiscyberworld.com/posts/nvd-CVE-2026-41930/ Shimi's Cyber World en 2026-05-06T22:16:37+03:00 CVE-2026-41930: Vvveb Docker Hard-Coded Credentials Lead to Critical Database Accessvulnerability, cve, critical, high-severity, cwe-306 https://shimiscyberworld.com/posts/nvd-CVE-2025-31960/ Shimi's Cyber World en 2026-05-06T22:16:35+03:00 CVE-2025-31960 — HCL BigFix Service Management (SM) is vulnerable tovulnerability, cve, medium-severity, cwe-209 https://shimiscyberworld.com/posts/nvd-CVE-2024-30151/ Shimi's Cyber World en 2026-05-06T22:16:35+03:00 HCL BigFix Service Management Privilege Escalation (CVE-2024-30151)vulnerability, cve, high-severity, privilege-escalation, cwe-532 https://shimiscyberworld.com/posts/critical-vm2-sandbox-bug-lets-attackers-execute-code-on-host-w0arn/ Shimi's Cyber World en 2026-05-06T21:38:38+03:00 vm2 Sandbox Bug: Critical RCE Allows Host System Takeoverthreat-intel, data-breach, malware, vulnerability, bleepingcomputer https://shimiscyberworld.com/posts/new-cisco-dos-flaw-requires-manual-reboot-to-revive-devices-bcyha/ Shimi's Cyber World en 2026-05-06T21:06:21+03:00 Cisco DoS Flaw Hits Network Controllers, Requires Manual Rebootthreat-intel, data-breach, malware, vulnerability https://shimiscyberworld.com/posts/nvd-CVE-2026-7875/ Shimi's Cyber World en 2026-05-06T20:16:24+03:00 NanoClaw Container Vulnerability Allows Arbitrary File Access, Recursive Deletionvulnerability, cve, high-severity, arbitrary-file-access, cwe-22 https://shimiscyberworld.com/posts/nvd-CVE-2026-42503/ Shimi's Cyber World en 2026-05-06T20:16:23+03:00 CVE-2026-42503: gopls Vulnerability Exposes Dev Environments to RCEvulnerability, cve, high-severity, cwe-1327 https://shimiscyberworld.com/posts/nvd-CVE-2026-23870/ Shimi's Cyber World en 2026-05-06T20:16:22+03:00 CVE-2026-23870: High-Severity DoS Flaw in React Server Componentsvulnerability, cve, high-severity, denial-of-service https://shimiscyberworld.com/posts/nvd-CVE-2026-20219/ Shimi's Cyber World en 2026-05-06T20:16:21+03:00 CVE-2026-20219 — The REST API Of Cisco Slido Vulnerabilityvulnerability, cve, medium-severity, cwe-639 https://shimiscyberworld.com/posts/nvd-CVE-2026-20195/ Shimi's Cyber World en 2026-05-06T20:16:21+03:00 CVE-2026-20195 — An Identity Management API Endpoint Of Cisco ISE Vulnerabilityvulnerability, cve, medium-severity, cwe-204 https://shimiscyberworld.com/posts/nvd-CVE-2026-20193/ Shimi's Cyber World en 2026-05-06T20:16:21+03:00 CVE-2026-20193 — The RADIUS Policy API Endpoints Of Cisco ISE Vulnerabilityvulnerability, cve, medium-severity, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2026-20189/ Shimi's Cyber World en 2026-05-06T20:16:21+03:00 CVE-2026-20189 — The Log File Download Functionality Of Cisco Prime Infrastru Vulnerabilityvulnerability, cve, medium-severity, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2026-20188/ Shimi's Cyber World en 2026-05-06T20:16:21+03:00 Cisco Crosswork, NSO DoS Vulnerability (CVE-2026-20188)vulnerability, cve, high-severity, denial-of-service, cwe-400 https://shimiscyberworld.com/posts/nvd-CVE-2026-20185/ Shimi's Cyber World en 2026-05-06T20:16:21+03:00 CVE-2026-20185: Cisco SG350/SG350X SNMP DoS Vulnerabilityvulnerability, cve, high-severity, denial-of-service, cwe-122 https://shimiscyberworld.com/posts/nvd-CVE-2026-20172/ Shimi's Cyber World en 2026-05-06T20:16:20+03:00 CVE-2026-20172 — The Lite Agent Feature Of Cisco Enterprise Chat And Email (E Vulnerabilityvulnerability, cve, medium-severity, cwe-646 https://shimiscyberworld.com/posts/nvd-CVE-2026-20169/ Shimi's Cyber World en 2026-05-06T20:16:20+03:00 CVE-2026-20169 — The Web-Based Management Interface Of Cisco IoT Field Networ Vulnerabilityvulnerability, cve, medium-severity, cwe-77 https://shimiscyberworld.com/posts/nvd-CVE-2026-20168/ Shimi's Cyber World en 2026-05-06T20:16:20+03:00 CVE-2026-20168 — The Web-Based Management Interface Of Cisco IoT Field Networ Vulnerabilityvulnerability, cve, medium-severity, cwe-388 https://shimiscyberworld.com/posts/nvd-CVE-2026-20167/ Shimi's Cyber World en 2026-05-06T20:16:20+03:00 Cisco IoT FND DoS Vulnerability (CVE-2026-20167) Allows Remote Router Reloadsvulnerability, cve, high-severity, denial-of-service, cwe-284 https://shimiscyberworld.com/posts/nvd-CVE-2026-20035/ Shimi's Cyber World en 2026-05-06T20:16:20+03:00 Cisco Unity Connection Web Inbox SSRF Vulnerability (CVE-2026-20035)vulnerability, cve, high-severity, server-side-request-forgery, cwe-918 https://shimiscyberworld.com/posts/nvd-CVE-2026-20034/ Shimi's Cyber World en 2026-05-06T20:16:20+03:00 Cisco Unity Connection: Authenticated RCE Via Web Management Interfacevulnerability, cve, high-severity, cwe-35 https://shimiscyberworld.com/posts/daemon-tools-devs-confirm-breach-release-malware-free-versi-mz2xg/ Shimi's Cyber World en 2026-05-06T19:43:30+03:00 DAEMON Tools Supply Chain Attack Confirmed, Malware-Free Version Releasedthreat-intel, data-breach, malware, tools https://shimiscyberworld.com/posts/nvd-CVE-2026-6863/ Shimi's Cyber World en 2026-05-06T19:16:12+03:00 CVE-2026-6863 — Velociraptor versions prior to 0.76.4 contain a crossvulnerability, cve, medium-severity, cwe-863 https://shimiscyberworld.com/posts/nvd-CVE-2026-6691/ Shimi's Cyber World en 2026-05-06T19:16:11+03:00 CVE-2026-6691: MongoDB C Driver Heap Overflow via GSSAPI Usernamevulnerability, cve, high-severity, buffer-overflow, cwe-120 https://shimiscyberworld.com/posts/nvd-CVE-2026-8027/ Shimi's Cyber World en 2026-05-06T18:16:13+03:00 CVE-2026-8027 — A weakness has been identified in FlowiseAI Flowise up tovulnerability, cve, medium-severity, cwe-285, cwe-639 https://shimiscyberworld.com/posts/nvd-CVE-2025-52613/ Shimi's Cyber World en 2026-05-06T18:16:08+03:00 CVE-2025-52613 — HCL BigFix Service Management (SM) is affected by use of avulnerability, cve, medium-severity, cwe-200 https://shimiscyberworld.com/posts/nvd-CVE-2025-31978/ Shimi's Cyber World en 2026-05-06T18:16:06+03:00 CVE-2025-31978 — HCL BigFix Service Management (SM) does not adequatelyvulnerability, cve, medium-severity, cwe-201 https://shimiscyberworld.com/posts/nvd-CVE-2025-31976/ Shimi's Cyber World en 2026-05-06T18:16:06+03:00 CVE-2025-31976 — HCL BigFix Service Management (SM) is vulnerable tovulnerability, cve, medium-severity, cwe-200 https://shimiscyberworld.com/posts/why-ransomware-attacks-succeed-even-when-backups-exist-s6wwb/ Shimi's Cyber World en 2026-05-06T17:04:14+03:00 Ransomware Attacks Succeed by Destroying Backups First, Not Just Encryptingthreat-intel, data-breach, malware, ransomware, bleepingcomputer https://shimiscyberworld.com/posts/muddywater-hackers-use-chaos-ransomware-as-a-decoy-in-attack-btsl8/ Shimi's Cyber World en 2026-05-06T16:02:52+03:00 MuddyWater Uses Chaos Ransomware as Decoy for Microsoft Teams Attacksthreat-intel, data-breach, malware, ransomware, microsoft, phishing https://shimiscyberworld.com/posts/nvd-CVE-2025-31951/ Shimi's Cyber World en 2026-05-06T15:16:26+03:00 HCL BigFix RunBookAI Vulnerability Allows Command Smugglingvulnerability, cve, high-severity, cwe-77, cwe-351, cwe-451 https://shimiscyberworld.com/posts/the-hacker-news-launches-cybersecurity-stars-awards-2026-a8nz8/ Shimi's Cyber World en 2026-05-06T15:03:00+03:00 The Hacker News Launches 'Cybersecurity Stars Awards 2026'threat-intel, vulnerability https://shimiscyberworld.com/posts/nvd-CVE-2026-6420/ Shimi's Cyber World en 2026-05-06T14:16:05+03:00 CVE-2026-6420 — Keylime Vulnerabilityvulnerability, cve, medium-severity, cwe-1241 https://shimiscyberworld.com/posts/nvd-CVE-2025-31970/ Shimi's Cyber World en 2026-05-06T14:16:03+03:00 CVE-2025-31970 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-358 https://shimiscyberworld.com/posts/your-ai-agents-are-already-inside-the-perimeter-do-you-know-va5k8/ Shimi's Cyber World en 2026-05-06T13:57:00+03:00 AI Agents Proliferating Faster Than Enterprise Governancethreat-intel, vulnerability, identity, ai-security https://shimiscyberworld.com/posts/nvd-CVE-2026-40001/ Shimi's Cyber World en 2026-05-06T13:16:19+03:00 CVE-2026-40001 — Code Executionvulnerability, cve, medium-severity, code-execution, cwe-269 https://shimiscyberworld.com/posts/nvd-CVE-2026-35255/ Shimi's Cyber World en 2026-05-06T13:16:19+03:00 CVE-2026-35255 — The Oracle Cloud Native Environment Command Line Interface P Vulnerabilityvulnerability, cve, medium-severity https://shimiscyberworld.com/posts/nvd-CVE-2026-1719/ Shimi's Cyber World en 2026-05-06T13:16:18+03:00 WordPress Gravity Bookings Plugin Vulnerable to SQL Injection (CVE-2026-1719)vulnerability, cve, high-severity, sql-injection, cwe-89 https://shimiscyberworld.com/posts/cisa-critical-infrastructure-must-master-isolation-recover-cncgj/ Shimi's Cyber World en 2026-05-06T13:15:34+03:00 CISA Mandates Isolation, Recovery for Critical Infrastructure Against Foreign Cyber Threatsthreat-intel, vulnerability https://shimiscyberworld.com/posts/legionproxy-10-144-breached-accounts-5jdcb/ Shimi's Cyber World en 2026-05-06T13:11:25+03:00 LegionProxy Breach Exposes 10,000 Accountsdata-breach https://shimiscyberworld.com/posts/google-s-android-apps-get-public-verification-to-stop-supply-uxtb6/ Shimi's Cyber World en 2026-05-06T12:13:00+03:00 Google Expands Android Binary Transparency to Counter Supply Chain Attacksthreat-intel, vulnerability https://shimiscyberworld.com/posts/windows-phone-link-exploited-by-cloudz-rat-to-steal-credenti-oy75b/ Shimi's Cyber World en 2026-05-06T11:34:00+03:00 CloudZ RAT and Pheno Plugin Target Windows Phone Link for Credential Theftthreat-intel, vulnerability, cloud, microsoft, identity, tools https://shimiscyberworld.com/posts/nvd-CVE-2026-7841/ Shimi's Cyber World en 2026-05-06T11:16:04+03:00 GeoVision GV-ASWeb RCE: High-Severity Flaw Affects Notification Settingsvulnerability, cve, high-severity, remote-code-execution, cwe-94 https://shimiscyberworld.com/posts/nvd-CVE-2026-7457/ Shimi's Cyber World en 2026-05-06T11:16:04+03:00 CVE-2026-7457 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-7448/ Shimi's Cyber World en 2026-05-06T11:16:04+03:00 CVE-2026-7448: WordPress LatePoint Plugin Open to Unauthenticated Stored XSSvulnerability, cve, high-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-7332/ Shimi's Cyber World en 2026-05-06T11:16:04+03:00 CVE-2026-7332: WordPress LatePoint Plugin XSS Flaw Exposes Unauthenticated Attackersvulnerability, cve, high-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-6672/ Shimi's Cyber World en 2026-05-06T11:16:03+03:00 CVE-2026-6672 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-6344/ Shimi's Cyber World en 2026-05-06T11:16:03+03:00 CVE-2026-6344 — Arbitrary File Accessvulnerability, cve, medium-severity, arbitrary-file-access, cwe-22 https://shimiscyberworld.com/posts/nvd-CVE-2026-35254/ Shimi's Cyber World en 2026-05-06T11:16:03+03:00 CVE-2026-35254 — The Oracle OCI CLI Product Of Oracle Open Source Projects. T Vulnerabilityvulnerability, cve, medium-severity https://shimiscyberworld.com/posts/nvd-CVE-2026-35253/ Shimi's Cyber World en 2026-05-06T11:16:03+03:00 CVE-2026-35253 — The Oracle Macoron Tool Product Of Oracle Open Source Projec Vulnerabilityvulnerability, cve, medium-severity https://shimiscyberworld.com/posts/telegram-1427288221-8884/ Shimi's Cyber World en 2026-05-06T10:02:50+03:00 Cyber News: Basic Security Hygiene Gaps Plague Most Organizationsisrael, cybersafe https://shimiscyberworld.com/posts/oracle-debuts-monthly-critical-security-patch-updates-a19et/ Shimi's Cyber World en 2026-05-06T09:32:17+03:00 Oracle to Issue Monthly Critical Security Patch Updatesthreat-intel, vulnerability https://shimiscyberworld.com/posts/nvd-CVE-2026-2306/ Shimi's Cyber World en 2026-05-06T09:16:03+03:00 CVE-2026-2306 — The Ninja Tables – Easy Data Table Builder plugin forvulnerability, cve, medium-severity, cwe-862 https://shimiscyberworld.com/posts/telegram-1542954397-4568/ Shimi's Cyber World en 2026-05-06T08:03:19+03:00 UK Age Verification Flaws Exploit Social Engineering, Parental Aidphishing, the-independent https://shimiscyberworld.com/posts/palo-alto-networks-to-patch-zero-day-exploited-to-hack-firew-awpvq/ Shimi's Cyber World en 2026-05-06T07:46:23+03:00 Palo Alto Networks Zero-Day Exploited to Hack Firewallsthreat-intel, vulnerability https://shimiscyberworld.com/posts/nvd-CVE-2026-5753/ Shimi's Cyber World en 2026-05-06T07:16:09+03:00 CVE-2026-5753 — The All-in-One WP Migration Unlimited Extension plugin forvulnerability, cve, medium-severity, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2026-3208/ Shimi's Cyber World en 2026-05-06T07:16:06+03:00 CVE-2026-3208 — The Mercado Pago payments for WooCommerce plugin forvulnerability, cve, medium-severity, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2026-7573/ Shimi's Cyber World en 2026-05-06T06:15:59+03:00 CVE-2026-7573 — An authorization bypass (CWE-639) in the GetUserRoles gRPCvulnerability, cve, medium-severity, cwe-639 https://shimiscyberworld.com/posts/nvd-CVE-2026-7572/ Shimi's Cyber World en 2026-05-06T06:15:58+03:00 CVE-2026-7572 — Denial of Servicevulnerability, cve, medium-severity, denial-of-service, cwe-193 https://shimiscyberworld.com/posts/nvd-CVE-2025-71256/ Shimi's Cyber World en 2026-05-06T05:16:05+03:00 CVE-2025-71256: nr Modem DoS Vulnerability Poses High Riskvulnerability, cve, high-severity, denial-of-service https://shimiscyberworld.com/posts/nvd-CVE-2025-71255/ Shimi's Cyber World en 2026-05-06T05:16:05+03:00 CVE-2025-71255: Modem IMS Vulnerability Exposes Devices to Remote DoSvulnerability, cve, high-severity, denial-of-service https://shimiscyberworld.com/posts/nvd-CVE-2025-71254/ Shimi's Cyber World en 2026-05-06T05:16:04+03:00 Modem IMS DoS Vulnerability (CVE-2025-71254) Poses Remote Threatvulnerability, cve, high-severity, denial-of-service https://shimiscyberworld.com/posts/nvd-CVE-2025-71253/ Shimi's Cyber World en 2026-05-06T05:16:04+03:00 Modem IMS Vulnerability (CVE-2025-71253) Allows Remote DoSvulnerability, cve, high-severity, denial-of-service https://shimiscyberworld.com/posts/nvd-CVE-2025-71252/ Shimi's Cyber World en 2026-05-06T05:16:04+03:00 CVE-2025-71252: Modem IMS Vulnerability Exposes Remote DoS Riskvulnerability, cve, high-severity, denial-of-service https://shimiscyberworld.com/posts/nvd-CVE-2025-71251/ Shimi's Cyber World en 2026-05-06T05:16:03+03:00 CVE-2025-71251: IMS DoS Vulnerability Poses High Riskvulnerability, cve, high-severity, denial-of-service