https://shimiscyberworld.com/posts/nvd-CVE-2026-41355/ Shimi's Cyber World en 2026-04-24T01:16:42+03:00 OpenShell Mirror Mode Allows Arbitrary Code Executionvulnerability, cve, high-severity, code-execution, cwe-829 https://shimiscyberworld.com/posts/nvd-CVE-2026-41353/ Shimi's Cyber World en 2026-04-24T01:16:42+03:00 OpenClaw: High-Severity Access Control Bypass Loomsvulnerability, cve, high-severity, cwe-472 https://shimiscyberworld.com/posts/nvd-CVE-2026-41352/ Shimi's Cyber World en 2026-04-24T01:16:42+03:00 OpenClaw RCE: Paired Nodes Bypass Auth, Allow Arbitrary Commandsvulnerability, cve, high-severity, remote-code-execution, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2026-41349/ Shimi's Cyber World en 2026-04-24T01:16:41+03:00 OpenClaw LLM Agent Bypass: Silent Execution Approval Disabledvulnerability, cve, high-severity, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2026-41347/ Shimi's Cyber World en 2026-04-24T01:16:41+03:00 OpenClaw CSRF Vulnerability: High-Severity Risk in Trusted-Proxy Deploymentsvulnerability, cve, high-severity, cwe-352 https://shimiscyberworld.com/posts/nvd-CVE-2026-41342/ Shimi's Cyber World en 2026-04-24T01:16:40+03:00 OpenClaw Authentication Bypass Poses Remote Onboarding Riskvulnerability, cve, high-severity, authentication-bypass, cwe-346 https://shimiscyberworld.com/posts/nvd-CVE-2026-41336/ Shimi's Cyber World en 2026-04-24T01:16:39+03:00 OpenClaw Vulnerability: Arbitrary Code Execution via .env File Overridevulnerability, cve, high-severity, cwe-829 https://shimiscyberworld.com/posts/nvd-CVE-2026-35431/ Shimi's Cyber World en 2026-04-24T01:16:38+03:00 Critical SSRF in Microsoft Entra ID Entitlement Managementvulnerability, cve, critical, high-severity, server-side-request-forgery, cwe-918 https://shimiscyberworld.com/posts/nvd-CVE-2026-33819/ Shimi's Cyber World en 2026-04-24T01:16:37+03:00 Critical Deserialization RCE in Microsoft Bing (CVE-2026-33819)vulnerability, cve, critical, high-severity, insecure-deserialization, cwe-502 https://shimiscyberworld.com/posts/nvd-CVE-2026-33102/ Shimi's Cyber World en 2026-04-24T01:16:37+03:00 M365 Copilot Critical Open Redirect Allows Privilege Escalationvulnerability, cve, critical, high-severity, open-redirect, cwe-601 https://shimiscyberworld.com/posts/nvd-CVE-2026-32210/ Shimi's Cyber World en 2026-04-24T01:16:35+03:00 Critical SSRF in Microsoft Dynamics 365 Poses Spoofing Riskvulnerability, cve, critical, high-severity, server-side-request-forgery, cwe-918 https://shimiscyberworld.com/posts/nvd-CVE-2026-32172/ Shimi's Cyber World en 2026-04-24T01:16:33+03:00 Microsoft Power Apps Vulnerability Allows Remote Code Executionvulnerability, cve, high-severity, cwe-427 https://shimiscyberworld.com/posts/nvd-CVE-2026-26210/ Shimi's Cyber World en 2026-04-24T01:16:26+03:00 Critical KTransformers Unsafe Deserialization Vulnerability (CVE-2026-26210)vulnerability, cve, critical, high-severity, insecure-deserialization, cwe-502 https://shimiscyberworld.com/posts/nvd-CVE-2026-26150/ Shimi's Cyber World en 2026-04-24T01:16:23+03:00 Microsoft Purview SSRF: Privilege Escalation Riskvulnerability, cve, high-severity, server-side-request-forgery, cwe-918 https://shimiscyberworld.com/posts/nvd-CVE-2026-24303/ Shimi's Cyber World en 2026-04-24T01:16:22+03:00 Critical Privilege Escalation in Microsoft Partner Centervulnerability, cve, critical, high-severity, improper-access-control, cwe-284 https://shimiscyberworld.com/posts/hackers-exploit-file-upload-bug-in-breeze-cache-wordpress-pl-htqmk/ Shimi's Cyber World en 2026-04-24T00:33:45+03:00 Breeze Cache Plugin Exploit: Unauthenticated File Upload Hits WordPressthreat-intel, data-breach, malware, vulnerability, identity https://shimiscyberworld.com/posts/nvd-CVE-2026-6942/ Shimi's Cyber World en 2026-04-24T00:16:06+03:00 Critical RCE Flaw in radare2-mcp: Command Injection via JSON-RPCvulnerability, cve, critical, high-severity, remote-code-execution, cwe-78 https://shimiscyberworld.com/posts/nvd-CVE-2026-6941/ Shimi's Cyber World en 2026-04-24T00:16:06+03:00 CVE-2026-6941 — Its Project Notes Handling That Path Traversalvulnerability, cve, medium-severity, path-traversal, cwe-59 https://shimiscyberworld.com/posts/nvd-CVE-2026-6940/ Shimi's Cyber World en 2026-04-24T00:16:06+03:00 Radare2 Path Traversal Flaw: Local Attackers Can Delete Arbitrary Directoriesvulnerability, cve, high-severity, path-traversal, cwe-22 https://shimiscyberworld.com/posts/nvd-CVE-2026-28525/ Shimi's Cyber World en 2026-04-24T00:16:05+03:00 CVE-2026-28525 — The Multipart Upload Parser In Mongoose_multipart.C That Denial of Servicevulnerability, cve, medium-severity, denial-of-service, cwe-125, cwe-191 https://shimiscyberworld.com/posts/frontier-ai-and-the-future-of-defense-your-top-questions-an-1z8qk/ Shimi's Cyber World en 2026-04-23T23:45:50+03:00 Frontier AI: CISO Questions and Defensive Realitiesthreat-intel, apt, malware, research https://shimiscyberworld.com/posts/nvd-CVE-2026-41272/ Shimi's Cyber World en 2026-04-23T23:16:15+03:00 Flowise SSRF Bypass: DNS Rebinding Opens LLM Flows to Attackersvulnerability, cve, high-severity, server-side-request-forgery, cwe-918 https://shimiscyberworld.com/posts/nvd-CVE-2026-41271/ Shimi's Cyber World en 2026-04-23T23:16:15+03:00 Flowise SSRF Vulnerability Exposes Internal Systemsvulnerability, cve, high-severity, server-side-request-forgery, cwe-918 https://shimiscyberworld.com/posts/nvd-CVE-2026-41270/ Shimi's Cyber World en 2026-04-23T23:16:15+03:00 Flowise SSRF Bypass: Internal Network at Riskvulnerability, cve, high-severity, server-side-request-forgery, cwe-284, cwe-918 https://shimiscyberworld.com/posts/nvd-CVE-2026-41269/ Shimi's Cyber World en 2026-04-23T23:16:15+03:00 Flowise RCE via Malicious JavaScript Uploadsvulnerability, cve, high-severity, remote-code-execution, cwe-434 https://shimiscyberworld.com/posts/nvd-CVE-2026-41268/ Shimi's Cyber World en 2026-04-23T23:16:15+03:00 Flowise RCE: Unauthenticated Command Executionvulnerability, cve, high-severity, cwe-20 https://shimiscyberworld.com/posts/nvd-CVE-2026-41267/ Shimi's Cyber World en 2026-04-23T23:16:15+03:00 Flowise Cloud Vulnerability Exposes Multi-Tenant Environmentsvulnerability, cve, high-severity, cwe-639, cwe-915 https://shimiscyberworld.com/posts/nvd-CVE-2026-41138/ Shimi's Cyber World en 2026-04-23T23:16:14+03:00 Flowise RCE: Unchecked Input Leads to Code Executionvulnerability, cve, high-severity, remote-code-execution, cwe-94 https://shimiscyberworld.com/posts/us-sanctions-cambodian-senator-for-millions-earned-through-s-h3to2/ Shimi's Cyber World en 2026-04-23T23:07:00+03:00 US Sanctions Cambodian Senator for Massive Scam Compound Operationsthreat-intel, data-breach, government https://shimiscyberworld.com/posts/daily-digest/ Shimi's Cyber World en 2026-04-23T23:00:00+03:00 Daily Security Digest — 2026-04-23daily-digest, vulnerability, cve, critical, high-severity, cwe-20, cwe-190, cwe-345, cwe-1284, cwe-617 https://shimiscyberworld.com/posts/nvd-CVE-2026-41246/ Shimi's Cyber World en 2026-04-23T22:17:29+03:00 Contour Kubernetes Ingress: Lua Code Injection Leads to Envoy RCEvulnerability, cve, high-severity, code-execution, cwe-94 https://shimiscyberworld.com/posts/nvd-CVE-2026-41241/ Shimi's Cyber World en 2026-04-23T22:17:29+03:00 Pretalx XSS: Organizer Search Exposes User Datavulnerability, cve, high-severity, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-41213/ Shimi's Cyber World en 2026-04-23T22:17:29+03:00 CVE-2026-41213 — @node-oauth/oauth2-server is a module for implementing anvulnerability, cve, medium-severity, cwe-307, cwe-1289 https://shimiscyberworld.com/posts/nvd-CVE-2026-41173/ Shimi's Cyber World en 2026-04-23T22:17:29+03:00 CVE-2026-41173 — The AWS X-Ray Remote Sampler package provides a samplervulnerability, cve, medium-severity, cwe-770 https://shimiscyberworld.com/posts/nvd-CVE-2026-41078/ Shimi's Cyber World en 2026-04-23T22:17:28+03:00 CVE-2026-41078 — Denial of Servicevulnerability, cve, medium-severity, denial-of-service, cwe-770 https://shimiscyberworld.com/posts/nvd-CVE-2026-40894/ Shimi's Cyber World en 2026-04-23T22:17:28+03:00 CVE-2026-40894 — Denial of Servicevulnerability, cve, medium-severity, denial-of-service, cwe-789 https://shimiscyberworld.com/posts/nvd-CVE-2026-40886/ Shimi's Cyber World en 2026-04-23T22:17:28+03:00 Argo Workflows Crash Loop: Malformed Annotation Halts Processingvulnerability, cve, high-severity, cwe-129 https://shimiscyberworld.com/posts/nvd-CVE-2026-31173/ Shimi's Cyber World en 2026-04-23T22:17:25+03:00 CVE-2026-31173 — ToToLink A3300R Firmware Vulnerabilityvulnerability, cve, medium-severity, cwe-77 https://shimiscyberworld.com/posts/nvd-CVE-2026-31169/ Shimi's Cyber World en 2026-04-23T22:17:25+03:00 CVE-2026-31169 — ToToLink A3300R Firmware Vulnerabilityvulnerability, cve, medium-severity, cwe-77 https://shimiscyberworld.com/posts/nvd-CVE-2026-31168/ Shimi's Cyber World en 2026-04-23T22:17:24+03:00 CVE-2026-31168 — ToToLink A3300R Firmware Vulnerabilityvulnerability, cve, medium-severity, cwe-77 https://shimiscyberworld.com/posts/nvd-CVE-2026-31167/ Shimi's Cyber World en 2026-04-23T22:17:24+03:00 CVE-2026-31167 — ToToLink A3300R Firmware Vulnerabilityvulnerability, cve, medium-severity, cwe-77 https://shimiscyberworld.com/posts/nvd-CVE-2026-31163/ Shimi's Cyber World en 2026-04-23T22:17:24+03:00 CVE-2026-31163 — ToToLink A3300R Firmware Vulnerabilityvulnerability, cve, medium-severity, cwe-77 https://shimiscyberworld.com/posts/nvd-CVE-2026-31162/ Shimi's Cyber World en 2026-04-23T22:17:24+03:00 CVE-2026-31162 — ToToLink A3300R Firmware Vulnerabilityvulnerability, cve, medium-severity, cwe-77 https://shimiscyberworld.com/posts/cisa-us-agency-breached-through-cisco-vulnerability-firest-imlfx/ Shimi's Cyber World en 2026-04-23T22:03:00+03:00 CISA Breach: Cisco Vulnerability Led to Persistent Backdoorthreat-intel, data-breach, government, malware, vulnerability https://shimiscyberworld.com/posts/telegram-1542954397-4535/ Shimi's Cyber World en 2026-04-23T22:01:18+03:00 Firefox and Tor Browser Uniquely Vulnerable to Stable Identifier Leakidentity https://shimiscyberworld.com/posts/trigona-ransomware-attacks-use-custom-exfiltration-tool-to-s-g4igl/ Shimi's Cyber World en 2026-04-23T21:59:39+03:00 Trigona Ransomware Leverages Custom Data Exfiltration Toolthreat-intel, data-breach, malware, ransomware, tools https://shimiscyberworld.com/posts/surveillance-companies-exploiting-telecom-system-to-spy-on-t-69gpn/ Shimi's Cyber World en 2026-04-23T21:43:00+03:00 Surveillance Firms Weaponize Telecom Flaws for Location Trackingthreat-intel, data-breach, government, vulnerability https://shimiscyberworld.com/posts/nvd-CVE-2026-6921/ Shimi's Cyber World en 2026-04-23T21:16:30+03:00 CVE-2026-6921 — Race in GPU in Google Chrome on Windows prior tovulnerability, cve, medium-severity, cwe-362, cwe-362 https://shimiscyberworld.com/posts/nvd-CVE-2026-6920/ Shimi's Cyber World en 2026-04-23T21:16:30+03:00 Chrome on Android GPU Vulnerability Allows Sandbox Escapevulnerability, cve, high-severity, out-of-bounds-1, cwe-125, cwe-125 https://shimiscyberworld.com/posts/nvd-CVE-2026-41909/ Shimi's Cyber World en 2026-04-23T21:16:29+03:00 CVE-2026-41909 — Paired-Device Pairing Management That Vulnerabilityvulnerability, cve, medium-severity, cwe-863 https://shimiscyberworld.com/posts/nvd-CVE-2026-41908/ Shimi's Cyber World en 2026-04-23T21:16:29+03:00 CVE-2026-41908 — The Assistant-Media Route That Vulnerabilityvulnerability, cve, medium-severity, cwe-863 https://shimiscyberworld.com/posts/nvd-CVE-2026-40891/ Shimi's Cyber World en 2026-04-23T21:16:28+03:00 CVE-2026-40891 — Denial of Servicevulnerability, cve, medium-severity, denial-of-service, cwe-789 https://shimiscyberworld.com/posts/nvd-CVE-2026-40182/ Shimi's Cyber World en 2026-04-23T21:16:28+03:00 CVE-2026-40182 — OpenTelemetry dotnet is a dotnet telemetry framework. Fromvulnerability, cve, medium-severity, cwe-789 https://shimiscyberworld.com/posts/nvd-CVE-2026-31179/ Shimi's Cyber World en 2026-04-23T21:16:25+03:00 CVE-2026-31179 — ToToLink A3300R Firmware Vulnerabilityvulnerability, cve, medium-severity, cwe-77 https://shimiscyberworld.com/posts/nvd-CVE-2026-31176/ Shimi's Cyber World en 2026-04-23T21:16:24+03:00 CVE-2026-31176 — ToToLink A3300R Firmware Vulnerabilityvulnerability, cve, medium-severity, cwe-77 https://shimiscyberworld.com/posts/nvd-CVE-2026-31159/ Shimi's Cyber World en 2026-04-23T21:16:24+03:00 CVE-2026-31159 — ToToLink A3300R Firmware Vulnerabilityvulnerability, cve, medium-severity, cwe-77 https://shimiscyberworld.com/posts/unc6692-impersonates-it-helpdesk-via-microsoft-teams-to-depl-khwgm/ Shimi's Cyber World en 2026-04-23T21:16:00+03:00 UNC6692 Impersonates IT Helpdesk via Microsoft Teams with SNOW Malwarethreat-intel, vulnerability, malware, microsoft, phishing https://shimiscyberworld.com/posts/telegram-1427288221-8813/ Shimi's Cyber World en 2026-04-23T20:31:51+03:00 Bitwarden CLI npm Package Briefly Compromised in Supply Chain Attackisrael https://shimiscyberworld.com/posts/nvd-CVE-2026-41239/ Shimi's Cyber World en 2026-04-23T19:16:26+03:00 CVE-2026-41239 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79, cwe-1289 https://shimiscyberworld.com/posts/nvd-CVE-2026-41238/ Shimi's Cyber World en 2026-04-23T19:16:26+03:00 CVE-2026-41238 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79, cwe-1321 https://shimiscyberworld.com/posts/nvd-CVE-2026-40472/ Shimi's Cyber World en 2026-04-23T19:16:25+03:00 Critical XSS in hackage-server via Malicious .cabal Metadatavulnerability, cve, critical, high-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-40471/ Shimi's Cyber World en 2026-04-23T19:16:25+03:00 Critical CSRF Flaw in hackage-server Poses Supply Chain Riskvulnerability, cve, critical, high-severity, cwe-352 https://shimiscyberworld.com/posts/nvd-CVE-2026-40470/ Shimi's Cyber World en 2026-04-23T19:16:25+03:00 Critical XSS in Hackage Server Exposes User Sessionsvulnerability, cve, critical, high-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-34003/ Shimi's Cyber World en 2026-04-23T19:16:24+03:00 X.Org X Server Flaw: Local Attackers Exploit OOB Memory Accessvulnerability, cve, high-severity, denial-of-service, cwe-125 https://shimiscyberworld.com/posts/nvd-CVE-2026-34001/ Shimi's Cyber World en 2026-04-23T19:16:24+03:00 X.Org Server Flaw: Use-After-Free Threatens Linux Desktopsvulnerability, cve, high-severity, use-after-free, cwe-825 https://shimiscyberworld.com/posts/nvd-CVE-2026-33999/ Shimi's Cyber World en 2026-04-23T19:16:24+03:00 X.Org Server Underflow: Local RCE and DoS Riskvulnerability, cve, high-severity, denial-of-service, cwe-191 https://shimiscyberworld.com/posts/nvd-CVE-2026-23751/ Shimi's Cyber World en 2026-04-23T19:16:24+03:00 Critical Kofax Capture RCE Vulnerability: Unauthenticated Access to Files and NTLMv2 Coercionvulnerability, cve, critical, high-severity, remote-code-execution, cwe-306, cwe-441 https://shimiscyberworld.com/posts/nvd-CVE-2025-62373/ Shimi's Cyber World en 2026-04-23T19:16:24+03:00 Critical RCE in Pipecat Python Framework: CVE-2025-62373vulnerability, cve, critical, high-severity, remote-code-execution, cwe-502 https://shimiscyberworld.com/posts/new-checkmarx-supply-chain-breach-affects-kics-analysis-tool-g75f0/ Shimi's Cyber World en 2026-04-23T19:05:12+03:00 Checkmarx KICS Supply Chain Compromise Exposes Developer Datathreat-intel, data-breach, malware, tools https://shimiscyberworld.com/posts/china-linked-hackers-targeted-mongolian-government-using-sla-5p8mn/ Shimi's Cyber World en 2026-04-23T19:03:00+03:00 China-Linked GopherWhisper APT Targets Mongolian Government via Slack, Discordthreat-intel, data-breach, government, malware https://shimiscyberworld.com/posts/bitwarden-cli-compromised-in-ongoing-checkmarx-supply-chain-9hrc5/ Shimi's Cyber World en 2026-04-23T16:42:00+03:00 Bitwarden CLI Compromised in Checkmarx Supply Chain Attackthreat-intel, vulnerability https://shimiscyberworld.com/posts/house-republicans-unveil-data-privacy-law-that-would-overrid-6hpr2/ Shimi's Cyber World en 2026-04-23T16:30:00+03:00 House Republicans Unveil Federal Data Privacy Bill, Threatening State Lawsthreat-intel, data-breach, government https://shimiscyberworld.com/posts/threatsday-bulletin-290m-defi-hack-macos-lotl-abuse-prox-82xp3/ Shimi's Cyber World en 2026-04-23T16:17:00+03:00 Supply Chain Exploits & DeFi Hacks: Old Bugs, New Targetsthreat-intel, vulnerability, malware https://shimiscyberworld.com/posts/nvd-CVE-2026-39440/ Shimi's Cyber World en 2026-04-23T16:16:11+03:00 Critical Code Injection Flaw in FunnelFormsPro Exposes Remote Execution Riskvulnerability, cve, critical, high-severity, cwe-94 https://shimiscyberworld.com/posts/nvd-CVE-2025-66286/ Shimi's Cyber World en 2026-04-23T16:16:11+03:00 CVE-2025-66286 — An API design flaw in WebKitGTK and WPE WebKit allowsvulnerability, cve, medium-severity, cwe-639 https://shimiscyberworld.com/posts/nvd-CVE-2025-13763/ Shimi's Cyber World en 2026-04-23T16:16:09+03:00 CVE-2025-13763 — Information Disclosurevulnerability, cve, medium-severity, information-disclosure https://shimiscyberworld.com/posts/medical-data-of-500-000-britons-put-up-for-sale-on-chinese-w-y9bmc/ Shimi's Cyber World en 2026-04-23T16:02:00+03:00 UK Biobank Data Leaked, Found on Chinese E-commerce Sitethreat-intel, data-breach, government https://shimiscyberworld.com/posts/nvd-CVE-2026-28040/ Shimi's Cyber World en 2026-04-23T15:17:01+03:00 CVE-2026-28040 — Magepeople Inc. Taxi Booking Manager For WooCommerce Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2025-62110/ Shimi's Cyber World en 2026-04-23T15:17:01+03:00 CVE-2025-62110 — Rescue Themes Rescue Shortcodes Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2025-62104/ Shimi's Cyber World en 2026-04-23T15:17:01+03:00 CVE-2025-62104 — Navneil Naicker ACF Galerie Vulnerabilityvulnerability, cve, medium-severity, cwe-862 https://shimiscyberworld.com/posts/telegram-1427288221-8808/ Shimi's Cyber World en 2026-04-23T15:16:58+03:00 Cyera Acquires Ryft for Over $100M in Israeli Cybersecurity Exitisrael https://shimiscyberworld.com/posts/webinar-mythos-reality-check-beating-automated-exploitati-bewj5/ Shimi's Cyber World en 2026-04-23T15:03:00+03:00 AI Accelerates Exploitation: The Collapsing Exploit Windowthreat-intel, vulnerability https://shimiscyberworld.com/posts/incd-alert_1991/ Shimi's Cyber World en 2026-04-23T15:00:00+03:00 Supply Chain Attack Targets Checkmarx Software Packagesincd, israel, advisory, alert https://shimiscyberworld.com/posts/project-glasswing-proved-ai-can-find-the-bugs-who-s-going-t-2j29a/ Shimi's Cyber World en 2026-04-23T14:30:00+03:00 AI Finds Bugs Fast: Anthropic's Project Glasswing Fuels Pre-Emptive Patchingthreat-intel, vulnerability, microsoft, ai-security, tools https://shimiscyberworld.com/posts/cisa-orders-feds-to-patch-bluehammer-flaw-exploited-as-zero-1vinf/ Shimi's Cyber World en 2026-04-23T14:05:57+03:00 CISA Mandates Patching of Zero-Day Microsoft Defender Flawthreat-intel, data-breach, malware, vulnerability, microsoft https://shimiscyberworld.com/posts/luxury-cosmetics-giant-rituals-discloses-data-breach-62bg3/ Shimi's Cyber World en 2026-04-23T14:04:51+03:00 Luxury Cosmetics Giant Rituals Discloses Data Breachthreat-intel, vulnerability, data-breach https://shimiscyberworld.com/posts/nvd-CVE-2026-6903/ Shimi's Cyber World en 2026-04-23T13:16:18+03:00 LabOne Web Server Suffers Arbitrary File Read Flawvulnerability, cve, high-severity, arbitrary-file-access, cwe-22, cwe-346 https://shimiscyberworld.com/posts/nvd-CVE-2026-6887/ Shimi's Cyber World en 2026-04-23T13:16:18+03:00 Critical SQL Injection in End-of-Life Borg SPM 2007vulnerability, cve, critical, high-severity, sql-injection, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-6886/ Shimi's Cyber World en 2026-04-23T13:16:18+03:00 Critical Authentication Bypass in End-of-Life Borg SPM 2007vulnerability, cve, critical, high-severity, authentication-bypass, cwe-1390 https://shimiscyberworld.com/posts/nvd-CVE-2026-6885/ Shimi's Cyber World en 2026-04-23T13:16:18+03:00 Critical Borg SPM 2007 Vulnerability Allows Unauthenticated Remote Code Executionvulnerability, cve, critical, high-severity, code-execution, cwe-434 https://shimiscyberworld.com/posts/nvd-CVE-2026-5464/ Shimi's Cyber World en 2026-04-23T13:16:18+03:00 WordPress Plugin Flaw Allows Arbitrary Plugin Installation and RCEvulnerability, cve, high-severity, remote-code-execution, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2026-3960/ Shimi's Cyber World en 2026-04-23T13:16:17+03:00 CVE-2026-3960 — Remote Code Executionvulnerability, cve, medium-severity, remote-code-execution, cwe-94 https://shimiscyberworld.com/posts/can-ai-attack-the-cloud-lessons-from-building-an-autonomous-hzp2r/ Shimi's Cyber World en 2026-04-23T13:00:31+03:00 AI Unleashed: Autonomous Cloud Attacks Now a Reality, Unit 42 Warnsthreat-intel, apt, malware, research, cloud, identity https://shimiscyberworld.com/posts/zealot-shows-what-ai-s-capable-of-in-staged-cloud-attack-9bg9b/ Shimi's Cyber World en 2026-04-23T13:00:00+03:00 Zealot AI: Cloud Attacks Outpace Human Defendersthreat-intel, tools, cloud https://shimiscyberworld.com/posts/china-linked-gopherwhisper-infects-12-mongolian-government-s-comgi/ Shimi's Cyber World en 2026-04-23T12:04:00+03:00 GopherWhisper APT Targets Mongolian Government with Go Backdoorsthreat-intel, vulnerability, malware, tools https://shimiscyberworld.com/posts/vercel-finds-more-compromised-accounts-in-context-ai-linked-y5lpa/ Shimi's Cyber World en 2026-04-23T11:40:00+03:00 Vercel Confirms Additional Customer Accounts Compromised in Context.ai Breachthreat-intel, vulnerability, data-breach https://shimiscyberworld.com/posts/recent-microsoft-defender-vulnerability-exploited-as-zero-da-dn3vq/ Shimi's Cyber World en 2026-04-23T11:00:36+03:00 Zero-Day Flaw in Microsoft Defender Leveraged by Attackersthreat-intel, vulnerability, microsoft https://shimiscyberworld.com/posts/nvd-CVE-2026-41040/ Shimi's Cyber World en 2026-04-23T10:16:41+03:00 GROWI ReDoS Vulnerability (CVE-2026-41040) Poses High DoS Riskvulnerability, cve, high-severity, denial-of-service, cwe-1333 https://shimiscyberworld.com/posts/nvd-CVE-2026-34488/ Shimi's Cyber World en 2026-04-23T10:16:40+03:00 IP Setting Software Vulnerability Allows Arbitrary Code Executionvulnerability, cve, high-severity, cwe-427 https://shimiscyberworld.com/posts/nvd-CVE-2026-41990/ Shimi's Cyber World en 2026-04-23T08:16:05+03:00 CVE-2026-41990 — Libgcrypt before 1.12.2 mishandles Dilithium signing.vulnerability, cve, medium-severity, cwe-787 https://shimiscyberworld.com/posts/nvd-CVE-2026-41989/ Shimi's Cyber World en 2026-04-23T08:16:05+03:00 CVE-2026-41989 — Buffer Overflowvulnerability, cve, medium-severity, buffer-overflow, cwe-787 https://shimiscyberworld.com/posts/nvd-CVE-2026-41233/ Shimi's Cyber World en 2026-04-23T08:16:05+03:00 CVE-2026-41233 — Froxlor is open source server administration software.vulnerability, cve, medium-severity, cwe-863 https://shimiscyberworld.com/posts/nvd-CVE-2026-41232/ Shimi's Cyber World en 2026-04-23T08:16:05+03:00 CVE-2026-41232 — Froxlor is open source server administration software.vulnerability, cve, medium-severity, cwe-863 https://shimiscyberworld.com/posts/nvd-CVE-2026-40529/ Shimi's Cyber World en 2026-04-23T08:16:04+03:00 CVE-2026-40529 — SQL Injectionvulnerability, cve, medium-severity, sql-injection, cwe-89 https://shimiscyberworld.com/posts/telegram-1427288221-8806/ Shimi's Cyber World en 2026-04-23T08:10:46+03:00 Physical Manipulation Spoofs Data for $34,000 Payoutisrael https://shimiscyberworld.com/posts/telegram-1542954397-4531/ Shimi's Cyber World en 2026-04-23T08:00:35+03:00 Iran Claims US Exploited Network Gear Backdoors https://shimiscyberworld.com/posts/nvd-CVE-2026-41231/ Shimi's Cyber World en 2026-04-23T07:16:19+03:00 Froxlor Vulnerability Grants Root Ownership of Arbitrary Directoriesvulnerability, cve, high-severity, cwe-59 https://shimiscyberworld.com/posts/nvd-CVE-2026-41230/ Shimi's Cyber World en 2026-04-23T07:16:19+03:00 Froxlor Critical Flaw Allows Arbitrary DNS Record Injectionvulnerability, cve, high-severity, cwe-93 https://shimiscyberworld.com/posts/nvd-CVE-2026-41229/ Shimi's Cyber World en 2026-04-23T07:16:19+03:00 Froxlor Critical RCE: Unsanitized Admin Input Leads to Persistent Code Executionvulnerability, cve, critical, high-severity, cwe-94 https://shimiscyberworld.com/posts/nvd-CVE-2026-41228/ Shimi's Cyber World en 2026-04-23T07:16:19+03:00 Critical Froxlor Bug: Authenticated Code Execution via Language File Path Traversalvulnerability, cve, critical, high-severity, code-execution, cwe-98 https://shimiscyberworld.com/posts/nvd-CVE-2026-3361/ Shimi's Cyber World en 2026-04-23T07:16:18+03:00 CVE-2026-3361 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-3007/ Shimi's Cyber World en 2026-04-23T07:16:07+03:00 CVE-2026-3007 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss https://shimiscyberworld.com/posts/telegram-1707304340-2286/ Shimi's Cyber World en 2026-04-23T06:56:37+03:00 Apple Patches Critical Notification Data Leak Vulnerabilityisrael, vulnerability https://shimiscyberworld.com/posts/nvd-CVE-2026-3844/ Shimi's Cyber World en 2026-04-23T06:16:17+03:00 Critical RCE Flaw in Breeze Cache WordPress Pluginvulnerability, cve, critical, high-severity, remote-code-execution, cwe-434 https://shimiscyberworld.com/posts/nvd-CVE-2026-2951/ Shimi's Cyber World en 2026-04-23T06:16:16+03:00 CVE-2026-2951 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-41679/ Shimi's Cyber World en 2026-04-23T05:16:19+03:00 Critical RCE in Paperclip AI Orchestration Platform (CVE-2026-41679)vulnerability, cve, critical, high-severity, remote-code-execution, cwe-287, cwe-862, cwe-1188 https://shimiscyberworld.com/posts/nvd-CVE-2026-41208/ Shimi's Cyber World en 2026-04-23T05:16:18+03:00 CVE-2026-41208: Paperclip AI Agent Privilege Escalation to RCEvulnerability, cve, high-severity, remote-code-execution, cwe-78 https://shimiscyberworld.com/posts/nvd-CVE-2026-41182/ Shimi's Cyber World en 2026-04-23T05:16:16+03:00 CVE-2026-41182 — LangSmith Client SDKs provide SDK's for interacting withvulnerability, cve, medium-severity, cwe-200, cwe-359, cwe-532 https://shimiscyberworld.com/posts/nvd-CVE-2026-41180/ Shimi's Cyber World en 2026-04-23T05:16:15+03:00 PsiTransfer RCE: Unauthenticated Code Execution via Path Traversalvulnerability, cve, high-severity, cwe-22 https://shimiscyberworld.com/posts/nvd-CVE-2026-1923/ Shimi's Cyber World en 2026-04-23T05:16:15+03:00 CVE-2026-1923 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-6878/ Shimi's Cyber World en 2026-04-23T03:16:47+03:00 CVE-2026-6878 — ByteDance Verl Vulnerabilityvulnerability, cve, medium-severity, cwe-264, cwe-265 https://shimiscyberworld.com/posts/nvd-CVE-2026-6874/ Shimi's Cyber World en 2026-04-23T03:16:47+03:00 CVE-2026-6874 — A vulnerability was determined in ericc-ch copilot-api upvulnerability, cve, medium-severity, cwe-350 https://shimiscyberworld.com/posts/nvd-CVE-2026-5935/ Shimi's Cyber World en 2026-04-23T03:16:46+03:00 IBM Storage Console Flaw: Unauthenticated RCE Riskvulnerability, cve, high-severity, cwe-78 https://shimiscyberworld.com/posts/nvd-CVE-2026-5926/ Shimi's Cyber World en 2026-04-23T03:16:46+03:00 CVE-2026-5926 — IBM Verify Identity Access Container 11.0 through 11.0.2vulnerability, cve, medium-severity https://shimiscyberworld.com/posts/nvd-CVE-2026-4919/ Shimi's Cyber World en 2026-04-23T03:16:46+03:00 CVE-2026-4919 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-4918/ Shimi's Cyber World en 2026-04-23T03:16:46+03:00 CVE-2026-4918 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-4917/ Shimi's Cyber World en 2026-04-23T03:16:46+03:00 CVE-2026-4917 — Arbitrary File Accessvulnerability, cve, medium-severity, arbitrary-file-access, cwe-22 https://shimiscyberworld.com/posts/nvd-CVE-2026-40062/ Shimi's Cyber World en 2026-04-23T03:16:45+03:00 Ziostation2 Path Traversal Exposes Sensitive OS Infovulnerability, cve, high-severity, path-traversal, cwe-22 https://shimiscyberworld.com/posts/nvd-CVE-2026-3621/ Shimi's Cyber World en 2026-04-23T03:16:45+03:00 IBM WebSphere Liberty Identity Spoofing: High-Severity Vulnerabilityvulnerability, cve, high-severity, cwe-269 https://shimiscyberworld.com/posts/nvd-CVE-2026-32679/ Shimi's Cyber World en 2026-04-23T03:16:45+03:00 CVE-2026-32679: DLL Hijacking in LiveOn Meet and Canon Camera Installersvulnerability, cve, high-severity, cwe-427 https://shimiscyberworld.com/posts/nvd-CVE-2026-1352/ Shimi's Cyber World en 2026-04-23T03:16:44+03:00 CVE-2026-1352 — Denial of Servicevulnerability, cve, medium-severity, denial-of-service, cwe-1284 https://shimiscyberworld.com/posts/nvd-CVE-2026-1274/ Shimi's Cyber World en 2026-04-23T03:16:44+03:00 CVE-2026-1274 — IBM Guardium Data Protection 12.0, 12.1, and 12.2 isvulnerability, cve, medium-severity, cwe-840 https://shimiscyberworld.com/posts/nvd-CVE-2025-36074/ Shimi's Cyber World en 2026-04-23T03:16:43+03:00 CVE-2025-36074 — IBM Security Verify Directory (Container) 10.0.0 throughvulnerability, cve, medium-severity, cwe-434 https://shimiscyberworld.com/posts/nvd-CVE-2026-41455/ Shimi's Cyber World en 2026-04-23T01:16:32+03:00 WeKan SSRF Vulnerability: Internal Network Exposure Riskvulnerability, cve, high-severity, server-side-request-forgery, cwe-918 https://shimiscyberworld.com/posts/nvd-CVE-2026-41454/ Shimi's Cyber World en 2026-04-23T01:16:32+03:00 Wekan API Flaw Grants Board Members Admin Powersvulnerability, cve, high-severity, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2026-41177/ Shimi's Cyber World en 2026-04-23T01:16:31+03:00 CVE-2026-41177 — Server-Side Request Forgeryvulnerability, cve, medium-severity, server-side-request-forgery, cwe-73, cwe-918 https://shimiscyberworld.com/posts/nvd-CVE-2026-41175/ Shimi's Cyber World en 2026-04-23T01:16:31+03:00 Statamic CMS Vulnerability Allows Data Deletion via API Manipulationvulnerability, cve, high-severity, cwe-470 https://shimiscyberworld.com/posts/nvd-CVE-2026-40517/ Shimi's Cyber World en 2026-04-23T01:16:31+03:00 Radare2 Command Injection: Malicious PDB Files Execute OS Commandsvulnerability, cve, high-severity, command-injection, cwe-78 https://shimiscyberworld.com/posts/nvd-CVE-2026-41167/ Shimi's Cyber World en 2026-04-23T00:17:09+03:00 Jellystat SQLi to RCE Critical Vulnerability (CVE-2026-41167)vulnerability, cve, critical, high-severity, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-41166/ Shimi's Cyber World en 2026-04-23T00:17:09+03:00 OpenRemote Privilege Escalation: Master Realm at Riskvulnerability, cve, high-severity, privilege-escalation, cwe-284 https://shimiscyberworld.com/posts/nvd-CVE-2026-40937/ Shimi's Cyber World en 2026-04-23T00:17:08+03:00 RustFS Flaw: Non-Admin Takeover of Notification Targetsvulnerability, cve, high-severity, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2026-40882/ Shimi's Cyber World en 2026-04-23T00:17:08+03:00 OpenRemote XXE Flaw Exposes IoT Platforms to File Disclosurevulnerability, cve, high-severity, server-side-request-forgery, cwe-611 https://shimiscyberworld.com/posts/nvd-CVE-2026-34068/ Shimi's Cyber World en 2026-04-23T00:17:08+03:00 CVE-2026-34068 — nimiq-transaction provides the transaction primitive to bevulnerability, cve, medium-severity, cwe-347 https://shimiscyberworld.com/posts/nvd-CVE-2026-33733/ Shimi's Cyber World en 2026-04-23T00:17:05+03:00 EspoCRM Path Traversal: Admin Creds Lead to Arbitrary File Accessvulnerability, cve, high-severity, arbitrary-file-access, cwe-23 https://shimiscyberworld.com/posts/nvd-CVE-2026-33656/ Shimi's Cyber World en 2026-04-23T00:17:05+03:00 EspoCRM Critical Path Traversal: Admin Access Leads to Server Compromisevulnerability, cve, critical, high-severity, cwe-22 https://shimiscyberworld.com/posts/apple-fixes-ios-bug-that-retained-deleted-notification-data-r98js/ Shimi's Cyber World en 2026-04-22T23:58:58+03:00 Apple Patches iOS Notification Data Retention Flawthreat-intel, data-breach, malware, tools https://shimiscyberworld.com/posts/north-korean-hackers-siphon-more-than-12-million-from-crypt-v0brf/ Shimi's Cyber World en 2026-04-22T23:48:00+03:00 North Korean Hackers Net Over $12M in Q1 2026 Crypto Scamsthreat-intel, data-breach, government, malware https://shimiscyberworld.com/posts/cisa-director-pick-sean-plankey-withdraws-his-nomination-ltvbs/ Shimi's Cyber World en 2026-04-22T23:29:41+03:00 CISA Director Nominee Sean Plankey Withdraws, Agency Faces Leadership Voidthreat-intel, policy, government, cloud https://shimiscyberworld.com/posts/nvd-CVE-2026-34066/ Shimi's Cyber World en 2026-04-22T23:16:41+03:00 CVE-2026-34066 — nimiq-blockchain provides persistent block storage forvulnerability, cve, medium-severity, cwe-20, cwe-617, cwe-754 https://shimiscyberworld.com/posts/nvd-CVE-2026-34065/ Shimi's Cyber World en 2026-04-22T23:16:41+03:00 Nimiq Primitives Node Panic via Malformed BLS Keyvulnerability, cve, high-severity, cwe-252, cwe-755 https://shimiscyberworld.com/posts/nvd-CVE-2026-34064/ Shimi's Cyber World en 2026-04-22T23:16:40+03:00 CVE-2026-34064 — nimiq-account contains account primitives to be used invulnerability, cve, medium-severity, cwe-191 https://shimiscyberworld.com/posts/nvd-CVE-2026-34063/ Shimi's Cyber World en 2026-04-22T23:16:40+03:00 Nimiq network-libp2p Crash Vulnerability: CVE-2026-34063vulnerability, cve, high-severity, cwe-617 https://shimiscyberworld.com/posts/nvd-CVE-2026-34062/ Shimi's Cyber World en 2026-04-22T23:16:40+03:00 CVE-2026-34062 — nimiq-libp2p is a Nimiq network implementation based onvulnerability, cve, medium-severity, cwe-770 https://shimiscyberworld.com/posts/nvd-CVE-2026-33471/ Shimi's Cyber World en 2026-04-22T23:16:40+03:00 Critical Nimiq Block Vulnerability: SkipBlockProof Bypassvulnerability, cve, critical, high-severity, cwe-20, cwe-190, cwe-345, cwe-1284 https://shimiscyberworld.com/posts/new-mirai-campaign-exploits-rce-flaw-in-eol-d-link-routers-9l6w1/ Shimi's Cyber World en 2026-04-22T23:04:46+03:00 Mirai Botnet Exploits End-of-Life D-Link Routers via RCEthreat-intel, data-breach, malware, vulnerability https://shimiscyberworld.com/posts/daily-digest/ Shimi's Cyber World en 2026-04-22T23:00:00+03:00 Daily Security Digest — 2026-04-22daily-digest, vulnerability, cve, high-severity, remote-code-execution, cwe-502, cwe-400, critical, cwe-862, code-execution https://shimiscyberworld.com/posts/nvd-CVE-2026-41469/ Shimi's Cyber World en 2026-04-22T22:17:09+03:00 CVE-2026-41469 — Beghelli Sicuro24 SicuroWeb does not enforce a Contentvulnerability, cve, medium-severity, cwe-693 https://shimiscyberworld.com/posts/nvd-CVE-2026-41468/ Shimi's Cyber World en 2026-04-22T22:17:08+03:00 Beghelli SicuroWeb: EOL AngularJS Exposes Operators to Session Hijackingvulnerability, cve, high-severity, cwe-1104 https://shimiscyberworld.com/posts/nvd-CVE-2026-41459/ Shimi's Cyber World en 2026-04-22T22:17:08+03:00 CVE-2026-41459 — Path Traversalvulnerability, cve, medium-severity, path-traversal, cwe-497 https://shimiscyberworld.com/posts/nvd-CVE-2026-34415/ Shimi's Cyber World en 2026-04-22T22:17:04+03:00 Critical RCE in Xerte Online Toolkits: Incomplete Input Validation Opens Backdoorvulnerability, cve, critical, high-severity, path-traversal, cwe-184 https://shimiscyberworld.com/posts/nvd-CVE-2026-34414/ Shimi's Cyber World en 2026-04-22T22:17:04+03:00 Xerte Online Toolkits Vulnerability: Path Traversal Risks Exposedvulnerability, cve, high-severity, remote-code-execution, cwe-22 https://shimiscyberworld.com/posts/nvd-CVE-2026-34413/ Shimi's Cyber World en 2026-04-22T22:17:02+03:00 Xerte Online Toolkits RCE: Unauthenticated File Operationsvulnerability, cve, high-severity, remote-code-execution, cwe-497 https://shimiscyberworld.com/posts/nvd-CVE-2026-26354/ Shimi's Cyber World en 2026-04-22T22:17:00+03:00 Dell PowerProtect DD OS Vulnerability Exposes Data to Remote Command Executionvulnerability, cve, high-severity, buffer-overflow, cwe-121 https://shimiscyberworld.com/posts/telegram-1427288221-8803/ Shimi's Cyber World en 2026-04-22T20:57:53+03:00 Volo Protocol Loses $3.5 Million in Digital Assetsisrael https://shimiscyberworld.com/posts/malicious-kics-docker-images-and-vs-code-extensions-hit-chec-9wfha/ Shimi's Cyber World en 2026-04-22T20:55:00+03:00 Malicious KICS Docker Images and VS Code Extensions Hijack Checkmarx Supply Chainthreat-intel, vulnerability, tools https://shimiscyberworld.com/posts/telegram-1707304340-2285/ Shimi's Cyber World en 2026-04-22T20:28:36+03:00 Anthropic Claude Desktop Implants Browser Bridge, Bypassing Sandboxesisrael https://shimiscyberworld.com/posts/nvd-CVE-2026-5816/ Shimi's Cyber World en 2026-04-22T20:16:44+03:00 GitLab XSS Flaw: Unauthenticated JavaScript Execution Riskvulnerability, cve, high-severity, cwe-41 https://shimiscyberworld.com/posts/nvd-CVE-2026-5262/ Shimi's Cyber World en 2026-04-22T20:16:44+03:00 GitLab Vulnerability Exposes Sensitive Tokens in Storybookvulnerability, cve, high-severity, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-4922/ Shimi's Cyber World en 2026-04-22T20:16:44+03:00 GitLab CSRF Flaw Exposes Authenticated Users to Unauthenticated Attacksvulnerability, cve, high-severity, cwe-352 https://shimiscyberworld.com/posts/nvd-CVE-2026-35368/ Shimi's Cyber World en 2026-04-22T20:16:40+03:00 Chroot Vulnerability Allows Root Privileges via Malicious NSS Modulesvulnerability, cve, high-severity, privilege-escalation, cwe-426 https://shimiscyberworld.com/posts/nvd-CVE-2026-35365/ Shimi's Cyber World en 2026-04-22T20:16:39+03:00 CVE-2026-35365 — The mv utility in uutils coreutils improperly handlesvulnerability, cve, medium-severity, cwe-59 https://shimiscyberworld.com/posts/nvd-CVE-2026-35352/ Shimi's Cyber World en 2026-04-22T20:16:37+03:00 TOCTOU Flaw in coreutils mkfifo: Local Privilege Escalation Riskvulnerability, cve, high-severity, privilege-escalation, cwe-367 https://shimiscyberworld.com/posts/nvd-CVE-2026-35350/ Shimi's Cyber World en 2026-04-22T20:16:37+03:00 CVE-2026-35350 — The cp utility in uutils coreutils fails to properly handlevulnerability, cve, medium-severity, cwe-281 https://shimiscyberworld.com/posts/nvd-CVE-2026-35349/ Shimi's Cyber World en 2026-04-22T20:16:37+03:00 CVE-2026-35349 — The Rm Utility Of Uutils Coreutils Vulnerabilityvulnerability, cve, medium-severity, cwe-59 https://shimiscyberworld.com/posts/nvd-CVE-2026-35341/ Shimi's Cyber World en 2026-04-22T20:16:36+03:00 uutils mkfifo Flaw Exposes Sensitive Files to Permission Changesvulnerability, cve, high-severity, cwe-732 https://shimiscyberworld.com/posts/nvd-CVE-2026-35338/ Shimi's Cyber World en 2026-04-22T20:16:35+03:00 chmod Bypass Threatens System Integrity: CVE-2026-35338 Detailedvulnerability, cve, high-severity, cwe-22 https://shimiscyberworld.com/posts/nvd-CVE-2026-32885/ Shimi's Cyber World en 2026-04-22T20:16:34+03:00 CVE-2026-32885 — DDEV is an open-source tool for running local webvulnerability, cve, medium-severity, cwe-22 https://shimiscyberworld.com/posts/nvd-CVE-2026-1660/ Shimi's Cyber World en 2026-04-22T20:16:33+03:00 CVE-2026-1660 — GitLab CE/EE Affecting All Versions From 12.3 Before 18.9.6, Denial of Servicevulnerability, cve, medium-severity, denial-of-service, cwe-770 https://shimiscyberworld.com/posts/nvd-CVE-2025-6016/ Shimi's Cyber World en 2026-04-22T20:16:33+03:00 CVE-2025-6016 — GitLab CE/EE Affecting All Versions From 9.2 Before 18.9.6, Denial of Servicevulnerability, cve, medium-severity, denial-of-service, cwe-770 https://shimiscyberworld.com/posts/nvd-CVE-2025-3922/ Shimi's Cyber World en 2026-04-22T20:16:33+03:00 CVE-2025-3922 — GitLab CE/EE Affecting All Versions From 12.4 Before 18.9.6, Denial of Servicevulnerability, cve, medium-severity, denial-of-service, cwe-770 https://shimiscyberworld.com/posts/nvd-CVE-2025-0186/ Shimi's Cyber World en 2026-04-22T20:16:32+03:00 CVE-2025-0186 — GitLab CE/EE Affecting All Versions From 10.6 Before 18.9.6, Denial of Servicevulnerability, cve, medium-severity, denial-of-service, cwe-770 https://shimiscyberworld.com/posts/nvd-CVE-2026-30139/ Shimi's Cyber World en 2026-04-22T19:16:53+03:00 CVE-2026-30139 — The AdvancedSearch Functionality Of Silverpeas Core Before V Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2025-58922/ Shimi's Cyber World en 2026-04-22T19:16:51+03:00 CVE-2025-58922 — ThemeFusion Avada Vulnerabilityvulnerability, cve, medium-severity, cwe-352 https://shimiscyberworld.com/posts/nvd-CVE-2024-58344/ Shimi's Cyber World en 2026-04-22T19:16:48+03:00 CVE-2024-58344 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2018-25272/ Shimi's Cyber World en 2026-04-22T19:16:48+03:00 ELBA5 RCE Flaw Grants SYSTEM Access Via Databasevulnerability, cve, critical, high-severity, remote-code-execution, cwe-326 https://shimiscyberworld.com/posts/nvd-CVE-2018-25271/ Shimi's Cyber World en 2026-04-22T19:16:47+03:00 CVE-2018-25271 — Buffer Overflowvulnerability, cve, medium-severity, buffer-overflow, cwe-787 https://shimiscyberworld.com/posts/nvd-CVE-2018-25270/ Shimi's Cyber World en 2026-04-22T19:16:47+03:00 ThinkPHP RCE Bug: Unauthenticated Attackers Exploit Critical Flawvulnerability, cve, critical, high-severity, remote-code-execution, cwe-639 https://shimiscyberworld.com/posts/nvd-CVE-2018-25269/ Shimi's Cyber World en 2026-04-22T19:16:47+03:00 CVE-2018-25269 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2018-25268/ Shimi's Cyber World en 2026-04-22T19:16:47+03:00 LanSpy 2.0.1.159 Vulnerability: Local Buffer Overflow Leads to Code Executionvulnerability, cve, high-severity, code-execution, cwe-787 https://shimiscyberworld.com/posts/nvd-CVE-2018-25267/ Shimi's Cyber World en 2026-04-22T19:16:47+03:00 CVE-2018-25267 — The Output FileName Field Of The Make CD/DVD Image Dialog Th Buffer Overflowvulnerability, cve, medium-severity, buffer-overflow, cwe-787 https://shimiscyberworld.com/posts/nvd-CVE-2018-25266/ Shimi's Cyber World en 2026-04-22T19:16:47+03:00 CVE-2018-25266 — The Preferences Dialog That Buffer Overflowvulnerability, cve, medium-severity, buffer-overflow, cwe-787 https://shimiscyberworld.com/posts/nvd-CVE-2018-25265/ Shimi's Cyber World en 2026-04-22T19:16:46+03:00 LanSpy 2.0.1.159 Vulnerability: Local Buffer Overflow Allows Code Executionvulnerability, cve, high-severity, code-execution, cwe-787 https://shimiscyberworld.com/posts/nvd-CVE-2018-25262/ Shimi's Cyber World en 2026-04-22T19:16:46+03:00 CVE-2018-25262 — Buffer Overflowvulnerability, cve, medium-severity, buffer-overflow, cwe-787 https://shimiscyberworld.com/posts/nvd-CVE-2018-25261/ Shimi's Cyber World en 2026-04-22T19:16:46+03:00 Iperius Backup Local Overflow: Code Execution via Malicious File Pathvulnerability, cve, high-severity, code-execution, cwe-787 https://shimiscyberworld.com/posts/nvd-CVE-2018-25260/ Shimi's Cyber World en 2026-04-22T19:16:46+03:00 MAGIX Music Editor Exploit: Local Code Execution via Buffer Overflowvulnerability, cve, high-severity, code-execution, cwe-787 https://shimiscyberworld.com/posts/nvd-CVE-2018-25259/ Shimi's Cyber World en 2026-04-22T19:16:45+03:00 Old Vulnerability, New Headache: TSM 3.1 Buffer Overflow (CVE-2018-25259)vulnerability, cve, high-severity, buffer-overflow, cwe-306 https://shimiscyberworld.com/posts/french-police-arrest-suspected-hacker-behind-dozens-of-data-ajdvj/ Shimi's Cyber World en 2026-04-22T18:30:00+03:00 French Authorities Arrest Hacker Behind Dozens of Breachesthreat-intel, data-breach, government https://shimiscyberworld.com/posts/harvester-deploys-linux-gogra-backdoor-in-south-asia-using-m-ho50d/ Shimi's Cyber World en 2026-04-22T18:28:00+03:00 Harvester's GoGra Backdoor Exploits Microsoft Graph API for Linux Targetsthreat-intel, vulnerability, malware, microsoft https://shimiscyberworld.com/posts/dprk-fake-job-scams-self-propagate-in-contagious-interview-mqv6m/ Shimi's Cyber World en 2026-04-22T17:48:05+03:00 North Korea's 'Contagious Interview' Malware Spreads Via Compromised Dev Reposthreat-intel, tools, malware https://shimiscyberworld.com/posts/nvd-CVE-2026-6862/ Shimi's Cyber World en 2026-04-22T17:17:08+03:00 CVE-2026-6862 — Libefiboot, A Component Of Efivar Denial of Servicevulnerability, cve, medium-severity, denial-of-service, cwe-674 https://shimiscyberworld.com/posts/nvd-CVE-2026-6861/ Shimi's Cyber World en 2026-04-22T17:17:07+03:00 CVE-2026-6861 — GNU Emacs Denial of Servicevulnerability, cve, medium-severity, denial-of-service, cwe-193 https://shimiscyberworld.com/posts/nvd-CVE-2026-6859/ Shimi's Cyber World en 2026-04-22T17:17:07+03:00 InstructLab Vulnerability: Remote Code Execution via Malicious HuggingFace Modelsvulnerability, cve, high-severity, code-execution, cwe-829 https://shimiscyberworld.com/posts/nvd-CVE-2026-41651/ Shimi's Cyber World en 2026-04-22T17:17:04+03:00 PackageKit Vulnerability Allows Local Privilege Escalation via TOCTOU Exploitvulnerability, cve, high-severity, privilege-escalation, cwe-367 https://shimiscyberworld.com/posts/nvd-CVE-2026-33611/ Shimi's Cyber World en 2026-04-22T17:16:55+03:00 CVE-2026-33611 — An operator allowed to use the REST API can cause thevulnerability, cve, medium-severity https://shimiscyberworld.com/posts/nvd-CVE-2026-33610/ Shimi's Cyber World en 2026-04-22T17:16:54+03:00 CVE-2026-33610 — Denial of Servicevulnerability, cve, medium-severity, denial-of-service https://shimiscyberworld.com/posts/nvd-CVE-2026-33609/ Shimi's Cyber World en 2026-04-22T17:16:54+03:00 CVE-2026-33609 — Incomplete escaping of LDAP queries when running withvulnerability, cve, medium-severity https://shimiscyberworld.com/posts/nvd-CVE-2026-33608/ Shimi's Cyber World en 2026-04-22T17:16:54+03:00 NVD Flags High-Severity Vulnerability: Bind Backend Configuration Exploitvulnerability, cve, high-severity https://shimiscyberworld.com/posts/nvd-CVE-2026-33602/ Shimi's Cyber World en 2026-04-22T17:16:54+03:00 CVE-2026-33602 — Denial of Servicevulnerability, cve, medium-severity, denial-of-service https://shimiscyberworld.com/posts/nvd-CVE-2026-33598/ Shimi's Cyber World en 2026-04-22T17:16:54+03:00 CVE-2026-33598 — Out-of-Bounds $1vulnerability, cve, medium-severity, out-of-bounds-1 https://shimiscyberworld.com/posts/nvd-CVE-2026-33595/ Shimi's Cyber World en 2026-04-22T17:16:53+03:00 CVE-2026-33595 — A client can trigger excessive memory allocation byvulnerability, cve, medium-severity https://shimiscyberworld.com/posts/nvd-CVE-2026-33594/ Shimi's Cyber World en 2026-04-22T17:16:53+03:00 CVE-2026-33594 — A client can trigger excessive memory allocation byvulnerability, cve, medium-severity https://shimiscyberworld.com/posts/nvd-CVE-2026-33593/ Shimi's Cyber World en 2026-04-22T17:16:53+03:00 DNSCrypt Vulnerability Allows Remote Crash via Crafted Queriesvulnerability, cve, high-severity https://shimiscyberworld.com/posts/nvd-CVE-2026-33254/ Shimi's Cyber World en 2026-04-22T17:16:53+03:00 CVE-2026-33254 — Denial of Servicevulnerability, cve, medium-severity, denial-of-service https://shimiscyberworld.com/posts/china-s-cyber-capabilities-now-equal-to-the-us-warns-dutch-uqdiq/ Shimi's Cyber World en 2026-04-22T16:33:00+03:00 Dutch Intel: China's Cyber Might Now Rivals the USthreat-intel, data-breach, government https://shimiscyberworld.com/posts/nvd-CVE-2026-6857/ Shimi's Cyber World en 2026-04-22T16:16:22+03:00 Critical Deserialization Flaw in camel-infinispan Allows RCEvulnerability, cve, high-severity, code-execution, cwe-502 https://shimiscyberworld.com/posts/nvd-CVE-2026-6855/ Shimi's Cyber World en 2026-04-22T16:16:22+03:00 InstructLab Path Traversal Flaw Exposes Local File Systemvulnerability, cve, high-severity, path-traversal, cwe-22 https://shimiscyberworld.com/posts/telegram-1427288221-8802/ Shimi's Cyber World en 2026-04-22T16:10:12+03:00 Python Library xinference Compromised, TeamPCP Denies Involvementisrael https://shimiscyberworld.com/posts/new-npm-supply-chain-attack-self-spreads-to-steal-auth-token-51ws9/ Shimi's Cyber World en 2026-04-22T15:57:42+03:00 New npm Supply Chain Attack Steals Developer Auth Tokensthreat-intel, data-breach, malware, identity https://shimiscyberworld.com/posts/uk-cyber-agency-handling-four-major-incidents-a-week-as-nati-w12lq/ Shimi's Cyber World en 2026-04-22T15:45:00+03:00 UK Faces Barrage: Four Major Cyber Incidents Weekly, State Actors Lead Chargethreat-intel, data-breach, government https://shimiscyberworld.com/posts/new-defense-department-cyber-strategy-imminent-official-say-4g7g6/ Shimi's Cyber World en 2026-04-22T15:30:00+03:00 US DoD Cyber Strategy Shifts to Aggressive Posturethreat-intel, data-breach, government https://shimiscyberworld.com/posts/microsoft-teams-to-get-efficiency-mode-on-pcs-with-limited-r-g6ldy/ Shimi's Cyber World en 2026-04-22T15:24:38+03:00 Microsoft Teams Gets Efficiency Mode for Resource-Constrained Devicesthreat-intel, data-breach, malware, microsoft https://shimiscyberworld.com/posts/cisa-kev-CVE-2026-33825/ Shimi's Cyber World en 2026-04-22T15:00:00+03:00 CVE-2026-33825 — Microsoft Defender: Microsoft Defender Insufficient Granularity of Access Control Vulnerabilityvulnerability, cve, cisa-kev, actively-exploited https://shimiscyberworld.com/posts/are-sboms-failing-supply-chain-attacks-rise-as-security-tea-fdvhh/ Shimi's Cyber World en 2026-04-22T14:30:00+03:00 SBOMs Under Scrutiny Amidst Rising Supply Chain Attacksthreat-intel, vulnerability https://shimiscyberworld.com/posts/lotus-wiper-malware-targets-venezuelan-energy-systems-in-des-44k4o/ Shimi's Cyber World en 2026-04-22T13:55:00+03:00 Lotus Wiper Targets Venezuelan Energy Sectorthreat-intel, vulnerability, malware https://shimiscyberworld.com/posts/toxic-combinations-when-cross-app-permissions-stack-into-ri-f4vnz/ Shimi's Cyber World en 2026-04-22T13:41:36+03:00 Moltbook Breach Exposes AI Agent API Tokens and OpenAI Keysthreat-intel, vulnerability, identity, ai-security https://shimiscyberworld.com/posts/nvd-CVE-2026-6848/ Shimi's Cyber World en 2026-04-22T13:16:52+03:00 CVE-2026-6848 — Red Hat Quay Vulnerabilityvulnerability, cve, medium-severity, cwe-613 https://shimiscyberworld.com/posts/nvd-CVE-2026-33601/ Shimi's Cyber World en 2026-04-22T13:16:52+03:00 CVE-2026-33601 — Denial of Servicevulnerability, cve, medium-severity, denial-of-service https://shimiscyberworld.com/posts/nvd-CVE-2026-33600/ Shimi's Cyber World en 2026-04-22T13:16:52+03:00 CVE-2026-33600 — Denial of Servicevulnerability, cve, medium-severity, denial-of-service https://shimiscyberworld.com/posts/nvd-CVE-2026-33262/ Shimi's Cyber World en 2026-04-22T13:16:51+03:00 CVE-2026-33262 — Denial of Servicevulnerability, cve, medium-severity, denial-of-service https://shimiscyberworld.com/posts/nvd-CVE-2026-33261/ Shimi's Cyber World en 2026-04-22T13:16:51+03:00 CVE-2026-33261 — Denial of Servicevulnerability, cve, medium-severity, denial-of-service https://shimiscyberworld.com/posts/nvd-CVE-2026-33260/ Shimi's Cyber World en 2026-04-22T13:16:51+03:00 CVE-2026-33260 — Denial of Servicevulnerability, cve, medium-severity, denial-of-service https://shimiscyberworld.com/posts/nvd-CVE-2026-33259/ Shimi's Cyber World en 2026-04-22T13:16:51+03:00 CVE-2026-33259 — Use-After-Freevulnerability, cve, medium-severity, use-after-free https://shimiscyberworld.com/posts/nvd-CVE-2026-33258/ Shimi's Cyber World en 2026-04-22T13:16:51+03:00 CVE-2026-33258 — By publishing and querying a crafted zone an attacker canvulnerability, cve, medium-severity https://shimiscyberworld.com/posts/nvd-CVE-2026-33257/ Shimi's Cyber World en 2026-04-22T13:16:51+03:00 CVE-2026-33257 — Denial of Servicevulnerability, cve, medium-severity, denial-of-service https://shimiscyberworld.com/posts/nvd-CVE-2026-33256/ Shimi's Cyber World en 2026-04-22T13:16:51+03:00 CVE-2026-33256 — Denial of Servicevulnerability, cve, medium-severity, denial-of-service https://shimiscyberworld.com/posts/nvd-CVE-2026-1930/ Shimi's Cyber World en 2026-04-22T13:16:51+03:00 CVE-2026-1930 — The Emailchef plugin for WordPress is vulnerable tovulnerability, cve, medium-severity, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2026-1913/ Shimi's Cyber World en 2026-04-22T13:16:50+03:00 CVE-2026-1913 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-1395/ Shimi's Cyber World en 2026-04-22T13:16:50+03:00 CVE-2026-1395 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/when-wi-fi-encryption-fails-protecting-your-enterprise-from-8aiyy/ Shimi's Cyber World en 2026-04-22T13:00:22+03:00 AirSnitch: New Attack Bypasses WPA2/3 Wi-Fi Encryptionthreat-intel, apt, malware, research https://shimiscyberworld.com/posts/google-antigravity-in-crosshairs-of-security-researchers-cy-2g4r8/ Shimi's Cyber World en 2026-04-22T12:53:05+03:00 Google Antigravity Vulnerability Exploited for Malware Distributionthreat-intel, vulnerability, malware https://shimiscyberworld.com/posts/nvd-CVE-2026-6846/ Shimi's Cyber World en 2026-04-22T12:16:27+03:00 Binutils Heap Overflow: Local Attackers Gain Code Execution via XCOFF Filesvulnerability, cve, high-severity, code-execution, cwe-122 https://shimiscyberworld.com/posts/nvd-CVE-2026-6235/ Shimi's Cyber World en 2026-04-22T12:16:26+03:00 WordPress Plugin Flaw Lets Attackers Hijack Site Emailsvulnerability, cve, critical, high-severity, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2026-5748/ Shimi's Cyber World en 2026-04-22T12:16:25+03:00 CVE-2026-5748 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-4353/ Shimi's Cyber World en 2026-04-22T12:16:25+03:00 CVE-2026-4353 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-4280/ Shimi's Cyber World en 2026-04-22T12:16:25+03:00 CVE-2026-4280 — Path Traversalvulnerability, cve, medium-severity, path-traversal, cwe-22 https://shimiscyberworld.com/posts/nvd-CVE-2026-4279/ Shimi's Cyber World en 2026-04-22T12:16:25+03:00 CVE-2026-4279 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-4132/ Shimi's Cyber World en 2026-04-22T12:16:24+03:00 WordPress HTTP Headers Plugin Flaw Opens Door to RCEvulnerability, cve, high-severity, remote-code-execution, cwe-73 https://shimiscyberworld.com/posts/nvd-CVE-2026-4125/ Shimi's Cyber World en 2026-04-22T12:16:23+03:00 CVE-2026-4125 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-4119/ Shimi's Cyber World en 2026-04-22T12:16:23+03:00 WordPress Plugin Vulnerability Lets Subscribers Wreck Databasesvulnerability, cve, critical, high-severity, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2026-4089/ Shimi's Cyber World en 2026-04-22T12:16:22+03:00 CVE-2026-4089 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-4088/ Shimi's Cyber World en 2026-04-22T12:16:22+03:00 CVE-2026-4088 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-4085/ Shimi's Cyber World en 2026-04-22T12:16:22+03:00 CVE-2026-4085 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-4082/ Shimi's Cyber World en 2026-04-22T12:16:22+03:00 CVE-2026-4082 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-4076/ Shimi's Cyber World en 2026-04-22T12:16:22+03:00 CVE-2026-4076 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-4074/ Shimi's Cyber World en 2026-04-22T12:16:21+03:00 CVE-2026-4074 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/telegram-1707304340-2284/ Shimi's Cyber World en 2026-04-22T12:04:43+03:00 AI Unearths Hundreds of Firefox Vulnerabilities, Prompting Critical Patchisrael, vulnerability https://shimiscyberworld.com/posts/oracle-patches-450-vulnerabilities-with-april-2026-cpu-v4uyp/ Shimi's Cyber World en 2026-04-22T11:41:10+03:00 Oracle's April CPU: 450 Patches, Over 300 Remote, Unauthenticated Flawsthreat-intel, vulnerability, cloud, tools https://shimiscyberworld.com/posts/nvd-CVE-2026-6023/ Shimi's Cyber World en 2026-04-22T11:16:13+03:00 Telerik UI for AJAX RadFilter Vulnerable to RCE via Deserializationvulnerability, cve, high-severity, remote-code-execution, cwe-502 https://shimiscyberworld.com/posts/nvd-CVE-2026-6022/ Shimi's Cyber World en 2026-04-22T11:16:12+03:00 Telerik UI Vulnerability Allows Disk Space Exhaustion Attacksvulnerability, cve, high-severity, cwe-400 https://shimiscyberworld.com/posts/microsoft-releases-emergency-patches-for-critical-asp-net-fl-jee71/ Shimi's Cyber World en 2026-04-22T11:08:16+03:00 Microsoft Rushes Patches for Critical ASP.NET Core Privilege Escalation Flawthreat-intel, data-breach, malware, vulnerability, microsoft, tools https://shimiscyberworld.com/posts/mustang-panda-s-new-lotuslite-variant-targets-india-banks-s-yax05/ Shimi's Cyber World en 2026-04-22T10:58:00+03:00 Mustang Panda's LOTUSLITE Variant Targets India Banksthreat-intel, vulnerability, malware https://shimiscyberworld.com/posts/telegram-1427288221-8799/ Shimi's Cyber World en 2026-04-22T10:41:33+03:00 Tax Authority Phishing Campaign Targets Israelis with Fake Grantsisrael https://shimiscyberworld.com/posts/nvd-CVE-2026-6840/ Shimi's Cyber World en 2026-04-22T10:16:15+03:00 CVE-2026-6840 — Missing bounds validation for operator could allow out ofvulnerability, cve, medium-severity, cwe-129 https://shimiscyberworld.com/posts/nvd-CVE-2026-6839/ Shimi's Cyber World en 2026-04-22T10:16:14+03:00 CVE-2026-6839 — Improper validation of STRING tensor offsets could allowsvulnerability, cve, medium-severity, cwe-1284 https://shimiscyberworld.com/posts/nvd-CVE-2026-41667/ Shimi's Cyber World en 2026-04-22T10:16:13+03:00 CVE-2026-41667 — Integer Overflowvulnerability, cve, medium-severity, integer-overflow, cwe-190 https://shimiscyberworld.com/posts/nvd-CVE-2026-41666/ Shimi's Cyber World en 2026-04-22T10:16:13+03:00 CVE-2026-41666 — Integer Overflowvulnerability, cve, medium-severity, integer-overflow, cwe-190 https://shimiscyberworld.com/posts/nvd-CVE-2026-41665/ Shimi's Cyber World en 2026-04-22T10:16:13+03:00 CVE-2026-41665 — Integer Overflowvulnerability, cve, medium-severity, integer-overflow, cwe-190 https://shimiscyberworld.com/posts/nvd-CVE-2026-41664/ Shimi's Cyber World en 2026-04-22T10:16:13+03:00 CVE-2026-41664 — Integer Overflowvulnerability, cve, medium-severity, integer-overflow, cwe-190 https://shimiscyberworld.com/posts/nvd-CVE-2026-40450/ Shimi's Cyber World en 2026-04-22T10:16:13+03:00 CVE-2026-40450 — Integer Overflowvulnerability, cve, medium-severity, integer-overflow, cwe-190 https://shimiscyberworld.com/posts/nvd-CVE-2026-40449/ Shimi's Cyber World en 2026-04-22T10:16:13+03:00 CVE-2026-40449 — Integer Overflowvulnerability, cve, medium-severity, integer-overflow, cwe-190 https://shimiscyberworld.com/posts/nvd-CVE-2026-40448/ Shimi's Cyber World en 2026-04-22T10:16:12+03:00 CVE-2026-40448 — Integer Overflowvulnerability, cve, medium-severity, integer-overflow, cwe-190 https://shimiscyberworld.com/posts/over-1-300-microsoft-sharepoint-servers-vulnerable-to-spoofi-l6882/ Shimi's Cyber World en 2026-04-22T09:53:02+03:00 Unpatched SharePoint Servers Remain Ripe for Spoofing Attacksthreat-intel, data-breach, malware, vulnerability, microsoft https://shimiscyberworld.com/posts/nvd-CVE-2026-22754/ Shimi's Cyber World en 2026-04-22T09:16:04+03:00 Spring Security Authorization Bypass: High Severity Vulnerabilityvulnerability, cve, high-severity https://shimiscyberworld.com/posts/nvd-CVE-2026-22753/ Shimi's Cyber World en 2026-04-22T09:16:04+03:00 Spring Security Flaw Bypasses Auth, Authorizationvulnerability, cve, high-severity https://shimiscyberworld.com/posts/nvd-CVE-2026-22748/ Shimi's Cyber World en 2026-04-22T09:16:04+03:00 CVE-2026-22748 — Spring Security: From Vulnerabilityvulnerability, cve, medium-severity https://shimiscyberworld.com/posts/nvd-CVE-2026-22747/ Shimi's Cyber World en 2026-04-22T09:16:03+03:00 CVE-2026-22747 — Spring Security: From Vulnerabilityvulnerability, cve, medium-severity https://shimiscyberworld.com/posts/nvd-CVE-2026-40451/ Shimi's Cyber World en 2026-04-22T08:16:23+03:00 CVE-2026-40451 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-6835/ Shimi's Cyber World en 2026-04-22T07:16:09+03:00 CVE-2026-6835 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-434 https://shimiscyberworld.com/posts/nvd-CVE-2026-6834/ Shimi's Cyber World en 2026-04-22T07:16:09+03:00 CVE-2026-6834 — The a+HRD developed by aEnrich has a Missing Authorizationvulnerability, cve, medium-severity, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2026-6833/ Shimi's Cyber World en 2026-04-22T07:16:07+03:00 CVE-2026-6833 — SQL Injectionvulnerability, cve, medium-severity, sql-injection, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-41127/ Shimi's Cyber World en 2026-04-22T03:16:28+03:00 CVE-2026-41127 — BigBlueButton is an open-source virtual classroom. Versionsvulnerability, cve, medium-severity, cwe-639 https://shimiscyberworld.com/posts/nvd-CVE-2026-41126/ Shimi's Cyber World en 2026-04-22T03:16:28+03:00 CVE-2026-41126 — Open Redirectvulnerability, cve, medium-severity, open-redirect, cwe-601 https://shimiscyberworld.com/posts/nvd-CVE-2026-41064/ Shimi's Cyber World en 2026-04-22T03:16:28+03:00 Critical RCE in WWBN AVideo: Incomplete Patch Leaves Open Source Platform Exposedvulnerability, cve, critical, high-severity, cwe-78 https://shimiscyberworld.com/posts/nvd-CVE-2026-41059/ Shimi's Cyber World en 2026-04-22T03:16:27+03:00 OAuth2 Proxy Bypass: Fragment Handling Exposes Protected Resourcesvulnerability, cve, high-severity, authentication-bypass, cwe-288 https://shimiscyberworld.com/posts/nvd-CVE-2026-40575/ Shimi's Cyber World en 2026-04-22T03:16:27+03:00 Critical OAuth2 Proxy Auth Bypass: CVE-2026-40575vulnerability, cve, critical, high-severity, cwe-290