https://shimiscyberworld.com/posts/nvd-CVE-2026-27415/ Shimi's Cyber World en 2026-05-07T14:15:59+03:00 CVE-2026-27415 — PluginUs.Net BEAR Vulnerabilityvulnerability, cve, medium-severity, cwe-352 https://shimiscyberworld.com/posts/telegram-1427288221-8889/ Shimi's Cyber World en 2026-05-07T14:09:25+03:00 MedusaLocker Ransomware Group Details Financial Motivation, Operational Shiftsisrael, telegram https://shimiscyberworld.com/posts/gemini-cli-vulnerability-could-have-led-to-code-execution-s-ite2y/ Shimi's Cyber World en 2026-05-07T13:39:34+03:00 Gemini CLI Vulnerability: Prompt Injection Leads to Code Executionthreat-intel, vulnerability, ai-security, tools, securityweek https://shimiscyberworld.com/posts/pypi-packages-deliver-zichatbot-malware-via-zulip-apis-on-wi-g5ity/ Shimi's Cyber World en 2026-05-07T12:20:00+03:00 PyPI Packages Deliver ZiChatBot Malware to Windows and Linuxthreat-intel, vulnerability, malware, microsoft https://shimiscyberworld.com/posts/nvd-CVE-2026-44407/ Shimi's Cyber World en 2026-05-07T12:16:27+03:00 CVE-2026-44407 — Denial of Servicevulnerability, cve, medium-severity, denial-of-service, cwe-134 https://shimiscyberworld.com/posts/nvd-CVE-2026-27421/ Shimi's Cyber World en 2026-05-07T12:16:27+03:00 CVE-2026-27421 — WProyal Royal Elementor Addons Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-27416/ Shimi's Cyber World en 2026-05-07T12:16:27+03:00 CVE-2026-27416 — BPlugins PDF Poster Vulnerabilityvulnerability, cve, medium-severity, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2026-27329/ Shimi's Cyber World en 2026-05-07T12:16:27+03:00 CVE-2026-27329 — YITH YITH WooCommerce Wishlist Vulnerabilityvulnerability, cve, medium-severity, cwe-639 https://shimiscyberworld.com/posts/nvd-CVE-2026-25468/ Shimi's Cyber World en 2026-05-07T12:16:27+03:00 CVE-2026-25468 — WeDevs Happy Addons For Elementor Vulnerabilityvulnerability, cve, medium-severity, cwe-497 https://shimiscyberworld.com/posts/nvd-CVE-2026-25436/ Shimi's Cyber World en 2026-05-07T12:16:26+03:00 CVE-2026-25436 — WProyal Royal Elementor Addons Vulnerabilityvulnerability, cve, medium-severity, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2025-68604/ Shimi's Cyber World en 2026-05-07T12:16:26+03:00 CVE-2025-68604 — WPGraphQL Vulnerabilityvulnerability, cve, medium-severity, cwe-352 https://shimiscyberworld.com/posts/nvd-CVE-2025-68060/ Shimi's Cyber World en 2026-05-07T12:16:26+03:00 CVE-2025-68060: High-Severity SQL Injection in WPMart Team Member Pluginvulnerability, cve, high-severity, sql-injection, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2025-66105/ Shimi's Cyber World en 2026-05-07T12:16:26+03:00 CVE-2025-66105 — Magepeople Inc. Bus Ticket Booking With Seat Reservation Vulnerabilityvulnerability, cve, medium-severity, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2025-62127/ Shimi's Cyber World en 2026-05-07T12:16:26+03:00 CVE-2025-62127 — WEN Themes WEN Logo Slider Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2025-2514/ Shimi's Cyber World en 2026-05-07T12:16:26+03:00 CVE-2025-2514 — Hitachi Virtual Storage Platform G130, G150, G350, G370, G70 Vulnerabilityvulnerability, cve, medium-severity, cwe-307 https://shimiscyberworld.com/posts/nvd-CVE-2025-1978/ Shimi's Cyber World en 2026-05-07T12:16:26+03:00 CVE-2025-1978: Hitachi Storage RCE Vulnerability Exposes Enterprise Datavulnerability, cve, high-severity, remote-code-execution, cwe-94 https://shimiscyberworld.com/posts/nvd-CVE-2024-43384/ Shimi's Cyber World en 2026-05-07T12:16:24+03:00 CVE-2024-43384: Root Password Exposure via Improper Information Removalvulnerability, cve, high-severity, cwe-212 https://shimiscyberworld.com/posts/nvd-CVE-2026-44406/ Shimi's Cyber World en 2026-05-07T11:16:00+03:00 CVE-2026-44406 — Code Executionvulnerability, cve, medium-severity, code-execution, cwe-427 https://shimiscyberworld.com/posts/nvd-CVE-2025-9661/ Shimi's Cyber World en 2026-05-07T11:16:00+03:00 Hitachi VSP One Block OS Command Injection (CVE-2025-9661) CVSS 8.1vulnerability, cve, high-severity, command-injection, cwe-78 https://shimiscyberworld.com/posts/woflow-447-593-breached-accounts-rhbn4/ Shimi's Cyber World en 2026-05-07T09:48:33+03:00 Woflow Data Breach: ShinyHunters Exposes 447K Accountsdata-breach https://shimiscyberworld.com/posts/nvd-CVE-2026-8063/ Shimi's Cyber World en 2026-05-07T09:16:05+03:00 CVE-2026-8063 — Null Pointer Dereferencevulnerability, cve, medium-severity, null-pointer-dereference, cwe-476 https://shimiscyberworld.com/posts/nvd-CVE-2026-7252/ Shimi's Cyber World en 2026-05-07T09:16:05+03:00 WP-Optimize Plugin Flaw Allows Arbitrary File Deletion, RCE via wp-config.phpvulnerability, cve, high-severity, remote-code-execution, cwe-22 https://shimiscyberworld.com/posts/nvd-CVE-2026-6692/ Shimi's Cyber World en 2026-05-07T09:16:05+03:00 CVE-2026-6692: WordPress Slider Revolution RCE Vulnerabilityvulnerability, cve, high-severity, remote-code-execution, cwe-434 https://shimiscyberworld.com/posts/nvd-CVE-2026-4348/ Shimi's Cyber World en 2026-05-07T09:16:05+03:00 CVE-2026-4348: Unauthenticated SQLi in BetterDocs Pro WordPress Pluginvulnerability, cve, high-severity, sql-injection, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-41641/ Shimi's Cyber World en 2026-05-07T09:16:05+03:00 NocoBase SQL Injection Bypass (CVE-2026-41641) Exposes Datavulnerability, cve, high-severity, cwe-89, cwe-284 https://shimiscyberworld.com/posts/nvd-CVE-2026-41413/ Shimi's Cyber World en 2026-05-07T09:16:04+03:00 CVE-2026-41413 — Istio is an open platform to connect, manage, and securevulnerability, cve, medium-severity, cwe-918 https://shimiscyberworld.com/posts/nvd-CVE-2026-41143/ Shimi's Cyber World en 2026-05-07T09:16:04+03:00 YesWiki SQL Injection (CVE-2026-41143) Risks Data Exposurevulnerability, cve, high-severity, sql-injection, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-41139/ Shimi's Cyber World en 2026-05-07T09:16:04+03:00 Math.js Arbitrary Code Execution via Expression Parser (CVE-2026-41139)vulnerability, cve, high-severity, cwe-915 https://shimiscyberworld.com/posts/nvd-CVE-2026-6214/ Shimi's Cyber World en 2026-05-07T07:16:35+03:00 CVE-2026-6214 — The Forminator Forms plugin for WordPress is vulnerable tovulnerability, cve, medium-severity, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2026-42194/ Shimi's Cyber World en 2026-05-07T07:16:34+03:00 CVE-2026-42194 — Server-Side Request Forgeryvulnerability, cve, medium-severity, server-side-request-forgery, cwe-918 https://shimiscyberworld.com/posts/nvd-CVE-2026-41671/ Shimi's Cyber World en 2026-05-07T07:16:32+03:00 CVE-2026-41671 — Authentication Bypassvulnerability, cve, medium-severity, authentication-bypass, cwe-287 https://shimiscyberworld.com/posts/nvd-CVE-2026-41670/ Shimi's Cyber World en 2026-05-07T07:16:30+03:00 CVE-2026-41670: Admidio SAML IdP Bypass Exposes User Datavulnerability, cve, high-severity, cwe-20, cwe-601 https://shimiscyberworld.com/posts/nvd-CVE-2026-41669/ Shimi's Cyber World en 2026-05-07T07:16:30+03:00 CVE-2026-41669: Admidio SAML Signature Bypass Puts User Management at Riskvulnerability, cve, high-severity, cwe-347 https://shimiscyberworld.com/posts/nvd-CVE-2026-41661/ Shimi's Cyber World en 2026-05-07T07:16:29+03:00 CVE-2026-41661 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-41660/ Shimi's Cyber World en 2026-05-07T07:16:29+03:00 Admidio CVE-2026-41660: Logic Error Allows 2FA Bypass for Admin Accountsvulnerability, cve, high-severity, cwe-863 https://shimiscyberworld.com/posts/nvd-CVE-2026-41658/ Shimi's Cyber World en 2026-05-07T07:16:29+03:00 CVE-2026-41658 — Admidio is an open-source user management solution. Priorvulnerability, cve, medium-severity, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2026-41655/ Shimi's Cyber World en 2026-05-07T07:16:28+03:00 CVE-2026-41655 — Path Traversalvulnerability, cve, medium-severity, path-traversal, cwe-22 https://shimiscyberworld.com/posts/nvd-CVE-2026-41640/ Shimi's Cyber World en 2026-05-07T07:16:28+03:00 CVE-2026-41640: NocoBase No-Code Platform SQL Injectionvulnerability, cve, high-severity, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-41201/ Shimi's Cyber World en 2026-05-07T07:16:26+03:00 CVE-2026-41201: Critical CI4MS Account Takeover Via Stored XSSvulnerability, cve, critical, high-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-41142/ Shimi's Cyber World en 2026-05-07T07:16:26+03:00 CVE-2026-41142: OpenEXR Integer Overflow Leads to Heap OOB Writevulnerability, cve, high-severity, integer-overflow, cwe-190 https://shimiscyberworld.com/posts/nvd-CVE-2026-41002/ Shimi's Cyber World en 2026-05-07T07:16:25+03:00 Spring Cloud Config Server Vulnerable to TOCTOU Attacks (CVE-2026-41002)vulnerability, cve, high-severity, cwe-367 https://shimiscyberworld.com/posts/nvd-CVE-2026-40982/ Shimi's Cyber World en 2026-05-07T07:16:24+03:00 Spring Cloud Config Vulnerability CVE-2026-40982 Allows Directory Traversalvulnerability, cve, critical, high-severity, path-traversal, cwe-22 https://shimiscyberworld.com/posts/nvd-CVE-2026-40981/ Shimi's Cyber World en 2026-05-07T07:16:24+03:00 CVE-2026-40981: Spring Cloud Config Exposes GCP Secretsvulnerability, cve, high-severity, cwe-639 https://shimiscyberworld.com/posts/nvd-CVE-2026-4807/ Shimi's Cyber World en 2026-05-07T06:16:08+03:00 CVE-2026-4807 — The Appointment Booking Calendar plugin for WordPress isvulnerability, cve, medium-severity, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2026-6222/ Shimi's Cyber World en 2026-05-07T05:16:37+03:00 CVE-2026-6222 — The Forminator Forms plugin for WordPress is vulnerable tovulnerability, cve, medium-severity, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2026-40003/ Shimi's Cyber World en 2026-05-07T05:16:03+03:00 CVE-2026-40003 — Code Executionvulnerability, cve, medium-severity, code-execution, cwe-787 https://shimiscyberworld.com/posts/north-korean-hackers-targeted-ethnic-koreans-in-china-with-a-941im/ Shimi's Cyber World en 2026-05-07T03:12:00+03:00 North Korean APT37 Targets Ethnic Koreans in China with BirdCall Malwarethreat-intel, data-breach, government, malware https://shimiscyberworld.com/posts/nvd-CVE-2026-41484/ Shimi's Cyber World en 2026-05-07T01:16:26+03:00 CVE-2026-41484 — OpenTelemetry.Exporter.OneCollector is a .NET exporter thatvulnerability, cve, medium-severity, cwe-770 https://shimiscyberworld.com/posts/nvd-CVE-2026-41483/ Shimi's Cyber World en 2026-05-07T01:16:25+03:00 CVE-2026-41483 — OpenTelemetry.Resources.Azure is the .NET resource detectorvulnerability, cve, medium-severity, cwe-770 https://shimiscyberworld.com/posts/nvd-CVE-2026-41417/ Shimi's Cyber World en 2026-05-07T01:16:25+03:00 CVE-2026-41417 — Netty allows request-line validation to be bypassed when avulnerability, cve, medium-severity, cwe-93, cwe-444 https://shimiscyberworld.com/posts/nvd-CVE-2026-41310/ Shimi's Cyber World en 2026-05-07T01:16:25+03:00 CVE-2026-41310 — OpenTelemetry.Exporter.Zipkin is the .NET Zipkin exportervulnerability, cve, medium-severity, cwe-400, cwe-770 https://shimiscyberworld.com/posts/nvd-CVE-2026-40296/ Shimi's Cyber World en 2026-05-07T01:16:25+03:00 CVE-2026-40296 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-40281/ Shimi's Cyber World en 2026-05-07T00:16:01+03:00 Gotenberg PDF API Vulnerability CVE-2026-40281 Allows Arbitrary File Overwritevulnerability, cve, critical, high-severity, arbitrary-file-access, cwe-88 https://shimiscyberworld.com/posts/mirai-based-xlabs-v1-botnet-exploits-adb-to-hijack-iot-devic-xqkjl/ Shimi's Cyber World en 2026-05-06T23:21:00+03:00 Mirai-Based xlabs_v1 Botnet Exploits ADB to Hijack IoT Devicesthreat-intel, vulnerability, malware, data-breach, the-hacker-news https://shimiscyberworld.com/posts/nvd-CVE-2026-8032/ Shimi's Cyber World en 2026-05-06T23:16:36+03:00 PicoTronica e-Clinic Healthcare System Hard-Coded Credential Vulnerability (CVE-2026-8032)vulnerability, cve, high-severity, cwe-259, cwe-798 https://shimiscyberworld.com/posts/nvd-CVE-2026-44118/ Shimi's Cyber World en 2026-05-06T23:16:35+03:00 OpenClaw CVE-2026-44118: Loopback Owner Context Spoofing Vulnerabilityvulnerability, cve, high-severity, cwe-290 https://shimiscyberworld.com/posts/nvd-CVE-2026-44116/ Shimi's Cyber World en 2026-05-06T23:16:35+03:00 OpenClaw Zalo Plugin SSRF Vulnerability (CVE-2026-44116) Poses High Riskvulnerability, cve, high-severity, server-side-request-forgery, cwe-918 https://shimiscyberworld.com/posts/nvd-CVE-2026-44115/ Shimi's Cyber World en 2026-05-06T23:16:35+03:00 CVE-2026-44115: OpenClaw Vulnerability Allows Shell Expansion Bypassvulnerability, cve, high-severity, cwe-184 https://shimiscyberworld.com/posts/nvd-CVE-2026-44114/ Shimi's Cyber World en 2026-05-06T23:16:35+03:00 OpenClaw Vulnerability: Environment Namespace Override Poses Supply Chain Riskvulnerability, cve, high-severity, cwe-184 https://shimiscyberworld.com/posts/nvd-CVE-2026-44110/ Shimi's Cyber World en 2026-05-06T23:16:34+03:00 OpenClaw Authorization Bypass (CVE-2026-44110) Exposes Room Controlvulnerability, cve, high-severity, cwe-863 https://shimiscyberworld.com/posts/nvd-CVE-2026-44109/ Shimi's Cyber World en 2026-05-06T23:16:34+03:00 OpenClaw Authentication Bypass: Critical Vulnerability in Feishu Webhookvulnerability, cve, critical, high-severity, authentication-bypass, cwe-1188 https://shimiscyberworld.com/posts/nvd-CVE-2026-43585/ Shimi's Cyber World en 2026-05-06T23:16:34+03:00 OpenClaw Vulnerability Allows Revoked Bearer Tokens to Remain Validvulnerability, cve, high-severity, cwe-672 https://shimiscyberworld.com/posts/nvd-CVE-2026-43584/ Shimi's Cyber World en 2026-05-06T23:16:34+03:00 CVE-2026-43584: OpenClaw Environment Variable Vulnerability Allows Execution Hijackvulnerability, cve, high-severity, cwe-184 https://shimiscyberworld.com/posts/nvd-CVE-2026-43581/ Shimi's Cyber World en 2026-05-06T23:16:33+03:00 CVE-2026-43581: Critical OpenClaw Sandbox Vulnerability Exposes DevToolsvulnerability, cve, critical, high-severity, cwe-1188 https://shimiscyberworld.com/posts/nvd-CVE-2026-43580/ Shimi's Cyber World en 2026-05-06T23:16:33+03:00 CVE-2026-43580: OpenClaw Vulnerability Bypasses SSRF Protectionsvulnerability, cve, high-severity, server-side-request-forgery, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2026-43578/ Shimi's Cyber World en 2026-05-06T23:16:33+03:00 CVE-2026-43578: OpenClaw Privilege Escalation Hits Critical Severityvulnerability, cve, critical, high-severity, privilege-escalation, cwe-184 https://shimiscyberworld.com/posts/nvd-CVE-2026-43577/ Shimi's Cyber World en 2026-05-06T23:16:33+03:00 CVE-2026-43577 — OpenClaw before 2026.4.9 contains a file read vulnerabilityvulnerability, cve, medium-severity, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2026-43576/ Shimi's Cyber World en 2026-05-06T23:16:33+03:00 OpenClaw SSRF Vulnerability (CVE-2026-43576) Allows Untrusted Pivotingvulnerability, cve, high-severity, server-side-request-forgery, cwe-601, cwe-918 https://shimiscyberworld.com/posts/nvd-CVE-2026-43575/ Shimi's Cyber World en 2026-05-06T23:16:33+03:00 CVE-2026-43575: OpenClaw Critical Auth Bypass Exposes Browser Sessionsvulnerability, cve, critical, high-severity, authentication-bypass, cwe-862 https://shimiscyberworld.com/posts/daily-digest/ Shimi's Cyber World en 2026-05-06T23:00:00+03:00 Daily Security Digest — 2026-05-06daily-digest, vulnerability, cve, high-severity, denial-of-service, remote-code-execution, cwe-94, cross-site-scripting-xss, cwe-79, sql-injection https://shimiscyberworld.com/posts/nvd-CVE-2026-8031/ Shimi's Cyber World en 2026-05-06T22:16:53+03:00 CVE-2026-8031 — PicoTronica E-Clinic Healthcare System ECHS Vulnerabilityvulnerability, cve, medium-severity, cwe-287, cwe-306 https://shimiscyberworld.com/posts/nvd-CVE-2026-41938/ Shimi's Cyber World en 2026-05-06T22:16:37+03:00 CVE-2026-41938: Vvveb Unrestricted File Upload Leads to RCEvulnerability, cve, high-severity, remote-code-execution, cwe-434 https://shimiscyberworld.com/posts/nvd-CVE-2026-41936/ Shimi's Cyber World en 2026-05-06T22:16:37+03:00 CVE-2026-41936: Vvveb XXE Allows File Disclosure, Privilege Escalationvulnerability, cve, high-severity, privilege-escalation, cwe-611 https://shimiscyberworld.com/posts/nvd-CVE-2026-41934/ Shimi's Cyber World en 2026-05-06T22:16:37+03:00 Vvveb RCE: Authenticated Users Can Achieve Unauthenticated Code Executionvulnerability, cve, high-severity, remote-code-execution, cwe-184 https://shimiscyberworld.com/posts/nvd-CVE-2026-41931/ Shimi's Cyber World en 2026-05-06T22:16:37+03:00 CVE-2026-41931 — Information Disclosurevulnerability, cve, medium-severity, information-disclosure, cwe-209, cwe-1188 https://shimiscyberworld.com/posts/nvd-CVE-2026-41930/ Shimi's Cyber World en 2026-05-06T22:16:37+03:00 CVE-2026-41930: Vvveb Docker Hard-Coded Credentials Lead to Critical Database Accessvulnerability, cve, critical, high-severity, cwe-306 https://shimiscyberworld.com/posts/nvd-CVE-2025-31960/ Shimi's Cyber World en 2026-05-06T22:16:35+03:00 CVE-2025-31960 — HCL BigFix Service Management (SM) is vulnerable tovulnerability, cve, medium-severity, cwe-209 https://shimiscyberworld.com/posts/nvd-CVE-2024-30151/ Shimi's Cyber World en 2026-05-06T22:16:35+03:00 HCL BigFix Service Management Privilege Escalation (CVE-2024-30151)vulnerability, cve, high-severity, privilege-escalation, cwe-532 https://shimiscyberworld.com/posts/critical-vm2-sandbox-bug-lets-attackers-execute-code-on-host-w0arn/ Shimi's Cyber World en 2026-05-06T21:38:38+03:00 vm2 Sandbox Bug: Critical RCE Allows Host System Takeoverthreat-intel, data-breach, malware, vulnerability, bleepingcomputer https://shimiscyberworld.com/posts/new-cisco-dos-flaw-requires-manual-reboot-to-revive-devices-bcyha/ Shimi's Cyber World en 2026-05-06T21:06:21+03:00 Cisco DoS Flaw Hits Network Controllers, Requires Manual Rebootthreat-intel, data-breach, malware, vulnerability https://shimiscyberworld.com/posts/nvd-CVE-2026-7875/ Shimi's Cyber World en 2026-05-06T20:16:24+03:00 NanoClaw Container Vulnerability Allows Arbitrary File Access, Recursive Deletionvulnerability, cve, high-severity, arbitrary-file-access, cwe-22 https://shimiscyberworld.com/posts/nvd-CVE-2026-42503/ Shimi's Cyber World en 2026-05-06T20:16:23+03:00 CVE-2026-42503: gopls Vulnerability Exposes Dev Environments to RCEvulnerability, cve, high-severity, cwe-1327 https://shimiscyberworld.com/posts/nvd-CVE-2026-23870/ Shimi's Cyber World en 2026-05-06T20:16:22+03:00 CVE-2026-23870: High-Severity DoS Flaw in React Server Componentsvulnerability, cve, high-severity, denial-of-service https://shimiscyberworld.com/posts/nvd-CVE-2026-20219/ Shimi's Cyber World en 2026-05-06T20:16:21+03:00 CVE-2026-20219 — The REST API Of Cisco Slido Vulnerabilityvulnerability, cve, medium-severity, cwe-639 https://shimiscyberworld.com/posts/nvd-CVE-2026-20195/ Shimi's Cyber World en 2026-05-06T20:16:21+03:00 CVE-2026-20195 — An Identity Management API Endpoint Of Cisco ISE Vulnerabilityvulnerability, cve, medium-severity, cwe-204 https://shimiscyberworld.com/posts/nvd-CVE-2026-20193/ Shimi's Cyber World en 2026-05-06T20:16:21+03:00 CVE-2026-20193 — The RADIUS Policy API Endpoints Of Cisco ISE Vulnerabilityvulnerability, cve, medium-severity, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2026-20189/ Shimi's Cyber World en 2026-05-06T20:16:21+03:00 CVE-2026-20189 — The Log File Download Functionality Of Cisco Prime Infrastru Vulnerabilityvulnerability, cve, medium-severity, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2026-20188/ Shimi's Cyber World en 2026-05-06T20:16:21+03:00 Cisco Crosswork, NSO DoS Vulnerability (CVE-2026-20188)vulnerability, cve, high-severity, denial-of-service, cwe-400 https://shimiscyberworld.com/posts/nvd-CVE-2026-20185/ Shimi's Cyber World en 2026-05-06T20:16:21+03:00 CVE-2026-20185: Cisco SG350/SG350X SNMP DoS Vulnerabilityvulnerability, cve, high-severity, denial-of-service, cwe-122 https://shimiscyberworld.com/posts/nvd-CVE-2026-20172/ Shimi's Cyber World en 2026-05-06T20:16:20+03:00 CVE-2026-20172 — The Lite Agent Feature Of Cisco Enterprise Chat And Email (E Vulnerabilityvulnerability, cve, medium-severity, cwe-646 https://shimiscyberworld.com/posts/nvd-CVE-2026-20169/ Shimi's Cyber World en 2026-05-06T20:16:20+03:00 CVE-2026-20169 — The Web-Based Management Interface Of Cisco IoT Field Networ Vulnerabilityvulnerability, cve, medium-severity, cwe-77 https://shimiscyberworld.com/posts/nvd-CVE-2026-20168/ Shimi's Cyber World en 2026-05-06T20:16:20+03:00 CVE-2026-20168 — The Web-Based Management Interface Of Cisco IoT Field Networ Vulnerabilityvulnerability, cve, medium-severity, cwe-388 https://shimiscyberworld.com/posts/nvd-CVE-2026-20167/ Shimi's Cyber World en 2026-05-06T20:16:20+03:00 Cisco IoT FND DoS Vulnerability (CVE-2026-20167) Allows Remote Router Reloadsvulnerability, cve, high-severity, denial-of-service, cwe-284 https://shimiscyberworld.com/posts/nvd-CVE-2026-20035/ Shimi's Cyber World en 2026-05-06T20:16:20+03:00 Cisco Unity Connection Web Inbox SSRF Vulnerability (CVE-2026-20035)vulnerability, cve, high-severity, server-side-request-forgery, cwe-918 https://shimiscyberworld.com/posts/nvd-CVE-2026-20034/ Shimi's Cyber World en 2026-05-06T20:16:20+03:00 Cisco Unity Connection: Authenticated RCE Via Web Management Interfacevulnerability, cve, high-severity, cwe-35 https://shimiscyberworld.com/posts/daemon-tools-devs-confirm-breach-release-malware-free-versi-mz2xg/ Shimi's Cyber World en 2026-05-06T19:43:30+03:00 DAEMON Tools Supply Chain Attack Confirmed, Malware-Free Version Releasedthreat-intel, data-breach, malware, tools https://shimiscyberworld.com/posts/nvd-CVE-2026-6863/ Shimi's Cyber World en 2026-05-06T19:16:12+03:00 CVE-2026-6863 — Velociraptor versions prior to 0.76.4 contain a crossvulnerability, cve, medium-severity, cwe-863 https://shimiscyberworld.com/posts/nvd-CVE-2026-6691/ Shimi's Cyber World en 2026-05-06T19:16:11+03:00 CVE-2026-6691: MongoDB C Driver Heap Overflow via GSSAPI Usernamevulnerability, cve, high-severity, buffer-overflow, cwe-120 https://shimiscyberworld.com/posts/nvd-CVE-2026-8027/ Shimi's Cyber World en 2026-05-06T18:16:13+03:00 CVE-2026-8027 — A weakness has been identified in FlowiseAI Flowise up tovulnerability, cve, medium-severity, cwe-285, cwe-639 https://shimiscyberworld.com/posts/nvd-CVE-2025-52613/ Shimi's Cyber World en 2026-05-06T18:16:08+03:00 CVE-2025-52613 — HCL BigFix Service Management (SM) is affected by use of avulnerability, cve, medium-severity, cwe-200 https://shimiscyberworld.com/posts/nvd-CVE-2025-31978/ Shimi's Cyber World en 2026-05-06T18:16:06+03:00 CVE-2025-31978 — HCL BigFix Service Management (SM) does not adequatelyvulnerability, cve, medium-severity, cwe-201 https://shimiscyberworld.com/posts/nvd-CVE-2025-31976/ Shimi's Cyber World en 2026-05-06T18:16:06+03:00 CVE-2025-31976 — HCL BigFix Service Management (SM) is vulnerable tovulnerability, cve, medium-severity, cwe-200 https://shimiscyberworld.com/posts/why-ransomware-attacks-succeed-even-when-backups-exist-s6wwb/ Shimi's Cyber World en 2026-05-06T17:04:14+03:00 Ransomware Attacks Succeed by Destroying Backups First, Not Just Encryptingthreat-intel, data-breach, malware, ransomware, bleepingcomputer https://shimiscyberworld.com/posts/muddywater-hackers-use-chaos-ransomware-as-a-decoy-in-attack-btsl8/ Shimi's Cyber World en 2026-05-06T16:02:52+03:00 MuddyWater Uses Chaos Ransomware as Decoy for Microsoft Teams Attacksthreat-intel, data-breach, malware, ransomware, microsoft, phishing https://shimiscyberworld.com/posts/nvd-CVE-2025-31951/ Shimi's Cyber World en 2026-05-06T15:16:26+03:00 HCL BigFix RunBookAI Vulnerability Allows Command Smugglingvulnerability, cve, high-severity, cwe-77, cwe-351, cwe-451 https://shimiscyberworld.com/posts/the-hacker-news-launches-cybersecurity-stars-awards-2026-a8nz8/ Shimi's Cyber World en 2026-05-06T15:03:00+03:00 The Hacker News Launches 'Cybersecurity Stars Awards 2026'threat-intel, vulnerability https://shimiscyberworld.com/posts/nvd-CVE-2026-6420/ Shimi's Cyber World en 2026-05-06T14:16:05+03:00 CVE-2026-6420 — Keylime Vulnerabilityvulnerability, cve, medium-severity, cwe-1241 https://shimiscyberworld.com/posts/nvd-CVE-2025-31970/ Shimi's Cyber World en 2026-05-06T14:16:03+03:00 CVE-2025-31970 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-358 https://shimiscyberworld.com/posts/your-ai-agents-are-already-inside-the-perimeter-do-you-know-va5k8/ Shimi's Cyber World en 2026-05-06T13:57:00+03:00 AI Agents Proliferating Faster Than Enterprise Governancethreat-intel, vulnerability, identity, ai-security https://shimiscyberworld.com/posts/nvd-CVE-2026-40001/ Shimi's Cyber World en 2026-05-06T13:16:19+03:00 CVE-2026-40001 — Code Executionvulnerability, cve, medium-severity, code-execution, cwe-269 https://shimiscyberworld.com/posts/nvd-CVE-2026-35255/ Shimi's Cyber World en 2026-05-06T13:16:19+03:00 CVE-2026-35255 — The Oracle Cloud Native Environment Command Line Interface P Vulnerabilityvulnerability, cve, medium-severity https://shimiscyberworld.com/posts/nvd-CVE-2026-1719/ Shimi's Cyber World en 2026-05-06T13:16:18+03:00 WordPress Gravity Bookings Plugin Vulnerable to SQL Injection (CVE-2026-1719)vulnerability, cve, high-severity, sql-injection, cwe-89 https://shimiscyberworld.com/posts/cisa-critical-infrastructure-must-master-isolation-recover-cncgj/ Shimi's Cyber World en 2026-05-06T13:15:34+03:00 CISA Mandates Isolation, Recovery for Critical Infrastructure Against Foreign Cyber Threatsthreat-intel, vulnerability https://shimiscyberworld.com/posts/legionproxy-10-144-breached-accounts-5jdcb/ Shimi's Cyber World en 2026-05-06T13:11:25+03:00 LegionProxy Breach Exposes 10,000 Accountsdata-breach https://shimiscyberworld.com/posts/google-s-android-apps-get-public-verification-to-stop-supply-uxtb6/ Shimi's Cyber World en 2026-05-06T12:13:00+03:00 Google Expands Android Binary Transparency to Counter Supply Chain Attacksthreat-intel, vulnerability https://shimiscyberworld.com/posts/windows-phone-link-exploited-by-cloudz-rat-to-steal-credenti-oy75b/ Shimi's Cyber World en 2026-05-06T11:34:00+03:00 CloudZ RAT and Pheno Plugin Target Windows Phone Link for Credential Theftthreat-intel, vulnerability, cloud, microsoft, identity, tools https://shimiscyberworld.com/posts/nvd-CVE-2026-7841/ Shimi's Cyber World en 2026-05-06T11:16:04+03:00 GeoVision GV-ASWeb RCE: High-Severity Flaw Affects Notification Settingsvulnerability, cve, high-severity, remote-code-execution, cwe-94 https://shimiscyberworld.com/posts/nvd-CVE-2026-7457/ Shimi's Cyber World en 2026-05-06T11:16:04+03:00 CVE-2026-7457 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-7448/ Shimi's Cyber World en 2026-05-06T11:16:04+03:00 CVE-2026-7448: WordPress LatePoint Plugin Open to Unauthenticated Stored XSSvulnerability, cve, high-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-7332/ Shimi's Cyber World en 2026-05-06T11:16:04+03:00 CVE-2026-7332: WordPress LatePoint Plugin XSS Flaw Exposes Unauthenticated Attackersvulnerability, cve, high-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-6672/ Shimi's Cyber World en 2026-05-06T11:16:03+03:00 CVE-2026-6672 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-6344/ Shimi's Cyber World en 2026-05-06T11:16:03+03:00 CVE-2026-6344 — Arbitrary File Accessvulnerability, cve, medium-severity, arbitrary-file-access, cwe-22 https://shimiscyberworld.com/posts/nvd-CVE-2026-35254/ Shimi's Cyber World en 2026-05-06T11:16:03+03:00 CVE-2026-35254 — The Oracle OCI CLI Product Of Oracle Open Source Projects. T Vulnerabilityvulnerability, cve, medium-severity https://shimiscyberworld.com/posts/nvd-CVE-2026-35253/ Shimi's Cyber World en 2026-05-06T11:16:03+03:00 CVE-2026-35253 — The Oracle Macoron Tool Product Of Oracle Open Source Projec Vulnerabilityvulnerability, cve, medium-severity https://shimiscyberworld.com/posts/telegram-1427288221-8884/ Shimi's Cyber World en 2026-05-06T10:02:50+03:00 Cyber News: Basic Security Hygiene Gaps Plague Most Organizationsisrael, cybersafe https://shimiscyberworld.com/posts/oracle-debuts-monthly-critical-security-patch-updates-a19et/ Shimi's Cyber World en 2026-05-06T09:32:17+03:00 Oracle to Issue Monthly Critical Security Patch Updatesthreat-intel, vulnerability https://shimiscyberworld.com/posts/nvd-CVE-2026-2306/ Shimi's Cyber World en 2026-05-06T09:16:03+03:00 CVE-2026-2306 — The Ninja Tables – Easy Data Table Builder plugin forvulnerability, cve, medium-severity, cwe-862 https://shimiscyberworld.com/posts/telegram-1542954397-4568/ Shimi's Cyber World en 2026-05-06T08:03:19+03:00 UK Age Verification Flaws Exploit Social Engineering, Parental Aidphishing, the-independent https://shimiscyberworld.com/posts/palo-alto-networks-to-patch-zero-day-exploited-to-hack-firew-awpvq/ Shimi's Cyber World en 2026-05-06T07:46:23+03:00 Palo Alto Networks Zero-Day Exploited to Hack Firewallsthreat-intel, vulnerability https://shimiscyberworld.com/posts/nvd-CVE-2026-5753/ Shimi's Cyber World en 2026-05-06T07:16:09+03:00 CVE-2026-5753 — The All-in-One WP Migration Unlimited Extension plugin forvulnerability, cve, medium-severity, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2026-3208/ Shimi's Cyber World en 2026-05-06T07:16:06+03:00 CVE-2026-3208 — The Mercado Pago payments for WooCommerce plugin forvulnerability, cve, medium-severity, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2026-7573/ Shimi's Cyber World en 2026-05-06T06:15:59+03:00 CVE-2026-7573 — An authorization bypass (CWE-639) in the GetUserRoles gRPCvulnerability, cve, medium-severity, cwe-639 https://shimiscyberworld.com/posts/nvd-CVE-2026-7572/ Shimi's Cyber World en 2026-05-06T06:15:58+03:00 CVE-2026-7572 — Denial of Servicevulnerability, cve, medium-severity, denial-of-service, cwe-193 https://shimiscyberworld.com/posts/nvd-CVE-2025-71256/ Shimi's Cyber World en 2026-05-06T05:16:05+03:00 CVE-2025-71256: nr Modem DoS Vulnerability Poses High Riskvulnerability, cve, high-severity, denial-of-service https://shimiscyberworld.com/posts/nvd-CVE-2025-71255/ Shimi's Cyber World en 2026-05-06T05:16:05+03:00 CVE-2025-71255: Modem IMS Vulnerability Exposes Devices to Remote DoSvulnerability, cve, high-severity, denial-of-service https://shimiscyberworld.com/posts/nvd-CVE-2025-71254/ Shimi's Cyber World en 2026-05-06T05:16:04+03:00 Modem IMS DoS Vulnerability (CVE-2025-71254) Poses Remote Threatvulnerability, cve, high-severity, denial-of-service https://shimiscyberworld.com/posts/nvd-CVE-2025-71253/ Shimi's Cyber World en 2026-05-06T05:16:04+03:00 Modem IMS Vulnerability (CVE-2025-71253) Allows Remote DoSvulnerability, cve, high-severity, denial-of-service https://shimiscyberworld.com/posts/nvd-CVE-2025-71252/ Shimi's Cyber World en 2026-05-06T05:16:04+03:00 CVE-2025-71252: Modem IMS Vulnerability Exposes Remote DoS Riskvulnerability, cve, high-severity, denial-of-service https://shimiscyberworld.com/posts/nvd-CVE-2025-71251/ Shimi's Cyber World en 2026-05-06T05:16:03+03:00 CVE-2025-71251: IMS DoS Vulnerability Poses High Riskvulnerability, cve, high-severity, denial-of-service https://shimiscyberworld.com/posts/nvd-CVE-2026-41950/ Shimi's Cyber World en 2026-05-06T00:16:23+03:00 CVE-2026-41950 — Arbitrary File Accessvulnerability, cve, medium-severity, arbitrary-file-access, cwe-639 https://shimiscyberworld.com/posts/trellix-source-code-breach-highlights-growing-supply-chain-t-qt8rq/ Shimi's Cyber World en 2026-05-05T23:40:11+03:00 Trellix Source Code Breach Exposes Supply Chain Risksthreat-intel, tools, data-breach https://shimiscyberworld.com/posts/nvd-CVE-2026-7857/ Shimi's Cyber World en 2026-05-05T23:16:41+03:00 D-Link DI-8100 Router Vulnerable to Remote Buffer Overflow (CVE-2026-7857)vulnerability, cve, high-severity, buffer-overflow, cwe-119, cwe-120 https://shimiscyberworld.com/posts/nvd-CVE-2026-7856/ Shimi's Cyber World en 2026-05-05T23:16:41+03:00 D-Link DI-8100 Buffer Overflow (CVE-2026-7856) Exposes Web Managementvulnerability, cve, high-severity, buffer-overflow, cwe-119, cwe-120 https://shimiscyberworld.com/posts/nvd-CVE-2026-44331/ Shimi's Cyber World en 2026-05-05T23:16:39+03:00 ProFTPD SQL Injection (CVE-2026-44331) Exposes Servers to Remote Attacksvulnerability, cve, high-severity, sql-injection, cwe-89 https://shimiscyberworld.com/posts/daily-digest/ Shimi's Cyber World en 2026-05-05T23:00:00+03:00 Daily Security Digest — 2026-05-05daily-digest, vulnerability, cve, high-severity, cwe-22, cwe-770, cwe-306, cwe-284, privilege-escalation, cwe-367 https://shimiscyberworld.com/posts/telegram-1427288221-8881/ Shimi's Cyber World en 2026-05-05T22:45:14+03:00 MedusaLocker Leaks Magnolia Data After Ransom Refusalisrael https://shimiscyberworld.com/posts/nvd-CVE-2026-7855/ Shimi's Cyber World en 2026-05-05T22:16:23+03:00 D-Link DI-8100 Buffer Overflow - CVE-2026-7855 Public Exploit Availablevulnerability, cve, high-severity, buffer-overflow, cwe-119, cwe-120 https://shimiscyberworld.com/posts/nvd-CVE-2026-7854/ Shimi's Cyber World en 2026-05-05T22:16:23+03:00 D-Link DI-8100 Critical Buffer Overflow (CVE-2026-7854)vulnerability, cve, critical, high-severity, buffer-overflow, cwe-119, cwe-120 https://shimiscyberworld.com/posts/nvd-CVE-2026-42997/ Shimi's Cyber World en 2026-05-05T22:16:22+03:00 OpenStack Ironic Vulnerability CVE-2026-42997 Exposes Keystone Tokensvulnerability, cve, high-severity, cwe-669 https://shimiscyberworld.com/posts/nvd-CVE-2026-27960/ Shimi's Cyber World en 2026-05-05T22:16:21+03:00 OpenCTI Critical Auth Bypass: Unauthenticated API Access Threatens CTI Platformsvulnerability, cve, critical, high-severity, privilege-escalation, cwe-287 https://shimiscyberworld.com/posts/nvd-CVE-2026-7853/ Shimi's Cyber World en 2026-05-05T21:16:04+03:00 D-Link DI-8100 Critical Buffer Overflow (CVE-2026-7853) Publicly Exploitablevulnerability, cve, critical, high-severity, buffer-overflow, cwe-119, cwe-120 https://shimiscyberworld.com/posts/nvd-CVE-2026-7851/ Shimi's Cyber World en 2026-05-05T21:16:03+03:00 D-Link DI-8100 Router Vulnerability: Remote Stack Buffer Overflowvulnerability, cve, high-severity, buffer-overflow, cwe-119, cwe-121 https://shimiscyberworld.com/posts/ftc-bans-data-broker-kochava-from-selling-sensitive-location-wpt74/ Shimi's Cyber World en 2026-05-05T21:02:00+03:00 FTC Bans Kochava from Selling Sensitive Location Datathreat-intel, data-breach, government https://shimiscyberworld.com/posts/telegram-1542954397-4567/ Shimi's Cyber World en 2026-05-05T21:01:26+03:00 Grok Bypassed for $200k Crypto Theft via Morse Code in Username https://shimiscyberworld.com/posts/conti-akira-ransomware-affiliate-given-8-year-sentence-x44pk/ Shimi's Cyber World en 2026-05-05T20:33:00+03:00 Conti, Akira Ransomware Affiliate Sentenced to 8 Yearsthreat-intel, data-breach, government, malware, ransomware https://shimiscyberworld.com/posts/nvd-CVE-2026-43002/ Shimi's Cyber World en 2026-05-05T20:17:04+03:00 CVE-2026-43002 — OpenStack Horizon 25.6 And Vulnerabilityvulnerability, cve, medium-severity, cwe-696 https://shimiscyberworld.com/posts/critical-apache-http-2-flaw-cve-2026-23918-enables-dos-and-wh5bp/ Shimi's Cyber World en 2026-05-05T19:19:00+03:00 Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS, Potential RCEthreat-intel, vulnerability, tools https://shimiscyberworld.com/posts/nvd-CVE-2026-7844/ Shimi's Cyber World en 2026-05-05T19:16:19+03:00 CVE-2026-7844 — Chatchat-Space Langchain-Chatchat Vulnerabilityvulnerability, cve, medium-severity, cwe-287, cwe-306 https://shimiscyberworld.com/posts/nvd-CVE-2026-7412/ Shimi's Cyber World en 2026-05-05T19:16:18+03:00 Eclipse BaSyx Server SDK Vulnerability Bypasses Network Segmentationvulnerability, cve, high-severity, cwe-918 https://shimiscyberworld.com/posts/nvd-CVE-2026-7411/ Shimi's Cyber World en 2026-05-05T19:16:18+03:00 Eclipse BaSyx RCE: Critical Path Traversal in Server SDKvulnerability, cve, critical, high-severity, remote-code-execution, cwe-22 https://shimiscyberworld.com/posts/nvd-CVE-2026-6907/ Shimi's Cyber World en 2026-05-05T19:16:18+03:00 CVE-2026-6907 — An issue was discovered in 6.0 before 6.0.5 and 5.2 beforevulnerability, cve, medium-severity, cwe-524 https://shimiscyberworld.com/posts/nvd-CVE-2026-5766/ Shimi's Cyber World en 2026-05-05T19:16:17+03:00 CVE-2026-5766 — An issue was discovered in 6.0 before 6.0.5 and 5.2 beforevulnerability, cve, medium-severity, cwe-130 https://shimiscyberworld.com/posts/nvd-CVE-2026-34956/ Shimi's Cyber World en 2026-05-05T19:16:11+03:00 CVE-2026-34956 — Open VSwitch Denial of Servicevulnerability, cve, medium-severity, denial-of-service, cwe-120 https://shimiscyberworld.com/posts/nvd-CVE-2026-34002/ Shimi's Cyber World en 2026-05-05T19:16:11+03:00 CVE-2026-34002 — The X.Org X Server Denial of Servicevulnerability, cve, medium-severity, denial-of-service, cwe-805 https://shimiscyberworld.com/posts/nvd-CVE-2026-34000/ Shimi's Cyber World en 2026-05-05T19:16:11+03:00 CVE-2026-34000 — The X.Org X Server Denial of Servicevulnerability, cve, medium-severity, denial-of-service, cwe-125 https://shimiscyberworld.com/posts/daemon-tools-supply-chain-attack-compromises-official-instal-5vbfg/ Shimi's Cyber World en 2026-05-05T19:07:00+03:00 DAEMON Tools Supply Chain Attack Compromises Official Installersthreat-intel, vulnerability, malware, tools https://shimiscyberworld.com/posts/telegram-1373735086-5016/ Shimi's Cyber World en 2026-05-05T18:36:09+03:00 Icarus: New Threat Actor Emergesdarkweb, threat-intel, ransomware https://shimiscyberworld.com/posts/microsoft-warns-of-sophisticated-phishing-campaign-targeting-2e78d/ Shimi's Cyber World en 2026-05-05T17:45:04+03:00 Microsoft Warns of Sophisticated AitM Phishing Campaign Targeting US Organizationsthreat-intel, vulnerability, microsoft, phishing https://shimiscyberworld.com/posts/china-linked-uat-8302-targets-governments-using-shared-apt-m-xanvu/ Shimi's Cyber World en 2026-05-05T17:19:00+03:00 China-Linked UAT-8302 APT Targets Governments in South America and Europethreat-intel, vulnerability, malware, the-hacker-news https://shimiscyberworld.com/posts/nvd-CVE-2026-7834/ Shimi's Cyber World en 2026-05-05T17:16:09+03:00 CVE-2026-7834: Critical Stack-Based Buffer Overflow in EFM ipTIME NAS1dualvulnerability, cve, critical, high-severity, buffer-overflow, cwe-119, cwe-121 https://shimiscyberworld.com/posts/nvd-CVE-2026-7778/ Shimi's Cyber World en 2026-05-05T17:16:09+03:00 CVE-2026-7778 — An issue that could allow a dashboard configuration to bevulnerability, cve, medium-severity, cwe-269 https://shimiscyberworld.com/posts/nvd-CVE-2026-4304/ Shimi's Cyber World en 2026-05-05T17:16:09+03:00 WeePie Cookie Allow Plugin SQLi Risks Unauthenticated Database Accessvulnerability, cve, high-severity, sql-injection, cwe-89 https://shimiscyberworld.com/posts/the-eol-blind-spot-in-your-cve-feed-what-sca-tools-don-t-ch-onz4o/ Shimi's Cyber World en 2026-05-05T17:00:10+03:00 EOL Software Creates CVE Blind Spots in SCA Toolsthreat-intel, data-breach, malware, vulnerability, tools https://shimiscyberworld.com/posts/nvd-CVE-2026-7833/ Shimi's Cyber World en 2026-05-05T16:16:31+03:00 EFM ipTIME C200 Vulnerability: Remote Command Injection Exposedvulnerability, cve, high-severity, command-injection, cwe-74, cwe-77 https://shimiscyberworld.com/posts/nvd-CVE-2026-7832/ Shimi's Cyber World en 2026-05-05T16:16:31+03:00 IObit Advanced SystemCare 19: High-Severity Symlink Following Vulnerability (CVE-2026-7832)vulnerability, cve, high-severity, cwe-59, cwe-61 https://shimiscyberworld.com/posts/nvd-CVE-2026-30246/ Shimi's Cyber World en 2026-05-05T16:16:28+03:00 CVE-2026-30246 — Fiber is a web framework for Go. Invulnerability, cve, medium-severity, cwe-436 https://shimiscyberworld.com/posts/nvd-CVE-2026-28510/ Shimi's Cyber World en 2026-05-05T16:16:28+03:00 CVE-2026-28510 — eLabFTW is an open source electronic lab notebook. Invulnerability, cve, medium-severity, cwe-302 https://shimiscyberworld.com/posts/nvd-CVE-2026-27694/ Shimi's Cyber World en 2026-05-05T16:16:28+03:00 CVE-2026-27694 — Traccar is an open source GPS tracking system. Invulnerability, cve, medium-severity, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-27693/ Shimi's Cyber World en 2026-05-05T16:16:28+03:00 CVE-2026-27693 — Traccar is an open source GPS tracking system. Invulnerability, cve, medium-severity, cwe-91 https://shimiscyberworld.com/posts/nvd-CVE-2026-27644/ Shimi's Cyber World en 2026-05-05T16:16:27+03:00 CVE-2026-27644 — Traccar is an open source GPS tracking system. In versionsvulnerability, cve, medium-severity, cwe-1236 https://shimiscyberworld.com/posts/telegram-1427288221-8879/ Shimi's Cyber World en 2026-05-05T16:15:01+03:00 Google Chrome Bugs Found by AI Earn $57,000 Bug Bountyisrael https://shimiscyberworld.com/posts/telegram-1427288221-8878/ Shimi's Cyber World en 2026-05-05T16:08:56+03:00 Taiwan High Speed Rail Emergency Stop Caused by SDR Attackisrael https://shimiscyberworld.com/posts/vimeo-data-breach-exposes-personal-information-of-119-000-pe-1dxfn/ Shimi's Cyber World en 2026-05-05T16:03:46+03:00 Vimeo Data Breach Exposes Personal Information of 119,000threat-intel, data-breach, malware https://shimiscyberworld.com/posts/australia-launches-cyber-review-board-modeled-on-version-dis-lvyr7/ Shimi's Cyber World en 2026-05-05T15:45:00+03:00 Australia Establishes Cyber Incident Review Boardthreat-intel, data-breach, government, identity https://shimiscyberworld.com/posts/nvd-CVE-2026-6261/ Shimi's Cyber World en 2026-05-05T15:16:21+03:00 Betheme WordPress Arbitrary File Upload RCE (CVE-2026-6261)vulnerability, cve, high-severity, remote-code-execution, cwe-434 https://shimiscyberworld.com/posts/nvd-CVE-2026-43571/ Shimi's Cyber World en 2026-05-05T15:16:20+03:00 CVE-2026-43571: OpenClaw Plugin Trust Bypass Opens Attack Vectorsvulnerability, cve, high-severity, cwe-829 https://shimiscyberworld.com/posts/nvd-CVE-2026-43569/ Shimi's Cyber World en 2026-05-05T15:16:20+03:00 OpenClaw Authentication Bypass (CVE-2026-43569) Poses High Riskvulnerability, cve, high-severity, authentication-bypass, cwe-829 https://shimiscyberworld.com/posts/nvd-CVE-2026-43566/ Shimi's Cyber World en 2026-05-05T15:16:20+03:00 CVE-2026-43566: OpenClaw Privilege Escalation via Untrusted Webhook Eventsvulnerability, cve, critical, high-severity, privilege-escalation, cwe-184 https://shimiscyberworld.com/posts/nvd-CVE-2026-43534/ Shimi's Cyber World en 2026-05-05T15:16:19+03:00 OpenClaw Input Validation Flaw (CVE-2026-43534) Rated Criticalvulnerability, cve, critical, high-severity, cwe-345 https://shimiscyberworld.com/posts/nvd-CVE-2026-43533/ Shimi's Cyber World en 2026-05-05T15:16:19+03:00 CVE-2026-43533: OpenClaw QQBot Arbitrary File Read Vulnerability Uncoveredvulnerability, cve, high-severity, arbitrary-file-access, cwe-23 https://shimiscyberworld.com/posts/nvd-CVE-2026-43530/ Shimi's Cyber World en 2026-05-05T15:16:19+03:00 OpenClaw Vulnerability CVE-2026-43530 Undermines Exec Approvalvulnerability, cve, high-severity, cwe-863 https://shimiscyberworld.com/posts/nvd-CVE-2026-43526/ Shimi's Cyber World en 2026-05-05T15:16:18+03:00 CVE-2026-43526: OpenClaw QQBot SSRF Flaw Exposes Content Fetchingvulnerability, cve, high-severity, server-side-request-forgery, cwe-918 https://shimiscyberworld.com/posts/nvd-CVE-2026-42439/ Shimi's Cyber World en 2026-05-05T15:16:18+03:00 OpenClaw Server-Side Request Forgery Policy Bypass (CVE-2026-42439)vulnerability, cve, high-severity, server-side-request-forgery, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2026-42435/ Shimi's Cyber World en 2026-05-05T15:16:17+03:00 OpenClaw CVE-2026-42435: Shell Wrapper Vulnerability Allows Environment Variable Injectionvulnerability, cve, high-severity, cwe-184 https://shimiscyberworld.com/posts/nvd-CVE-2026-42434/ Shimi's Cyber World en 2026-05-05T15:16:17+03:00 OpenClaw Sandbox Escape (CVE-2026-42434) Allows Remote Executionvulnerability, cve, high-severity, cwe-863 https://shimiscyberworld.com/posts/nvd-CVE-2023-54348/ Shimi's Cyber World en 2026-05-05T15:16:17+03:00 ERPGo SaaS 3.9 CSV Injection Allows RCE via Vendor Fieldsvulnerability, cve, high-severity, cwe-1236 https://shimiscyberworld.com/posts/nvd-CVE-2023-54345/ Shimi's Cyber World en 2026-05-05T15:16:16+03:00 Frappe Framework ERPNext Sandbox Escape Allows RCE via CVE-2023-54345vulnerability, cve, high-severity, cwe-94 https://shimiscyberworld.com/posts/nvd-CVE-2023-54344/ Shimi's Cyber World en 2026-05-05T15:16:16+03:00 Eclipse Equinox OSGi RCE: Critical Vulnerability Exposes Consoles to Unauthenticated Attackersvulnerability, cve, critical, high-severity, remote-code-execution, cwe-306 https://shimiscyberworld.com/posts/nvd-CVE-2023-54342/ Shimi's Cyber World en 2026-05-05T15:16:15+03:00 Eclipse Equinox OSGi RCE: Critical Vulnerability Allows Unauthenticated Code Executionvulnerability, cve, critical, high-severity, remote-code-execution, cwe-306 https://shimiscyberworld.com/posts/critical-remote-code-execution-vulnerability-patched-in-andr-lhq61/ Shimi's Cyber World en 2026-05-05T14:58:44+03:00 Android Critical RCE Vulnerability Patched in System Componentthreat-intel, vulnerability https://shimiscyberworld.com/posts/the-back-door-attackers-know-about-and-most-security-teams-7alcq/ Shimi's Cyber World en 2026-05-05T14:58:00+03:00 OAuth Tokens: The Persistent Backdoor Most Teams Missthreat-intel, vulnerability, microsoft, identity, tools https://shimiscyberworld.com/posts/metinfo-cms-cve-2026-29014-exploited-for-remote-code-executi-tppez/ Shimi's Cyber World en 2026-05-05T14:56:00+03:00 MetInfo CMS CVE-2026-29014 Exploited for RCE Attacksthreat-intel, vulnerability