https://shimiscyberworld.com/posts/nvd-CVE-2026-7782/ Shimi's Cyber World en 2026-05-05T02:16:01+03:00 CVE-2026-7782 — CodeCanyon Perfex CRM Vulnerabilityvulnerability, cve, medium-severity, cwe-285, cwe-639 https://shimiscyberworld.com/posts/nvd-CVE-2026-7781/ Shimi's Cyber World en 2026-05-05T02:16:01+03:00 CVE-2026-7781 — Open5GS Denial of Servicevulnerability, cve, medium-severity, denial-of-service, cwe-404 https://shimiscyberworld.com/posts/nvd-CVE-2026-7791/ Shimi's Cyber World en 2026-05-05T01:16:20+03:00 Amazon WorkSpaces Escalation: Local User to SYSTEM via Log Rotationvulnerability, cve, high-severity, privilege-escalation, cwe-367 https://shimiscyberworld.com/posts/nvd-CVE-2026-7780/ Shimi's Cyber World en 2026-05-05T01:16:20+03:00 CVE-2026-7780 — Denial of Servicevulnerability, cve, medium-severity, denial-of-service, cwe-404 https://shimiscyberworld.com/posts/nvd-CVE-2026-7776/ Shimi's Cyber World en 2026-05-05T01:16:20+03:00 CVE-2026-7776: Boundary Workers Vulnerable to DoS During TLS Handshakesvulnerability, cve, high-severity, cwe-770 https://shimiscyberworld.com/posts/weaver-e-cology-critical-bug-exploited-in-attacks-since-marc-iah2c/ Shimi's Cyber World en 2026-05-05T01:12:57+03:00 Weaver E-cology Critical Bug Exploited in Attacks Since Marchthreat-intel, data-breach, malware, vulnerability, microsoft https://shimiscyberworld.com/posts/nvd-CVE-2026-7779/ Shimi's Cyber World en 2026-05-05T00:16:33+03:00 CVE-2026-7779 — Open5GS Denial of Servicevulnerability, cve, medium-severity, denial-of-service, cwe-404 https://shimiscyberworld.com/posts/nvd-CVE-2026-42223/ Shimi's Cyber World en 2026-05-05T00:16:32+03:00 CVE-2026-42223 — Nginx UI is a web user interface for the Nginx web server.vulnerability, cve, medium-severity, cwe-200 https://shimiscyberworld.com/posts/nvd-CVE-2026-42222/ Shimi's Cyber World en 2026-05-05T00:16:32+03:00 Nginx UI Vulnerability: Unauthenticated Bootstrap Takeover (CVE-2026-42222)vulnerability, cve, high-severity, cwe-284, cwe-306 https://shimiscyberworld.com/posts/nvd-CVE-2026-42221/ Shimi's Cyber World en 2026-05-05T00:16:32+03:00 CVE-2026-42221: Nginx UI Admin Takeover Vulnerabilityvulnerability, cve, high-severity, cwe-306 https://shimiscyberworld.com/posts/nvd-CVE-2026-42220/ Shimi's Cyber World en 2026-05-05T00:16:31+03:00 CVE-2026-42220 — Nginx UI is a web user interface for the Nginx web server.vulnerability, cve, medium-severity, cwe-200, cwe-863 https://shimiscyberworld.com/posts/telegram-1427288221-8875/ Shimi's Cyber World en 2026-05-04T23:43:52+03:00 Handala Group Claims Fujairah Port Cyberattack Amid Missile Strikesisrael https://shimiscyberworld.com/posts/nvd-CVE-2026-7768/ Shimi's Cyber World en 2026-05-04T23:16:21+03:00 CVE-2026-7768: Fastify Accepts-Serializer DoS Vulnerabilityvulnerability, cve, high-severity, cwe-770 https://shimiscyberworld.com/posts/nvd-CVE-2026-6321/ Shimi's Cyber World en 2026-05-04T23:16:20+03:00 CVE-2026-6321: fast-uri Path Normalization Bypassvulnerability, cve, high-severity, cwe-22 https://shimiscyberworld.com/posts/daily-digest/ Shimi's Cyber World en 2026-05-04T23:00:00+03:00 Daily Security Digest — 2026-05-04daily-digest, vulnerability, cve, high-severity, command-injection, cwe-94, critical, out-of-bounds-1, cwe-125, privilege-escalation https://shimiscyberworld.com/posts/nvd-CVE-2026-42154/ Shimi's Cyber World en 2026-05-04T22:16:04+03:00 Prometheus CVE-2026-42154: Unauthenticated Memory Exhaustion Vulnerabilityvulnerability, cve, high-severity, cwe-400, cwe-789 https://shimiscyberworld.com/posts/nvd-CVE-2026-42151/ Shimi's Cyber World en 2026-05-04T22:16:04+03:00 Prometheus Azure AD OAuth Secret Exposed via Plaintext Configvulnerability, cve, high-severity, cwe-200, cwe-312 https://shimiscyberworld.com/posts/nvd-CVE-2026-25863/ Shimi's Cyber World en 2026-05-04T22:16:02+03:00 CVE-2026-25863: WordPress Plugin DoS Vulnerability Hits Contact Form 7vulnerability, cve, high-severity, cwe-1284 https://shimiscyberworld.com/posts/exploit-cyber-frenzy-threatens-millions-via-critical-cpanel-9twsz/ Shimi's Cyber World en 2026-05-04T22:14:14+03:00 cPanel Authentication Bypass Vulnerability Exploited in the Wildthreat-intel, tools, vulnerability, identity https://shimiscyberworld.com/posts/cisco-moves-to-acquire-astrix-security-to-tackle-non-human-i-lo620/ Shimi's Cyber World en 2026-05-04T22:00:26+03:00 Cisco Acquires Astrix Security to Secure Non-Human Identitiesthreat-intel, vulnerability, identity, ai-security https://shimiscyberworld.com/posts/nvd-CVE-2026-43616/ Shimi's Cyber World en 2026-05-04T21:16:32+03:00 Detect-It-Easy Path Traversal Allows Arbitrary File Writes, Code Executionvulnerability, cve, high-severity, code-execution, cwe-23 https://shimiscyberworld.com/posts/nvd-CVE-2026-42796/ Shimi's Cyber World en 2026-05-04T21:16:32+03:00 Arelle RCE: Unauthenticated Remote Code Execution in REST Endpointvulnerability, cve, critical, high-severity, remote-code-execution, cwe-306 https://shimiscyberworld.com/posts/nvd-CVE-2026-42146/ Shimi's Cyber World en 2026-05-04T21:16:31+03:00 CVE-2026-42146 — CImg Library is a C++ library for image processing. Priorvulnerability, cve, medium-severity, cwe-789 https://shimiscyberworld.com/posts/nvd-CVE-2026-42144/ Shimi's Cyber World en 2026-05-04T21:16:31+03:00 CVE-2026-42144 — Buffer Overflowvulnerability, cve, medium-severity, buffer-overflow, cwe-190 https://shimiscyberworld.com/posts/nvd-CVE-2026-42092/ Shimi's Cyber World en 2026-05-04T21:16:31+03:00 CVE-2026-42092 — titra is an open source time tracking project. In versionvulnerability, cve, medium-severity, cwe-200 https://shimiscyberworld.com/posts/nvd-CVE-2026-42091/ Shimi's Cyber World en 2026-05-04T21:16:31+03:00 CVE-2026-42091 — Arbitrary File Accessvulnerability, cve, medium-severity, arbitrary-file-access, cwe-352 https://shimiscyberworld.com/posts/nvd-CVE-2026-42088/ Shimi's Cyber World en 2026-05-04T21:16:31+03:00 OpenC3 COSMOS Critical Script Runner Bypass (CVE-2026-42088)vulnerability, cve, critical, high-severity, cwe-250 https://shimiscyberworld.com/posts/nvd-CVE-2026-42087/ Shimi's Cyber World en 2026-05-04T21:16:30+03:00 OpenC3 COSMOS TSDB SQL Injection Flaw Exposes Critical Systemsvulnerability, cve, critical, high-severity, sql-injection, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-42086/ Shimi's Cyber World en 2026-05-04T21:16:30+03:00 CVE-2026-42086 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-42084/ Shimi's Cyber World en 2026-05-04T21:16:30+03:00 CVE-2026-42084: OpenC3 COSMOS Allows Password Change Without Old Passwordvulnerability, cve, high-severity, cwe-620 https://shimiscyberworld.com/posts/nvd-CVE-2026-41572/ Shimi's Cyber World en 2026-05-04T21:16:29+03:00 CVE-2026-41572 — Note Mark is an open-source note-taking application. Priorvulnerability, cve, medium-severity, cwe-285 https://shimiscyberworld.com/posts/nvd-CVE-2026-41571/ Shimi's Cyber World en 2026-05-04T21:16:29+03:00 CVE-2026-41571: Note Mark Critical Auth Bypassvulnerability, cve, critical, high-severity, cwe-287 https://shimiscyberworld.com/posts/nvd-CVE-2026-41471/ Shimi's Cyber World en 2026-05-04T21:16:29+03:00 CVE-2026-41471: PayPal Events WordPress Plugin Exposes All Customer Ordersvulnerability, cve, high-severity, information-disclosure, cwe-639 https://shimiscyberworld.com/posts/nvd-CVE-2026-32834/ Shimi's Cyber World en 2026-05-04T21:16:27+03:00 CVE-2026-32834: WordPress Easy PayPal Plugin Authentication Bypassvulnerability, cve, high-severity, authentication-bypass, cwe-798 https://shimiscyberworld.com/posts/nvd-CVE-2026-29004/ Shimi's Cyber World en 2026-05-04T21:16:26+03:00 BusyBox udhcpc6 Heap Overflow (CVE-2026-29004) Exposes Embedded Systemsvulnerability, cve, high-severity, code-execution, cwe-122 https://shimiscyberworld.com/posts/phishing-campaign-hits-80-orgs-using-simplehelp-and-screenc-gxd4y/ Shimi's Cyber World en 2026-05-04T21:06:00+03:00 Phishing Campaign Leverages SimpleHelp, ScreenConnect RMM to Hit 80+ Orgsthreat-intel, vulnerability, phishing, tools, the-hacker-news https://shimiscyberworld.com/posts/educational-company-infrastructure-reports-cyber-incident-6eypo/ Shimi's Cyber World en 2026-05-04T20:19:00+03:00 Infrastructure Education Company Reports Cyber Incident, User Data Exposedthreat-intel, data-breach, government, microsoft https://shimiscyberworld.com/posts/nvd-CVE-2026-42812/ Shimi's Cyber World en 2026-05-04T20:16:26+03:00 Apache Iceberg CVE-2026-42812 Bypasses Metadata Location Validationvulnerability, cve, critical, high-severity, cwe-20, cwe-284, cwe-732, cwe-863 https://shimiscyberworld.com/posts/nvd-CVE-2026-42811/ Shimi's Cyber World en 2026-05-04T20:16:26+03:00 CVE-2026-42811: Apache Polaris Credential Bypass Exposes Cloud Storagevulnerability, cve, critical, high-severity, cwe-20, cwe-917 https://shimiscyberworld.com/posts/nvd-CVE-2026-42810/ Shimi's Cyber World en 2026-05-04T20:16:26+03:00 CVE-2026-42810: Apache Polaris S3 Wildcard Vulnerability Creates Critical Data Riskvulnerability, cve, critical, high-severity, cwe-20, cwe-116 https://shimiscyberworld.com/posts/nvd-CVE-2026-42809/ Shimi's Cyber World en 2026-05-04T20:16:26+03:00 CVE-2026-42809: Apache Polaris Critical Credential Vulnerabilityvulnerability, cve, critical, high-severity, cwe-20, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2026-42376/ Shimi's Cyber World en 2026-05-04T20:16:26+03:00 CVE-2026-42376: D-Link DIR-456U EOL Router Exposes Critical Backdoorvulnerability, cve, critical, high-severity, cwe-798 https://shimiscyberworld.com/posts/nvd-CVE-2026-42375/ Shimi's Cyber World en 2026-05-04T20:16:25+03:00 D-Link DIR-600L EOL Router Exposes Critical Telnet Backdoorvulnerability, cve, critical, high-severity, cwe-798 https://shimiscyberworld.com/posts/nvd-CVE-2026-42374/ Shimi's Cyber World en 2026-05-04T20:16:25+03:00 D-Link DIR-600L EOL Router Has Hardcoded Telnet Backdoorvulnerability, cve, critical, high-severity, cwe-798 https://shimiscyberworld.com/posts/nvd-CVE-2026-42373/ Shimi's Cyber World en 2026-05-04T20:16:25+03:00 D-Link DIR-605L EOL Router Hit by Critical Telnet Backdoorvulnerability, cve, critical, high-severity, cwe-798 https://shimiscyberworld.com/posts/nvd-CVE-2026-42076/ Shimi's Cyber World en 2026-05-04T20:16:24+03:00 CVE-2026-42076: Evolver Engine RCE Puts AI Agents at Riskvulnerability, cve, critical, high-severity, remote-code-execution, cwe-78 https://shimiscyberworld.com/posts/nvd-CVE-2026-26956/ Shimi's Cyber World en 2026-05-04T20:16:22+03:00 vm2 Sandbox Escape Vulnerability (CVE-2026-26956) Allows Critical Code Executionvulnerability, cve, critical, high-severity, code-execution, cwe-693 https://shimiscyberworld.com/posts/nvd-CVE-2026-26332/ Shimi's Cyber World en 2026-05-04T20:16:22+03:00 vm2 Sandbox Escape (CVE-2026-26332) Exposes Node.js Apps to RCEvulnerability, cve, critical, high-severity, cwe-94, cwe-693 https://shimiscyberworld.com/posts/nvd-CVE-2026-25293/ Shimi's Cyber World en 2026-05-04T20:16:22+03:00 CVE-2026-25293: Critical PLC Buffer Overflow Puts Industrial Control Systems at Riskvulnerability, cve, critical, high-severity, buffer-overflow, cwe-863 https://shimiscyberworld.com/posts/nvd-CVE-2026-24781/ Shimi's Cyber World en 2026-05-04T20:16:21+03:00 VM2 Sandbox Escape Vulnerability (CVE-2026-24781) Exposes Node.js Applicationsvulnerability, cve, critical, high-severity, cwe-94, cwe-693 https://shimiscyberworld.com/posts/nvd-CVE-2026-24120/ Shimi's Cyber World en 2026-05-04T20:16:21+03:00 CVE-2026-24120: vm2 Sandbox Escape Allows Host Command Executionvulnerability, cve, critical, high-severity, cwe-94, cwe-693 https://shimiscyberworld.com/posts/nvd-CVE-2026-24118/ Shimi's Cyber World en 2026-05-04T20:16:21+03:00 VM2 Sandbox Breakout Vulnerability: Critical Flaw Exposes Node.js Applicationsvulnerability, cve, critical, high-severity, cwe-94, cwe-693 https://shimiscyberworld.com/posts/forbes-preliminarily-agrees-to-pay-10-million-to-settle-cal-hnn8u/ Shimi's Cyber World en 2026-05-04T19:49:00+03:00 Forbes Agrees to $10 Million Settlement in Wiretapping Lawsuitthreat-intel, data-breach, government, cloud, tools https://shimiscyberworld.com/posts/ransomware-group-claims-breach-of-pro-orb-n-hungarian-media-b2s6y/ Shimi's Cyber World en 2026-05-04T18:23:00+03:00 Ransomware Group Claims Breach of Hungarian Media Firm Mediaworksthreat-intel, data-breach, government, malware, ransomware https://shimiscyberworld.com/posts/telegram-1427288221-8874/ Shimi's Cyber World en 2026-05-04T18:18:34+03:00 Cisco Acquires Israeli Startup Astrix for $400M to Combat Non-Human Identitiesisrael https://shimiscyberworld.com/posts/weekly-recap-ai-powered-phishing-android-spying-tool-li-y3gu1/ Shimi's Cyber World en 2026-05-04T17:23:00+03:00 AI Phishing, Android Spyware, Linux Exploit, GitHub RCE Headline Weekly Threatsthreat-intel, vulnerability, data-breach, phishing, tools https://shimiscyberworld.com/posts/nvd-CVE-2026-6266/ Shimi's Cyber World en 2026-05-04T17:16:35+03:00 CVE-2026-6266: AAP Gateway Email Auto-Link Flaw Allows Account Hijackvulnerability, cve, high-severity, cwe-305 https://shimiscyberworld.com/posts/nvd-CVE-2026-34032/ Shimi's Cyber World en 2026-05-04T17:16:33+03:00 CVE-2026-34032 — Apache HTTP Server: Out-of-Bounds $1vulnerability, cve, medium-severity, out-of-bounds-1, cwe-125, cwe-170 https://shimiscyberworld.com/posts/nvd-CVE-2026-33857/ Shimi's Cyber World en 2026-05-04T17:16:33+03:00 CVE-2026-33857 — Apache HTTP Server: Out-of-Bounds $1vulnerability, cve, medium-severity, out-of-bounds-1, cwe-125 https://shimiscyberworld.com/posts/nvd-CVE-2026-31205/ Shimi's Cyber World en 2026-05-04T17:16:32+03:00 CVE-2026-31205 — Pluck CMS Before V.4.7.21dev Vulnerabilityvulnerability, cve, medium-severity https://shimiscyberworld.com/posts/nvd-CVE-2025-58074/ Shimi's Cyber World en 2026-05-04T17:16:28+03:00 Norton Secure VPN Privilege Escalation via Microsoft Store (CVE-2025-58074)vulnerability, cve, high-severity, privilege-escalation, cwe-1386 https://shimiscyberworld.com/posts/nvd-CVE-2026-7482/ Shimi's Cyber World en 2026-05-04T16:16:01+03:00 CVE-2026-7482: Critical Ollama Heap Out-of-Bounds Read Exposes Sensitive AI Datavulnerability, cve, critical, high-severity, out-of-bounds-1, cwe-125 https://shimiscyberworld.com/posts/progress-warns-of-critical-moveit-automation-auth-bypass-fla-unrgi/ Shimi's Cyber World en 2026-05-04T15:18:57+03:00 MOVEit Automation Critical Auth Bypass Flaw Requires Immediate Patchthreat-intel, data-breach, malware, vulnerability, identity https://shimiscyberworld.com/posts/nvd-CVE-2026-3120/ Shimi's Cyber World en 2026-05-04T15:16:29+03:00 SambaBox CVE-2026-3120: High-Severity OS Command Injectionvulnerability, cve, high-severity, command-injection, cwe-94 https://shimiscyberworld.com/posts/2026-the-year-of-ai-assisted-attacks-izhod/ Shimi's Cyber World en 2026-05-04T14:58:00+03:00 Kaikatsu Club Breach: 17-Year-Old Exposes 7 Million Users for Pokémon Cardsthreat-intel, vulnerability https://shimiscyberworld.com/posts/silver-fox-deploys-abcdoor-malware-via-tax-themed-phishing-i-vmto2/ Shimi's Cyber World en 2026-05-04T14:57:00+03:00 Silver Fox Deploys ABCDoor Malware via Tax Phishing in India and Russiathreat-intel, vulnerability, malware, phishing https://shimiscyberworld.com/posts/cisa-says-copy-fail-flaw-now-exploited-to-root-linux-syste-6jlid/ Shimi's Cyber World en 2026-05-04T14:28:15+03:00 CISA Warns: 'Copy Fail' Linux Root Vulnerability Actively Exploitedthreat-intel, data-breach, malware, vulnerability https://shimiscyberworld.com/posts/nvd-CVE-2026-7750/ Shimi's Cyber World en 2026-05-04T13:16:01+03:00 Totolink N300RH RCE: CVE-2026-7750 Buffer Overflow Affects Remote Managementvulnerability, cve, high-severity, buffer-overflow, cwe-119, cwe-120 https://shimiscyberworld.com/posts/nvd-CVE-2026-7749/ Shimi's Cyber World en 2026-05-04T13:16:01+03:00 Totolink N300RH Router Hit by High-Severity Buffer Overflow Vulnerability (CVE-2026-7749)vulnerability, cve, high-severity, buffer-overflow, cwe-119, cwe-120 https://shimiscyberworld.com/posts/nvd-CVE-2026-7748/ Shimi's Cyber World en 2026-05-04T13:16:00+03:00 Totolink N300RH Buffer Overflow (CVE-2026-7748) Remotely Exploitablevulnerability, cve, high-severity, buffer-overflow, cwe-119, cwe-120 https://shimiscyberworld.com/posts/nvd-CVE-2026-33846/ Shimi's Cyber World en 2026-05-04T13:15:59+03:00 GnuTLS DTLS Heap Overflow (CVE-2026-33846) Poses Remote Threatvulnerability, cve, high-severity, buffer-overflow, cwe-130 https://shimiscyberworld.com/posts/critical-cpanel-vulnerability-weaponized-to-target-governmen-71rj3/ Shimi's Cyber World en 2026-05-04T12:27:00+03:00 cPanel Vulnerability Weaponized Against Gov, Military, and MSPsthreat-intel, vulnerability https://shimiscyberworld.com/posts/telegram-1427288221-8870/ Shimi's Cyber World en 2026-05-04T12:20:16+03:00 cPanel Exploited: Over 40,000 Systems Compromised Globallyisrael https://shimiscyberworld.com/posts/nvd-CVE-2026-7747/ Shimi's Cyber World en 2026-05-04T12:16:01+03:00 Totolink N300RH Critical Buffer Overflow: Public Exploit Availablevulnerability, cve, critical, high-severity, buffer-overflow, cwe-119, cwe-120 https://shimiscyberworld.com/posts/nvd-CVE-2026-7746/ Shimi's Cyber World en 2026-05-04T12:16:00+03:00 CVE-2026-7746 — SourceCodester Web-Based Pharmacy Product Management System SQL Injectionvulnerability, cve, medium-severity, sql-injection, cwe-74, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-7745/ Shimi's Cyber World en 2026-05-04T12:16:00+03:00 CVE-2026-7745 — SQL Injectionvulnerability, cve, medium-severity, sql-injection, cwe-74, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2025-14320/ Shimi's Cyber World en 2026-05-04T12:15:59+03:00 CVE-2025-14320: Critical XSS in Tegsoft Online Support Applicationvulnerability, cve, critical, high-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/telegram-1427288221-8868/ Shimi's Cyber World en 2026-05-04T11:38:19+03:00 Cyber News - Erez Dasa Debunks Stormous Claims and Crocs Israel Breachisrael https://shimiscyberworld.com/posts/telegram-1427288221-8867/ Shimi's Cyber World en 2026-05-04T11:33:57+03:00 Barshai Company Email Compromise Spreads Malicious Emailsisrael https://shimiscyberworld.com/posts/nvd-CVE-2026-7744/ Shimi's Cyber World en 2026-05-04T11:16:03+03:00 CVE-2026-7744 — CodeAstro Online Classroom SQL Injectionvulnerability, cve, medium-severity, sql-injection, cwe-74, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-7743/ Shimi's Cyber World en 2026-05-04T11:16:02+03:00 CVE-2026-7743 — CodeAstro Online Classroom SQL Injectionvulnerability, cve, medium-severity, sql-injection, cwe-74, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-7742/ Shimi's Cyber World en 2026-05-04T11:16:02+03:00 CVE-2026-7742 — CodeAstro Online Classroom SQL Injectionvulnerability, cve, medium-severity, sql-injection, cwe-74, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-7741/ Shimi's Cyber World en 2026-05-04T11:16:02+03:00 CVE-2026-7741 — CodeAstro Online Classroom SQL Injectionvulnerability, cve, medium-severity, sql-injection, cwe-74, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-7738/ Shimi's Cyber World en 2026-05-04T10:16:01+03:00 CVE-2026-7738 — Puchunjie Doc-Tools-Mcp Path Traversalvulnerability, cve, medium-severity, path-traversal, cwe-22 https://shimiscyberworld.com/posts/nvd-CVE-2026-7737/ Shimi's Cyber World en 2026-05-04T10:16:01+03:00 CVE-2026-7737 — Osrg GoBGP Out-of-Bounds $1vulnerability, cve, medium-severity, out-of-bounds-1, cwe-119, cwe-125 https://shimiscyberworld.com/posts/nvd-CVE-2026-7736/ Shimi's Cyber World en 2026-05-04T10:16:01+03:00 CVE-2026-7736: GoBGP Integer Underflow Threatens BGP Routingvulnerability, cve, high-severity, cwe-189, cwe-191 https://shimiscyberworld.com/posts/edtech-firm-instructure-discloses-data-breach-amid-hacker-le-hu96u/ Shimi's Cyber World en 2026-05-04T10:02:51+03:00 Instructure Data Breach: Student Data Stolen, Services Disruptedthreat-intel, vulnerability, data-breach https://shimiscyberworld.com/posts/a-week-in-security-april-27-8211-may-3-rww0r/ Shimi's Cyber World en 2026-05-04T10:01:00+03:00 cPanel Bug Exposes Millions of Websites to Takeovermalware, threat-intel, ransomware, vulnerability, microsoft https://shimiscyberworld.com/posts/nvd-CVE-2026-7735/ Shimi's Cyber World en 2026-05-04T09:16:02+03:00 osrg GoBGP Buffer Overflow (CVE-2026-7735) Poses Remote Threatvulnerability, cve, high-severity, buffer-overflow, cwe-119, cwe-120 https://shimiscyberworld.com/posts/nvd-CVE-2026-7734/ Shimi's Cyber World en 2026-05-04T09:16:02+03:00 CVE-2026-7734 — Osrg GoBGP Denial of Servicevulnerability, cve, medium-severity, denial-of-service, cwe-404 https://shimiscyberworld.com/posts/nvd-CVE-2026-7733/ Shimi's Cyber World en 2026-05-04T09:16:02+03:00 CVE-2026-7733: funadmin Unrestricted File Upload Exposes Systemsvulnerability, cve, high-severity, unrestricted-file-upload, cwe-284, cwe-434 https://shimiscyberworld.com/posts/nvd-CVE-2026-7732/ Shimi's Cyber World en 2026-05-04T09:16:01+03:00 CVE-2026-7732 — Code-Projects BloodBank Managing System Unrestricted File Uploadvulnerability, cve, medium-severity, unrestricted-file-upload, cwe-284, cwe-434 https://shimiscyberworld.com/posts/nvd-CVE-2026-7731/ Shimi's Cyber World en 2026-05-04T09:16:01+03:00 CVE-2026-7731 — Code-Projects BloodBank Managing System SQL Injectionvulnerability, cve, medium-severity, sql-injection, cwe-74, cwe-89 https://shimiscyberworld.com/posts/global-crackdown-arrests-276-shuts-9-crypto-scam-centers-s-ks2j6/ Shimi's Cyber World en 2026-05-04T08:59:00+03:00 Global Law Enforcement Cracks Down on Crypto Scam Centers, Arrests 276threat-intel, vulnerability https://shimiscyberworld.com/posts/nvd-CVE-2026-7730/ Shimi's Cyber World en 2026-05-04T08:16:01+03:00 CVE-2026-7730 — Command Injectionvulnerability, cve, medium-severity, command-injection, cwe-77, cwe-78 https://shimiscyberworld.com/posts/nvd-CVE-2026-7729/ Shimi's Cyber World en 2026-05-04T08:16:01+03:00 CVE-2026-7729 — Pixelsock Directus-Mcp Server-Side Request Forgeryvulnerability, cve, medium-severity, server-side-request-forgery, cwe-918 https://shimiscyberworld.com/posts/nvd-CVE-2026-7728/ Shimi's Cyber World en 2026-05-04T08:16:00+03:00 CVE-2026-7728 — Ryanjoachim Mcp-Rtfm Path Traversalvulnerability, cve, medium-severity, path-traversal, cwe-22 https://shimiscyberworld.com/posts/nvd-CVE-2026-7727/ Shimi's Cyber World en 2026-05-04T08:16:00+03:00 CVE-2026-7727: Shandong Hoteam Software PDM SQL Injectionvulnerability, cve, high-severity, sql-injection, cwe-74, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-7725/ Shimi's Cyber World en 2026-05-04T08:16:00+03:00 CVE-2026-7725 — PrefectHQ Prefect Vulnerabilityvulnerability, cve, medium-severity, cwe-74, cwe-88 https://shimiscyberworld.com/posts/reborn-gaming-126-breached-accounts-qxmv4/ Shimi's Cyber World en 2026-05-04T06:43:06+03:00 Reborn Gaming Breach: cPanel/WHM Vulnerability Exposes User Datadata-breach, vulnerability https://shimiscyberworld.com/posts/nvd-CVE-2026-7724/ Shimi's Cyber World en 2026-05-04T06:16:13+03:00 CVE-2026-7724 — PrefectHQ Prefect Vulnerabilityvulnerability, cve, medium-severity, cwe-362, cwe-367 https://shimiscyberworld.com/posts/nvd-CVE-2026-7723/ Shimi's Cyber World en 2026-05-04T06:16:13+03:00 CVE-2026-7723: PrefectHQ Prefect WebSocket Lacks Authenticationvulnerability, cve, high-severity, cwe-287, cwe-306 https://shimiscyberworld.com/posts/nvd-CVE-2026-7722/ Shimi's Cyber World en 2026-05-04T06:16:12+03:00 CVE-2026-7722 — PrefectHQ Prefect Vulnerabilityvulnerability, cve, medium-severity, cwe-287 https://shimiscyberworld.com/posts/nvd-CVE-2026-7721/ Shimi's Cyber World en 2026-05-04T06:16:12+03:00 CVE-2026-7721 — Totolink WA300 5.2cu.7112_B20190227 Command Injectionvulnerability, cve, medium-severity, command-injection, cwe-74, cwe-77 https://shimiscyberworld.com/posts/nvd-CVE-2026-7720/ Shimi's Cyber World en 2026-05-04T05:15:58+03:00 CVE-2026-7720 — Command Injectionvulnerability, cve, medium-severity, command-injection, cwe-74, cwe-77 https://shimiscyberworld.com/posts/nvd-CVE-2026-7719/ Shimi's Cyber World en 2026-05-04T05:15:58+03:00 Totolink WA300 Critical Buffer Overflow (CVE-2026-7719) Exploitedvulnerability, cve, critical, high-severity, buffer-overflow, cwe-119, cwe-120 https://shimiscyberworld.com/posts/nvd-CVE-2026-7718/ Shimi's Cyber World en 2026-05-04T05:15:58+03:00 CVE-2026-7718 — Totolink WA300 5.2cu.7112_B20190227 Command Injectionvulnerability, cve, medium-severity, command-injection, cwe-74, cwe-77 https://shimiscyberworld.com/posts/nvd-CVE-2026-7713/ Shimi's Cyber World en 2026-05-04T03:16:40+03:00 CVE-2026-7713 — Crocodilestick Calibre-Web-Automated Vulnerabilityvulnerability, cve, medium-severity, cwe-266, cwe-285 https://shimiscyberworld.com/posts/nvd-CVE-2026-7712/ Shimi's Cyber World en 2026-05-04T03:16:39+03:00 CVE-2026-7712 — MindsDB Insecure Deserializationvulnerability, cve, medium-severity, insecure-deserialization, cwe-20, cwe-502 https://shimiscyberworld.com/posts/nvd-CVE-2026-7711/ Shimi's Cyber World en 2026-05-04T03:16:39+03:00 MindsDB Unrestricted File Upload (CVE-2026-7711) Poses Remote Threatvulnerability, cve, high-severity, unrestricted-file-upload, cwe-284, cwe-434 https://shimiscyberworld.com/posts/nvd-CVE-2026-7710/ Shimi's Cyber World en 2026-05-04T03:16:39+03:00 CVE-2026-7710: YunaiV yudao-cloud Improper Authentication Flawvulnerability, cve, high-severity, cwe-287 https://shimiscyberworld.com/posts/nvd-CVE-2026-6948/ Shimi's Cyber World en 2026-05-04T03:16:39+03:00 CVE-2026-6948 — Velociraptor versions prior to 0.76.4 contain a resourcevulnerability, cve, medium-severity, cwe-770 https://shimiscyberworld.com/posts/nvd-CVE-2026-7709/ Shimi's Cyber World en 2026-05-04T02:16:42+03:00 CVE-2026-7709 — Janeczku Calibre-Web Vulnerabilityvulnerability, cve, medium-severity, cwe-266, cwe-285 https://shimiscyberworld.com/posts/nvd-CVE-2026-7708/ Shimi's Cyber World en 2026-05-04T02:16:42+03:00 CVE-2026-7708 — Denial of Servicevulnerability, cve, medium-severity, denial-of-service, cwe-404 https://shimiscyberworld.com/posts/nvd-CVE-2026-7707/ Shimi's Cyber World en 2026-05-04T02:16:42+03:00 CVE-2026-7707 — Open5GS Denial of Servicevulnerability, cve, medium-severity, denial-of-service, cwe-404 https://shimiscyberworld.com/posts/nvd-CVE-2026-7706/ Shimi's Cyber World en 2026-05-04T02:16:41+03:00 CVE-2026-7706 — Open5GS Denial of Servicevulnerability, cve, medium-severity, denial-of-service, cwe-404 https://shimiscyberworld.com/posts/nvd-CVE-2026-7705/ Shimi's Cyber World en 2026-05-04T02:16:41+03:00 CVE-2026-7705 — JD Cloud JDCOS 4.5.1.R4518 Command Injectionvulnerability, cve, medium-severity, command-injection, cwe-74, cwe-77 https://shimiscyberworld.com/posts/marcus-millichap-1-837-078-breached-accounts-cqfcx/ Shimi's Cyber World en 2026-05-04T01:53:12+03:00 Marcus & Millichap Breach: ShinyHunters Leaks 1.8M Recordsdata-breach, tools https://shimiscyberworld.com/posts/instructure-confirms-data-breach-shinyhunters-claims-attack-hwvmu/ Shimi's Cyber World en 2026-05-04T01:16:27+03:00 Instructure Confirms Data Breach as ShinyHunters Claims Attackthreat-intel, data-breach, malware https://shimiscyberworld.com/posts/daily-digest/ Shimi's Cyber World en 2026-05-03T23:00:00+03:00 Daily Security Digest — 2026-05-03daily-digest, vulnerability, cve, high-severity, sql-injection, cwe-74, cwe-89, command-injection, cwe-77, cwe-78 https://shimiscyberworld.com/posts/microsoft-defender-wrongly-flags-digicert-certs-as-trojan-wi-aktp2/ Shimi's Cyber World en 2026-05-03T21:11:25+03:00 Microsoft Defender Flags DigiCert Certificates as Trojanthreat-intel, data-breach, malware, microsoft https://shimiscyberworld.com/posts/nvd-CVE-2026-7704/ Shimi's Cyber World en 2026-05-03T20:16:13+03:00 CVE-2026-7704 — AV Stumpfl Pixera Two Media Server Path Traversalvulnerability, cve, medium-severity, path-traversal, cwe-22 https://shimiscyberworld.com/posts/nvd-CVE-2026-7703/ Shimi's Cyber World en 2026-05-03T20:16:13+03:00 AV Stumpfl Pixera Two Media Server Websocket API Code Injectionvulnerability, cve, high-severity, cwe-74, cwe-94 https://shimiscyberworld.com/posts/us-military-reaches-deals-with-7-tech-companies-to-use-their-7pkym/ Shimi's Cyber World en 2026-05-03T19:21:36+03:00 US Military Taps Google, Microsoft, AWS for Classified AIthreat-intel, vulnerability, microsoft https://shimiscyberworld.com/posts/nvd-CVE-2026-7702/ Shimi's Cyber World en 2026-05-03T19:15:57+03:00 CVE-2026-7702 — Toeverything AFFiNE Vulnerabilityvulnerability, cve, medium-severity, cwe-285, cwe-639 https://shimiscyberworld.com/posts/nvd-CVE-2026-7701/ Shimi's Cyber World en 2026-05-03T19:15:57+03:00 CVE-2026-7701 — Telegram Desktop Null Pointer Dereferencevulnerability, cve, medium-severity, null-pointer-dereference, cwe-404, cwe-476 https://shimiscyberworld.com/posts/nvd-CVE-2026-7700/ Shimi's Cyber World en 2026-05-03T18:15:59+03:00 CVE-2026-7700 — The Function Eval Of The File Src/Lfx/Src/Lfx/Components/Llm Vulnerabilityvulnerability, cve, medium-severity, cwe-74, cwe-94 https://shimiscyberworld.com/posts/nvd-CVE-2026-7699/ Shimi's Cyber World en 2026-05-03T18:15:59+03:00 CVE-2026-7699 — Dromara MaxKey SQL Injectionvulnerability, cve, medium-severity, sql-injection, cwe-74, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-7698/ Shimi's Cyber World en 2026-05-03T17:16:27+03:00 Tiandy Easy7 RCE: Unauthenticated OS Command Injection via updateDbBackupInfovulnerability, cve, high-severity, command-injection, cwe-77, cwe-78 https://shimiscyberworld.com/posts/nvd-CVE-2026-7697/ Shimi's Cyber World en 2026-05-03T17:16:26+03:00 CVE-2026-7697 — SQL Injectionvulnerability, cve, medium-severity, sql-injection, cwe-74, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-7696/ Shimi's Cyber World en 2026-05-03T16:16:09+03:00 CVE-2026-7696 — Acrel Electrical EEMS Enterprise Power Operation And Mainten Unrestricted File Uploadvulnerability, cve, medium-severity, unrestricted-file-upload, cwe-284, cwe-434 https://shimiscyberworld.com/posts/nvd-CVE-2026-7695/ Shimi's Cyber World en 2026-05-03T16:16:08+03:00 Acrel Electrical EEMS Platform Hit by High-Severity SQL Injectionvulnerability, cve, high-severity, sql-injection, cwe-74, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-7694/ Shimi's Cyber World en 2026-05-03T15:15:59+03:00 Acrel Electrical ECEMS SQLi (CVE-2026-7694) Exposes Microgrid Systemsvulnerability, cve, high-severity, sql-injection, cwe-74, cwe-89 https://shimiscyberworld.com/posts/incd-alert_1993/ Shimi's Cyber World en 2026-05-03T15:00:00+03:00 Targeted Phishing Campaign Active in Israel Exploits Compromised Email Accountsincd, israel, advisory, alert https://shimiscyberworld.com/posts/nvd-CVE-2026-7692/ Shimi's Cyber World en 2026-05-03T14:16:13+03:00 CVE-2026-7692 — Wavlink WL-WN570HA1 R70HA1 V1410_221110 Command Injectionvulnerability, cve, medium-severity, command-injection, cwe-74, cwe-77 https://shimiscyberworld.com/posts/nvd-CVE-2026-7691/ Shimi's Cyber World en 2026-05-03T14:16:13+03:00 CVE-2026-7691 — Wavlink WL-WN570HA1 R70HA1 V1410_221110 Command Injectionvulnerability, cve, medium-severity, command-injection, cwe-74, cwe-77 https://shimiscyberworld.com/posts/nvd-CVE-2026-7690/ Shimi's Cyber World en 2026-05-03T13:16:17+03:00 CVE-2026-7690 — The Function Set_sys_adm Of The File /Cgi-Bin/Adm.Cgi Command Injectionvulnerability, cve, medium-severity, command-injection, cwe-74, cwe-77 https://shimiscyberworld.com/posts/nvd-CVE-2026-7688/ Shimi's Cyber World en 2026-05-03T13:16:17+03:00 CVE-2026-7688 — Dolibarr ERP CRM SQL Injectionvulnerability, cve, medium-severity, sql-injection, cwe-74, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-7686/ Shimi's Cyber World en 2026-05-03T11:16:01+03:00 CVE-2026-7686 — Eyeo Adblock Plus Improper Access Controlvulnerability, cve, medium-severity, improper-access-control, cwe-266, cwe-284 https://shimiscyberworld.com/posts/nvd-CVE-2026-7685/ Shimi's Cyber World en 2026-05-03T10:16:25+03:00 Edimax BR-6208AC Buffer Overflow: Remote Exploit Public (CVE-2026-7685)vulnerability, cve, high-severity, buffer-overflow, cwe-119, cwe-120 https://shimiscyberworld.com/posts/nvd-CVE-2026-7684/ Shimi's Cyber World en 2026-05-03T10:16:25+03:00 Edimax BR-6428nC Buffer Overflow (CVE-2026-7684) Exposed, High Severityvulnerability, cve, high-severity, buffer-overflow, cwe-119, cwe-120 https://shimiscyberworld.com/posts/nvd-CVE-2026-7683/ Shimi's Cyber World en 2026-05-03T10:16:25+03:00 CVE-2026-7683 — An Unknown Function Of The File /Goform/SetWAN Of The Compon Command Injectionvulnerability, cve, medium-severity, command-injection, cwe-74, cwe-77 https://shimiscyberworld.com/posts/nvd-CVE-2026-7682/ Shimi's Cyber World en 2026-05-03T10:16:24+03:00 CVE-2026-7682 — Edimax BR-6208AC Command Injectionvulnerability, cve, medium-severity, command-injection, cwe-74, cwe-77 https://shimiscyberworld.com/posts/nvd-CVE-2026-7681/ Shimi's Cyber World en 2026-05-03T09:15:58+03:00 CVE-2026-7681 — Jsbroks COCO Annotator Vulnerabilityvulnerability, cve, medium-severity, cwe-285, cwe-639 https://shimiscyberworld.com/posts/nvd-CVE-2026-7680/ Shimi's Cyber World en 2026-05-03T09:15:57+03:00 CVE-2026-7680 — Path Traversalvulnerability, cve, medium-severity, path-traversal, cwe-22 https://shimiscyberworld.com/posts/nvd-CVE-2026-5063/ Shimi's Cyber World en 2026-05-03T09:15:57+03:00 CVE-2026-5063: NEX-Forms WordPress Plugin Stored XSSvulnerability, cve, high-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-7679/ Shimi's Cyber World en 2026-05-03T08:15:59+03:00 YunaiV yudao-cloud Authentication Bypass (CVE-2026-7679) Publicly Exploitedvulnerability, cve, high-severity, cwe-287 https://shimiscyberworld.com/posts/nvd-CVE-2026-7678/ Shimi's Cyber World en 2026-05-03T08:15:59+03:00 CVE-2026-7678 — YunaiV Yudao-Cloud SQL Injectionvulnerability, cve, medium-severity, sql-injection, cwe-74, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-7676/ Shimi's Cyber World en 2026-05-03T08:15:58+03:00 CVE-2026-7676 — Kerwincui FastBee Path Traversalvulnerability, cve, medium-severity, path-traversal, cwe-22 https://shimiscyberworld.com/posts/nvd-CVE-2026-7675/ Shimi's Cyber World en 2026-05-03T06:16:15+03:00 CVE-2026-7675: Shenzhen Libituo LBT-T300-HW1 Buffer Overflow Exposedvulnerability, cve, high-severity, buffer-overflow, cwe-119, cwe-120 https://shimiscyberworld.com/posts/nvd-CVE-2026-7674/ Shimi's Cyber World en 2026-05-03T05:17:12+03:00 CVE-2026-7674: Libituo LBT-T300-HW1 Buffer Overflow Poses Remote Riskvulnerability, cve, high-severity, buffer-overflow, cwe-119, cwe-120 https://shimiscyberworld.com/posts/nvd-CVE-2026-7673/ Shimi's Cyber World en 2026-05-03T05:17:12+03:00 CVE-2026-7673 — Crmeb_java Unrestricted File Uploadvulnerability, cve, medium-severity, unrestricted-file-upload, cwe-284, cwe-434 https://shimiscyberworld.com/posts/nvd-CVE-2026-7672/ Shimi's Cyber World en 2026-05-03T03:16:16+03:00 CVE-2026-7672 — Youlaitech Youlai-Boot SQL Injectionvulnerability, cve, medium-severity, sql-injection, cwe-74, cwe-89