https://shimiscyberworld.com/posts/nvd-CVE-2026-7037/ Shimi's Cyber World en 2026-04-26T15:16:23+03:00 CVE-2026-7037: Totolink A8000RU Critical OS Command Injectionvulnerability, cve, critical, high-severity, command-injection, cwe-77, cwe-78 https://shimiscyberworld.com/posts/nvd-CVE-2026-7036/ Shimi's Cyber World en 2026-04-26T15:16:22+03:00 Tenda i9 Path Traversal (CVE-2026-7036) Exposes Networks to Remote Exploitationvulnerability, cve, high-severity, path-traversal, cwe-22 https://shimiscyberworld.com/posts/nvd-CVE-2026-7035/ Shimi's Cyber World en 2026-04-26T15:16:22+03:00 Tenda FH1202 Router Vulnerability (CVE-2026-7035) Exposes Networksvulnerability, cve, high-severity, buffer-overflow, cwe-119, cwe-121 https://shimiscyberworld.com/posts/nvd-CVE-2026-7034/ Shimi's Cyber World en 2026-04-26T15:16:21+03:00 CVE-2026-7034: Tenda FH1202 Router Hit by High-Severity Buffer Overflowvulnerability, cve, high-severity, buffer-overflow, cwe-119, cwe-121 https://shimiscyberworld.com/posts/nvd-CVE-2026-7033/ Shimi's Cyber World en 2026-04-26T14:16:06+03:00 Tenda F456 Buffer Overflow (CVE-2026-7033) Exposes Routersvulnerability, cve, high-severity, buffer-overflow, cwe-119, cwe-120 https://shimiscyberworld.com/posts/nvd-CVE-2026-7032/ Shimi's Cyber World en 2026-04-26T14:16:06+03:00 CVE-2026-7032: Tenda F456 Router Buffer Overflow Exploited Remotelyvulnerability, cve, high-severity, buffer-overflow, cwe-119, cwe-120 https://shimiscyberworld.com/posts/telegram-1427288221-8823/ Shimi's Cyber World en 2026-04-26T13:39:55+03:00 El Al Phishing Campaign Spreads Malware, National Cyber Directorate Warnsisrael https://shimiscyberworld.com/posts/nvd-CVE-2026-7031/ Shimi's Cyber World en 2026-04-26T13:16:02+03:00 Tenda F456 Buffer Overflow (CVE-2026-7031) Publicly Exploitablevulnerability, cve, high-severity, buffer-overflow, cwe-119, cwe-120 https://shimiscyberworld.com/posts/nvd-CVE-2026-7030/ Shimi's Cyber World en 2026-04-26T13:16:01+03:00 CVE-2026-7030: Tenda F456 Router Buffer Overflow Exposes Networksvulnerability, cve, high-severity, buffer-overflow, cwe-119, cwe-120 https://shimiscyberworld.com/posts/nvd-CVE-2026-7029/ Shimi's Cyber World en 2026-04-26T12:16:19+03:00 CVE-2026-7029: Tenda F456 Buffer Overflow Exposes Routers to Remote Attacksvulnerability, cve, high-severity, buffer-overflow, cwe-119, cwe-120 https://shimiscyberworld.com/posts/nvd-CVE-2026-7028/ Shimi's Cyber World en 2026-04-26T12:16:19+03:00 CVE-2026-7028 — CodeAstro Online Job Portal SQL Injectionvulnerability, cve, medium-severity, sql-injection, cwe-74, cwe-89 https://shimiscyberworld.com/posts/telegram-1427288221-8822/ Shimi's Cyber World en 2026-04-26T11:26:32+03:00 GitHub Employee Token Exposed: Thousands of Secrets in Cloud Dev Environmentsisrael, tools https://shimiscyberworld.com/posts/nvd-CVE-2026-7026/ Shimi's Cyber World en 2026-04-26T11:16:01+03:00 CVE-2026-7026 — Some Unknown Processing Of The Component System Information Vulnerabilityvulnerability, cve, medium-severity, cwe-79, cwe-94 https://shimiscyberworld.com/posts/nvd-CVE-2026-7025/ Shimi's Cyber World en 2026-04-26T11:16:00+03:00 Typecho SSRF Vulnerability (CVE-2026-7025) Publicly Exploitablevulnerability, cve, high-severity, server-side-request-forgery, cwe-918 https://shimiscyberworld.com/posts/nvd-CVE-2026-7024/ Shimi's Cyber World en 2026-04-26T10:16:03+03:00 CVE-2026-7024 — Rawchen Sims Path Traversalvulnerability, cve, medium-severity, path-traversal, cwe-22 https://shimiscyberworld.com/posts/nvd-CVE-2026-7023/ Shimi's Cyber World en 2026-04-26T10:16:03+03:00 CVE-2026-7023 — ByteDance Coze-Studio SQL Injectionvulnerability, cve, medium-severity, sql-injection, cwe-74, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-7022/ Shimi's Cyber World en 2026-04-26T09:16:02+03:00 CVE-2026-7022: SmythOS Improper Authentication Vulnerability Publicly Disclosedvulnerability, cve, high-severity, cwe-287 https://shimiscyberworld.com/posts/nvd-CVE-2026-7020/ Shimi's Cyber World en 2026-04-26T08:16:02+03:00 CVE-2026-7020 — Ollama Path Traversalvulnerability, cve, medium-severity, path-traversal, cwe-22 https://shimiscyberworld.com/posts/nvd-CVE-2026-7019/ Shimi's Cyber World en 2026-04-26T08:16:01+03:00 Tenda F456 Router Vulnerability (CVE-2026-7019) Exposes Networks to Remote Attacksvulnerability, cve, high-severity, buffer-overflow, cwe-119, cwe-120 https://shimiscyberworld.com/posts/telegram-1427288221-8818/ Shimi's Cyber World en 2026-04-26T07:20:07+03:00 Lapsus Group Claims Checkmarx Breach, Dumps 100GB of Dataisrael https://shimiscyberworld.com/posts/nvd-CVE-2026-7018/ Shimi's Cyber World en 2026-04-26T07:16:09+03:00 CVE-2026-7018 — A vulnerability was determined in Datavane Datavines up tovulnerability, cve, medium-severity, cwe-320, cwe-321 https://shimiscyberworld.com/posts/nvd-CVE-2026-42255/ Shimi's Cyber World en 2026-04-26T07:16:05+03:00 Technitium DNS Server Vulnerability Allows DNS Amplification Attacksvulnerability, cve, high-severity, cwe-684 https://shimiscyberworld.com/posts/telegram-1427288221-8817/ Shimi's Cyber World en 2026-04-26T06:39:11+03:00 Purrlend Suffers $1.5M Crypto Heist, Insider Suspectedisrael https://shimiscyberworld.com/posts/nvd-CVE-2026-42254/ Shimi's Cyber World en 2026-04-26T06:15:59+03:00 CVE-2026-42254 — Hickory DNS hickory-recursor 0.1 through 0.25.2 allowsvulnerability, cve, medium-severity, cwe-706 https://shimiscyberworld.com/posts/nvd-CVE-2026-7002/ Shimi's Cyber World en 2026-04-26T01:16:19+03:00 CVE-2026-7002: KLiK SocialMediaWebsite SQLi Poses Remote Riskvulnerability, cve, high-severity, sql-injection, cwe-74, cwe-89 https://shimiscyberworld.com/posts/daily-digest/ Shimi's Cyber World en 2026-04-25T23:00:00+03:00 Daily Security Digest — 2026-04-25daily-digest, vulnerability, cve, high-severity, buffer-overflow, cwe-119, cwe-120, command-injection, cwe-77, cwe-78 https://shimiscyberworld.com/posts/telegram-1427288221-8815/ Shimi's Cyber World en 2026-04-25T22:38:30+03:00 Rituals Cosmetics Suffers Data Breach, Customer PII Exposedisrael https://shimiscyberworld.com/posts/nvd-CVE-2026-6994/ Shimi's Cyber World en 2026-04-25T22:16:00+03:00 CVE-2026-6994 — A weakness has been identified in Envoy up to 1.33.0.vulnerability, cve, medium-severity, cwe-74, cwe-707 https://shimiscyberworld.com/posts/nvd-CVE-2026-6993/ Shimi's Cyber World en 2026-04-25T22:16:00+03:00 CVE-2026-6993 — Go-Kratos Kratos Vulnerabilityvulnerability, cve, medium-severity, cwe-441 https://shimiscyberworld.com/posts/nvd-CVE-2026-6992/ Shimi's Cyber World en 2026-04-25T21:16:19+03:00 Linksys MR9600 RCE: Critical OS Command Injection Vulnerabilityvulnerability, cve, high-severity, command-injection, cwe-77, cwe-78 https://shimiscyberworld.com/posts/nvd-CVE-2026-6991/ Shimi's Cyber World en 2026-04-25T21:16:19+03:00 CVE-2026-6991 — SQL Injectionvulnerability, cve, medium-severity, sql-injection, cwe-74, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-6989/ Shimi's Cyber World en 2026-04-25T21:16:18+03:00 CVE-2026-6989 — Tenda F453 Command Injectionvulnerability, cve, medium-severity, command-injection, cwe-74, cwe-77 https://shimiscyberworld.com/posts/nvd-CVE-2026-6988/ Shimi's Cyber World en 2026-04-25T21:16:17+03:00 Tenda HG10 Router Buffer Overflow (CVE-2026-6988) Exposes Remote Attackvulnerability, cve, high-severity, buffer-overflow, cwe-119, cwe-120 https://shimiscyberworld.com/posts/nvd-CVE-2026-6987/ Shimi's Cyber World en 2026-04-25T20:16:33+03:00 CVE-2026-6987: PicoClaw Web Launcher Command Injectionvulnerability, cve, high-severity, command-injection, cwe-74, cwe-77 https://shimiscyberworld.com/posts/nvd-CVE-2026-6985/ Shimi's Cyber World en 2026-04-25T20:16:33+03:00 CVE-2026-6985 — The Function Handle_opt Of The File /Src/Net_builtin.C Of Th Vulnerabilityvulnerability, cve, medium-severity, cwe-404, cwe-835 https://shimiscyberworld.com/posts/nvd-CVE-2026-6984/ Shimi's Cyber World en 2026-04-25T19:16:17+03:00 CVE-2026-6984 — AstrBotDevs AstrBot Vulnerabilityvulnerability, cve, medium-severity, cwe-791, cwe-1336 https://shimiscyberworld.com/posts/nvd-CVE-2026-6983/ Shimi's Cyber World en 2026-04-25T19:16:16+03:00 CVE-2026-6983 — Pagekit Server-Side Request Forgeryvulnerability, cve, medium-severity, server-side-request-forgery, cwe-918 https://shimiscyberworld.com/posts/telegram-1373735086-4998/ Shimi's Cyber World en 2026-04-25T18:40:29+03:00 Legal Sector Under Siege: 31 Ransomware Attacks in Seven Daysdarkweb, threat-intel, ransomware, malware, data-breach, darkfeed https://shimiscyberworld.com/posts/telegram-1373735086-4997/ Shimi's Cyber World en 2026-04-25T18:26:55+03:00 Global Payment Provider, Government Entity Hit in Major Data Leaksdarkweb, threat-intel, ransomware, vulnerability, data-breach https://shimiscyberworld.com/posts/nvd-CVE-2026-6982/ Shimi's Cyber World en 2026-04-25T18:16:17+03:00 CVE-2026-6982 — SQL Injectionvulnerability, cve, medium-severity, sql-injection, cwe-74, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-6981/ Shimi's Cyber World en 2026-04-25T18:16:17+03:00 CVE-2026-6981 — IhateCreatingUserNames2 AiraHub2 Server-Side Request Forgeryvulnerability, cve, medium-severity, server-side-request-forgery, cwe-918 https://shimiscyberworld.com/posts/telegram-1542954397-4539/ Shimi's Cyber World en 2026-04-25T17:30:15+03:00 UK's NCSC Releases SilentGlass to Block Malicious Display Traffic https://shimiscyberworld.com/posts/nvd-CVE-2026-6980/ Shimi's Cyber World en 2026-04-25T17:16:00+03:00 CVE-2026-6980: Divyanshu-hash GitPilot-MCP Command Injectionvulnerability, cve, high-severity, command-injection, cwe-74, cwe-77 https://shimiscyberworld.com/posts/nvd-CVE-2026-6979/ Shimi's Cyber World en 2026-04-25T15:15:59+03:00 CVE-2026-6979 — Devlikeapro WAHA Server-Side Request Forgeryvulnerability, cve, medium-severity, server-side-request-forgery, cwe-918 https://shimiscyberworld.com/posts/nvd-CVE-2026-6978/ Shimi's Cyber World en 2026-04-25T15:15:59+03:00 CVE-2026-6978 — JiZhiCMS SQL Injectionvulnerability, cve, medium-severity, sql-injection, cwe-74, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-6977/ Shimi's Cyber World en 2026-04-25T14:16:19+03:00 CVE-2026-6977: Vanna-AI Legacy Flask API Improper Authorizationvulnerability, cve, high-severity, cwe-266, cwe-285 https://shimiscyberworld.com/posts/researchers-uncover-pre-stuxnet-fast16-malware-targeting-e-xp1qr/ Shimi's Cyber World en 2026-04-25T12:26:00+03:00 Pre-Stuxnet 'fast16' Malware Targeted Engineering Software in 2005threat-intel, vulnerability, malware, tools https://shimiscyberworld.com/posts/nvd-CVE-2026-6951/ Shimi's Cyber World en 2026-04-25T09:16:16+03:00 simple-git RCE: Incomplete Fix Leaves Critical Vulnerability Openvulnerability, cve, critical, high-severity, remote-code-execution, cwe-94 https://shimiscyberworld.com/posts/adt-confirms-data-breach-after-shinyhunters-leak-threat-thhhr/ Shimi's Cyber World en 2026-04-25T01:53:14+03:00 ADT Confirms Data Breach After ShinyHunters Extortion Threatthreat-intel, data-breach, malware, ransomware https://shimiscyberworld.com/posts/nvd-CVE-2026-42171/ Shimi's Cyber World en 2026-04-25T01:16:01+03:00 CVE-2026-42171: NSIS Privilege Escalation Vulnerabilityvulnerability, cve, high-severity, cwe-427 https://shimiscyberworld.com/posts/the-npm-threat-landscape-attack-surface-and-mitigations-8o65q/ Shimi's Cyber World en 2026-04-25T00:40:33+03:00 npm Supply Chain Evolves: Wormable Malware, CI/CD Persistence Detectedthreat-intel, apt, malware, research https://shimiscyberworld.com/posts/nvd-CVE-2026-41481/ Shimi's Cyber World en 2026-04-25T00:16:19+03:00 CVE-2026-41481 — Server-Side Request Forgeryvulnerability, cve, medium-severity, server-side-request-forgery, cwe-918 https://shimiscyberworld.com/posts/nvd-CVE-2026-41478/ Shimi's Cyber World en 2026-04-25T00:16:19+03:00 Saltcorn SQL Injection (CVE-2026-41478) Exposes Sensitive Datavulnerability, cve, critical, high-severity, sql-injection, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-41248/ Shimi's Cyber World en 2026-04-25T00:16:18+03:00 CVE-2026-41248: Clerk Auth Bypass Exposes Critical Web Applicationsvulnerability, cve, critical, high-severity, cwe-436, cwe-863 https://shimiscyberworld.com/posts/firestarter-malware-survives-cisco-firewall-updates-securit-jd7v0/ Shimi's Cyber World en 2026-04-24T23:34:08+03:00 Cisco Firestarter Malware Persists Through Updatesthreat-intel, data-breach, malware, vulnerability https://shimiscyberworld.com/posts/tgr-sta-1030-new-activity-in-central-and-south-america-26fh7/ Shimi's Cyber World en 2026-04-24T23:30:19+03:00 TGR-STA-1030: Persistent Threat to Central and South Americathreat-intel, apt, malware, research, microsoft https://shimiscyberworld.com/posts/windows-update-gets-new-controls-to-reduce-forced-restarts-1g7ek/ Shimi's Cyber World en 2026-04-24T23:08:26+03:00 Microsoft Windows Update Gets New Controls to Reduce Forced Restartsthreat-intel, data-breach, malware, microsoft https://shimiscyberworld.com/posts/daily-digest/ Shimi's Cyber World en 2026-04-24T23:00:00+03:00 Daily Security Digest — 2026-04-24daily-digest, vulnerability, cve, high-severity, cwe-1321, cwe-113, cwe-183, cwe-441, cwe-918, critical https://shimiscyberworld.com/posts/nvd-CVE-2026-41492/ Shimi's Cyber World en 2026-04-24T22:17:14+03:00 Dgraph CVE-2026-41492: Unauthenticated Admin Token Exposure Via /debug/varsvulnerability, cve, critical, high-severity, cwe-200 https://shimiscyberworld.com/posts/nvd-CVE-2026-41421/ Shimi's Cyber World en 2026-04-24T22:17:13+03:00 CVE-2026-41421: SiYuan Desktop RCE via HTML Notification Abusevulnerability, cve, high-severity, code-execution, cwe-78, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-41419/ Shimi's Cyber World en 2026-04-24T22:17:13+03:00 4ga Boards Path Traversal Vulnerability Exposes Local Files (CVE-2026-41419)vulnerability, cve, high-severity, path-traversal, cwe-22 https://shimiscyberworld.com/posts/nvd-CVE-2026-41418/ Shimi's Cyber World en 2026-04-24T22:17:13+03:00 CVE-2026-41418 — 4ga Boards is a boards system for realtime projectvulnerability, cve, medium-severity, cwe-208 https://shimiscyberworld.com/posts/nvd-CVE-2026-41414/ Shimi's Cyber World en 2026-04-24T22:17:13+03:00 CVE-2026-41414: Skim Fuzzy Finder Vulnerability Exposes GitHub Tokensvulnerability, cve, high-severity, cwe-94 https://shimiscyberworld.com/posts/nvd-CVE-2026-41328/ Shimi's Cyber World en 2026-04-24T22:17:12+03:00 Dgraph CVE-2026-41328: Unauthenticated Data Read Access Critical Flawvulnerability, cve, critical, high-severity, cwe-943 https://shimiscyberworld.com/posts/nvd-CVE-2026-41327/ Shimi's Cyber World en 2026-04-24T22:17:12+03:00 CVE-2026-41327: Dgraph GraphQL Database Critical Unauthenticated Data Readvulnerability, cve, critical, high-severity, cwe-943 https://shimiscyberworld.com/posts/nvd-CVE-2026-33666/ Shimi's Cyber World en 2026-04-24T22:17:10+03:00 CVE-2026-33666: Zserio BitStreamReader Overflow Bypasses Bounds Checkvulnerability, cve, high-severity, cwe-190 https://shimiscyberworld.com/posts/nvd-CVE-2026-33662/ Shimi's Cyber World en 2026-04-24T22:17:09+03:00 CVE-2026-33662: OP-TEE RSA Padding Underflow Leads to Crashvulnerability, cve, high-severity, cwe-190 https://shimiscyberworld.com/posts/nvd-CVE-2026-33524/ Shimi's Cyber World en 2026-04-24T22:17:09+03:00 Zserio DoS: Crafted Payload Triggers Massive Memory Allocationvulnerability, cve, high-severity, denial-of-service, cwe-789 https://shimiscyberworld.com/posts/iran-s-cyber-threat-may-be-less-shock-and-awe-than-low-an-fpsjf/ Shimi's Cyber World en 2026-04-24T22:15:00+03:00 Iran Cyber Threat: Low-and-Slow Opportunism, Not 'Shock and Awe'threat-intel, data-breach, government https://shimiscyberworld.com/posts/adt-says-customer-data-stolen-in-cyber-intrusion-jcwup/ Shimi's Cyber World en 2026-04-24T21:45:00+03:00 ADT Customer Data Stolen in Cyber Intrusionthreat-intel, data-breach, government https://shimiscyberworld.com/posts/nvd-CVE-2026-42044/ Shimi's Cyber World en 2026-04-24T21:16:31+03:00 CVE-2026-42044 — Privilege Escalationvulnerability, cve, medium-severity, privilege-escalation, cwe-915, cwe-1321 https://shimiscyberworld.com/posts/nvd-CVE-2026-42043/ Shimi's Cyber World en 2026-04-24T21:16:31+03:00 Axios CVE-2026-42043: NO_PROXY Bypass Vulnerabilityvulnerability, cve, high-severity, cwe-183, cwe-441, cwe-918 https://shimiscyberworld.com/posts/nvd-CVE-2026-42042/ Shimi's Cyber World en 2026-04-24T21:16:31+03:00 CVE-2026-42042 — Axios is a promise based HTTP client for the browser andvulnerability, cve, medium-severity, cwe-183, cwe-201 https://shimiscyberworld.com/posts/nvd-CVE-2026-42041/ Shimi's Cyber World en 2026-04-24T21:16:31+03:00 CVE-2026-42041 — Axios is a promise based HTTP client for the browser andvulnerability, cve, medium-severity, cwe-287, cwe-1321 https://shimiscyberworld.com/posts/nvd-CVE-2026-42038/ Shimi's Cyber World en 2026-04-24T21:16:30+03:00 CVE-2026-42038 — Axios is a promise based HTTP client for the browser andvulnerability, cve, medium-severity, cwe-918 https://shimiscyberworld.com/posts/nvd-CVE-2026-42037/ Shimi's Cyber World en 2026-04-24T21:16:30+03:00 CVE-2026-42037 — Axios is a promise based HTTP client for the browser andvulnerability, cve, medium-severity, cwe-93 https://shimiscyberworld.com/posts/nvd-CVE-2026-42036/ Shimi's Cyber World en 2026-04-24T21:16:30+03:00 CVE-2026-42036 — Axios is a promise based HTTP client for the browser andvulnerability, cve, medium-severity, cwe-770 https://shimiscyberworld.com/posts/nvd-CVE-2026-42035/ Shimi's Cyber World en 2026-04-24T21:16:30+03:00 Axios CVE-2026-42035: Prototype Pollution Leads to Header Injectionvulnerability, cve, high-severity, cwe-113, cwe-1321 https://shimiscyberworld.com/posts/nvd-CVE-2026-42034/ Shimi's Cyber World en 2026-04-24T21:16:30+03:00 CVE-2026-42034 — Axios is a promise based HTTP client for the browser andvulnerability, cve, medium-severity, cwe-770 https://shimiscyberworld.com/posts/nvd-CVE-2026-42033/ Shimi's Cyber World en 2026-04-24T21:16:29+03:00 CVE-2026-42033: Axios Prototype Pollution Allows Response Tampering, HTTP Hijackingvulnerability, cve, high-severity, cwe-1321 https://shimiscyberworld.com/posts/nvd-CVE-2026-41322/ Shimi's Cyber World en 2026-04-24T21:16:28+03:00 CVE-2026-41322 — @astrojs/node allows Astro to deploy your SSR site to Nodevulnerability, cve, medium-severity, cwe-525 https://shimiscyberworld.com/posts/microsoft-to-roll-out-entra-passkeys-on-windows-in-late-apri-luumc/ Shimi's Cyber World en 2026-04-24T21:13:55+03:00 Microsoft Entra Passkeys Roll Out to Windows Devicesthreat-intel, data-breach, malware, microsoft, identity, phishing https://shimiscyberworld.com/posts/nvd-CVE-2026-6912/ Shimi's Cyber World en 2026-04-24T20:16:22+03:00 AWS Cognito Flaw Grants Deployment Admin Privilegesvulnerability, cve, high-severity, cwe-915 https://shimiscyberworld.com/posts/nvd-CVE-2026-6911/ Shimi's Cyber World en 2026-04-24T20:16:22+03:00 Critical JWT Bypass in AWS Ops Wheel Grants Admin Accessvulnerability, cve, critical, high-severity, cwe-347 https://shimiscyberworld.com/posts/nvd-CVE-2026-41411/ Shimi's Cyber World en 2026-04-24T20:16:22+03:00 CVE-2026-41411 — Command Injectionvulnerability, cve, medium-severity, command-injection, cwe-78 https://shimiscyberworld.com/posts/nvd-CVE-2026-41079/ Shimi's Cyber World en 2026-04-24T20:16:21+03:00 CVE-2026-41079 — Out-of-Bounds $1vulnerability, cve, medium-severity, out-of-bounds-1, cwe-125, cwe-200 https://shimiscyberworld.com/posts/nvd-CVE-2026-41067/ Shimi's Cyber World en 2026-04-24T20:16:21+03:00 CVE-2026-41067 — Astro is a web framework. Prior to 6.1.6, thevulnerability, cve, medium-severity, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-41066/ Shimi's Cyber World en 2026-04-24T20:16:20+03:00 lxml XML Parsing Vulnerability Exposes Local Filesvulnerability, cve, high-severity, cwe-611 https://shimiscyberworld.com/posts/nvd-CVE-2026-40897/ Shimi's Cyber World en 2026-04-24T20:16:20+03:00 Critical RCE in Math.js Expression Parser (CVE-2026-40897)vulnerability, cve, high-severity, cwe-915 https://shimiscyberworld.com/posts/pentagon-grapples-with-securing-ai-as-it-moves-toward-autono-34zqn/ Shimi's Cyber World en 2026-04-24T20:14:00+03:00 Pentagon Grapples with Securing AI in Autonomous Warfarethreat-intel, data-breach, government https://shimiscyberworld.com/posts/nvd-CVE-2026-39920/ Shimi's Cyber World en 2026-04-24T19:16:36+03:00 Critical RCE in BridgeHead FileStore via Default Axis2 Credentialsvulnerability, cve, critical, high-severity, cwe-1188, cwe-1391 https://shimiscyberworld.com/posts/nvd-CVE-2026-42095/ Shimi's Cyber World en 2026-04-24T18:16:48+03:00 CVE-2026-42095 — bookserver in KDE Arianna before 26.04.1 allows attackersvulnerability, cve, medium-severity, cwe-306 https://shimiscyberworld.com/posts/norway-s-prime-minister-proposes-ban-on-social-media-access-k0yg1/ Shimi's Cyber World en 2026-04-24T17:41:00+03:00 Norway Proposes Social Media Ban for Young Teensthreat-intel, data-breach, government, tools https://shimiscyberworld.com/posts/in-other-news-unauthorized-mythos-access-plankey-cisa-nomi-90z3p/ Shimi's Cyber World en 2026-04-24T17:31:51+03:00 Mythos Unauthorized Access, CISA Nom Withdrawal, New Display Securitythreat-intel, vulnerability, data-breach https://shimiscyberworld.com/posts/nasa-employees-duped-in-chinese-phishing-scheme-targeting-u-j2hj6/ Shimi's Cyber World en 2026-04-24T17:13:00+03:00 China Targets NASA with Phishing for Defense Softwarethreat-intel, vulnerability, cloud, microsoft, phishing https://shimiscyberworld.com/posts/toronto-police-arrest-three-in-canada-s-first-mobile-sms-bla-3lai4/ Shimi's Cyber World en 2026-04-24T16:45:00+03:00 Canada's First SMS Blaster Arrests: A Shift in Phishing Tacticsthreat-intel, data-breach, government, phishing https://shimiscyberworld.com/posts/nvd-CVE-2026-5367/ Shimi's Cyber World en 2026-04-24T16:16:21+03:00 OVN Out-of-Bounds Read Exposes Heap Memory via DHCPv6vulnerability, cve, high-severity, out-of-bounds-1, cwe-130 https://shimiscyberworld.com/posts/nvd-CVE-2026-5265/ Shimi's Cyber World en 2026-04-24T16:16:21+03:00 CVE-2026-5265 — When generating an ICMP Destination Unreachable or Packetvulnerability, cve, medium-severity, cwe-130 https://shimiscyberworld.com/posts/nvd-CVE-2026-21515/ Shimi's Cyber World en 2026-04-24T16:16:03+03:00 Critical Azure IoT Central Flaw Exposes Sensitive Data, Allows Privilege Escalationvulnerability, cve, critical, high-severity, cwe-200 https://shimiscyberworld.com/posts/north-korea-s-lazarus-targets-macos-users-via-clickfix-jr0ng/ Shimi's Cyber World en 2026-04-24T16:00:00+03:00 Lazarus Targets macOS via ClickFix: North Korea's New Attack Vectorthreat-intel, tools https://shimiscyberworld.com/posts/telegram-1707304340-2291/ Shimi's Cyber World en 2026-04-24T15:57:25+03:00 Ransomware Costs Spike: VPNs and SonicWall Exploitedisrael, malware, ransomware, cloud