https://shimiscyberworld.com/posts/2026-05-18-nvd-CVE-2026-47090/ Shimi's Cyber World en 2026-05-20T21:56:00+03:00 https://shimiscyberworld.com/posts/telegram-1427288221-8957/ Shimi's Cyber World en 2026-05-20T21:55:27+03:00 Dozens of Israeli Business Sites Defaced by Iranian Actorsisrael https://shimiscyberworld.com/posts/nvd-CVE-2026-20240/ Shimi's Cyber World en 2026-05-20T21:16:26+03:00 CVE-2026-20240 — Denial of Servicevulnerability, cve, medium-severity, denial-of-service, cwe-20 https://shimiscyberworld.com/posts/nvd-CVE-2026-20239/ Shimi's Cyber World en 2026-05-20T21:16:26+03:00 Splunk Enterprise, Cloud Vulnerability Exposes Session Cookies, Sensitive Datavulnerability, cve, high-severity, cwe-532 https://shimiscyberworld.com/posts/nvd-CVE-2026-20238/ Shimi's Cyber World en 2026-05-20T21:16:26+03:00 CVE-2026-20238 — In Splunk AI Toolkit versions below 5.7.3, a low-privilegedvulnerability, cve, medium-severity, cwe-863 https://shimiscyberworld.com/posts/telegram-1542954397-4602/ Shimi's Cyber World en 2026-05-20T21:02:25+03:00 LΣҒΔ𝕽ΩLL 🇮🇱 Exposes Sophisticated Social Engineering Tacticstelegram https://shimiscyberworld.com/posts/ftc-warns-12-major-tech-firms-of-violating-take-it-down-act-gm2ex/ Shimi's Cyber World en 2026-05-20T20:29:00+03:00 FTC Warns 12 Major Tech Firms Over Take It Down Act Violationsthreat-intel, data-breach, government https://shimiscyberworld.com/posts/nvd-CVE-2026-9101/ Shimi's Cyber World en 2026-05-20T20:16:32+03:00 CVE-2026-9101 — Prototype pollution in csv parsing logic during import canvulnerability, cve, medium-severity, cwe-1321 https://shimiscyberworld.com/posts/nvd-CVE-2026-9100/ Shimi's Cyber World en 2026-05-20T20:16:32+03:00 CVE-2026-9100 — Out-of-Bounds $1vulnerability, cve, medium-severity, out-of-bounds-1, cwe-1285 https://shimiscyberworld.com/posts/nvd-CVE-2026-9087/ Shimi's Cyber World en 2026-05-20T20:16:32+03:00 CVE-2026-9087 — Keycloak Vulnerabilityvulnerability, cve, medium-severity, cwe-639 https://shimiscyberworld.com/posts/nvd-CVE-2026-7613/ Shimi's Cyber World en 2026-05-20T20:16:29+03:00 PixelYourSite WordPress Plugin Vulnerable to Stored XSS (CVE-2026-7613)vulnerability, cve, high-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-20223/ Shimi's Cyber World en 2026-05-20T20:16:20+03:00 Cisco Secure Workload Critical RCE: Unauthenticated Site Admin Accessvulnerability, cve, critical, high-severity, cwe-306 https://shimiscyberworld.com/posts/nvd-CVE-2026-20206/ Shimi's Cyber World en 2026-05-20T20:16:20+03:00 CVE-2026-20206 — The BrowserBot Component Of Cisco ThousandEyes Enterprise Ag Vulnerabilityvulnerability, cve, medium-severity, cwe-78 https://shimiscyberworld.com/posts/nvd-CVE-2026-20199/ Shimi's Cyber World en 2026-05-20T20:16:20+03:00 CVE-2026-20199 — The SSL Certificate Handling Of Cisco ThousandEyes Virtual A Vulnerabilityvulnerability, cve, medium-severity, cwe-74 https://shimiscyberworld.com/posts/nvd-CVE-2026-20171/ Shimi's Cyber World en 2026-05-20T20:16:19+03:00 CVE-2026-20171 — The Border Gateway Protocol (BGP)&Nbsp;Enforce-First-As Feat Denial of Servicevulnerability, cve, medium-severity, denial-of-service, cwe-670 https://shimiscyberworld.com/posts/microsoft-open-sources-rampart-and-clarity-to-secure-ai-agen-alb2u/ Shimi's Cyber World en 2026-05-20T20:06:54+03:00 Microsoft Open-Sources RAMPART and Clarity for AI Agent Securitythreat-intel, vulnerability, microsoft, ai-security, tools https://shimiscyberworld.com/posts/ukraine-probes-teen-suspect-in-cyber-theft-scheme-targeting-vda36/ Shimi's Cyber World en 2026-05-20T19:33:00+03:00 Ukraine Probes Teen Suspect in US E-commerce Cyber Theftthreat-intel, data-breach, government https://shimiscyberworld.com/posts/discord-migrates-all-users-to-end-to-end-encryption-by-defau-qoz09/ Shimi's Cyber World en 2026-05-20T19:29:00+03:00 Discord Enables End-to-End Encryption by Defaultthreat-intel, data-breach, government https://shimiscyberworld.com/posts/nvd-CVE-2026-8598/ Shimi's Cyber World en 2026-05-20T19:16:27+03:00 ZKTeco CCTV Cameras: Unauthenticated Port Exposes Critical Data (CVE-2026-8598)vulnerability, cve, critical, high-severity, cwe-288 https://shimiscyberworld.com/posts/nvd-CVE-2026-8488/ Shimi's Cyber World en 2026-05-20T19:16:27+03:00 CVE-2026-8488 — Progress Software MOVEit Automation Vulnerabilityvulnerability, cve, medium-severity, cwe-770 https://shimiscyberworld.com/posts/nvd-CVE-2026-8487/ Shimi's Cyber World en 2026-05-20T19:16:27+03:00 CVE-2026-8487 — Progress Software MOVEit Automation Vulnerabilityvulnerability, cve, medium-severity, cwe-276 https://shimiscyberworld.com/posts/nvd-CVE-2026-8486/ Shimi's Cyber World en 2026-05-20T19:16:27+03:00 CVE-2026-8486 — Progress Software MOVEit Automation Vulnerabilityvulnerability, cve, medium-severity, cwe-770 https://shimiscyberworld.com/posts/nvd-CVE-2026-5783/ Shimi's Cyber World en 2026-05-20T19:16:26+03:00 Beyaz CityPLus Reflective XSS (CVE-2026-5783) Poses High Riskvulnerability, cve, high-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-4293/ Shimi's Cyber World en 2026-05-20T19:16:26+03:00 CVE-2026-4293 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2025-32750/ Shimi's Cyber World en 2026-05-20T19:16:24+03:00 Dell PowerFlex Manager: Directory Listing Vulnerability Exposes Informationvulnerability, cve, high-severity, cwe-548 https://shimiscyberworld.com/posts/nvd-CVE-2023-7346/ Shimi's Cyber World en 2026-05-20T19:16:23+03:00 CVE-2023-7346 — Ledger Bitcoin app versions 2.1.0 and 2.1.1 contain anvulnerability, cve, medium-severity, cwe-682 https://shimiscyberworld.com/posts/grafana-breach-caused-by-missed-token-rotation-after-tanstac-ijv20/ Shimi's Cyber World en 2026-05-20T18:46:37+03:00 Grafana Breach: Missed Token Rotation After TanStack Supply Chain Attackthreat-intel, data-breach, malware, tools https://shimiscyberworld.com/posts/ai-powered-app-attacks-are-faster-more-frequent-and-harder-q8cvf/ Shimi's Cyber World en 2026-05-20T17:37:36+03:00 AI-Powered Attacks Accelerate Mobile App Exploitationthreat-intel, vulnerability, tools https://shimiscyberworld.com/posts/microsoft-takes-down-malware-signing-service-behind-ransomwa-ywtug/ Shimi's Cyber World en 2026-05-20T17:36:44+03:00 Microsoft Disrupts Fox Tempest Malware-Signing-as-a-Servicethreat-intel, vulnerability, malware, ransomware, microsoft https://shimiscyberworld.com/posts/nvd-CVE-2026-8485/ Shimi's Cyber World en 2026-05-20T17:17:04+03:00 CVE-2026-8485 — Progress Software MOVEit Automation Vulnerabilityvulnerability, cve, medium-severity, cwe-789 https://shimiscyberworld.com/posts/nvd-CVE-2026-24425/ Shimi's Cyber World en 2026-05-20T17:16:38+03:00 Twig Sandbox Bypass (CVE-2026-24425) Allows Arbitrary Code Executionvulnerability, cve, high-severity, cwe-693 https://shimiscyberworld.com/posts/nvd-CVE-2026-22554/ Shimi's Cyber World en 2026-05-20T17:16:38+03:00 CVE-2026-22554: MediaInfoLib Heap-Based Buffer Overflow Risks High Impactvulnerability, cve, high-severity, buffer-overflow, cwe-122 https://shimiscyberworld.com/posts/nvd-CVE-2026-21836/ Shimi's Cyber World en 2026-05-20T17:16:36+03:00 CVE-2026-21836 — The HCL DominoIQ RAG feature is affected by a Broken Accessvulnerability, cve, medium-severity, cwe-862 https://shimiscyberworld.com/posts/identity-alone-isn-t-enough-why-device-security-has-to-shar-grj7u/ Shimi's Cyber World en 2026-05-20T17:02:12+03:00 Identity Alone Isn't Enough: Device Security Must Share the Loadthreat-intel, data-breach, malware, identity https://shimiscyberworld.com/posts/nvd-CVE-2026-5950/ Shimi's Cyber World en 2026-05-20T16:16:40+03:00 CVE-2026-5950 — BIND 9 Versions Vulnerabilityvulnerability, cve, medium-severity, cwe-606 https://shimiscyberworld.com/posts/nvd-CVE-2026-5947/ Shimi's Cyber World en 2026-05-20T16:16:40+03:00 BIND DNS Vulnerability CVE-2026-5947: Race Condition Leads to Use-After-Freevulnerability, cve, high-severity, use-after-free, cwe-362, cwe-416 https://shimiscyberworld.com/posts/nvd-CVE-2026-5946/ Shimi's Cyber World en 2026-05-20T16:16:40+03:00 BIND 9 Assertion Failure: CVE-2026-5946 Impacts DNS Handlingvulnerability, cve, high-severity, cwe-20, cwe-125, cwe-617, cwe-754, cwe-843 https://shimiscyberworld.com/posts/nvd-CVE-2026-45584/ Shimi's Cyber World en 2026-05-20T16:16:37+03:00 Microsoft Defender Heap Buffer Overflow Allows Remote Code Executionvulnerability, cve, high-severity, buffer-overflow, cwe-122 https://shimiscyberworld.com/posts/nvd-CVE-2026-45443/ Shimi's Cyber World en 2026-05-20T16:16:36+03:00 CVE-2026-45443 — ADD-ONS.ORG PDF For Elementor Forms + Drag And Drop Template Vulnerabilityvulnerability, cve, medium-severity, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2026-42834/ Shimi's Cyber World en 2026-05-20T16:16:34+03:00 Azure Portal Windows Admin Center Link Following Vulnerability (CVE-2026-42834)vulnerability, cve, high-severity, cwe-59 https://shimiscyberworld.com/posts/nvd-CVE-2026-42383/ Shimi's Cyber World en 2026-05-20T16:16:32+03:00 YITH WooCommerce Product Add-Ons Blind SQLi (CVE-2026-42383)vulnerability, cve, high-severity, sql-injection, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-41091/ Shimi's Cyber World en 2026-05-20T16:16:29+03:00 Microsoft Defender Vulnerability CVE-2026-41091: Local Privilege Escalation via Improper Link Handlingvulnerability, cve, high-severity, cwe-59 https://shimiscyberworld.com/posts/nvd-CVE-2026-3593/ Shimi's Cyber World en 2026-05-20T16:16:23+03:00 CVE-2026-3593: BIND 9 DNS-over-HTTPS Use-After-Free Vulnerabilityvulnerability, cve, high-severity, use-after-free, cwe-416 https://shimiscyberworld.com/posts/nvd-CVE-2026-3592/ Shimi's Cyber World en 2026-05-20T16:16:23+03:00 CVE-2026-3592 — BIND 9 Versions Vulnerabilityvulnerability, cve, medium-severity, cwe-408 https://shimiscyberworld.com/posts/nvd-CVE-2026-3039/ Shimi's Cyber World en 2026-05-20T16:16:23+03:00 CVE-2026-3039: BIND Servers Face High-Severity Memory Exhaustion Vulnerabilityvulnerability, cve, high-severity, cwe-771 https://shimiscyberworld.com/posts/nvd-CVE-2026-29518/ Shimi's Cyber World en 2026-05-20T16:16:17+03:00 Rsync CVE-2026-29518: TOCTOU Flaw Allows Privilege Escalationvulnerability, cve, high-severity, privilege-escalation, cwe-367 https://shimiscyberworld.com/posts/nvd-CVE-2026-27405/ Shimi's Cyber World en 2026-05-20T16:16:16+03:00 CVE-2026-27405 — Magepeople Inc. WpBookingly Vulnerabilityvulnerability, cve, medium-severity, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2026-24573/ Shimi's Cyber World en 2026-05-20T16:16:16+03:00 CVE-2026-24573 — Themeisle Visualizer Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2025-11954/ Shimi's Cyber World en 2026-05-20T16:16:14+03:00 WISECP CSRF Vulnerability (CVE-2025-11954) Poses High Riskvulnerability, cve, high-severity, cwe-352 https://shimiscyberworld.com/posts/texas-florida-top-list-of-states-reporting-millions-of-doll-qcrtp/ Shimi's Cyber World en 2026-05-20T16:04:00+03:00 Crypto ATM Scams Cost Millions in Texas, Floridathreat-intel, data-breach, government https://shimiscyberworld.com/posts/anthropic-silently-patches-claude-code-sandbox-bypass-371rj/ Shimi's Cyber World en 2026-05-20T16:00:00+03:00 Anthropic Patches Claude Code Sandbox Bypass with Prompt Injection Riskthreat-intel, vulnerability, ai-security https://shimiscyberworld.com/posts/drupal-critical-update-to-fix-bug-with-high-exploitation-ris-df3hc/ Shimi's Cyber World en 2026-05-20T15:52:29+03:00 Drupal Critical Update: Exploitation Risk Hours After Disclosurethreat-intel, data-breach, malware, vulnerability, tools https://shimiscyberworld.com/posts/webworm-deploys-echocreep-and-graphworm-backdoors-using-disc-n177a/ Shimi's Cyber World en 2026-05-20T15:51:43+03:00 Webworm Leverages Discord and MS Graph API for C2threat-intel, vulnerability, malware, microsoft https://shimiscyberworld.com/posts/telegram-1427288221-8956/ Shimi's Cyber World en 2026-05-20T15:48:28+03:00 Cyera Acquires 5-Month-Old Cybersecurity Startup for $50 Millionisrael https://shimiscyberworld.com/posts/github-confirms-being-hacked-by-teampcp-says-customer-data-mrls1/ Shimi's Cyber World en 2026-05-20T15:21:00+03:00 GitHub Confirms Breach by TeamPCP, Customer Data Unaffectedthreat-intel, data-breach, government, tools https://shimiscyberworld.com/posts/nvd-CVE-2025-31973/ Shimi's Cyber World en 2026-05-20T15:16:20+03:00 CVE-2025-31973 — HCL BigFix Service Management (SM) is susceptible to avulnerability, cve, medium-severity https://shimiscyberworld.com/posts/senator-presses-cisa-for-answers-about-alleged-github-reposi-wtzos/ Shimi's Cyber World en 2026-05-20T15:11:00+03:00 CISA Pressed on Nightwing GitHub Leak by Senator Hassanthreat-intel, data-breach, government, tools https://shimiscyberworld.com/posts/agent-ai-is-coming-are-you-ready-f9lb9/ Shimi's Cyber World en 2026-05-20T14:58:00+03:00 Agent AI Era Exposes Massive Identity Gaps, Orchid Security Warnsthreat-intel, vulnerability, identity, tools https://shimiscyberworld.com/posts/over-320-npm-packages-hit-by-fresh-mini-shai-hulud-supply-ch-xgvox/ Shimi's Cyber World en 2026-05-20T14:06:49+03:00 Mini Shai-Hulud: 320+ NPM Packages Hit by Supply Chain Attackthreat-intel, vulnerability, securityweek https://shimiscyberworld.com/posts/caught-off-guard-securing-ai-after-it-hits-production-lyk30/ Shimi's Cyber World en 2026-05-20T14:00:00+03:00 Enterprises Rushing AI to Production, Security Left Behindthreat-intel, vulnerability, securityweek https://shimiscyberworld.com/posts/typosquatting-is-no-longer-a-user-problem-it-s-a-supply-cha-c1lap/ Shimi's Cyber World en 2026-05-20T13:30:00+03:00 Typosquatting Evolves: AI-Generated Lookalikes Target Supply Chainsthreat-intel, vulnerability, the-hacker-news https://shimiscyberworld.com/posts/nvd-CVE-2026-9064/ Shimi's Cyber World en 2026-05-20T13:16:28+03:00 CVE-2026-9064: 389-ds-base Denial-of-Service Vulnerability Exposes LDAP Serversvulnerability, cve, high-severity, denial-of-service, cwe-770 https://shimiscyberworld.com/posts/nvd-CVE-2026-6728/ Shimi's Cyber World en 2026-05-20T13:16:28+03:00 CVE-2026-6728 — The Slider Revolution plugin for WordPress is vulnerable tovulnerability, cve, medium-severity, cwe-200 https://shimiscyberworld.com/posts/nvd-CVE-2026-44933/ Shimi's Cyber World en 2026-05-20T13:16:28+03:00 CVE-2026-44933: Plugin Script Vulnerability Allows Host Binary Execution with Root Privilegesvulnerability, cve, high-severity, cwe-35 https://shimiscyberworld.com/posts/nvd-CVE-2026-41054/ Shimi's Cyber World en 2026-05-20T13:16:26+03:00 CVE-2026-41054: Local Privilege Escalation in havegedvulnerability, cve, high-severity, cwe-305 https://shimiscyberworld.com/posts/nvd-CVE-2026-35070/ Shimi's Cyber World en 2026-05-20T13:16:26+03:00 CVE-2026-35070 — Command Injectionvulnerability, cve, medium-severity, command-injection, cwe-77 https://shimiscyberworld.com/posts/tracking-tamperedchef-clusters-via-certificate-and-code-reus-bqfd9/ Shimi's Cyber World en 2026-05-20T13:00:46+03:00 TamperedChef Malware Uses Trojanized Apps and Malvertising for Stealthy Deliverythreat-intel, apt, malware, research, unit-42 https://shimiscyberworld.com/posts/nvd-CVE-2026-6405/ Shimi's Cyber World en 2026-05-20T11:16:23+03:00 CVE-2026-6405 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-352 https://shimiscyberworld.com/posts/nvd-CVE-2026-5200/ Shimi's Cyber World en 2026-05-20T11:16:22+03:00 AcyMailing WordPress Plugin Vulnerable to Admin Takeover (CVE-2026-5200)vulnerability, cve, high-severity, cwe-862 https://shimiscyberworld.com/posts/github-confirms-breach-of-3-800-repos-via-malicious-vscode-e-17vmp/ Shimi's Cyber World en 2026-05-20T11:14:08+03:00 GitHub Confirms 3,800 Repos Breached via Malicious VSCode Extensionthreat-intel, data-breach, malware, tools https://shimiscyberworld.com/posts/microsoft-shares-mitigation-for-yellowkey-windows-zero-day-dda5p/ Shimi's Cyber World en 2026-05-20T10:31:15+03:00 Microsoft Issues YellowKey Mitigation for BitLocker Zero-Daythreat-intel, data-breach, malware, vulnerability, microsoft https://shimiscyberworld.com/posts/nvd-CVE-2026-6566/ Shimi's Cyber World en 2026-05-20T10:16:16+03:00 CVE-2026-6566 — The Photo Gallery, Sliders, Proofing and Themes – NextGENvulnerability, cve, medium-severity, cwe-639 https://shimiscyberworld.com/posts/nvd-CVE-2026-47784/ Shimi's Cyber World en 2026-05-20T10:16:15+03:00 CVE-2026-47784: Memcached Timing Side Channel Exposes Passwordsvulnerability, cve, high-severity, cwe-208 https://shimiscyberworld.com/posts/nvd-CVE-2026-47783/ Shimi's Cyber World en 2026-05-20T10:16:15+03:00 memcached Timing Side Channel (CVE-2026-47783) Allows SASL Credential Guessingvulnerability, cve, high-severity, cwe-208 https://shimiscyberworld.com/posts/nvd-CVE-2026-44392/ Shimi's Cyber World en 2026-05-20T10:16:15+03:00 CVE-2026-44392 — Missing authorization vulnerability exists in Movable Type.vulnerability, cve, medium-severity, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2026-2955/ Shimi's Cyber World en 2026-05-20T10:16:13+03:00 CVE-2026-2955 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/telegram-1427288221-8954/ Shimi's Cyber World en 2026-05-20T10:03:54+03:00 Holidays and Long Weekends: Prime Time for Cyber Attacksisrael, microsoft https://shimiscyberworld.com/posts/nvd-CVE-2026-9057/ Shimi's Cyber World en 2026-05-20T08:16:23+03:00 Talend Administration Center: Broken Access Control Allows URL Modificationvulnerability, cve, high-severity https://shimiscyberworld.com/posts/nvd-CVE-2026-9056/ Shimi's Cyber World en 2026-05-20T08:16:23+03:00 CVE-2026-9056 — The Talend Administration Center Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss https://shimiscyberworld.com/posts/nvd-CVE-2026-7522/ Shimi's Cyber World en 2026-05-20T08:16:22+03:00 CVE-2026-7522: WordPress Advanced Database Cleaner Plugin Vulnerable to LFIvulnerability, cve, high-severity, code-execution, cwe-98 https://shimiscyberworld.com/posts/nvd-CVE-2026-5075/ Shimi's Cyber World en 2026-05-20T08:16:22+03:00 CVE-2026-5075 — The All in One SEO plugin for WordPress is vulnerable tovulnerability, cve, medium-severity, cwe-200 https://shimiscyberworld.com/posts/telegram-1427288221-8950/ Shimi's Cyber World en 2026-05-20T07:33:40+03:00 GitHub Investigates Source Code Theft Claims by TeamPCPisrael https://shimiscyberworld.com/posts/telegram-1707304340-2326/ Shimi's Cyber World en 2026-05-20T07:20:14+03:00 Crypto ATM Scams Surge: Over $388M Lost in USisrael https://shimiscyberworld.com/posts/nvd-CVE-2026-9010/ Shimi's Cyber World en 2026-05-20T07:16:59+03:00 Boost WordPress Plugin: Unauthenticated SQLi Exposes Data via current_url, user_namevulnerability, cve, high-severity, sql-injection, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-9003/ Shimi's Cyber World en 2026-05-20T07:16:59+03:00 TONNET E-LAN Hybrid Recording System SQLi (CVE-2026-9003)vulnerability, cve, high-severity, sql-injection, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-7637/ Shimi's Cyber World en 2026-05-20T07:16:56+03:00 Boost WordPress Plugin Vulnerable to PHP Object Injectionvulnerability, cve, critical, high-severity, insecure-deserialization, cwe-502 https://shimiscyberworld.com/posts/nvd-CVE-2026-24215/ Shimi's Cyber World en 2026-05-20T07:16:47+03:00 CVE-2026-24215 — The DALI Backend, Where An Attacker Denial of Servicevulnerability, cve, medium-severity, denial-of-service, cwe-400 https://shimiscyberworld.com/posts/nvd-CVE-2026-24214/ Shimi's Cyber World en 2026-05-20T07:16:47+03:00 NVIDIA Triton Inference Server: Integer Overflow Leads to RCEvulnerability, cve, high-severity, code-execution, cwe-190 https://shimiscyberworld.com/posts/nvd-CVE-2026-24213/ Shimi's Cyber World en 2026-05-20T07:16:46+03:00 NVIDIA Triton Inference Server: Out-of-Bounds Read Leads to RCEvulnerability, cve, high-severity, code-execution, cwe-125 https://shimiscyberworld.com/posts/nvd-CVE-2026-24210/ Shimi's Cyber World en 2026-05-20T07:16:46+03:00 NVIDIA Triton Inference Server DoS Vulnerability: CVE-2026-24210vulnerability, cve, high-severity, denial-of-service, cwe-190 https://shimiscyberworld.com/posts/nvd-CVE-2026-24209/ Shimi's Cyber World en 2026-05-20T07:16:46+03:00 NVIDIA Triton Inference Server: Path Traversal Exposes DoS Riskvulnerability, cve, high-severity, path-traversal, cwe-22 https://shimiscyberworld.com/posts/nvd-CVE-2026-24207/ Shimi's Cyber World en 2026-05-20T07:16:45+03:00 NVIDIA Triton Inference Server: Critical Authentication Bypass (CVE-2026-24207)vulnerability, cve, critical, high-severity, code-execution, cwe-288 https://shimiscyberworld.com/posts/nvd-CVE-2026-24206/ Shimi's Cyber World en 2026-05-20T07:16:45+03:00 NVIDIA Triton Inference Server: Critical Auth Bypass Puts AI Workloads at Riskvulnerability, cve, high-severity, authentication-bypass, cwe-288 https://shimiscyberworld.com/posts/nvd-CVE-2026-24163/ Shimi's Cyber World en 2026-05-20T07:16:45+03:00 NVIDIA TRT-LLM Vulnerability: Unsafe Deserialization Leads to RCEvulnerability, cve, high-severity, code-execution, cwe-502 https://shimiscyberworld.com/posts/nvd-CVE-2026-24160/ Shimi's Cyber World en 2026-05-20T07:16:45+03:00 CVE-2026-24160 — Denial of Servicevulnerability, cve, medium-severity, denial-of-service, cwe-690 https://shimiscyberworld.com/posts/nvd-CVE-2026-24142/ Shimi's Cyber World en 2026-05-20T07:16:44+03:00 CVE-2026-24142 — Code Executionvulnerability, cve, medium-severity, code-execution, cwe-502 https://shimiscyberworld.com/posts/nvd-CVE-2025-33255/ Shimi's Cyber World en 2026-05-20T07:16:43+03:00 NVIDIA TRT-LLM Vulnerability Exposes AI Workloads to RCEvulnerability, cve, high-severity, code-execution, cwe-502 https://shimiscyberworld.com/posts/nvd-CVE-2025-15369/ Shimi's Cyber World en 2026-05-20T07:16:42+03:00 CVE-2025-15369 — The Xpro Addons — 140+ Widgets for Elementor plugin forvulnerability, cve, medium-severity, cwe-862 https://shimiscyberworld.com/posts/telegram-1707304340-2325/ Shimi's Cyber World en 2026-05-20T07:02:04+03:00 Huawei Zero-Day Downs Luxembourg's Critical Infrastructureisrael, vulnerability https://shimiscyberworld.com/posts/github-investigating-teampcp-claimed-breach-of-4-000-intern-pen7g/ Shimi's Cyber World en 2026-05-20T07:01:15+03:00 GitHub Investigates TeamPCP Claimed Breach of 4,000 Internal Repositoriesthreat-intel, vulnerability, data-breach, tools https://shimiscyberworld.com/posts/nvd-CVE-2026-8685/ Shimi's Cyber World en 2026-05-20T05:16:41+03:00 CVE-2026-8685 — SQL Injectionvulnerability, cve, medium-severity, sql-injection, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-8038/ Shimi's Cyber World en 2026-05-20T05:16:39+03:00 CVE-2026-8038 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-7467/ Shimi's Cyber World en 2026-05-20T05:16:39+03:00 WordPress Read More & Accordion Plugin: Privilege Escalation (CVE-2026-7467)vulnerability, cve, high-severity, privilege-escalation, cwe-269 https://shimiscyberworld.com/posts/nvd-CVE-2026-7284/ Shimi's Cyber World en 2026-05-20T05:16:39+03:00 CVE-2026-7284: Critical WordPress Elementor Plugin Privilege Escalationvulnerability, cve, critical, high-severity, privilege-escalation, cwe-269 https://shimiscyberworld.com/posts/nvd-CVE-2026-6555/ Shimi's Cyber World en 2026-05-20T05:16:38+03:00 CVE-2026-6555: ProSolution WP Client Arbitrary File Upload Critical RCEvulnerability, cve, critical, high-severity, remote-code-execution, cwe-434 https://shimiscyberworld.com/posts/nvd-CVE-2026-6549/ Shimi's Cyber World en 2026-05-20T05:16:38+03:00 CVE-2026-6549 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-6456/ Shimi's Cyber World en 2026-05-20T05:16:38+03:00 WordPress Account Switcher Plugin: Critical Privilege Escalation (CVE-2026-6456)vulnerability, cve, high-severity, privilege-escalation, cwe-287 https://shimiscyberworld.com/posts/nvd-CVE-2026-6397/ Shimi's Cyber World en 2026-05-20T05:16:37+03:00 CVE-2026-6397 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-6391/ Shimi's Cyber World en 2026-05-20T05:16:37+03:00 CVE-2026-6391 — The Sentence To SEO (keywords, description and tags) pluginvulnerability, cve, medium-severity, cwe-352 https://shimiscyberworld.com/posts/nvd-CVE-2026-6072/ Shimi's Cyber World en 2026-05-20T05:16:37+03:00 CVE-2026-6072 — The Oliver POS – A WooCommerce Point of Sale (POS) pluginvulnerability, cve, medium-severity, cwe-639 https://shimiscyberworld.com/posts/nvd-CVE-2026-5293/ Shimi's Cyber World en 2026-05-20T05:16:37+03:00 CVE-2026-5293 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-43620/ Shimi's Cyber World en 2026-05-20T05:16:36+03:00 CVE-2026-43620 — Recv_files() In Receiver.C That Vulnerabilityvulnerability, cve, medium-severity, cwe-125 https://shimiscyberworld.com/posts/nvd-CVE-2026-43619/ Shimi's Cyber World en 2026-05-20T05:16:36+03:00 CVE-2026-43619 — Arbitrary File Accessvulnerability, cve, medium-severity, arbitrary-file-access, cwe-59, cwe-367 https://shimiscyberworld.com/posts/nvd-CVE-2026-43618/ Shimi's Cyber World en 2026-05-20T05:16:36+03:00 Rsync CVE-2026-43618: Integer Overflow Exposes Memory, Bypasses ASLRvulnerability, cve, high-severity, integer-overflow, cwe-125, cwe-190 https://shimiscyberworld.com/posts/nvd-CVE-2026-3985/ Shimi's Cyber World en 2026-05-20T05:16:35+03:00 Creative Mail WordPress Plugin SQLi Exposes User Datavulnerability, cve, high-severity, sql-injection, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-45585/ Shimi's Cyber World en 2026-05-20T03:16:44+03:00 CVE-2026-45585 — Microsoft is aware of a security feature bypassvulnerability, cve, medium-severity, cwe-77 https://shimiscyberworld.com/posts/nvd-CVE-2026-39309/ Shimi's Cyber World en 2026-05-20T03:16:37+03:00 CVE-2026-39309 — Trilium Notes is a cross-platform, hierarchical note takingvulnerability, cve, medium-severity, cwe-290, cwe-451 https://shimiscyberworld.com/posts/nvd-CVE-2026-35593/ Shimi's Cyber World en 2026-05-20T03:16:37+03:00 CVE-2026-35593 — Remote Code Executionvulnerability, cve, medium-severity, remote-code-execution, cwe-22, cwe-73 https://shimiscyberworld.com/posts/nvd-CVE-2026-34754/ Shimi's Cyber World en 2026-05-20T03:16:34+03:00 CVE-2026-34754 — Mantis Bug Tracker (MantisBT) is an open source issuevulnerability, cve, medium-severity, cwe-284 https://shimiscyberworld.com/posts/verizon-dbir-2026-vulnerability-exploitation-overtakes-cred-cou7n/ Shimi's Cyber World en 2026-05-20T03:04:48+03:00 Verizon DBIR 2026: Vulnerability Exploitation Surpasses Credential Theftthreat-intel, vulnerability, malware, ransomware, data-breach, identity https://shimiscyberworld.com/posts/nvd-CVE-2026-34600/ Shimi's Cyber World en 2026-05-20T02:16:57+03:00 CVE-2026-34600 — Joplin is an open source note-taking and to-do applicationvulnerability, cve, medium-severity, cwe-200, cwe-281, cwe-863 https://shimiscyberworld.com/posts/nvd-CVE-2026-34358/ Shimi's Cyber World en 2026-05-20T01:16:37+03:00 CtrlPanel Privilege Escalation (CVE-2026-34358) Allows Full Admin Takeovervulnerability, cve, high-severity, privilege-escalation, cwe-284, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2026-34246/ Shimi's Cyber World en 2026-05-20T01:16:37+03:00 CVE-2026-34246 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-80, cwe-116 https://shimiscyberworld.com/posts/nvd-CVE-2026-34241/ Shimi's Cyber World en 2026-05-20T01:16:37+03:00 CVE-2026-34241: CtrlPanel XSS Allows Admin Session Hijackvulnerability, cve, high-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-34234/ Shimi's Cyber World en 2026-05-20T01:16:37+03:00 CtrlPanel RCE: Critical Flaw in Hosting Billing Software Actively Exploitedvulnerability, cve, critical, high-severity, remote-code-execution, cwe-78, cwe-284 https://shimiscyberworld.com/posts/nvd-CVE-2025-15645/ Shimi's Cyber World en 2026-05-20T01:16:36+03:00 CVE-2025-15645 — Denial of Servicevulnerability, cve, medium-severity, denial-of-service, cwe-1284 https://shimiscyberworld.com/posts/nvd-CVE-2023-7345/ Shimi's Cyber World en 2026-05-20T01:16:35+03:00 CVE-2023-7345 — Ledger Live with vulnerable versions of ledgerhq/hw-app-ethvulnerability, cve, medium-severity, cwe-704 https://shimiscyberworld.com/posts/nvd-CVE-2026-34233/ Shimi's Cyber World en 2026-05-20T00:16:42+03:00 CVE-2026-34233 — CtrlPanel is open-source billing software for hostingvulnerability, cve, medium-severity, cwe-284, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2026-34216/ Shimi's Cyber World en 2026-05-20T00:16:42+03:00 CVE-2026-34216 — Remote Code Executionvulnerability, cve, medium-severity, remote-code-execution, cwe-470 https://shimiscyberworld.com/posts/nvd-CVE-2026-32882/ Shimi's Cyber World en 2026-05-20T00:16:42+03:00 Libheif Heap Buffer Over-Read Vulnerability (CVE-2026-32882) Exposes Data, Causes DoSvulnerability, cve, high-severity, denial-of-service, cwe-125 https://shimiscyberworld.com/posts/nvd-CVE-2026-32814/ Shimi's Cyber World en 2026-05-20T00:16:42+03:00 CVE-2026-32814 — libheif is a HEIF and AVIF file format decoder and encoder.vulnerability, cve, medium-severity, cwe-200, cwe-908 https://shimiscyberworld.com/posts/nvd-CVE-2026-32741/ Shimi's Cyber World en 2026-05-20T00:16:42+03:00 libheif Heap Overflow (CVE-2026-32741) Risks HEIF/AVIF Decodersvulnerability, cve, high-severity, buffer-overflow, cwe-122 https://shimiscyberworld.com/posts/nvd-CVE-2025-57798/ Shimi's Cyber World en 2026-05-20T00:16:40+03:00 CVE-2025-57798 — The Title Input Functionality Due To A Lack Of Proper Length Denial of Servicevulnerability, cve, medium-severity, denial-of-service, cwe-770 https://shimiscyberworld.com/posts/nvd-CVE-2026-32740/ Shimi's Cyber World en 2026-05-19T23:16:18+03:00 libheif Heap-Buffer-Overflow (CVE-2026-32740) Exposes Image Processing Stacksvulnerability, cve, high-severity, cwe-787 https://shimiscyberworld.com/posts/nvd-CVE-2026-32739/ Shimi's Cyber World en 2026-05-19T23:16:18+03:00 CVE-2026-32739 — Denial of Servicevulnerability, cve, medium-severity, denial-of-service, cwe-835 https://shimiscyberworld.com/posts/daily-digest/ Shimi's Cyber World en 2026-05-19T23:00:00+03:00 Daily Security Digest — 2026-05-19daily-digest, vulnerability, cve, critical, high-severity, cwe-1392, remote-code-execution, cwe-917, cwe-94, code-execution https://shimiscyberworld.com/posts/fbi-americans-lost-over-388-million-to-scams-using-crypto-fi3g7/ Shimi's Cyber World en 2026-05-19T22:45:39+03:00 FBI: Crypto ATM Scams Cost Americans $388M in 2025threat-intel, data-breach, malware, bleepingcomputer https://shimiscyberworld.com/posts/huawei-zero-day-attack-behind-last-year-s-crash-of-luxembour-m1qhg/ Shimi's Cyber World en 2026-05-19T22:18:00+03:00 Huawei Zero-Day Caused Luxembourg's Telecom Outagethreat-intel, data-breach, government, vulnerability https://shimiscyberworld.com/posts/nvd-CVE-2026-8096/ Shimi's Cyber World en 2026-05-19T22:16:51+03:00 CVE-2026-8096 — The Kirki – Freeform Page Builder, Website Builder &vulnerability, cve, medium-severity, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2026-8073/ Shimi's Cyber World en 2026-05-19T22:16:51+03:00 WordPress Kirki Plugin Vulnerable to Arbitrary File Deletionvulnerability, cve, high-severity, arbitrary-file-access, cwe-23 https://shimiscyberworld.com/posts/nvd-CVE-2026-41470/ Shimi's Cyber World en 2026-05-19T22:16:50+03:00 CVE-2026-41470 — RTSP Session Command Handling That Vulnerabilityvulnerability, cve, medium-severity, cwe-863 https://shimiscyberworld.com/posts/nvd-CVE-2026-33741/ Shimi's Cyber World en 2026-05-19T22:16:49+03:00 CVE-2026-33741 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-33642/ Shimi's Cyber World en 2026-05-19T22:16:49+03:00 Kitty Terminal Heap Over-Read/Write Vulnerability (CVE-2026-33642) Critical Severityvulnerability, cve, critical, high-severity, cwe-125, cwe-190, cwe-787 https://shimiscyberworld.com/posts/nvd-CVE-2026-32738/ Shimi's Cyber World en 2026-05-19T22:16:48+03:00 CVE-2026-32738 — Denial of Servicevulnerability, cve, medium-severity, denial-of-service, cwe-125, cwe-476 https://shimiscyberworld.com/posts/nvd-CVE-2026-47107/ Shimi's Cyber World en 2026-05-19T21:16:22+03:00 CVE-2026-47107: Windmill Sandbox Vulnerability Exposes Admin Accessvulnerability, cve, critical, high-severity, cwe-276 https://shimiscyberworld.com/posts/nvd-CVE-2026-33633/ Shimi's Cyber World en 2026-05-19T21:16:21+03:00 Kitty Terminal Heap Buffer Overflow (CVE-2026-33633) — DoS, RCE Riskvulnerability, cve, high-severity, buffer-overflow, cwe-122 https://shimiscyberworld.com/posts/nvd-CVE-2026-32134/ Shimi's Cyber World en 2026-05-19T21:16:21+03:00 CVE-2026-32134 — Null Pointer Dereferencevulnerability, cve, medium-severity, null-pointer-dereference, cwe-476 https://shimiscyberworld.com/posts/nvd-CVE-2026-47358/ Shimi's Cyber World en 2026-05-19T20:16:23+03:00 CVE-2026-47358: Terrascan SSRF Allows Local File Read in Server Modevulnerability, cve, high-severity, server-side-request-forgery, cwe-73, cwe-610, cwe-918 https://shimiscyberworld.com/posts/nvd-CVE-2026-47357/ Shimi's Cyber World en 2026-05-19T20:16:22+03:00 CVE-2026-47357: Terrascan SSRF Exposes Local Files, Credentialsvulnerability, cve, high-severity, server-side-request-forgery, cwe-73, cwe-610, cwe-918 https://shimiscyberworld.com/posts/nvd-CVE-2026-47356/ Shimi's Cyber World en 2026-05-19T20:16:22+03:00 Terrascan SSRF Vulnerability (CVE-2026-47356) Exposes Scan Resultsvulnerability, cve, high-severity, server-side-request-forgery, cwe-918 https://shimiscyberworld.com/posts/uk-regulator-to-require-tech-firms-to-tackle-deepfakes-non-n0hka/ Shimi's Cyber World en 2026-05-19T19:57:00+03:00 UK Regulator Mandates Tech Firms Tackle Deepfakes and Non-Consensual Intimate Imagesthreat-intel, data-breach, government https://shimiscyberworld.com/posts/trapdoor-android-ad-fraud-scheme-hit-659-million-daily-bid-r-ruemv/ Shimi's Cyber World en 2026-05-19T19:38:12+03:00 Trapdoor Android Ad Fraud Scheme Hits 659 Million Daily Bid Requeststhreat-intel, vulnerability, malware https://shimiscyberworld.com/posts/microsoft-disrupts-fox-tempest-malware-signing-as-a-service-1cjl7/ Shimi's Cyber World en 2026-05-19T19:36:00+03:00 Microsoft Disrupts Fox Tempest Malware-Signing-as-a-Servicethreat-intel, data-breach, government, malware, ransomware, microsoft, tools https://shimiscyberworld.com/posts/drupal-to-patch-highly-critical-vulnerability-at-risk-of-qui-2bfko/ Shimi's Cyber World en 2026-05-19T19:22:18+03:00 Drupal Patches Critical Flaw — Exploits Expected Imminentlythreat-intel, vulnerability https://shimiscyberworld.com/posts/nvd-CVE-2026-5804/ Shimi's Cyber World en 2026-05-19T19:16:22+03:00 Motorola Factory Test Component Exposes Sensitive Device Data via Improper Authenticationvulnerability, cve, high-severity https://shimiscyberworld.com/posts/microsoft-blames-undismissible-teams-location-prompts-on-mac-3k6qh/ Shimi's Cyber World en 2026-05-19T19:10:47+03:00 Microsoft Blames Undismissible Teams Location Prompts on macOS Updatethreat-intel, data-breach, malware, microsoft https://shimiscyberworld.com/posts/nvd-CVE-2026-8711/ Shimi's Cyber World en 2026-05-19T18:16:33+03:00 CVE-2026-8711: NGINX JavaScript Heap Overflow Risks Code Executionvulnerability, cve, high-severity, code-execution, cwe-122 https://shimiscyberworld.com/posts/nvd-CVE-2026-47100/ Shimi's Cyber World en 2026-05-19T18:16:32+03:00 CVE-2026-47100: Funnel Builder for WooCommerce Checkout Vulnerabilityvulnerability, cve, high-severity, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2026-45557/ Shimi's Cyber World en 2026-05-19T18:16:31+03:00 CVE-2026-45557 — Technitium DNS Server aggressively tries to fetch missingvulnerability, cve, medium-severity, cwe-405, cwe-406, cwe-770 https://shimiscyberworld.com/posts/nvd-CVE-2026-44159/ Shimi's Cyber World en 2026-05-19T18:16:31+03:00 CVE-2026-44159: Tyler Identity Local Ships with Default Admin Credentialsvulnerability, cve, critical, high-severity, cwe-1392 https://shimiscyberworld.com/posts/nvd-CVE-2026-43634/ Shimi's Cyber World en 2026-05-19T18:16:31+03:00 HestiaCP IP Spoofing Vulnerability Bypasses Auth Controlsvulnerability, cve, high-severity, cwe-348 https://shimiscyberworld.com/posts/nvd-CVE-2026-2587/ Shimi's Cyber World en 2026-05-19T18:16:28+03:00 CVE-2026-2587: Critical RCE in Glassfish Gadget Handlervulnerability, cve, critical, high-severity, remote-code-execution, cwe-917 https://shimiscyberworld.com/posts/nvd-CVE-2026-2586/ Shimi's Cyber World en 2026-05-19T18:16:28+03:00 GlassFish Administration Console RCE: Critical Flaw Demands Immediate Attentionvulnerability, cve, critical, high-severity, remote-code-execution, cwe-94, cwe-917 https://shimiscyberworld.com/posts/nvd-CVE-2026-43633/ Shimi's Cyber World en 2026-05-19T17:16:43+03:00 HestiaCP Web Terminal RCE: Critical Deserialization Vulnerabilityvulnerability, cve, critical, high-severity, code-execution, cwe-502 https://shimiscyberworld.com/posts/7-eleven-confirms-data-breach-claimed-by-the-shinyhunters-ga-dhmhi/ Shimi's Cyber World en 2026-05-19T17:16:41+03:00 7-Eleven Confirms Breach by ShinyHunters Extortion Gangthreat-intel, data-breach, malware https://shimiscyberworld.com/posts/nvd-CVE-2025-40904/ Shimi's Cyber World en 2026-05-19T17:16:28+03:00 CVE-2025-40904 — The Smart Polling Functionality Due To Improper Validation O Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2025-40903/ Shimi's Cyber World en 2026-05-19T17:16:28+03:00 CVE-2025-40903 — The Schedule Restore Archive Functionality Due To Improper V Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2025-40902/ Shimi's Cyber World en 2026-05-19T17:16:27+03:00 CVE-2025-40902 — The Users Functionality Due To Improper Validation Of An Inp Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2025-40901/ Shimi's Cyber World en 2026-05-19T17:16:27+03:00 CVE-2025-40901 — The Credentials Manager Functionality Due To Improper Valida Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2025-40900/ Shimi's Cyber World en 2026-05-19T17:16:27+03:00 CVE-2025-40900 — The Reports Functionality Due To Improper Validation Of An I Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-1336 https://shimiscyberworld.com/posts/critical-microsoft-vulnerabilities-doubled-from-exposure-to-f1b6f/ Shimi's Cyber World en 2026-05-19T17:00:10+03:00 Microsoft Critical Vulnerabilities Double, Attackers Target Privilege Escalationthreat-intel, data-breach, malware, vulnerability, cloud, microsoft, identity https://shimiscyberworld.com/posts/nvd-CVE-2026-8912/ Shimi's Cyber World en 2026-05-19T16:16:20+03:00 CVE-2026-8912: WordPress Contest Gallery Plugin SQLivulnerability, cve, high-severity, sql-injection, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-4883/ Shimi's Cyber World en 2026-05-19T16:16:19+03:00 Piotnet Forms Plugin for WordPress Critical RCE Vulnerability (CVE-2026-4883)vulnerability, cve, critical, high-severity, remote-code-execution, cwe-434 https://shimiscyberworld.com/posts/telegram-1427288221-8948/ Shimi's Cyber World en 2026-05-19T16:08:39+03:00 OAuth Phishing Campaign Mimics Spotify Using "Profit" Platformisrael, identity, phishing https://shimiscyberworld.com/posts/microsoft-s-mshta-legacy-tool-still-powers-malware-campaigns-armuz/ Shimi's Cyber World en 2026-05-19T15:58:25+03:00 Microsoft MSHTA: Legacy Tool Fuels Ongoing Malware Campaignsmalware, threat-intel, research, vulnerability, microsoft, tools https://shimiscyberworld.com/posts/unpatched-chromadb-vulnerability-can-lead-to-server-takeover-v4uht/ Shimi's Cyber World en 2026-05-19T15:54:21+03:00 Unpatched ChromaDB Vulnerability Allows Server Takeoverthreat-intel, vulnerability, identity https://shimiscyberworld.com/posts/nvd-CVE-2026-7571/ Shimi's Cyber World en 2026-05-19T15:16:19+03:00 Keycloak Vulnerability CVE-2026-7571 Allows Implicit Flow Bypassvulnerability, cve, high-severity, information-disclosure, cwe-472 https://shimiscyberworld.com/posts/nvd-CVE-2026-7507/ Shimi's Cyber World en 2026-05-19T15:16:19+03:00 Keycloak Session Fixation Flaw Allows Account Takeover (CVE-2026-7507)vulnerability, cve, high-severity, cwe-290 https://shimiscyberworld.com/posts/nvd-CVE-2026-7504/ Shimi's Cyber World en 2026-05-19T15:16:19+03:00 Keycloak CVE-2026-7504: Critical URL Validation Bypassvulnerability, cve, high-severity, cwe-601 https://shimiscyberworld.com/posts/nvd-CVE-2026-7307/ Shimi's Cyber World en 2026-05-19T15:16:19+03:00 Keycloak DoS Vulnerability (CVE-2026-7307) Exposes SAML Endpointsvulnerability, cve, high-severity, denial-of-service, cwe-1286 https://shimiscyberworld.com/posts/nvd-CVE-2026-4630/ Shimi's Cyber World en 2026-05-19T15:16:19+03:00 CVE-2026-4630 — Keycloak Information Disclosurevulnerability, cve, medium-severity, information-disclosure, cwe-639 https://shimiscyberworld.com/posts/nvd-CVE-2026-45442/ Shimi's Cyber World en 2026-05-19T15:16:19+03:00 CVE-2026-45442 — Brainstorm Force Presto Player Vulnerabilityvulnerability, cve, medium-severity, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2026-37982/ Shimi's Cyber World en 2026-05-19T15:16:18+03:00 CVE-2026-37982 — Keycloak Vulnerabilityvulnerability, cve, medium-severity https://shimiscyberworld.com/posts/nvd-CVE-2026-37981/ Shimi's Cyber World en 2026-05-19T15:16:18+03:00 CVE-2026-37981 — Keycloak Information Disclosurevulnerability, cve, medium-severity, information-disclosure, cwe-1220 https://shimiscyberworld.com/posts/nvd-CVE-2026-37979/ Shimi's Cyber World en 2026-05-19T15:16:18+03:00 CVE-2026-37979 — Keycloak Vulnerabilityvulnerability, cve, medium-severity https://shimiscyberworld.com/posts/nvd-CVE-2026-37978/ Shimi's Cyber World en 2026-05-19T15:16:17+03:00 CVE-2026-37978 — Keycloak Vulnerabilityvulnerability, cve, medium-severity, cwe-639 https://shimiscyberworld.com/posts/the-new-phishing-click-how-oauth-consent-bypasses-mfa-c3maf/ Shimi's Cyber World en 2026-05-19T14:30:00+03:00 Microsoft 365 Organizations Hit by EvilTokens Phishing-as-a-Servicethreat-intel, vulnerability, microsoft, identity, phishing https://shimiscyberworld.com/posts/microsoft-confirms-patching-issues-in-restricted-windows-net-yemh9/ Shimi's Cyber World en 2026-05-19T14:22:15+03:00 Microsoft Confirms Windows Update Failures in Restricted Networksthreat-intel, data-breach, malware, vulnerability, microsoft https://shimiscyberworld.com/posts/drupal-to-release-urgent-core-security-updates-on-may-20-si-bw0ip/ Shimi's Cyber World en 2026-05-19T13:44:45+03:00 Drupal Core Security Update Imminent: Patch or Get Hackedthreat-intel, vulnerability, tools https://shimiscyberworld.com/posts/nvd-CVE-2026-2611/ Shimi's Cyber World en 2026-05-19T13:16:22+03:00 CVE-2026-2611: MLflow Assistant Critical RCE via Origin Validation Bypassvulnerability, cve, critical, high-severity, cwe-346 https://shimiscyberworld.com/posts/poc-released-for-dirtydecrypt-linux-kernel-vulnerability-iwvx3/ Shimi's Cyber World en 2026-05-19T12:42:56+03:00 DirtyDecrypt Linux Kernel Vulnerability PoC Releasedthreat-intel, vulnerability, tools, securityweek https://shimiscyberworld.com/posts/seppmail-secure-e-mail-gateway-vulnerabilities-enable-rce-an-rey8j/ Shimi's Cyber World en 2026-05-19T12:23:15+03:00 SEPPMail Secure E-Mail Gateway RCE and Mail Traffic Access Vulnerabilitiesthreat-intel, vulnerability https://shimiscyberworld.com/posts/nvd-CVE-2026-44408/ Shimi's Cyber World en 2026-05-19T12:16:20+03:00 CVE-2026-44408 — There is an unauthorized access vulnerability in ZTEvulnerability, cve, medium-severity, cwe-200 https://shimiscyberworld.com/posts/nvd-CVE-2026-8922/ Shimi's Cyber World en 2026-05-19T11:16:18+03:00 CVE-2026-8922 — Keycloak Vulnerabilityvulnerability, cve, medium-severity, cwe-303 https://shimiscyberworld.com/posts/nvd-CVE-2026-4885/ Shimi's Cyber World en 2026-05-19T11:16:16+03:00 CVE-2026-4885: Piotnet Addons for Elementor Pro RCE via File Uploadvulnerability, cve, critical, high-severity, remote-code-execution, cwe-434 https://shimiscyberworld.com/posts/nvd-CVE-2026-47317/ Shimi's Cyber World en 2026-05-19T11:16:16+03:00 CVE-2026-47317 — Samsung Open Source Escargot Vulnerabilityvulnerability, cve, medium-severity, cwe-674 https://shimiscyberworld.com/posts/nvd-CVE-2026-47316/ Shimi's Cyber World en 2026-05-19T11:16:15+03:00 CVE-2026-47316 — Samsung Open Source Escargot Vulnerabilityvulnerability, cve, medium-severity, cwe-703 https://shimiscyberworld.com/posts/nvd-CVE-2026-47315/ Shimi's Cyber World en 2026-05-19T11:16:15+03:00 CVE-2026-47315 — Samsung Open Source Escargot Vulnerabilityvulnerability, cve, medium-severity, cwe-754 https://shimiscyberworld.com/posts/nvd-CVE-2026-47314/ Shimi's Cyber World en 2026-05-19T11:16:15+03:00 Samsung Escargot Out-of-Bounds Write Poses High Riskvulnerability, cve, high-severity, out-of-bounds-1, cwe-787 https://shimiscyberworld.com/posts/nvd-CVE-2026-47313/ Shimi's Cyber World en 2026-05-19T11:16:15+03:00 CVE-2026-47313 — Samsung Open Source Escargot Vulnerabilityvulnerability, cve, medium-severity, cwe-789 https://shimiscyberworld.com/posts/nvd-CVE-2026-47312/ Shimi's Cyber World en 2026-05-19T11:16:15+03:00 CVE-2026-47312 — Samsung Open Source Escargot Vulnerabilityvulnerability, cve, medium-severity, cwe-763 https://shimiscyberworld.com/posts/nvd-CVE-2026-8830/ Shimi's Cyber World en 2026-05-19T10:16:30+03:00 CVE-2026-8830 — Keycloak Vulnerabilityvulnerability, cve, medium-severity, cwe-603 https://shimiscyberworld.com/posts/nvd-CVE-2026-8814/ Shimi's Cyber World en 2026-05-19T10:16:30+03:00 CVE-2026-8814 — Versions of the package exifreader before 4.39.0 arevulnerability, cve, medium-severity, cwe-409 https://shimiscyberworld.com/posts/nvd-CVE-2026-8813/ Shimi's Cyber World en 2026-05-19T10:16:30+03:00 CVE-2026-8813: ExifReader DoS Via Crafted ICC mluc Tagsvulnerability, cve, high-severity, denial-of-service, cwe-1284 https://shimiscyberworld.com/posts/nvd-CVE-2026-47311/ Shimi's Cyber World en 2026-05-19T10:16:30+03:00 Samsung Escargot Heap Overflow (CVE-2026-47311) Poses High Riskvulnerability, cve, high-severity, buffer-overflow, cwe-122 https://shimiscyberworld.com/posts/nvd-CVE-2026-47310/ Shimi's Cyber World en 2026-05-19T10:16:29+03:00 Samsung Open Source Escargot Vulnerability: Use-After-Free Allows Pointer Manipulationvulnerability, cve, high-severity, use-after-free, cwe-416 https://shimiscyberworld.com/posts/nvd-CVE-2026-47309/ Shimi's Cyber World en 2026-05-19T10:16:29+03:00 CVE-2026-47309 — Samsung Open Source Escargot Vulnerabilityvulnerability, cve, medium-severity, cwe-674 https://shimiscyberworld.com/posts/telegram-1427288221-8946/ Shimi's Cyber World en 2026-05-19T09:43:22+03:00 New Phishing Campaign Uses Fake 'CEO Mandate' for Email Signatureisrael https://shimiscyberworld.com/posts/github-actions-supply-chain-attack-redirects-tags-to-steal-c-clj5s/ Shimi's Cyber World en 2026-05-19T08:28:06+03:00 GitHub Actions Supply Chain Attack Hijacks Tags to Steal CI/CD Credentialsthreat-intel, vulnerability, identity, tools https://shimiscyberworld.com/posts/nvd-CVE-2026-47308/ Shimi's Cyber World en 2026-05-19T08:16:25+03:00 CVE-2026-47308 — Samsung Open Source Walrus Null Pointer Dereferencevulnerability, cve, medium-severity, null-pointer-dereference, cwe-476 https://shimiscyberworld.com/posts/nvd-CVE-2026-32994/ Shimi's Cyber World en 2026-05-19T08:16:23+03:00 CVE-2026-32994 — The /api/v1/autotranslate.translateMessage endpoint invulnerability, cve, medium-severity, cwe-284 https://shimiscyberworld.com/posts/telegram-1707304340-2324/ Shimi's Cyber World en 2026-05-19T07:42:53+03:00 Chanhassen Dinner Theatres Suspend Shows After Ransomware Attackisrael, malware, ransomware https://shimiscyberworld.com/posts/telegram-1427288221-8945/ Shimi's Cyber World en 2026-05-19T07:35:31+03:00 Mini Shai Hulud Campaign Hits AntV npm Packages, Echarts-for-React Affectedisrael https://shimiscyberworld.com/posts/telegram-1542954397-4597/ Shimi's Cyber World en 2026-05-19T07:33:46+03:00 Audio Prompt Injection Attack: AudioHijack Bypasses Voice AI Defensesai-security https://shimiscyberworld.com/posts/nvd-CVE-2026-47307/ Shimi's Cyber World en 2026-05-19T07:16:31+03:00 CVE-2026-47307 — Samsung Open Source Walrus Denial of Servicevulnerability, cve, medium-severity, denial-of-service, cwe-476 https://shimiscyberworld.com/posts/nvd-CVE-2026-28733/ Shimi's Cyber World en 2026-05-19T07:16:30+03:00 CVE-2026-28733 — Code Executionvulnerability, cve, medium-severity, code-execution, cwe-416 https://shimiscyberworld.com/posts/nvd-CVE-2026-27766/ Shimi's Cyber World en 2026-05-19T07:16:28+03:00 CVE-2026-27766 — in OpenHarmony v6.0 and prior versions allow a localvulnerability, cve, medium-severity, cwe-364 https://shimiscyberworld.com/posts/nvd-CVE-2026-27648/ Shimi's Cyber World en 2026-05-19T07:16:28+03:00 OpenHarmony RCE: Remote Code Execution in Pre-Installed Apps (CVE-2026-27648)vulnerability, cve, high-severity, code-execution, cwe-787 https://shimiscyberworld.com/posts/nvd-CVE-2026-25850/ Shimi's Cyber World en 2026-05-19T07:16:28+03:00 CVE-2026-25850 — in OpenHarmony v6.0 and prior versions allow a localvulnerability, cve, medium-severity, cwe-281 https://shimiscyberworld.com/posts/nvd-CVE-2026-25781/ Shimi's Cyber World en 2026-05-19T07:16:28+03:00 OpenHarmony CVE-2026-25781 Allows Local DOS, Unrecoverable Impactvulnerability, cve, high-severity, denial-of-service, cwe-787 https://shimiscyberworld.com/posts/nvd-CVE-2026-24792/ Shimi's Cyber World en 2026-05-19T07:16:27+03:00 OpenHarmony v6.0 RCE: Pre-Installed Apps Vulnerablevulnerability, cve, high-severity, code-execution, cwe-364 https://shimiscyberworld.com/posts/nvd-CVE-2026-22069/ Shimi's Cyber World en 2026-05-19T07:16:25+03:00 O+ Connect Vulnerability: Local Privilege Escalation (CVE-2026-22069) Exposes Systemsvulnerability, cve, high-severity, privilege-escalation, cwe-266 https://shimiscyberworld.com/posts/nvd-CVE-2026-33234/ Shimi's Cyber World en 2026-05-19T05:16:16+03:00 CVE-2026-33234 — Server-Side Request Forgeryvulnerability, cve, medium-severity, server-side-request-forgery, cwe-918 https://shimiscyberworld.com/posts/nvd-CVE-2026-33233/ Shimi's Cyber World en 2026-05-19T05:16:15+03:00 AutoGPT Insecure Deserialization (CVE-2026-33233) Leads to RCEvulnerability, cve, high-severity, insecure-deserialization, cwe-94, cwe-345, cwe-502 https://shimiscyberworld.com/posts/nvd-CVE-2026-33232/ Shimi's Cyber World en 2026-05-19T05:16:15+03:00 AutoGPT DoS: Unauthenticated Attack Exhausts Disk Spacevulnerability, cve, high-severity, denial-of-service, cwe-400, cwe-459, cwe-770 https://shimiscyberworld.com/posts/nvd-CVE-2026-32323/ Shimi's Cyber World en 2026-05-19T05:16:14+03:00 Mullvad VPN macOS Installer Flaw Allows Root Code Executionvulnerability, cve, high-severity, code-execution, cwe-269, cwe-345, cwe-427 https://shimiscyberworld.com/posts/ctt-468-124-breached-accounts-vcqpx/ Shimi's Cyber World en 2026-05-19T03:28:54+03:00 CTT Data Breach Exposes 468K Portuguese Accountsdata-breach https://shimiscyberworld.com/posts/nvd-CVE-2026-32244/ Shimi's Cyber World en 2026-05-19T03:16:37+03:00 CVE-2026-32244 — Discourse is an open-source discussion platform. Invulnerability, cve, medium-severity, cwe-200, cwe-524, cwe-672 https://shimiscyberworld.com/posts/nvd-CVE-2026-30950/ Shimi's Cyber World en 2026-05-19T02:16:33+03:00 AutoGPT Authenticated Session Hijacking via IDOR (CVE-2026-30950)vulnerability, cve, high-severity, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2026-27892/ Shimi's Cyber World en 2026-05-19T01:16:38+03:00 CVE-2026-27892 — Unrestricted File Uploadvulnerability, cve, medium-severity, unrestricted-file-upload, cwe-200, cwe-212 https://shimiscyberworld.com/posts/nvd-CVE-2026-27891/ Shimi's Cyber World en 2026-05-19T01:16:38+03:00 FacturaScripts CVE-2026-27891: Critical Zip Slip Leads to RCEvulnerability, cve, high-severity, remote-code-execution, cwe-20, cwe-434 https://shimiscyberworld.com/posts/nvd-CVE-2026-27737/ Shimi's Cyber World en 2026-05-19T01:16:37+03:00 CVE-2026-27737 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-8851/ Shimi's Cyber World en 2026-05-19T00:16:41+03:00 CVE-2026-8851: SOGo SQL Injection Exposes Database Datavulnerability, cve, high-severity, sql-injection, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-8838/ Shimi's Cyber World en 2026-05-19T00:16:41+03:00 CVE-2026-8838: Critical RCE in amazon-redshift-python-drivervulnerability, cve, critical, high-severity, cwe-94 https://shimiscyberworld.com/posts/nvd-CVE-2026-4137/ Shimi's Cyber World en 2026-05-19T00:16:40+03:00 CVE-2026-4137: MLflow Temporary Files Vulnerability Exposes Models to RCEvulnerability, cve, high-severity, code-execution, cwe-378 https://shimiscyberworld.com/posts/nvd-CVE-2026-27130/ Shimi's Cyber World en 2026-05-19T00:16:39+03:00 Dokploy PaaS: Critical OS Command Injection CVE-2026-27130vulnerability, cve, critical, high-severity, command-injection, cwe-78 https://shimiscyberworld.com/posts/nvd-CVE-2026-25244/ Shimi's Cyber World en 2026-05-19T00:16:39+03:00 CVE-2026-25244: WebdriverIO RCE via Malicious Git Branch Namesvulnerability, cve, critical, high-severity, remote-code-execution, cwe-78 https://shimiscyberworld.com/posts/nvd-CVE-2026-22810/ Shimi's Cyber World en 2026-05-19T00:16:39+03:00 Joplin Path Traversal (CVE-2026-22810) Allows Arbitrary File Overwritesvulnerability, cve, high-severity, path-traversal, cwe-24 https://shimiscyberworld.com/posts/addi-34-532-941-breached-accounts-mgitm/ Shimi's Cyber World en 2026-05-18T23:55:51+03:00 Addi Fintech Breach: 34 Million Accounts Exposed by ShinyHuntersdata-breach, identity https://shimiscyberworld.com/posts/more-than-200-arrested-in-cyber-raids-aimed-at-middle-east-s-m0gxs/ Shimi's Cyber World en 2026-05-18T23:52:00+03:00 Middle East Cyber Raids Net 200+ Scam Network Arreststhreat-intel, data-breach, government https://shimiscyberworld.com/posts/nvd-CVE-2026-47092/ Shimi's Cyber World en 2026-05-18T23:16:40+03:00 CVE-2026-47092: Claude HUD Vulnerability Allows Local Code Executionvulnerability, cve, high-severity, code-execution, cwe-427 https://shimiscyberworld.com/posts/nvd-CVE-2026-45246/ Shimi's Cyber World en 2026-05-18T23:16:38+03:00 CVE-2026-45246 — The Refresh-Free Configuration Rewrite Path That Vulnerabilityvulnerability, cve, medium-severity, cwe-732 https://shimiscyberworld.com/posts/nvd-CVE-2026-45245/ Shimi's Cyber World en 2026-05-18T23:16:38+03:00 CVE-2026-45245: Hover Summary Feature Exposes Authenticated Requestsvulnerability, cve, high-severity, cwe-918, cwe-940 https://shimiscyberworld.com/posts/nvd-CVE-2026-45244/ Shimi's Cyber World en 2026-05-18T23:16:38+03:00 CVE-2026-45244 — Summarize prior to 0.15.1 contains a missing authorizationvulnerability, cve, medium-severity, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2026-21789/ Shimi's Cyber World en 2026-05-18T23:16:37+03:00 CVE-2026-21789 — HCL Connections contains a broken access controlvulnerability, cve, medium-severity, cwe-863 https://shimiscyberworld.com/posts/nvd-CVE-2025-65954/ Shimi's Cyber World en 2026-05-18T23:16:36+03:00 CVE-2025-65954 — SimpleSAMLphp-casserver is a CAS 1.0 and 2.0 compliant CASvulnerability, cve, medium-severity, cwe-601 https://shimiscyberworld.com/posts/daily-digest/ Shimi's Cyber World en 2026-05-18T23:00:00+03:00 Daily Security Digest — 2026-05-18daily-digest, vulnerability, cve, high-severity, sql-injection, cwe-74, cwe-89, cross-site-scripting-xss, cwe-79, cwe-200 https://shimiscyberworld.com/posts/nvd-CVE-2026-8836/ Shimi's Cyber World en 2026-05-18T22:16:28+03:00 CVE-2026-8836: Critical lwIP Stack Buffer Overflow in SNMPv3 USM Handlervulnerability, cve, critical, high-severity, buffer-overflow, cwe-119, cwe-121 https://shimiscyberworld.com/posts/nvd-CVE-2026-45243/ Shimi's Cyber World en 2026-05-18T22:16:28+03:00 CVE-2026-45243 — The Content Script Window.PostMessage Bridge That Vulnerabilityvulnerability, cve, medium-severity, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2026-45242/ Shimi's Cyber World en 2026-05-18T22:16:28+03:00 CVE-2026-45242: Summarize Daemon Path Traversal Vulnerabilityvulnerability, cve, high-severity, path-traversal, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2026-45231/ Shimi's Cyber World en 2026-05-18T22:16:27+03:00 CVE-2026-45231 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/telegram-1427288221-8944/ Shimi's Cyber World en 2026-05-18T22:02:29+03:00 Cloudflare Leverages AI for Code Review, Finds Critical Security Flawsisrael, cloud