https://shimiscyberworld.com/posts/nvd-CVE-2026-7002/ Shimi's Cyber World en 2026-04-26T01:16:19+03:00 CVE-2026-7002: KLiK SocialMediaWebsite SQLi Poses Remote Riskvulnerability, cve, high-severity, sql-injection, cwe-74, cwe-89 https://shimiscyberworld.com/posts/daily-digest/ Shimi's Cyber World en 2026-04-25T23:00:00+03:00 Daily Security Digest — 2026-04-25daily-digest, vulnerability, cve, high-severity, buffer-overflow, cwe-119, cwe-120, command-injection, cwe-77, cwe-78 https://shimiscyberworld.com/posts/telegram-1427288221-8815/ Shimi's Cyber World en 2026-04-25T22:38:30+03:00 Rituals Cosmetics Suffers Data Breach, Customer PII Exposedisrael https://shimiscyberworld.com/posts/nvd-CVE-2026-6994/ Shimi's Cyber World en 2026-04-25T22:16:00+03:00 CVE-2026-6994 — A weakness has been identified in Envoy up to 1.33.0.vulnerability, cve, medium-severity, cwe-74, cwe-707 https://shimiscyberworld.com/posts/nvd-CVE-2026-6993/ Shimi's Cyber World en 2026-04-25T22:16:00+03:00 CVE-2026-6993 — Go-Kratos Kratos Vulnerabilityvulnerability, cve, medium-severity, cwe-441 https://shimiscyberworld.com/posts/nvd-CVE-2026-6992/ Shimi's Cyber World en 2026-04-25T21:16:19+03:00 Linksys MR9600 RCE: Critical OS Command Injection Vulnerabilityvulnerability, cve, high-severity, command-injection, cwe-77, cwe-78 https://shimiscyberworld.com/posts/nvd-CVE-2026-6991/ Shimi's Cyber World en 2026-04-25T21:16:19+03:00 CVE-2026-6991 — SQL Injectionvulnerability, cve, medium-severity, sql-injection, cwe-74, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-6989/ Shimi's Cyber World en 2026-04-25T21:16:18+03:00 CVE-2026-6989 — Tenda F453 Command Injectionvulnerability, cve, medium-severity, command-injection, cwe-74, cwe-77 https://shimiscyberworld.com/posts/nvd-CVE-2026-6988/ Shimi's Cyber World en 2026-04-25T21:16:17+03:00 Tenda HG10 Router Buffer Overflow (CVE-2026-6988) Exposes Remote Attackvulnerability, cve, high-severity, buffer-overflow, cwe-119, cwe-120 https://shimiscyberworld.com/posts/nvd-CVE-2026-6987/ Shimi's Cyber World en 2026-04-25T20:16:33+03:00 CVE-2026-6987: PicoClaw Web Launcher Command Injectionvulnerability, cve, high-severity, command-injection, cwe-74, cwe-77 https://shimiscyberworld.com/posts/nvd-CVE-2026-6985/ Shimi's Cyber World en 2026-04-25T20:16:33+03:00 CVE-2026-6985 — The Function Handle_opt Of The File /Src/Net_builtin.C Of Th Vulnerabilityvulnerability, cve, medium-severity, cwe-404, cwe-835 https://shimiscyberworld.com/posts/nvd-CVE-2026-6984/ Shimi's Cyber World en 2026-04-25T19:16:17+03:00 CVE-2026-6984 — AstrBotDevs AstrBot Vulnerabilityvulnerability, cve, medium-severity, cwe-791, cwe-1336 https://shimiscyberworld.com/posts/nvd-CVE-2026-6983/ Shimi's Cyber World en 2026-04-25T19:16:16+03:00 CVE-2026-6983 — Pagekit Server-Side Request Forgeryvulnerability, cve, medium-severity, server-side-request-forgery, cwe-918 https://shimiscyberworld.com/posts/telegram-1373735086-4998/ Shimi's Cyber World en 2026-04-25T18:40:29+03:00 Legal Sector Under Siege: 31 Ransomware Attacks in Seven Daysdarkweb, threat-intel, ransomware, malware, data-breach, darkfeed https://shimiscyberworld.com/posts/telegram-1373735086-4997/ Shimi's Cyber World en 2026-04-25T18:26:55+03:00 Global Payment Provider, Government Entity Hit in Major Data Leaksdarkweb, threat-intel, ransomware, vulnerability, data-breach https://shimiscyberworld.com/posts/nvd-CVE-2026-6982/ Shimi's Cyber World en 2026-04-25T18:16:17+03:00 CVE-2026-6982 — SQL Injectionvulnerability, cve, medium-severity, sql-injection, cwe-74, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-6981/ Shimi's Cyber World en 2026-04-25T18:16:17+03:00 CVE-2026-6981 — IhateCreatingUserNames2 AiraHub2 Server-Side Request Forgeryvulnerability, cve, medium-severity, server-side-request-forgery, cwe-918 https://shimiscyberworld.com/posts/telegram-1542954397-4539/ Shimi's Cyber World en 2026-04-25T17:30:15+03:00 UK's NCSC Releases SilentGlass to Block Malicious Display Traffic https://shimiscyberworld.com/posts/nvd-CVE-2026-6980/ Shimi's Cyber World en 2026-04-25T17:16:00+03:00 CVE-2026-6980: Divyanshu-hash GitPilot-MCP Command Injectionvulnerability, cve, high-severity, command-injection, cwe-74, cwe-77 https://shimiscyberworld.com/posts/nvd-CVE-2026-6979/ Shimi's Cyber World en 2026-04-25T15:15:59+03:00 CVE-2026-6979 — Devlikeapro WAHA Server-Side Request Forgeryvulnerability, cve, medium-severity, server-side-request-forgery, cwe-918 https://shimiscyberworld.com/posts/nvd-CVE-2026-6978/ Shimi's Cyber World en 2026-04-25T15:15:59+03:00 CVE-2026-6978 — JiZhiCMS SQL Injectionvulnerability, cve, medium-severity, sql-injection, cwe-74, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-6977/ Shimi's Cyber World en 2026-04-25T14:16:19+03:00 CVE-2026-6977: Vanna-AI Legacy Flask API Improper Authorizationvulnerability, cve, high-severity, cwe-266, cwe-285 https://shimiscyberworld.com/posts/researchers-uncover-pre-stuxnet-fast16-malware-targeting-e-xp1qr/ Shimi's Cyber World en 2026-04-25T12:26:00+03:00 Pre-Stuxnet 'fast16' Malware Targeted Engineering Software in 2005threat-intel, vulnerability, malware, tools https://shimiscyberworld.com/posts/nvd-CVE-2026-6951/ Shimi's Cyber World en 2026-04-25T09:16:16+03:00 simple-git RCE: Incomplete Fix Leaves Critical Vulnerability Openvulnerability, cve, critical, high-severity, remote-code-execution, cwe-94 https://shimiscyberworld.com/posts/adt-confirms-data-breach-after-shinyhunters-leak-threat-thhhr/ Shimi's Cyber World en 2026-04-25T01:53:14+03:00 ADT Confirms Data Breach After ShinyHunters Extortion Threatthreat-intel, data-breach, malware, ransomware https://shimiscyberworld.com/posts/nvd-CVE-2026-42171/ Shimi's Cyber World en 2026-04-25T01:16:01+03:00 CVE-2026-42171: NSIS Privilege Escalation Vulnerabilityvulnerability, cve, high-severity, cwe-427 https://shimiscyberworld.com/posts/the-npm-threat-landscape-attack-surface-and-mitigations-8o65q/ Shimi's Cyber World en 2026-04-25T00:40:33+03:00 npm Supply Chain Evolves: Wormable Malware, CI/CD Persistence Detectedthreat-intel, apt, malware, research https://shimiscyberworld.com/posts/nvd-CVE-2026-41481/ Shimi's Cyber World en 2026-04-25T00:16:19+03:00 CVE-2026-41481 — Server-Side Request Forgeryvulnerability, cve, medium-severity, server-side-request-forgery, cwe-918 https://shimiscyberworld.com/posts/nvd-CVE-2026-41478/ Shimi's Cyber World en 2026-04-25T00:16:19+03:00 Saltcorn SQL Injection (CVE-2026-41478) Exposes Sensitive Datavulnerability, cve, critical, high-severity, sql-injection, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-41248/ Shimi's Cyber World en 2026-04-25T00:16:18+03:00 CVE-2026-41248: Clerk Auth Bypass Exposes Critical Web Applicationsvulnerability, cve, critical, high-severity, cwe-436, cwe-863 https://shimiscyberworld.com/posts/firestarter-malware-survives-cisco-firewall-updates-securit-jd7v0/ Shimi's Cyber World en 2026-04-24T23:34:08+03:00 Cisco Firestarter Malware Persists Through Updatesthreat-intel, data-breach, malware, vulnerability https://shimiscyberworld.com/posts/tgr-sta-1030-new-activity-in-central-and-south-america-26fh7/ Shimi's Cyber World en 2026-04-24T23:30:19+03:00 TGR-STA-1030: Persistent Threat to Central and South Americathreat-intel, apt, malware, research, microsoft https://shimiscyberworld.com/posts/windows-update-gets-new-controls-to-reduce-forced-restarts-1g7ek/ Shimi's Cyber World en 2026-04-24T23:08:26+03:00 Microsoft Windows Update Gets New Controls to Reduce Forced Restartsthreat-intel, data-breach, malware, microsoft https://shimiscyberworld.com/posts/daily-digest/ Shimi's Cyber World en 2026-04-24T23:00:00+03:00 Daily Security Digest — 2026-04-24daily-digest, vulnerability, cve, high-severity, cwe-1321, cwe-113, cwe-183, cwe-441, cwe-918, critical https://shimiscyberworld.com/posts/nvd-CVE-2026-41492/ Shimi's Cyber World en 2026-04-24T22:17:14+03:00 Dgraph CVE-2026-41492: Unauthenticated Admin Token Exposure Via /debug/varsvulnerability, cve, critical, high-severity, cwe-200 https://shimiscyberworld.com/posts/nvd-CVE-2026-41421/ Shimi's Cyber World en 2026-04-24T22:17:13+03:00 CVE-2026-41421: SiYuan Desktop RCE via HTML Notification Abusevulnerability, cve, high-severity, code-execution, cwe-78, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-41419/ Shimi's Cyber World en 2026-04-24T22:17:13+03:00 4ga Boards Path Traversal Vulnerability Exposes Local Files (CVE-2026-41419)vulnerability, cve, high-severity, path-traversal, cwe-22 https://shimiscyberworld.com/posts/nvd-CVE-2026-41418/ Shimi's Cyber World en 2026-04-24T22:17:13+03:00 CVE-2026-41418 — 4ga Boards is a boards system for realtime projectvulnerability, cve, medium-severity, cwe-208 https://shimiscyberworld.com/posts/nvd-CVE-2026-41414/ Shimi's Cyber World en 2026-04-24T22:17:13+03:00 CVE-2026-41414: Skim Fuzzy Finder Vulnerability Exposes GitHub Tokensvulnerability, cve, high-severity, cwe-94 https://shimiscyberworld.com/posts/nvd-CVE-2026-41328/ Shimi's Cyber World en 2026-04-24T22:17:12+03:00 Dgraph CVE-2026-41328: Unauthenticated Data Read Access Critical Flawvulnerability, cve, critical, high-severity, cwe-943 https://shimiscyberworld.com/posts/nvd-CVE-2026-41327/ Shimi's Cyber World en 2026-04-24T22:17:12+03:00 CVE-2026-41327: Dgraph GraphQL Database Critical Unauthenticated Data Readvulnerability, cve, critical, high-severity, cwe-943 https://shimiscyberworld.com/posts/nvd-CVE-2026-33666/ Shimi's Cyber World en 2026-04-24T22:17:10+03:00 CVE-2026-33666: Zserio BitStreamReader Overflow Bypasses Bounds Checkvulnerability, cve, high-severity, cwe-190 https://shimiscyberworld.com/posts/nvd-CVE-2026-33662/ Shimi's Cyber World en 2026-04-24T22:17:09+03:00 CVE-2026-33662: OP-TEE RSA Padding Underflow Leads to Crashvulnerability, cve, high-severity, cwe-190 https://shimiscyberworld.com/posts/nvd-CVE-2026-33524/ Shimi's Cyber World en 2026-04-24T22:17:09+03:00 Zserio DoS: Crafted Payload Triggers Massive Memory Allocationvulnerability, cve, high-severity, denial-of-service, cwe-789 https://shimiscyberworld.com/posts/iran-s-cyber-threat-may-be-less-shock-and-awe-than-low-an-fpsjf/ Shimi's Cyber World en 2026-04-24T22:15:00+03:00 Iran Cyber Threat: Low-and-Slow Opportunism, Not 'Shock and Awe'threat-intel, data-breach, government https://shimiscyberworld.com/posts/adt-says-customer-data-stolen-in-cyber-intrusion-jcwup/ Shimi's Cyber World en 2026-04-24T21:45:00+03:00 ADT Customer Data Stolen in Cyber Intrusionthreat-intel, data-breach, government https://shimiscyberworld.com/posts/nvd-CVE-2026-42044/ Shimi's Cyber World en 2026-04-24T21:16:31+03:00 CVE-2026-42044 — Privilege Escalationvulnerability, cve, medium-severity, privilege-escalation, cwe-915, cwe-1321 https://shimiscyberworld.com/posts/nvd-CVE-2026-42043/ Shimi's Cyber World en 2026-04-24T21:16:31+03:00 Axios CVE-2026-42043: NO_PROXY Bypass Vulnerabilityvulnerability, cve, high-severity, cwe-183, cwe-441, cwe-918 https://shimiscyberworld.com/posts/nvd-CVE-2026-42042/ Shimi's Cyber World en 2026-04-24T21:16:31+03:00 CVE-2026-42042 — Axios is a promise based HTTP client for the browser andvulnerability, cve, medium-severity, cwe-183, cwe-201 https://shimiscyberworld.com/posts/nvd-CVE-2026-42041/ Shimi's Cyber World en 2026-04-24T21:16:31+03:00 CVE-2026-42041 — Axios is a promise based HTTP client for the browser andvulnerability, cve, medium-severity, cwe-287, cwe-1321 https://shimiscyberworld.com/posts/nvd-CVE-2026-42038/ Shimi's Cyber World en 2026-04-24T21:16:30+03:00 CVE-2026-42038 — Axios is a promise based HTTP client for the browser andvulnerability, cve, medium-severity, cwe-918 https://shimiscyberworld.com/posts/nvd-CVE-2026-42037/ Shimi's Cyber World en 2026-04-24T21:16:30+03:00 CVE-2026-42037 — Axios is a promise based HTTP client for the browser andvulnerability, cve, medium-severity, cwe-93 https://shimiscyberworld.com/posts/nvd-CVE-2026-42036/ Shimi's Cyber World en 2026-04-24T21:16:30+03:00 CVE-2026-42036 — Axios is a promise based HTTP client for the browser andvulnerability, cve, medium-severity, cwe-770 https://shimiscyberworld.com/posts/nvd-CVE-2026-42035/ Shimi's Cyber World en 2026-04-24T21:16:30+03:00 Axios CVE-2026-42035: Prototype Pollution Leads to Header Injectionvulnerability, cve, high-severity, cwe-113, cwe-1321 https://shimiscyberworld.com/posts/nvd-CVE-2026-42034/ Shimi's Cyber World en 2026-04-24T21:16:30+03:00 CVE-2026-42034 — Axios is a promise based HTTP client for the browser andvulnerability, cve, medium-severity, cwe-770 https://shimiscyberworld.com/posts/nvd-CVE-2026-42033/ Shimi's Cyber World en 2026-04-24T21:16:29+03:00 CVE-2026-42033: Axios Prototype Pollution Allows Response Tampering, HTTP Hijackingvulnerability, cve, high-severity, cwe-1321 https://shimiscyberworld.com/posts/nvd-CVE-2026-41322/ Shimi's Cyber World en 2026-04-24T21:16:28+03:00 CVE-2026-41322 — @astrojs/node allows Astro to deploy your SSR site to Nodevulnerability, cve, medium-severity, cwe-525 https://shimiscyberworld.com/posts/microsoft-to-roll-out-entra-passkeys-on-windows-in-late-apri-luumc/ Shimi's Cyber World en 2026-04-24T21:13:55+03:00 Microsoft Entra Passkeys Roll Out to Windows Devicesthreat-intel, data-breach, malware, microsoft, identity, phishing https://shimiscyberworld.com/posts/nvd-CVE-2026-6912/ Shimi's Cyber World en 2026-04-24T20:16:22+03:00 AWS Cognito Flaw Grants Deployment Admin Privilegesvulnerability, cve, high-severity, cwe-915 https://shimiscyberworld.com/posts/nvd-CVE-2026-6911/ Shimi's Cyber World en 2026-04-24T20:16:22+03:00 Critical JWT Bypass in AWS Ops Wheel Grants Admin Accessvulnerability, cve, critical, high-severity, cwe-347 https://shimiscyberworld.com/posts/nvd-CVE-2026-41411/ Shimi's Cyber World en 2026-04-24T20:16:22+03:00 CVE-2026-41411 — Command Injectionvulnerability, cve, medium-severity, command-injection, cwe-78 https://shimiscyberworld.com/posts/nvd-CVE-2026-41079/ Shimi's Cyber World en 2026-04-24T20:16:21+03:00 CVE-2026-41079 — Out-of-Bounds $1vulnerability, cve, medium-severity, out-of-bounds-1, cwe-125, cwe-200 https://shimiscyberworld.com/posts/nvd-CVE-2026-41067/ Shimi's Cyber World en 2026-04-24T20:16:21+03:00 CVE-2026-41067 — Astro is a web framework. Prior to 6.1.6, thevulnerability, cve, medium-severity, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-41066/ Shimi's Cyber World en 2026-04-24T20:16:20+03:00 lxml XML Parsing Vulnerability Exposes Local Filesvulnerability, cve, high-severity, cwe-611 https://shimiscyberworld.com/posts/nvd-CVE-2026-40897/ Shimi's Cyber World en 2026-04-24T20:16:20+03:00 Critical RCE in Math.js Expression Parser (CVE-2026-40897)vulnerability, cve, high-severity, cwe-915 https://shimiscyberworld.com/posts/pentagon-grapples-with-securing-ai-as-it-moves-toward-autono-34zqn/ Shimi's Cyber World en 2026-04-24T20:14:00+03:00 Pentagon Grapples with Securing AI in Autonomous Warfarethreat-intel, data-breach, government https://shimiscyberworld.com/posts/nvd-CVE-2026-39920/ Shimi's Cyber World en 2026-04-24T19:16:36+03:00 Critical RCE in BridgeHead FileStore via Default Axis2 Credentialsvulnerability, cve, critical, high-severity, cwe-1188, cwe-1391 https://shimiscyberworld.com/posts/nvd-CVE-2026-42095/ Shimi's Cyber World en 2026-04-24T18:16:48+03:00 CVE-2026-42095 — bookserver in KDE Arianna before 26.04.1 allows attackersvulnerability, cve, medium-severity, cwe-306 https://shimiscyberworld.com/posts/norway-s-prime-minister-proposes-ban-on-social-media-access-k0yg1/ Shimi's Cyber World en 2026-04-24T17:41:00+03:00 Norway Proposes Social Media Ban for Young Teensthreat-intel, data-breach, government, tools https://shimiscyberworld.com/posts/in-other-news-unauthorized-mythos-access-plankey-cisa-nomi-90z3p/ Shimi's Cyber World en 2026-04-24T17:31:51+03:00 Mythos Unauthorized Access, CISA Nom Withdrawal, New Display Securitythreat-intel, vulnerability, data-breach https://shimiscyberworld.com/posts/nasa-employees-duped-in-chinese-phishing-scheme-targeting-u-j2hj6/ Shimi's Cyber World en 2026-04-24T17:13:00+03:00 China Targets NASA with Phishing for Defense Softwarethreat-intel, vulnerability, cloud, microsoft, phishing https://shimiscyberworld.com/posts/toronto-police-arrest-three-in-canada-s-first-mobile-sms-bla-3lai4/ Shimi's Cyber World en 2026-04-24T16:45:00+03:00 Canada's First SMS Blaster Arrests: A Shift in Phishing Tacticsthreat-intel, data-breach, government, phishing https://shimiscyberworld.com/posts/nvd-CVE-2026-5367/ Shimi's Cyber World en 2026-04-24T16:16:21+03:00 OVN Out-of-Bounds Read Exposes Heap Memory via DHCPv6vulnerability, cve, high-severity, out-of-bounds-1, cwe-130 https://shimiscyberworld.com/posts/nvd-CVE-2026-5265/ Shimi's Cyber World en 2026-04-24T16:16:21+03:00 CVE-2026-5265 — When generating an ICMP Destination Unreachable or Packetvulnerability, cve, medium-severity, cwe-130 https://shimiscyberworld.com/posts/nvd-CVE-2026-21515/ Shimi's Cyber World en 2026-04-24T16:16:03+03:00 Critical Azure IoT Central Flaw Exposes Sensitive Data, Allows Privilege Escalationvulnerability, cve, critical, high-severity, cwe-200 https://shimiscyberworld.com/posts/north-korea-s-lazarus-targets-macos-users-via-clickfix-jr0ng/ Shimi's Cyber World en 2026-04-24T16:00:00+03:00 Lazarus Targets macOS via ClickFix: North Korea's New Attack Vectorthreat-intel, tools https://shimiscyberworld.com/posts/telegram-1707304340-2291/ Shimi's Cyber World en 2026-04-24T15:57:25+03:00 Ransomware Costs Spike: VPNs and SonicWall Exploitedisrael, malware, ransomware, cloud https://shimiscyberworld.com/posts/cisa-kev-CVE-2024-7399/ Shimi's Cyber World en 2026-04-24T15:00:00+03:00 CVE-2024-7399 — Samsung MagicINFO 9 Server: Samsung MagicINFO 9 Server Path Traversal Vulnerabilityvulnerability, cve, cisa-kev, actively-exploited https://shimiscyberworld.com/posts/cisa-kev-CVE-2024-57728/ Shimi's Cyber World en 2026-04-24T15:00:00+03:00 CVE-2024-57728 — SimpleHelp SimpleHelp: SimpleHelp Path Traversal Vulnerabilityvulnerability, cve, cisa-kev, actively-exploited https://shimiscyberworld.com/posts/cisa-kev-CVE-2024-57726/ Shimi's Cyber World en 2026-04-24T15:00:00+03:00 CVE-2024-57726 — SimpleHelp SimpleHelp: SimpleHelp Missing Authorization Vulnerabilityvulnerability, cve, cisa-kev, actively-exploited https://shimiscyberworld.com/posts/bridging-the-ai-agent-authority-gap-continuous-observabilit-tw3co/ Shimi's Cyber World en 2026-04-24T14:49:00+03:00 AI Agents: The Delegated Risk Gap Defenders Must Closethreat-intel, vulnerability, ai-security https://shimiscyberworld.com/posts/26-fakewallet-apps-found-on-apple-app-store-targeting-crypto-vskn6/ Shimi's Cyber World en 2026-04-24T14:48:00+03:00 Fake Crypto Wallets Flood App Store, Targeting User Seed Phrasesthreat-intel, vulnerability, malware https://shimiscyberworld.com/posts/vulnerabilities-patched-in-crowdstrike-tenable-products-qo8nt/ Shimi's Cyber World en 2026-04-24T12:49:27+03:00 Critical Flaws Hit CrowdStrike, Tenable Products; Patches Releasedthreat-intel, vulnerability https://shimiscyberworld.com/posts/tropic-trooper-uses-trojanized-sumatrapdf-and-github-to-depl-xft8b/ Shimi's Cyber World en 2026-04-24T12:29:00+03:00 Tropic Trooper Exploits SumatraPDF and VS Code Tunnels for Espionagethreat-intel, vulnerability, malware, microsoft, tools https://shimiscyberworld.com/posts/nvd-CVE-2026-21728/ Shimi's Cyber World en 2026-04-24T12:16:03+03:00 Tempo Vulnerability: High-Severity Flaw Risks Service Availabilityvulnerability, cve, high-severity https://shimiscyberworld.com/posts/nvd-CVE-2026-4078/ Shimi's Cyber World en 2026-04-24T11:16:30+03:00 CVE-2026-4078 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-3569/ Shimi's Cyber World en 2026-04-24T11:16:30+03:00 CVE-2026-3569 — The Liaison Site Prober plugin for WordPress is vulnerablevulnerability, cve, medium-severity, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2026-3565/ Shimi's Cyber World en 2026-04-24T11:16:30+03:00 CVE-2026-3565 — The Taqnix plugin for WordPress is vulnerable to Cross-Sitevulnerability, cve, medium-severity, cwe-352 https://shimiscyberworld.com/posts/nvd-CVE-2025-11762/ Shimi's Cyber World en 2026-04-24T11:16:29+03:00 CVE-2025-11762 — The HubSpot All-In-One Marketing - Forms, Popups, Live Chatvulnerability, cve, medium-severity, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2026-1952/ Shimi's Cyber World en 2026-04-24T10:16:09+03:00 Delta Electronics AS320T Plagued by Critical DoS Vulnerabilityvulnerability, cve, critical, high-severity, denial-of-service, cwe-912 https://shimiscyberworld.com/posts/nvd-CVE-2026-1951/ Shimi's Cyber World en 2026-04-24T10:16:09+03:00 Critical Buffer Overflow in Delta Electronics AS320T PLCvulnerability, cve, critical, high-severity, cwe-121 https://shimiscyberworld.com/posts/nvd-CVE-2026-1950/ Shimi's Cyber World en 2026-04-24T10:16:08+03:00 Critical Buffer Overflow Hits Delta Electronics AS320Tvulnerability, cve, critical, high-severity, cwe-121 https://shimiscyberworld.com/posts/nvd-CVE-2026-6810/ Shimi's Cyber World en 2026-04-24T09:16:08+03:00 CVE-2026-6810 — The Booking Calendar Contact Form plugin for WordPress isvulnerability, cve, medium-severity, cwe-639 https://shimiscyberworld.com/posts/nvd-CVE-2026-5428/ Shimi's Cyber World en 2026-04-24T09:16:08+03:00 CVE-2026-5428 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-5364/ Shimi's Cyber World en 2026-04-24T09:16:08+03:00 WordPress Plugin Flaw Exposes Sites to RCEvulnerability, cve, high-severity, remote-code-execution, cwe-434 https://shimiscyberworld.com/posts/nvd-CVE-2026-5347/ Shimi's Cyber World en 2026-04-24T09:16:04+03:00 CVE-2026-5347 — The HM Books Gallery plugin for WordPress is vulnerable tovulnerability, cve, medium-severity, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2026-1949/ Shimi's Cyber World en 2026-04-24T09:16:03+03:00 Critical RCE in Delta Electronics AS320T Industrial Controllersvulnerability, cve, critical, high-severity, cwe-131 https://shimiscyberworld.com/posts/telegram-1542954397-4536/ Shimi's Cyber World en 2026-04-24T08:03:39+03:00 AI-Generated 'Books' Exploit Amazon's Kindle Unlimited, Generate Millions https://shimiscyberworld.com/posts/nvd-CVE-2026-6947/ Shimi's Cyber World en 2026-04-24T07:16:23+03:00 D-Link DWM-222W Wi-Fi Adapter Vulnerable to Brute-Force Bypassvulnerability, cve, high-severity, cwe-307 https://shimiscyberworld.com/posts/nvd-CVE-2026-6393/ Shimi's Cyber World en 2026-04-24T07:16:22+03:00 CVE-2026-6393 — The BetterDocs plugin for WordPress is vulnerable tovulnerability, cve, medium-severity, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2026-5488/ Shimi's Cyber World en 2026-04-24T07:16:22+03:00 CVE-2026-5488 — The ExactMetrics – Google Analytics Dashboard for WordPressvulnerability, cve, medium-severity, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2026-41485/ Shimi's Cyber World en 2026-04-24T07:16:21+03:00 Kyverno Policy Engine Flaw: Cluster Crash and Admission Controller Bypassvulnerability, cve, high-severity, cwe-617 https://shimiscyberworld.com/posts/nvd-CVE-2026-41324/ Shimi's Cyber World en 2026-04-24T07:16:20+03:00 Node.js FTP Clients Exposed to DoS via Malicious Listingsvulnerability, cve, high-severity, denial-of-service, cwe-400, cwe-770 https://shimiscyberworld.com/posts/nvd-CVE-2026-41323/ Shimi's Cyber World en 2026-04-24T07:16:20+03:00 Kyverno API Call Vulnerability Exposes Kubernetes Clustersvulnerability, cve, high-severity, cwe-200, cwe-918 https://shimiscyberworld.com/posts/nvd-CVE-2026-41319/ Shimi's Cyber World en 2026-04-24T07:16:20+03:00 CVE-2026-41319 — Versions Prior To Vulnerabilityvulnerability, cve, medium-severity, cwe-74 https://shimiscyberworld.com/posts/nvd-CVE-2026-41318/ Shimi's Cyber World en 2026-04-24T07:16:20+03:00 CVE-2026-41318 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79, cwe-116, cwe-1336 https://shimiscyberworld.com/posts/nvd-CVE-2026-41068/ Shimi's Cyber World en 2026-04-24T07:16:19+03:00 Kyverno Privilege Escalation: RBAC Bypass in Multi-Tenant Clustersvulnerability, cve, high-severity, privilege-escalation, cwe-863 https://shimiscyberworld.com/posts/nvd-CVE-2026-2028/ Shimi's Cyber World en 2026-04-24T07:16:09+03:00 CVE-2026-2028 — Arbitrary File Accessvulnerability, cve, medium-severity, arbitrary-file-access, cwe-639 https://shimiscyberworld.com/posts/nvd-CVE-2026-41316/ Shimi's Cyber World en 2026-04-24T06:16:11+03:00 Ruby ERB Deserialization Flaw Allows Code Executionvulnerability, cve, high-severity, code-execution, cwe-693 https://shimiscyberworld.com/posts/nvd-CVE-2026-41309/ Shimi's Cyber World en 2026-04-24T06:16:11+03:00 OSSN Resource Exhaustion: DoS Risk from Malicious Image Uploadsvulnerability, cve, high-severity, denial-of-service, cwe-400, cwe-770 https://shimiscyberworld.com/posts/nvd-CVE-2026-41305/ Shimi's Cyber World en 2026-04-24T06:16:11+03:00 CVE-2026-41305 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-40254/ Shimi's Cyber World en 2026-04-24T06:16:11+03:00 CVE-2026-40254 — Path Traversalvulnerability, cve, medium-severity, path-traversal, cwe-193 https://shimiscyberworld.com/posts/nvd-CVE-2026-33318/ Shimi's Cyber World en 2026-04-24T06:16:11+03:00 Actual Finance Tool: Local Admin Escalation via OIDC Migration Flawvulnerability, cve, high-severity, privilege-escalation, cwe-284, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2026-33317/ Shimi's Cyber World en 2026-04-24T06:16:11+03:00 OP-TEE Vulnerability Exposes TrustZone to OOB Reads, Crashesvulnerability, cve, high-severity, out-of-bounds-1, cwe-125, cwe-787 https://shimiscyberworld.com/posts/nvd-CVE-2026-32952/ Shimi's Cyber World en 2026-04-24T06:16:07+03:00 CVE-2026-32952 — go-ntlmssp is a Go package that provides NTLM/Negotiatevulnerability, cve, medium-severity, cwe-190