https://shimiscyberworld.com/posts/nvd-CVE-2026-7857/ Shimi's Cyber World en 2026-05-05T23:16:41+03:00 D-Link DI-8100 Router Vulnerable to Remote Buffer Overflow (CVE-2026-7857)vulnerability, cve, high-severity, buffer-overflow, cwe-119, cwe-120 https://shimiscyberworld.com/posts/nvd-CVE-2026-7856/ Shimi's Cyber World en 2026-05-05T23:16:41+03:00 D-Link DI-8100 Buffer Overflow (CVE-2026-7856) Exposes Web Managementvulnerability, cve, high-severity, buffer-overflow, cwe-119, cwe-120 https://shimiscyberworld.com/posts/nvd-CVE-2026-44331/ Shimi's Cyber World en 2026-05-05T23:16:39+03:00 ProFTPD SQL Injection (CVE-2026-44331) Exposes Servers to Remote Attacksvulnerability, cve, high-severity, sql-injection, cwe-89 https://shimiscyberworld.com/posts/daily-digest/ Shimi's Cyber World en 2026-05-05T23:00:00+03:00 Daily Security Digest — 2026-05-05daily-digest, vulnerability, cve, high-severity, cwe-22, cwe-770, cwe-306, cwe-284, privilege-escalation, cwe-367 https://shimiscyberworld.com/posts/telegram-1427288221-8881/ Shimi's Cyber World en 2026-05-05T22:45:14+03:00 MedusaLocker Leaks Magnolia Data After Ransom Refusalisrael https://shimiscyberworld.com/posts/nvd-CVE-2026-7855/ Shimi's Cyber World en 2026-05-05T22:16:23+03:00 D-Link DI-8100 Buffer Overflow - CVE-2026-7855 Public Exploit Availablevulnerability, cve, high-severity, buffer-overflow, cwe-119, cwe-120 https://shimiscyberworld.com/posts/nvd-CVE-2026-7854/ Shimi's Cyber World en 2026-05-05T22:16:23+03:00 D-Link DI-8100 Critical Buffer Overflow (CVE-2026-7854)vulnerability, cve, critical, high-severity, buffer-overflow, cwe-119, cwe-120 https://shimiscyberworld.com/posts/nvd-CVE-2026-42997/ Shimi's Cyber World en 2026-05-05T22:16:22+03:00 OpenStack Ironic Vulnerability CVE-2026-42997 Exposes Keystone Tokensvulnerability, cve, high-severity, cwe-669 https://shimiscyberworld.com/posts/nvd-CVE-2026-27960/ Shimi's Cyber World en 2026-05-05T22:16:21+03:00 OpenCTI Critical Auth Bypass: Unauthenticated API Access Threatens CTI Platformsvulnerability, cve, critical, high-severity, privilege-escalation, cwe-287 https://shimiscyberworld.com/posts/nvd-CVE-2026-7853/ Shimi's Cyber World en 2026-05-05T21:16:04+03:00 D-Link DI-8100 Critical Buffer Overflow (CVE-2026-7853) Publicly Exploitablevulnerability, cve, critical, high-severity, buffer-overflow, cwe-119, cwe-120 https://shimiscyberworld.com/posts/nvd-CVE-2026-7851/ Shimi's Cyber World en 2026-05-05T21:16:03+03:00 D-Link DI-8100 Router Vulnerability: Remote Stack Buffer Overflowvulnerability, cve, high-severity, buffer-overflow, cwe-119, cwe-121 https://shimiscyberworld.com/posts/ftc-bans-data-broker-kochava-from-selling-sensitive-location-wpt74/ Shimi's Cyber World en 2026-05-05T21:02:00+03:00 FTC Bans Kochava from Selling Sensitive Location Datathreat-intel, data-breach, government https://shimiscyberworld.com/posts/telegram-1542954397-4567/ Shimi's Cyber World en 2026-05-05T21:01:26+03:00 Grok Bypassed for $200k Crypto Theft via Morse Code in Username https://shimiscyberworld.com/posts/conti-akira-ransomware-affiliate-given-8-year-sentence-x44pk/ Shimi's Cyber World en 2026-05-05T20:33:00+03:00 Conti, Akira Ransomware Affiliate Sentenced to 8 Yearsthreat-intel, data-breach, government, malware, ransomware https://shimiscyberworld.com/posts/nvd-CVE-2026-43002/ Shimi's Cyber World en 2026-05-05T20:17:04+03:00 CVE-2026-43002 — OpenStack Horizon 25.6 And Vulnerabilityvulnerability, cve, medium-severity, cwe-696 https://shimiscyberworld.com/posts/critical-apache-http-2-flaw-cve-2026-23918-enables-dos-and-wh5bp/ Shimi's Cyber World en 2026-05-05T19:19:00+03:00 Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS, Potential RCEthreat-intel, vulnerability, tools https://shimiscyberworld.com/posts/nvd-CVE-2026-7844/ Shimi's Cyber World en 2026-05-05T19:16:19+03:00 CVE-2026-7844 — Chatchat-Space Langchain-Chatchat Vulnerabilityvulnerability, cve, medium-severity, cwe-287, cwe-306 https://shimiscyberworld.com/posts/nvd-CVE-2026-7412/ Shimi's Cyber World en 2026-05-05T19:16:18+03:00 Eclipse BaSyx Server SDK Vulnerability Bypasses Network Segmentationvulnerability, cve, high-severity, cwe-918 https://shimiscyberworld.com/posts/nvd-CVE-2026-7411/ Shimi's Cyber World en 2026-05-05T19:16:18+03:00 Eclipse BaSyx RCE: Critical Path Traversal in Server SDKvulnerability, cve, critical, high-severity, remote-code-execution, cwe-22 https://shimiscyberworld.com/posts/nvd-CVE-2026-6907/ Shimi's Cyber World en 2026-05-05T19:16:18+03:00 CVE-2026-6907 — An issue was discovered in 6.0 before 6.0.5 and 5.2 beforevulnerability, cve, medium-severity, cwe-524 https://shimiscyberworld.com/posts/nvd-CVE-2026-5766/ Shimi's Cyber World en 2026-05-05T19:16:17+03:00 CVE-2026-5766 — An issue was discovered in 6.0 before 6.0.5 and 5.2 beforevulnerability, cve, medium-severity, cwe-130 https://shimiscyberworld.com/posts/nvd-CVE-2026-34956/ Shimi's Cyber World en 2026-05-05T19:16:11+03:00 CVE-2026-34956 — Open VSwitch Denial of Servicevulnerability, cve, medium-severity, denial-of-service, cwe-120 https://shimiscyberworld.com/posts/nvd-CVE-2026-34002/ Shimi's Cyber World en 2026-05-05T19:16:11+03:00 CVE-2026-34002 — The X.Org X Server Denial of Servicevulnerability, cve, medium-severity, denial-of-service, cwe-805 https://shimiscyberworld.com/posts/nvd-CVE-2026-34000/ Shimi's Cyber World en 2026-05-05T19:16:11+03:00 CVE-2026-34000 — The X.Org X Server Denial of Servicevulnerability, cve, medium-severity, denial-of-service, cwe-125 https://shimiscyberworld.com/posts/daemon-tools-supply-chain-attack-compromises-official-instal-5vbfg/ Shimi's Cyber World en 2026-05-05T19:07:00+03:00 DAEMON Tools Supply Chain Attack Compromises Official Installersthreat-intel, vulnerability, malware, tools https://shimiscyberworld.com/posts/telegram-1373735086-5016/ Shimi's Cyber World en 2026-05-05T18:36:09+03:00 Icarus: New Threat Actor Emergesdarkweb, threat-intel, ransomware https://shimiscyberworld.com/posts/microsoft-warns-of-sophisticated-phishing-campaign-targeting-2e78d/ Shimi's Cyber World en 2026-05-05T17:45:04+03:00 Microsoft Warns of Sophisticated AitM Phishing Campaign Targeting US Organizationsthreat-intel, vulnerability, microsoft, phishing https://shimiscyberworld.com/posts/china-linked-uat-8302-targets-governments-using-shared-apt-m-xanvu/ Shimi's Cyber World en 2026-05-05T17:19:00+03:00 China-Linked UAT-8302 APT Targets Governments in South America and Europethreat-intel, vulnerability, malware, the-hacker-news https://shimiscyberworld.com/posts/nvd-CVE-2026-7834/ Shimi's Cyber World en 2026-05-05T17:16:09+03:00 CVE-2026-7834: Critical Stack-Based Buffer Overflow in EFM ipTIME NAS1dualvulnerability, cve, critical, high-severity, buffer-overflow, cwe-119, cwe-121 https://shimiscyberworld.com/posts/nvd-CVE-2026-7778/ Shimi's Cyber World en 2026-05-05T17:16:09+03:00 CVE-2026-7778 — An issue that could allow a dashboard configuration to bevulnerability, cve, medium-severity, cwe-269 https://shimiscyberworld.com/posts/nvd-CVE-2026-4304/ Shimi's Cyber World en 2026-05-05T17:16:09+03:00 WeePie Cookie Allow Plugin SQLi Risks Unauthenticated Database Accessvulnerability, cve, high-severity, sql-injection, cwe-89 https://shimiscyberworld.com/posts/the-eol-blind-spot-in-your-cve-feed-what-sca-tools-don-t-ch-onz4o/ Shimi's Cyber World en 2026-05-05T17:00:10+03:00 EOL Software Creates CVE Blind Spots in SCA Toolsthreat-intel, data-breach, malware, vulnerability, tools https://shimiscyberworld.com/posts/nvd-CVE-2026-7833/ Shimi's Cyber World en 2026-05-05T16:16:31+03:00 EFM ipTIME C200 Vulnerability: Remote Command Injection Exposedvulnerability, cve, high-severity, command-injection, cwe-74, cwe-77 https://shimiscyberworld.com/posts/nvd-CVE-2026-7832/ Shimi's Cyber World en 2026-05-05T16:16:31+03:00 IObit Advanced SystemCare 19: High-Severity Symlink Following Vulnerability (CVE-2026-7832)vulnerability, cve, high-severity, cwe-59, cwe-61 https://shimiscyberworld.com/posts/nvd-CVE-2026-30246/ Shimi's Cyber World en 2026-05-05T16:16:28+03:00 CVE-2026-30246 — Fiber is a web framework for Go. Invulnerability, cve, medium-severity, cwe-436 https://shimiscyberworld.com/posts/nvd-CVE-2026-28510/ Shimi's Cyber World en 2026-05-05T16:16:28+03:00 CVE-2026-28510 — eLabFTW is an open source electronic lab notebook. Invulnerability, cve, medium-severity, cwe-302 https://shimiscyberworld.com/posts/nvd-CVE-2026-27694/ Shimi's Cyber World en 2026-05-05T16:16:28+03:00 CVE-2026-27694 — Traccar is an open source GPS tracking system. Invulnerability, cve, medium-severity, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-27693/ Shimi's Cyber World en 2026-05-05T16:16:28+03:00 CVE-2026-27693 — Traccar is an open source GPS tracking system. Invulnerability, cve, medium-severity, cwe-91 https://shimiscyberworld.com/posts/nvd-CVE-2026-27644/ Shimi's Cyber World en 2026-05-05T16:16:27+03:00 CVE-2026-27644 — Traccar is an open source GPS tracking system. In versionsvulnerability, cve, medium-severity, cwe-1236 https://shimiscyberworld.com/posts/telegram-1427288221-8879/ Shimi's Cyber World en 2026-05-05T16:15:01+03:00 Google Chrome Bugs Found by AI Earn $57,000 Bug Bountyisrael https://shimiscyberworld.com/posts/telegram-1427288221-8878/ Shimi's Cyber World en 2026-05-05T16:08:56+03:00 Taiwan High Speed Rail Emergency Stop Caused by SDR Attackisrael https://shimiscyberworld.com/posts/vimeo-data-breach-exposes-personal-information-of-119-000-pe-1dxfn/ Shimi's Cyber World en 2026-05-05T16:03:46+03:00 Vimeo Data Breach Exposes Personal Information of 119,000threat-intel, data-breach, malware https://shimiscyberworld.com/posts/australia-launches-cyber-review-board-modeled-on-version-dis-lvyr7/ Shimi's Cyber World en 2026-05-05T15:45:00+03:00 Australia Establishes Cyber Incident Review Boardthreat-intel, data-breach, government, identity https://shimiscyberworld.com/posts/nvd-CVE-2026-6261/ Shimi's Cyber World en 2026-05-05T15:16:21+03:00 Betheme WordPress Arbitrary File Upload RCE (CVE-2026-6261)vulnerability, cve, high-severity, remote-code-execution, cwe-434 https://shimiscyberworld.com/posts/nvd-CVE-2026-43571/ Shimi's Cyber World en 2026-05-05T15:16:20+03:00 CVE-2026-43571: OpenClaw Plugin Trust Bypass Opens Attack Vectorsvulnerability, cve, high-severity, cwe-829 https://shimiscyberworld.com/posts/nvd-CVE-2026-43569/ Shimi's Cyber World en 2026-05-05T15:16:20+03:00 OpenClaw Authentication Bypass (CVE-2026-43569) Poses High Riskvulnerability, cve, high-severity, authentication-bypass, cwe-829 https://shimiscyberworld.com/posts/nvd-CVE-2026-43566/ Shimi's Cyber World en 2026-05-05T15:16:20+03:00 CVE-2026-43566: OpenClaw Privilege Escalation via Untrusted Webhook Eventsvulnerability, cve, critical, high-severity, privilege-escalation, cwe-184 https://shimiscyberworld.com/posts/nvd-CVE-2026-43534/ Shimi's Cyber World en 2026-05-05T15:16:19+03:00 OpenClaw Input Validation Flaw (CVE-2026-43534) Rated Criticalvulnerability, cve, critical, high-severity, cwe-345 https://shimiscyberworld.com/posts/nvd-CVE-2026-43533/ Shimi's Cyber World en 2026-05-05T15:16:19+03:00 CVE-2026-43533: OpenClaw QQBot Arbitrary File Read Vulnerability Uncoveredvulnerability, cve, high-severity, arbitrary-file-access, cwe-23 https://shimiscyberworld.com/posts/nvd-CVE-2026-43530/ Shimi's Cyber World en 2026-05-05T15:16:19+03:00 OpenClaw Vulnerability CVE-2026-43530 Undermines Exec Approvalvulnerability, cve, high-severity, cwe-863 https://shimiscyberworld.com/posts/nvd-CVE-2026-43526/ Shimi's Cyber World en 2026-05-05T15:16:18+03:00 CVE-2026-43526: OpenClaw QQBot SSRF Flaw Exposes Content Fetchingvulnerability, cve, high-severity, server-side-request-forgery, cwe-918 https://shimiscyberworld.com/posts/nvd-CVE-2026-42439/ Shimi's Cyber World en 2026-05-05T15:16:18+03:00 OpenClaw Server-Side Request Forgery Policy Bypass (CVE-2026-42439)vulnerability, cve, high-severity, server-side-request-forgery, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2026-42435/ Shimi's Cyber World en 2026-05-05T15:16:17+03:00 OpenClaw CVE-2026-42435: Shell Wrapper Vulnerability Allows Environment Variable Injectionvulnerability, cve, high-severity, cwe-184 https://shimiscyberworld.com/posts/nvd-CVE-2026-42434/ Shimi's Cyber World en 2026-05-05T15:16:17+03:00 OpenClaw Sandbox Escape (CVE-2026-42434) Allows Remote Executionvulnerability, cve, high-severity, cwe-863 https://shimiscyberworld.com/posts/nvd-CVE-2023-54348/ Shimi's Cyber World en 2026-05-05T15:16:17+03:00 ERPGo SaaS 3.9 CSV Injection Allows RCE via Vendor Fieldsvulnerability, cve, high-severity, cwe-1236 https://shimiscyberworld.com/posts/nvd-CVE-2023-54345/ Shimi's Cyber World en 2026-05-05T15:16:16+03:00 Frappe Framework ERPNext Sandbox Escape Allows RCE via CVE-2023-54345vulnerability, cve, high-severity, cwe-94 https://shimiscyberworld.com/posts/nvd-CVE-2023-54344/ Shimi's Cyber World en 2026-05-05T15:16:16+03:00 Eclipse Equinox OSGi RCE: Critical Vulnerability Exposes Consoles to Unauthenticated Attackersvulnerability, cve, critical, high-severity, remote-code-execution, cwe-306 https://shimiscyberworld.com/posts/nvd-CVE-2023-54342/ Shimi's Cyber World en 2026-05-05T15:16:15+03:00 Eclipse Equinox OSGi RCE: Critical Vulnerability Allows Unauthenticated Code Executionvulnerability, cve, critical, high-severity, remote-code-execution, cwe-306 https://shimiscyberworld.com/posts/critical-remote-code-execution-vulnerability-patched-in-andr-lhq61/ Shimi's Cyber World en 2026-05-05T14:58:44+03:00 Android Critical RCE Vulnerability Patched in System Componentthreat-intel, vulnerability https://shimiscyberworld.com/posts/the-back-door-attackers-know-about-and-most-security-teams-7alcq/ Shimi's Cyber World en 2026-05-05T14:58:00+03:00 OAuth Tokens: The Persistent Backdoor Most Teams Missthreat-intel, vulnerability, microsoft, identity, tools https://shimiscyberworld.com/posts/metinfo-cms-cve-2026-29014-exploited-for-remote-code-executi-tppez/ Shimi's Cyber World en 2026-05-05T14:56:00+03:00 MetInfo CMS CVE-2026-29014 Exploited for RCE Attacksthreat-intel, vulnerability https://shimiscyberworld.com/posts/nvd-CVE-2026-6322/ Shimi's Cyber World en 2026-05-05T14:16:33+03:00 CVE-2026-6322: fast-uri Vulnerability Enables URI Authority Hijackingvulnerability, cve, high-severity, cwe-436 https://shimiscyberworld.com/posts/nvd-CVE-2025-42611/ Shimi's Cyber World en 2026-05-05T14:16:31+03:00 CVE-2025-42611 — RouterOS provides various services that rely on correctvulnerability, cve, medium-severity, cwe-295 https://shimiscyberworld.com/posts/telegram-1542954397-4566/ Shimi's Cyber World en 2026-05-05T13:57:31+03:00 Trellix Source Code Access Confirmed by Security Vendorvulnerability, threat-intel https://shimiscyberworld.com/posts/we-scanned-1-million-exposed-ai-services-here-s-how-bad-the-duy09/ Shimi's Cyber World en 2026-05-05T13:30:00+03:00 Exposed AI Services: 1 Million LLM Deployments Found Insecurethreat-intel, vulnerability, data-breach, ai-security, the-hacker-news https://shimiscyberworld.com/posts/nvd-CVE-2026-3601/ Shimi's Cyber World en 2026-05-05T12:16:03+03:00 CVE-2026-3601 — The User Registration & Membership plugin for WordPress isvulnerability, cve, medium-severity, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2026-3359/ Shimi's Cyber World en 2026-05-05T12:16:03+03:00 CVE-2026-3359: WordPress Form Maker Plugin SQLi Exposes Datavulnerability, cve, high-severity, sql-injection, cwe-89 https://shimiscyberworld.com/posts/scarcruft-hacks-gaming-platform-to-deploy-birdcall-malware-o-4xv13/ Shimi's Cyber World en 2026-05-05T12:07:00+03:00 ScarCruft Hacks Gaming Platform, Deploys BirdCall Malware on Android & Windowsthreat-intel, vulnerability, malware, microsoft, the-hacker-news https://shimiscyberworld.com/posts/whatsapp-discloses-file-spoofing-arbitrary-url-scheme-vulne-4g2vo/ Shimi's Cyber World en 2026-05-05T12:01:14+03:00 WhatsApp Patches File Spoofing and URL Scheme Vulnerabilitiesthreat-intel, vulnerability, tools https://shimiscyberworld.com/posts/nvd-CVE-2026-5192/ Shimi's Cyber World en 2026-05-05T10:16:00+03:00 CVE-2026-5192: Forminator WordPress Plugin Path Traversal Exposes Server Filesvulnerability, cve, high-severity, path-traversal, cwe-22 https://shimiscyberworld.com/posts/nvd-CVE-2026-40797/ Shimi's Cyber World en 2026-05-05T10:16:00+03:00 WebinarIgnition: Critical Blind SQL Injection CVE-2026-40797vulnerability, cve, critical, high-severity, sql-injection, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-3454/ Shimi's Cyber World en 2026-05-05T10:16:00+03:00 CVE-2026-3454 — The GenerateBlocks plugin for WordPress is vulnerable tovulnerability, cve, medium-severity, cwe-639 https://shimiscyberworld.com/posts/nvd-CVE-2026-2729/ Shimi's Cyber World en 2026-05-05T10:15:59+03:00 CVE-2026-2729 — The Forminator plugin for WordPress is vulnerable tovulnerability, cve, medium-severity, cwe-639 https://shimiscyberworld.com/posts/microsoft-details-phishing-campaign-targeting-35-000-users-a-seyqd/ Shimi's Cyber World en 2026-05-05T09:35:00+03:00 Microsoft Details Phishing Campaign Targeting 35,000 Users in 26 Countriesthreat-intel, vulnerability, microsoft, identity, phishing https://shimiscyberworld.com/posts/nvd-CVE-2026-7823/ Shimi's Cyber World en 2026-05-05T08:16:01+03:00 CVE-2026-7823: Critical Command Injection in Totolink A8000RU Routersvulnerability, cve, critical, high-severity, command-injection, cwe-77, cwe-78 https://shimiscyberworld.com/posts/nvd-CVE-2026-7822/ Shimi's Cyber World en 2026-05-05T08:16:00+03:00 CVE-2026-7822 — Itsourcecode Courier Management System SQL Injectionvulnerability, cve, medium-severity, sql-injection, cwe-74, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-7812/ Shimi's Cyber World en 2026-05-05T08:16:00+03:00 CVE-2026-7812: Remote Command Injection in 54yyyu code-mcp MCP Toolvulnerability, cve, high-severity, command-injection, cwe-74, cwe-77 https://shimiscyberworld.com/posts/nvd-CVE-2026-7811/ Shimi's Cyber World en 2026-05-05T08:16:00+03:00 CVE-2026-7811: High-Severity Path Traversal in 54yyyu code-mcpvulnerability, cve, high-severity, path-traversal, cwe-22 https://shimiscyberworld.com/posts/nvd-CVE-2026-4362/ Shimi's Cyber World en 2026-05-05T08:16:00+03:00 CVE-2026-4362 — The ElementsKit Elementor Addons plugin for WordPress isvulnerability, cve, medium-severity, cwe-862 https://shimiscyberworld.com/posts/telegram-1542954397-4564/ Shimi's Cyber World en 2026-05-05T07:30:32+03:00 Oracle Lays Off 30,000 for AI Infrastructure Shiftcloud https://shimiscyberworld.com/posts/nvd-CVE-2026-7810/ Shimi's Cyber World en 2026-05-05T07:16:19+03:00 CVE-2026-7810: Python Notebook Path Traversal Exposes Serversvulnerability, cve, high-severity, path-traversal, cwe-22 https://shimiscyberworld.com/posts/nvd-CVE-2026-5957/ Shimi's Cyber World en 2026-05-05T07:16:19+03:00 CVE-2026-5957 — Path Traversalvulnerability, cve, medium-severity, path-traversal, cwe-22 https://shimiscyberworld.com/posts/nvd-CVE-2026-5294/ Shimi's Cyber World en 2026-05-05T07:16:19+03:00 CVE-2026-5294: Critical RCE in Geeky Bot WordPress Pluginvulnerability, cve, critical, high-severity, remote-code-execution, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2026-5159/ Shimi's Cyber World en 2026-05-05T07:16:18+03:00 CVE-2026-5159 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-4803/ Shimi's Cyber World en 2026-05-05T07:16:18+03:00 Royal Elementor Addons XSS Vulnerability (CVE-2026-4803) Exposes WordPress Sitesvulnerability, cve, high-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-4665/ Shimi's Cyber World en 2026-05-05T07:16:17+03:00 CVE-2026-4665 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-35228/ Shimi's Cyber World en 2026-05-05T07:16:16+03:00 Oracle MCP Server Helper Tool Vulnerability Allows Malicious SQL Executionvulnerability, cve, high-severity https://shimiscyberworld.com/posts/nvd-CVE-2026-3456/ Shimi's Cyber World en 2026-05-05T07:16:16+03:00 CVE-2026-3456: WordPress GeekyBot Plugin SQL Injectionvulnerability, cve, high-severity, sql-injection, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-2948/ Shimi's Cyber World en 2026-05-05T07:16:09+03:00 CVE-2026-2948 — Server-Side Request Forgeryvulnerability, cve, medium-severity, server-side-request-forgery, cwe-918 https://shimiscyberworld.com/posts/nvd-CVE-2026-6704/ Shimi's Cyber World en 2026-05-05T06:16:01+03:00 CVE-2026-6704 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-6702/ Shimi's Cyber World en 2026-05-05T06:16:00+03:00 CVE-2026-6702 — The Publish 2 Ping.fm plugin for WordPress is vulnerable tovulnerability, cve, medium-severity, cwe-352 https://shimiscyberworld.com/posts/nvd-CVE-2026-6701/ Shimi's Cyber World en 2026-05-05T06:16:00+03:00 CVE-2026-6701 — The addfreespace plugin for WordPress is vulnerable tovulnerability, cve, medium-severity, cwe-352 https://shimiscyberworld.com/posts/nvd-CVE-2026-6700/ Shimi's Cyber World en 2026-05-05T06:16:00+03:00 CVE-2026-6700 — The DX Sources plugin for WordPress is vulnerable tovulnerability, cve, medium-severity, cwe-352 https://shimiscyberworld.com/posts/nvd-CVE-2026-6696/ Shimi's Cyber World en 2026-05-05T06:16:00+03:00 CVE-2026-6696 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-6255/ Shimi's Cyber World en 2026-05-05T06:16:00+03:00 CVE-2026-6255 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-5505/ Shimi's Cyber World en 2026-05-05T06:16:00+03:00 CVE-2026-5505 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-5247/ Shimi's Cyber World en 2026-05-05T06:15:59+03:00 CVE-2026-5247 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-5100/ Shimi's Cyber World en 2026-05-05T06:15:59+03:00 AWP Classifieds Plugin SQLi Exposes WordPress Sitesvulnerability, cve, high-severity, sql-injection, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-4730/ Shimi's Cyber World en 2026-05-05T06:15:59+03:00 CVE-2026-4730 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-4409/ Shimi's Cyber World en 2026-05-05T06:15:59+03:00 CVE-2026-4409 — The Subscribe To Comments Reloaded plugin for WordPress isvulnerability, cve, medium-severity, cwe-200 https://shimiscyberworld.com/posts/nvd-CVE-2026-2868/ Shimi's Cyber World en 2026-05-05T06:15:59+03:00 CVE-2026-2868 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-1921/ Shimi's Cyber World en 2026-05-05T06:15:59+03:00 CVE-2026-1921 — Path Traversalvulnerability, cve, medium-severity, path-traversal, cwe-22 https://shimiscyberworld.com/posts/nvd-CVE-2025-13618/ Shimi's Cyber World en 2026-05-05T06:15:58+03:00 CVE-2025-13618: WordPress Mentoring Plugin Allows Admin Account Registrationvulnerability, cve, critical, high-severity, privilege-escalation, cwe-269 https://shimiscyberworld.com/posts/nvd-CVE-2026-5722/ Shimi's Cyber World en 2026-05-05T05:16:05+03:00 MoreConvert Pro WordPress Plugin Critical Authentication Bypass (CVE-2026-5722)vulnerability, cve, critical, high-severity, authentication-bypass, cwe-287 https://shimiscyberworld.com/posts/vimeo-119-167-breached-accounts-dqovf/ Shimi's Cyber World en 2026-05-05T05:08:50+03:00 Vimeo Breach: ShinyHunters Leaks User Data via Third-Party Vendor Anodotdata-breach, identity, threat-intel https://shimiscyberworld.com/posts/nvd-CVE-2026-44029/ Shimi's Cyber World en 2026-05-05T04:16:07+03:00 CVE-2026-44029 — Path Traversalvulnerability, cve, medium-severity, path-traversal, cwe-36 https://shimiscyberworld.com/posts/nvd-CVE-2026-44028/ Shimi's Cyber World en 2026-05-05T04:16:06+03:00 CVE-2026-44028: Nix/Lix Unbounded Recursion Leads to RCE as Rootvulnerability, cve, high-severity, code-execution, cwe-674 https://shimiscyberworld.com/posts/nvd-CVE-2026-7788/ Shimi's Cyber World en 2026-05-05T03:16:18+03:00 Axle-Bucamp MCP-Docusaurus Path Traversal (CVE-2026-7788) Public Exploitvulnerability, cve, high-severity, path-traversal, cwe-22 https://shimiscyberworld.com/posts/nvd-CVE-2026-7785/ Shimi's Cyber World en 2026-05-05T03:16:17+03:00 CVE-2026-7785: Wireshark-MCP OS Command Injection Hits High Severityvulnerability, cve, high-severity, command-injection, cwe-77, cwe-78 https://shimiscyberworld.com/posts/nvd-CVE-2026-7784/ Shimi's Cyber World en 2026-05-05T03:16:17+03:00 CVE-2026-7784: NagaAgent Path Traversal Exposes Serversvulnerability, cve, high-severity, path-traversal, cwe-22 https://shimiscyberworld.com/posts/nvd-CVE-2026-7783/ Shimi's Cyber World en 2026-05-05T03:16:17+03:00 CVE-2026-7783 — CodeCanyon Perfex CRM SQL Injectionvulnerability, cve, medium-severity, sql-injection, cwe-74, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-7782/ Shimi's Cyber World en 2026-05-05T02:16:01+03:00 CVE-2026-7782 — CodeCanyon Perfex CRM Vulnerabilityvulnerability, cve, medium-severity, cwe-285, cwe-639 https://shimiscyberworld.com/posts/nvd-CVE-2026-7781/ Shimi's Cyber World en 2026-05-05T02:16:01+03:00 CVE-2026-7781 — Open5GS Denial of Servicevulnerability, cve, medium-severity, denial-of-service, cwe-404 https://shimiscyberworld.com/posts/nvd-CVE-2026-7791/ Shimi's Cyber World en 2026-05-05T01:16:20+03:00 Amazon WorkSpaces Escalation: Local User to SYSTEM via Log Rotationvulnerability, cve, high-severity, privilege-escalation, cwe-367 https://shimiscyberworld.com/posts/nvd-CVE-2026-7780/ Shimi's Cyber World en 2026-05-05T01:16:20+03:00 CVE-2026-7780 — Denial of Servicevulnerability, cve, medium-severity, denial-of-service, cwe-404 https://shimiscyberworld.com/posts/nvd-CVE-2026-7776/ Shimi's Cyber World en 2026-05-05T01:16:20+03:00 CVE-2026-7776: Boundary Workers Vulnerable to DoS During TLS Handshakesvulnerability, cve, high-severity, cwe-770 https://shimiscyberworld.com/posts/weaver-e-cology-critical-bug-exploited-in-attacks-since-marc-iah2c/ Shimi's Cyber World en 2026-05-05T01:12:57+03:00 Weaver E-cology Critical Bug Exploited in Attacks Since Marchthreat-intel, data-breach, malware, vulnerability, microsoft https://shimiscyberworld.com/posts/nvd-CVE-2026-7779/ Shimi's Cyber World en 2026-05-05T00:16:33+03:00 CVE-2026-7779 — Open5GS Denial of Servicevulnerability, cve, medium-severity, denial-of-service, cwe-404 https://shimiscyberworld.com/posts/nvd-CVE-2026-42223/ Shimi's Cyber World en 2026-05-05T00:16:32+03:00 CVE-2026-42223 — Nginx UI is a web user interface for the Nginx web server.vulnerability, cve, medium-severity, cwe-200 https://shimiscyberworld.com/posts/nvd-CVE-2026-42222/ Shimi's Cyber World en 2026-05-05T00:16:32+03:00 Nginx UI Vulnerability: Unauthenticated Bootstrap Takeover (CVE-2026-42222)vulnerability, cve, high-severity, cwe-284, cwe-306 https://shimiscyberworld.com/posts/nvd-CVE-2026-42221/ Shimi's Cyber World en 2026-05-05T00:16:32+03:00 CVE-2026-42221: Nginx UI Admin Takeover Vulnerabilityvulnerability, cve, high-severity, cwe-306 https://shimiscyberworld.com/posts/nvd-CVE-2026-42220/ Shimi's Cyber World en 2026-05-05T00:16:31+03:00 CVE-2026-42220 — Nginx UI is a web user interface for the Nginx web server.vulnerability, cve, medium-severity, cwe-200, cwe-863 https://shimiscyberworld.com/posts/telegram-1427288221-8875/ Shimi's Cyber World en 2026-05-04T23:43:52+03:00 Handala Group Claims Fujairah Port Cyberattack Amid Missile Strikesisrael https://shimiscyberworld.com/posts/nvd-CVE-2026-7768/ Shimi's Cyber World en 2026-05-04T23:16:21+03:00 CVE-2026-7768: Fastify Accepts-Serializer DoS Vulnerabilityvulnerability, cve, high-severity, cwe-770 https://shimiscyberworld.com/posts/nvd-CVE-2026-6321/ Shimi's Cyber World en 2026-05-04T23:16:20+03:00 CVE-2026-6321: fast-uri Path Normalization Bypassvulnerability, cve, high-severity, cwe-22 https://shimiscyberworld.com/posts/daily-digest/ Shimi's Cyber World en 2026-05-04T23:00:00+03:00 Daily Security Digest — 2026-05-04daily-digest, vulnerability, cve, high-severity, command-injection, cwe-94, critical, out-of-bounds-1, cwe-125, privilege-escalation https://shimiscyberworld.com/posts/nvd-CVE-2026-42154/ Shimi's Cyber World en 2026-05-04T22:16:04+03:00 Prometheus CVE-2026-42154: Unauthenticated Memory Exhaustion Vulnerabilityvulnerability, cve, high-severity, cwe-400, cwe-789 https://shimiscyberworld.com/posts/nvd-CVE-2026-42151/ Shimi's Cyber World en 2026-05-04T22:16:04+03:00 Prometheus Azure AD OAuth Secret Exposed via Plaintext Configvulnerability, cve, high-severity, cwe-200, cwe-312 https://shimiscyberworld.com/posts/nvd-CVE-2026-25863/ Shimi's Cyber World en 2026-05-04T22:16:02+03:00 CVE-2026-25863: WordPress Plugin DoS Vulnerability Hits Contact Form 7vulnerability, cve, high-severity, cwe-1284 https://shimiscyberworld.com/posts/exploit-cyber-frenzy-threatens-millions-via-critical-cpanel-9twsz/ Shimi's Cyber World en 2026-05-04T22:14:14+03:00 cPanel Authentication Bypass Vulnerability Exploited in the Wildthreat-intel, tools, vulnerability, identity https://shimiscyberworld.com/posts/cisco-moves-to-acquire-astrix-security-to-tackle-non-human-i-lo620/ Shimi's Cyber World en 2026-05-04T22:00:26+03:00 Cisco Acquires Astrix Security to Secure Non-Human Identitiesthreat-intel, vulnerability, identity, ai-security https://shimiscyberworld.com/posts/nvd-CVE-2026-43616/ Shimi's Cyber World en 2026-05-04T21:16:32+03:00 Detect-It-Easy Path Traversal Allows Arbitrary File Writes, Code Executionvulnerability, cve, high-severity, code-execution, cwe-23 https://shimiscyberworld.com/posts/nvd-CVE-2026-42796/ Shimi's Cyber World en 2026-05-04T21:16:32+03:00 Arelle RCE: Unauthenticated Remote Code Execution in REST Endpointvulnerability, cve, critical, high-severity, remote-code-execution, cwe-306 https://shimiscyberworld.com/posts/nvd-CVE-2026-42146/ Shimi's Cyber World en 2026-05-04T21:16:31+03:00 CVE-2026-42146 — CImg Library is a C++ library for image processing. Priorvulnerability, cve, medium-severity, cwe-789 https://shimiscyberworld.com/posts/nvd-CVE-2026-42144/ Shimi's Cyber World en 2026-05-04T21:16:31+03:00 CVE-2026-42144 — Buffer Overflowvulnerability, cve, medium-severity, buffer-overflow, cwe-190 https://shimiscyberworld.com/posts/nvd-CVE-2026-42092/ Shimi's Cyber World en 2026-05-04T21:16:31+03:00 CVE-2026-42092 — titra is an open source time tracking project. In versionvulnerability, cve, medium-severity, cwe-200 https://shimiscyberworld.com/posts/nvd-CVE-2026-42091/ Shimi's Cyber World en 2026-05-04T21:16:31+03:00 CVE-2026-42091 — Arbitrary File Accessvulnerability, cve, medium-severity, arbitrary-file-access, cwe-352 https://shimiscyberworld.com/posts/nvd-CVE-2026-42088/ Shimi's Cyber World en 2026-05-04T21:16:31+03:00 OpenC3 COSMOS Critical Script Runner Bypass (CVE-2026-42088)vulnerability, cve, critical, high-severity, cwe-250 https://shimiscyberworld.com/posts/nvd-CVE-2026-42087/ Shimi's Cyber World en 2026-05-04T21:16:30+03:00 OpenC3 COSMOS TSDB SQL Injection Flaw Exposes Critical Systemsvulnerability, cve, critical, high-severity, sql-injection, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-42086/ Shimi's Cyber World en 2026-05-04T21:16:30+03:00 CVE-2026-42086 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-42084/ Shimi's Cyber World en 2026-05-04T21:16:30+03:00 CVE-2026-42084: OpenC3 COSMOS Allows Password Change Without Old Passwordvulnerability, cve, high-severity, cwe-620 https://shimiscyberworld.com/posts/nvd-CVE-2026-41572/ Shimi's Cyber World en 2026-05-04T21:16:29+03:00 CVE-2026-41572 — Note Mark is an open-source note-taking application. Priorvulnerability, cve, medium-severity, cwe-285 https://shimiscyberworld.com/posts/nvd-CVE-2026-41571/ Shimi's Cyber World en 2026-05-04T21:16:29+03:00 CVE-2026-41571: Note Mark Critical Auth Bypassvulnerability, cve, critical, high-severity, cwe-287 https://shimiscyberworld.com/posts/nvd-CVE-2026-41471/ Shimi's Cyber World en 2026-05-04T21:16:29+03:00 CVE-2026-41471: PayPal Events WordPress Plugin Exposes All Customer Ordersvulnerability, cve, high-severity, information-disclosure, cwe-639 https://shimiscyberworld.com/posts/nvd-CVE-2026-32834/ Shimi's Cyber World en 2026-05-04T21:16:27+03:00 CVE-2026-32834: WordPress Easy PayPal Plugin Authentication Bypassvulnerability, cve, high-severity, authentication-bypass, cwe-798 https://shimiscyberworld.com/posts/nvd-CVE-2026-29004/ Shimi's Cyber World en 2026-05-04T21:16:26+03:00 BusyBox udhcpc6 Heap Overflow (CVE-2026-29004) Exposes Embedded Systemsvulnerability, cve, high-severity, code-execution, cwe-122 https://shimiscyberworld.com/posts/phishing-campaign-hits-80-orgs-using-simplehelp-and-screenc-gxd4y/ Shimi's Cyber World en 2026-05-04T21:06:00+03:00 Phishing Campaign Leverages SimpleHelp, ScreenConnect RMM to Hit 80+ Orgsthreat-intel, vulnerability, phishing, tools, the-hacker-news https://shimiscyberworld.com/posts/educational-company-infrastructure-reports-cyber-incident-6eypo/ Shimi's Cyber World en 2026-05-04T20:19:00+03:00 Infrastructure Education Company Reports Cyber Incident, User Data Exposedthreat-intel, data-breach, government, microsoft https://shimiscyberworld.com/posts/nvd-CVE-2026-42812/ Shimi's Cyber World en 2026-05-04T20:16:26+03:00 Apache Iceberg CVE-2026-42812 Bypasses Metadata Location Validationvulnerability, cve, critical, high-severity, cwe-20, cwe-284, cwe-732, cwe-863 https://shimiscyberworld.com/posts/nvd-CVE-2026-42811/ Shimi's Cyber World en 2026-05-04T20:16:26+03:00 CVE-2026-42811: Apache Polaris Credential Bypass Exposes Cloud Storagevulnerability, cve, critical, high-severity, cwe-20, cwe-917 https://shimiscyberworld.com/posts/nvd-CVE-2026-42810/ Shimi's Cyber World en 2026-05-04T20:16:26+03:00 CVE-2026-42810: Apache Polaris S3 Wildcard Vulnerability Creates Critical Data Riskvulnerability, cve, critical, high-severity, cwe-20, cwe-116 https://shimiscyberworld.com/posts/nvd-CVE-2026-42809/ Shimi's Cyber World en 2026-05-04T20:16:26+03:00 CVE-2026-42809: Apache Polaris Critical Credential Vulnerabilityvulnerability, cve, critical, high-severity, cwe-20, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2026-42376/ Shimi's Cyber World en 2026-05-04T20:16:26+03:00 CVE-2026-42376: D-Link DIR-456U EOL Router Exposes Critical Backdoorvulnerability, cve, critical, high-severity, cwe-798 https://shimiscyberworld.com/posts/nvd-CVE-2026-42375/ Shimi's Cyber World en 2026-05-04T20:16:25+03:00 D-Link DIR-600L EOL Router Exposes Critical Telnet Backdoorvulnerability, cve, critical, high-severity, cwe-798 https://shimiscyberworld.com/posts/nvd-CVE-2026-42374/ Shimi's Cyber World en 2026-05-04T20:16:25+03:00 D-Link DIR-600L EOL Router Has Hardcoded Telnet Backdoorvulnerability, cve, critical, high-severity, cwe-798 https://shimiscyberworld.com/posts/nvd-CVE-2026-42373/ Shimi's Cyber World en 2026-05-04T20:16:25+03:00 D-Link DIR-605L EOL Router Hit by Critical Telnet Backdoorvulnerability, cve, critical, high-severity, cwe-798 https://shimiscyberworld.com/posts/nvd-CVE-2026-42076/ Shimi's Cyber World en 2026-05-04T20:16:24+03:00 CVE-2026-42076: Evolver Engine RCE Puts AI Agents at Riskvulnerability, cve, critical, high-severity, remote-code-execution, cwe-78 https://shimiscyberworld.com/posts/nvd-CVE-2026-26956/ Shimi's Cyber World en 2026-05-04T20:16:22+03:00 vm2 Sandbox Escape Vulnerability (CVE-2026-26956) Allows Critical Code Executionvulnerability, cve, critical, high-severity, code-execution, cwe-693 https://shimiscyberworld.com/posts/nvd-CVE-2026-26332/ Shimi's Cyber World en 2026-05-04T20:16:22+03:00 vm2 Sandbox Escape (CVE-2026-26332) Exposes Node.js Apps to RCEvulnerability, cve, critical, high-severity, cwe-94, cwe-693 https://shimiscyberworld.com/posts/nvd-CVE-2026-25293/ Shimi's Cyber World en 2026-05-04T20:16:22+03:00 CVE-2026-25293: Critical PLC Buffer Overflow Puts Industrial Control Systems at Riskvulnerability, cve, critical, high-severity, buffer-overflow, cwe-863 https://shimiscyberworld.com/posts/nvd-CVE-2026-24781/ Shimi's Cyber World en 2026-05-04T20:16:21+03:00 VM2 Sandbox Escape Vulnerability (CVE-2026-24781) Exposes Node.js Applicationsvulnerability, cve, critical, high-severity, cwe-94, cwe-693 https://shimiscyberworld.com/posts/nvd-CVE-2026-24120/ Shimi's Cyber World en 2026-05-04T20:16:21+03:00 CVE-2026-24120: vm2 Sandbox Escape Allows Host Command Executionvulnerability, cve, critical, high-severity, cwe-94, cwe-693 https://shimiscyberworld.com/posts/nvd-CVE-2026-24118/ Shimi's Cyber World en 2026-05-04T20:16:21+03:00 VM2 Sandbox Breakout Vulnerability: Critical Flaw Exposes Node.js Applicationsvulnerability, cve, critical, high-severity, cwe-94, cwe-693 https://shimiscyberworld.com/posts/forbes-preliminarily-agrees-to-pay-10-million-to-settle-cal-hnn8u/ Shimi's Cyber World en 2026-05-04T19:49:00+03:00 Forbes Agrees to $10 Million Settlement in Wiretapping Lawsuitthreat-intel, data-breach, government, cloud, tools https://shimiscyberworld.com/posts/ransomware-group-claims-breach-of-pro-orb-n-hungarian-media-b2s6y/ Shimi's Cyber World en 2026-05-04T18:23:00+03:00 Ransomware Group Claims Breach of Hungarian Media Firm Mediaworksthreat-intel, data-breach, government, malware, ransomware https://shimiscyberworld.com/posts/telegram-1427288221-8874/ Shimi's Cyber World en 2026-05-04T18:18:34+03:00 Cisco Acquires Israeli Startup Astrix for $400M to Combat Non-Human Identitiesisrael https://shimiscyberworld.com/posts/weekly-recap-ai-powered-phishing-android-spying-tool-li-y3gu1/ Shimi's Cyber World en 2026-05-04T17:23:00+03:00 AI Phishing, Android Spyware, Linux Exploit, GitHub RCE Headline Weekly Threatsthreat-intel, vulnerability, data-breach, phishing, tools https://shimiscyberworld.com/posts/nvd-CVE-2026-6266/ Shimi's Cyber World en 2026-05-04T17:16:35+03:00 CVE-2026-6266: AAP Gateway Email Auto-Link Flaw Allows Account Hijackvulnerability, cve, high-severity, cwe-305 https://shimiscyberworld.com/posts/nvd-CVE-2026-34032/ Shimi's Cyber World en 2026-05-04T17:16:33+03:00 CVE-2026-34032 — Apache HTTP Server: Out-of-Bounds $1vulnerability, cve, medium-severity, out-of-bounds-1, cwe-125, cwe-170 https://shimiscyberworld.com/posts/nvd-CVE-2026-33857/ Shimi's Cyber World en 2026-05-04T17:16:33+03:00 CVE-2026-33857 — Apache HTTP Server: Out-of-Bounds $1vulnerability, cve, medium-severity, out-of-bounds-1, cwe-125 https://shimiscyberworld.com/posts/nvd-CVE-2026-31205/ Shimi's Cyber World en 2026-05-04T17:16:32+03:00 CVE-2026-31205 — Pluck CMS Before V.4.7.21dev Vulnerabilityvulnerability, cve, medium-severity https://shimiscyberworld.com/posts/nvd-CVE-2025-58074/ Shimi's Cyber World en 2026-05-04T17:16:28+03:00 Norton Secure VPN Privilege Escalation via Microsoft Store (CVE-2025-58074)vulnerability, cve, high-severity, privilege-escalation, cwe-1386 https://shimiscyberworld.com/posts/nvd-CVE-2026-7482/ Shimi's Cyber World en 2026-05-04T16:16:01+03:00 CVE-2026-7482: Critical Ollama Heap Out-of-Bounds Read Exposes Sensitive AI Datavulnerability, cve, critical, high-severity, out-of-bounds-1, cwe-125 https://shimiscyberworld.com/posts/progress-warns-of-critical-moveit-automation-auth-bypass-fla-unrgi/ Shimi's Cyber World en 2026-05-04T15:18:57+03:00 MOVEit Automation Critical Auth Bypass Flaw Requires Immediate Patchthreat-intel, data-breach, malware, vulnerability, identity https://shimiscyberworld.com/posts/nvd-CVE-2026-3120/ Shimi's Cyber World en 2026-05-04T15:16:29+03:00 SambaBox CVE-2026-3120: High-Severity OS Command Injectionvulnerability, cve, high-severity, command-injection, cwe-94 https://shimiscyberworld.com/posts/2026-the-year-of-ai-assisted-attacks-izhod/ Shimi's Cyber World en 2026-05-04T14:58:00+03:00 Kaikatsu Club Breach: 17-Year-Old Exposes 7 Million Users for Pokémon Cardsthreat-intel, vulnerability https://shimiscyberworld.com/posts/silver-fox-deploys-abcdoor-malware-via-tax-themed-phishing-i-vmto2/ Shimi's Cyber World en 2026-05-04T14:57:00+03:00 Silver Fox Deploys ABCDoor Malware via Tax Phishing in India and Russiathreat-intel, vulnerability, malware, phishing https://shimiscyberworld.com/posts/cisa-says-copy-fail-flaw-now-exploited-to-root-linux-syste-6jlid/ Shimi's Cyber World en 2026-05-04T14:28:15+03:00 CISA Warns: 'Copy Fail' Linux Root Vulnerability Actively Exploitedthreat-intel, data-breach, malware, vulnerability https://shimiscyberworld.com/posts/nvd-CVE-2026-7750/ Shimi's Cyber World en 2026-05-04T13:16:01+03:00 Totolink N300RH RCE: CVE-2026-7750 Buffer Overflow Affects Remote Managementvulnerability, cve, high-severity, buffer-overflow, cwe-119, cwe-120 https://shimiscyberworld.com/posts/nvd-CVE-2026-7749/ Shimi's Cyber World en 2026-05-04T13:16:01+03:00 Totolink N300RH Router Hit by High-Severity Buffer Overflow Vulnerability (CVE-2026-7749)vulnerability, cve, high-severity, buffer-overflow, cwe-119, cwe-120 https://shimiscyberworld.com/posts/nvd-CVE-2026-7748/ Shimi's Cyber World en 2026-05-04T13:16:00+03:00 Totolink N300RH Buffer Overflow (CVE-2026-7748) Remotely Exploitablevulnerability, cve, high-severity, buffer-overflow, cwe-119, cwe-120 https://shimiscyberworld.com/posts/nvd-CVE-2026-33846/ Shimi's Cyber World en 2026-05-04T13:15:59+03:00 GnuTLS DTLS Heap Overflow (CVE-2026-33846) Poses Remote Threatvulnerability, cve, high-severity, buffer-overflow, cwe-130 https://shimiscyberworld.com/posts/critical-cpanel-vulnerability-weaponized-to-target-governmen-71rj3/ Shimi's Cyber World en 2026-05-04T12:27:00+03:00 cPanel Vulnerability Weaponized Against Gov, Military, and MSPsthreat-intel, vulnerability https://shimiscyberworld.com/posts/telegram-1427288221-8870/ Shimi's Cyber World en 2026-05-04T12:20:16+03:00 cPanel Exploited: Over 40,000 Systems Compromised Globallyisrael https://shimiscyberworld.com/posts/nvd-CVE-2026-7747/ Shimi's Cyber World en 2026-05-04T12:16:01+03:00 Totolink N300RH Critical Buffer Overflow: Public Exploit Availablevulnerability, cve, critical, high-severity, buffer-overflow, cwe-119, cwe-120 https://shimiscyberworld.com/posts/nvd-CVE-2026-7746/ Shimi's Cyber World en 2026-05-04T12:16:00+03:00 CVE-2026-7746 — SourceCodester Web-Based Pharmacy Product Management System SQL Injectionvulnerability, cve, medium-severity, sql-injection, cwe-74, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-7745/ Shimi's Cyber World en 2026-05-04T12:16:00+03:00 CVE-2026-7745 — SQL Injectionvulnerability, cve, medium-severity, sql-injection, cwe-74, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2025-14320/ Shimi's Cyber World en 2026-05-04T12:15:59+03:00 CVE-2025-14320: Critical XSS in Tegsoft Online Support Applicationvulnerability, cve, critical, high-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/telegram-1427288221-8868/ Shimi's Cyber World en 2026-05-04T11:38:19+03:00 Cyber News - Erez Dasa Debunks Stormous Claims and Crocs Israel Breachisrael https://shimiscyberworld.com/posts/telegram-1427288221-8867/ Shimi's Cyber World en 2026-05-04T11:33:57+03:00 Barshai Company Email Compromise Spreads Malicious Emailsisrael https://shimiscyberworld.com/posts/nvd-CVE-2026-7744/ Shimi's Cyber World en 2026-05-04T11:16:03+03:00 CVE-2026-7744 — CodeAstro Online Classroom SQL Injectionvulnerability, cve, medium-severity, sql-injection, cwe-74, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-7743/ Shimi's Cyber World en 2026-05-04T11:16:02+03:00 CVE-2026-7743 — CodeAstro Online Classroom SQL Injectionvulnerability, cve, medium-severity, sql-injection, cwe-74, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-7742/ Shimi's Cyber World en 2026-05-04T11:16:02+03:00 CVE-2026-7742 — CodeAstro Online Classroom SQL Injectionvulnerability, cve, medium-severity, sql-injection, cwe-74, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-7741/ Shimi's Cyber World en 2026-05-04T11:16:02+03:00 CVE-2026-7741 — CodeAstro Online Classroom SQL Injectionvulnerability, cve, medium-severity, sql-injection, cwe-74, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-7738/ Shimi's Cyber World en 2026-05-04T10:16:01+03:00 CVE-2026-7738 — Puchunjie Doc-Tools-Mcp Path Traversalvulnerability, cve, medium-severity, path-traversal, cwe-22 https://shimiscyberworld.com/posts/nvd-CVE-2026-7737/ Shimi's Cyber World en 2026-05-04T10:16:01+03:00 CVE-2026-7737 — Osrg GoBGP Out-of-Bounds $1vulnerability, cve, medium-severity, out-of-bounds-1, cwe-119, cwe-125 https://shimiscyberworld.com/posts/nvd-CVE-2026-7736/ Shimi's Cyber World en 2026-05-04T10:16:01+03:00 CVE-2026-7736: GoBGP Integer Underflow Threatens BGP Routingvulnerability, cve, high-severity, cwe-189, cwe-191 https://shimiscyberworld.com/posts/edtech-firm-instructure-discloses-data-breach-amid-hacker-le-hu96u/ Shimi's Cyber World en 2026-05-04T10:02:51+03:00 Instructure Data Breach: Student Data Stolen, Services Disruptedthreat-intel, vulnerability, data-breach https://shimiscyberworld.com/posts/a-week-in-security-april-27-8211-may-3-rww0r/ Shimi's Cyber World en 2026-05-04T10:01:00+03:00 cPanel Bug Exposes Millions of Websites to Takeovermalware, threat-intel, ransomware, vulnerability, microsoft https://shimiscyberworld.com/posts/nvd-CVE-2026-7735/ Shimi's Cyber World en 2026-05-04T09:16:02+03:00 osrg GoBGP Buffer Overflow (CVE-2026-7735) Poses Remote Threatvulnerability, cve, high-severity, buffer-overflow, cwe-119, cwe-120 https://shimiscyberworld.com/posts/nvd-CVE-2026-7734/ Shimi's Cyber World en 2026-05-04T09:16:02+03:00 CVE-2026-7734 — Osrg GoBGP Denial of Servicevulnerability, cve, medium-severity, denial-of-service, cwe-404 https://shimiscyberworld.com/posts/nvd-CVE-2026-7733/ Shimi's Cyber World en 2026-05-04T09:16:02+03:00 CVE-2026-7733: funadmin Unrestricted File Upload Exposes Systemsvulnerability, cve, high-severity, unrestricted-file-upload, cwe-284, cwe-434 https://shimiscyberworld.com/posts/nvd-CVE-2026-7732/ Shimi's Cyber World en 2026-05-04T09:16:01+03:00 CVE-2026-7732 — Code-Projects BloodBank Managing System Unrestricted File Uploadvulnerability, cve, medium-severity, unrestricted-file-upload, cwe-284, cwe-434 https://shimiscyberworld.com/posts/nvd-CVE-2026-7731/ Shimi's Cyber World en 2026-05-04T09:16:01+03:00 CVE-2026-7731 — Code-Projects BloodBank Managing System SQL Injectionvulnerability, cve, medium-severity, sql-injection, cwe-74, cwe-89 https://shimiscyberworld.com/posts/global-crackdown-arrests-276-shuts-9-crypto-scam-centers-s-ks2j6/ Shimi's Cyber World en 2026-05-04T08:59:00+03:00 Global Law Enforcement Cracks Down on Crypto Scam Centers, Arrests 276threat-intel, vulnerability https://shimiscyberworld.com/posts/nvd-CVE-2026-7730/ Shimi's Cyber World en 2026-05-04T08:16:01+03:00 CVE-2026-7730 — Command Injectionvulnerability, cve, medium-severity, command-injection, cwe-77, cwe-78 https://shimiscyberworld.com/posts/nvd-CVE-2026-7729/ Shimi's Cyber World en 2026-05-04T08:16:01+03:00 CVE-2026-7729 — Pixelsock Directus-Mcp Server-Side Request Forgeryvulnerability, cve, medium-severity, server-side-request-forgery, cwe-918 https://shimiscyberworld.com/posts/nvd-CVE-2026-7728/ Shimi's Cyber World en 2026-05-04T08:16:00+03:00 CVE-2026-7728 — Ryanjoachim Mcp-Rtfm Path Traversalvulnerability, cve, medium-severity, path-traversal, cwe-22 https://shimiscyberworld.com/posts/nvd-CVE-2026-7727/ Shimi's Cyber World en 2026-05-04T08:16:00+03:00 CVE-2026-7727: Shandong Hoteam Software PDM SQL Injectionvulnerability, cve, high-severity, sql-injection, cwe-74, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-7725/ Shimi's Cyber World en 2026-05-04T08:16:00+03:00 CVE-2026-7725 — PrefectHQ Prefect Vulnerabilityvulnerability, cve, medium-severity, cwe-74, cwe-88 https://shimiscyberworld.com/posts/reborn-gaming-126-breached-accounts-qxmv4/ Shimi's Cyber World en 2026-05-04T06:43:06+03:00 Reborn Gaming Breach: cPanel/WHM Vulnerability Exposes User Datadata-breach, vulnerability https://shimiscyberworld.com/posts/nvd-CVE-2026-7724/ Shimi's Cyber World en 2026-05-04T06:16:13+03:00 CVE-2026-7724 — PrefectHQ Prefect Vulnerabilityvulnerability, cve, medium-severity, cwe-362, cwe-367 https://shimiscyberworld.com/posts/nvd-CVE-2026-7723/ Shimi's Cyber World en 2026-05-04T06:16:13+03:00 CVE-2026-7723: PrefectHQ Prefect WebSocket Lacks Authenticationvulnerability, cve, high-severity, cwe-287, cwe-306 https://shimiscyberworld.com/posts/nvd-CVE-2026-7722/ Shimi's Cyber World en 2026-05-04T06:16:12+03:00 CVE-2026-7722 — PrefectHQ Prefect Vulnerabilityvulnerability, cve, medium-severity, cwe-287 https://shimiscyberworld.com/posts/nvd-CVE-2026-7721/ Shimi's Cyber World en 2026-05-04T06:16:12+03:00 CVE-2026-7721 — Totolink WA300 5.2cu.7112_B20190227 Command Injectionvulnerability, cve, medium-severity, command-injection, cwe-74, cwe-77 https://shimiscyberworld.com/posts/nvd-CVE-2026-7720/ Shimi's Cyber World en 2026-05-04T05:15:58+03:00 CVE-2026-7720 — Command Injectionvulnerability, cve, medium-severity, command-injection, cwe-74, cwe-77 https://shimiscyberworld.com/posts/nvd-CVE-2026-7719/ Shimi's Cyber World en 2026-05-04T05:15:58+03:00 Totolink WA300 Critical Buffer Overflow (CVE-2026-7719) Exploitedvulnerability, cve, critical, high-severity, buffer-overflow, cwe-119, cwe-120 https://shimiscyberworld.com/posts/nvd-CVE-2026-7718/ Shimi's Cyber World en 2026-05-04T05:15:58+03:00 CVE-2026-7718 — Totolink WA300 5.2cu.7112_B20190227 Command Injectionvulnerability, cve, medium-severity, command-injection, cwe-74, cwe-77 https://shimiscyberworld.com/posts/nvd-CVE-2026-7713/ Shimi's Cyber World en 2026-05-04T03:16:40+03:00 CVE-2026-7713 — Crocodilestick Calibre-Web-Automated Vulnerabilityvulnerability, cve, medium-severity, cwe-266, cwe-285 https://shimiscyberworld.com/posts/nvd-CVE-2026-7712/ Shimi's Cyber World en 2026-05-04T03:16:39+03:00 CVE-2026-7712 — MindsDB Insecure Deserializationvulnerability, cve, medium-severity, insecure-deserialization, cwe-20, cwe-502 https://shimiscyberworld.com/posts/nvd-CVE-2026-7711/ Shimi's Cyber World en 2026-05-04T03:16:39+03:00 MindsDB Unrestricted File Upload (CVE-2026-7711) Poses Remote Threatvulnerability, cve, high-severity, unrestricted-file-upload, cwe-284, cwe-434 https://shimiscyberworld.com/posts/nvd-CVE-2026-7710/ Shimi's Cyber World en 2026-05-04T03:16:39+03:00 CVE-2026-7710: YunaiV yudao-cloud Improper Authentication Flawvulnerability, cve, high-severity, cwe-287 https://shimiscyberworld.com/posts/nvd-CVE-2026-6948/ Shimi's Cyber World en 2026-05-04T03:16:39+03:00 CVE-2026-6948 — Velociraptor versions prior to 0.76.4 contain a resourcevulnerability, cve, medium-severity, cwe-770 https://shimiscyberworld.com/posts/nvd-CVE-2026-7709/ Shimi's Cyber World en 2026-05-04T02:16:42+03:00 CVE-2026-7709 — Janeczku Calibre-Web Vulnerabilityvulnerability, cve, medium-severity, cwe-266, cwe-285 https://shimiscyberworld.com/posts/nvd-CVE-2026-7708/ Shimi's Cyber World en 2026-05-04T02:16:42+03:00 CVE-2026-7708 — Denial of Servicevulnerability, cve, medium-severity, denial-of-service, cwe-404 https://shimiscyberworld.com/posts/nvd-CVE-2026-7707/ Shimi's Cyber World en 2026-05-04T02:16:42+03:00 CVE-2026-7707 — Open5GS Denial of Servicevulnerability, cve, medium-severity, denial-of-service, cwe-404 https://shimiscyberworld.com/posts/nvd-CVE-2026-7706/ Shimi's Cyber World en 2026-05-04T02:16:41+03:00 CVE-2026-7706 — Open5GS Denial of Servicevulnerability, cve, medium-severity, denial-of-service, cwe-404 https://shimiscyberworld.com/posts/nvd-CVE-2026-7705/ Shimi's Cyber World en 2026-05-04T02:16:41+03:00 CVE-2026-7705 — JD Cloud JDCOS 4.5.1.R4518 Command Injectionvulnerability, cve, medium-severity, command-injection, cwe-74, cwe-77 https://shimiscyberworld.com/posts/marcus-millichap-1-837-078-breached-accounts-cqfcx/ Shimi's Cyber World en 2026-05-04T01:53:12+03:00 Marcus & Millichap Breach: ShinyHunters Leaks 1.8M Recordsdata-breach, tools https://shimiscyberworld.com/posts/instructure-confirms-data-breach-shinyhunters-claims-attack-hwvmu/ Shimi's Cyber World en 2026-05-04T01:16:27+03:00 Instructure Confirms Data Breach as ShinyHunters Claims Attackthreat-intel, data-breach, malware