https://shimiscyberworld.com/posts/2026-05-18-nvd-CVE-2026-47090/ Shimi's Cyber World en 2026-05-21T20:22:55+03:00 https://shimiscyberworld.com/posts/nvd-CVE-2026-48213/ Shimi's Cyber World en 2026-05-21T20:16:22+03:00 CVE-2026-48213 — Add.Php That Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-9089/ Shimi's Cyber World en 2026-05-21T19:16:23+03:00 ConnectWise Automate Agent Fails Plugin Verification, CVSS 8.8vulnerability, cve, high-severity, cwe-494 https://shimiscyberworld.com/posts/nvd-CVE-2026-39531/ Shimi's Cyber World en 2026-05-21T19:16:23+03:00 CVE-2026-39531: WP Directory Kit Blind SQL Injection Flaw Rated Criticalvulnerability, cve, critical, high-severity, sql-injection, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-1816/ Shimi's Cyber World en 2026-05-21T18:16:22+03:00 CVE-2026-1816 — Turkiye Electricity Transmission Corporation (TEİAŞ) Mobile Vulnerabilityvulnerability, cve, medium-severity, cwe-307 https://shimiscyberworld.com/posts/nvd-CVE-2026-1815/ Shimi's Cyber World en 2026-05-21T18:16:22+03:00 CVE-2026-1815 — Turkiye Electricity Transmission Corporation (TEİAŞ) Mobile Vulnerabilityvulnerability, cve, medium-severity, cwe-613 https://shimiscyberworld.com/posts/uk-plans-for-cybercrime-law-reform-would-protect-almost-no-o-bph85/ Shimi's Cyber World en 2026-05-21T17:47:00+03:00 UK Cybercrime Law Reform Threatens Vulnerability Researchthreat-intel, data-breach, government, vulnerability https://shimiscyberworld.com/posts/showboat-linux-malware-hits-middle-east-telecom-with-socks5-c13t6/ Shimi's Cyber World en 2026-05-21T17:17:09+03:00 Showboat Linux Malware Targets Middle East Telecom with SOCKS5 Proxythreat-intel, vulnerability, malware, tools https://shimiscyberworld.com/posts/nvd-CVE-2026-45208/ Shimi's Cyber World en 2026-05-21T17:16:48+03:00 CVE-2026-45208: Apex One/SEP Agent Vulnerability Allows Local Privilege Escalationvulnerability, cve, high-severity, cwe-367 https://shimiscyberworld.com/posts/nvd-CVE-2026-45207/ Shimi's Cyber World en 2026-05-21T17:16:48+03:00 CVE-2026-45207: Apex One/SEP Agent Privilege Escalationvulnerability, cve, high-severity, cwe-346 https://shimiscyberworld.com/posts/nvd-CVE-2026-45206/ Shimi's Cyber World en 2026-05-21T17:16:47+03:00 CVE-2026-45206: Privilege Escalation in Apex One/SEP Agentvulnerability, cve, high-severity, cwe-346 https://shimiscyberworld.com/posts/nvd-CVE-2026-34930/ Shimi's Cyber World en 2026-05-21T17:16:45+03:00 CVE-2026-34930: Trend Micro Apex One/SEP Agent Privilege Escalationvulnerability, cve, high-severity, cwe-346 https://shimiscyberworld.com/posts/nvd-CVE-2026-34929/ Shimi's Cyber World en 2026-05-21T17:16:45+03:00 CVE-2026-34929: Trend Micro Apex One/SEP Agent Privilege Escalationvulnerability, cve, high-severity, cwe-346 https://shimiscyberworld.com/posts/nvd-CVE-2026-34928/ Shimi's Cyber World en 2026-05-21T17:16:45+03:00 CVE-2026-34928: Trend Micro Apex One/SEP Agent Privilege Escalationvulnerability, cve, high-severity, cwe-346 https://shimiscyberworld.com/posts/nvd-CVE-2026-34927/ Shimi's Cyber World en 2026-05-21T17:16:45+03:00 CVE-2026-34927: Trend Micro Apex One/SEP Agent Local Privilege Escalationvulnerability, cve, high-severity, cwe-346 https://shimiscyberworld.com/posts/nvd-CVE-2026-34926/ Shimi's Cyber World en 2026-05-21T17:16:45+03:00 CVE-2026-34926 — The Apex One (On-Premise) Server Path Traversalvulnerability, cve, medium-severity, path-traversal, cwe-23 https://shimiscyberworld.com/posts/nvd-CVE-2026-2740/ Shimi's Cyber World en 2026-05-21T17:16:44+03:00 Zohocorp ManageEngine RCE in ADSelfService Plus, DataSecurity Plus, RecoveryManager Plusvulnerability, cve, high-severity, remote-code-execution, cwe-77 https://shimiscyberworld.com/posts/nvd-CVE-2025-71213/ Shimi's Cyber World en 2026-05-21T17:16:43+03:00 Trend Micro Apex One CVE-2025-71213: Local Privilege Escalation Riskvulnerability, cve, high-severity, cwe-346 https://shimiscyberworld.com/posts/nvd-CVE-2025-71212/ Shimi's Cyber World en 2026-05-21T17:16:43+03:00 Trend Micro Apex One Vulnerability Allows Local Privilege Escalationvulnerability, cve, high-severity, cwe-59 https://shimiscyberworld.com/posts/nvd-CVE-2025-71211/ Shimi's Cyber World en 2026-05-21T17:16:43+03:00 Trend Micro Apex One Console Vulnerability Allows Remote Code Executionvulnerability, cve, critical, high-severity, cwe-22 https://shimiscyberworld.com/posts/nvd-CVE-2025-71210/ Shimi's Cyber World en 2026-05-21T17:16:43+03:00 Trend Micro Apex One Console RCE (CVE-2025-71210) — Patch Nowvulnerability, cve, critical, high-severity, cwe-22 https://shimiscyberworld.com/posts/nvd-CVE-2025-13479/ Shimi's Cyber World en 2026-05-21T17:16:43+03:00 PosCube QR Menu: Authorization Bypass via User-Controlled Key (CVE-2025-13479)vulnerability, cve, high-severity, cwe-639 https://shimiscyberworld.com/posts/nvd-CVE-2025-13477/ Shimi's Cyber World en 2026-05-21T17:16:43+03:00 CVE-2025-13477: WifiBurada Authentication Bypass Exposes Private Datavulnerability, cve, high-severity, authentication-bypass, cwe-359, cwe-522 https://shimiscyberworld.com/posts/inside-a-crypto-drainer-how-to-spot-it-before-it-empties-yo-swdre/ Shimi's Cyber World en 2026-05-21T17:00:10+03:00 Crypto Drainers Scale Wallet Theft via Phishing and Automationthreat-intel, data-breach, malware, phishing, bleepingcomputer https://shimiscyberworld.com/posts/nvd-CVE-2026-5118/ Shimi's Cyber World en 2026-05-21T16:16:20+03:00 Divi Form Builder Privilege Escalation: Unauthenticated Admin Account Creationvulnerability, cve, critical, high-severity, privilege-escalation, cwe-269 https://shimiscyberworld.com/posts/police-seize-first-vpn-service-used-in-ransomware-data-th-5fshx/ Shimi's Cyber World en 2026-05-21T16:09:51+03:00 Law Enforcement Seizes 'First VPN' Service Used in Ransomware, Data Theftthreat-intel, data-breach, malware, ransomware, bleepingcomputer https://shimiscyberworld.com/posts/cisco-patches-critical-vulnerability-in-secure-workload-3b5qv/ Shimi's Cyber World en 2026-05-21T15:04:13+03:00 Cisco Patches Critical Secure Workload API Vulnerabilitythreat-intel, vulnerability, identity https://shimiscyberworld.com/posts/telegram-1427288221-8967/ Shimi's Cyber World en 2026-05-21T15:01:37+03:00 TeamPCP Interview Reveals Motives: Anti-Establishment, Not Ideologicalisrael, data-breach, threat-intel, tools https://shimiscyberworld.com/posts/threatsday-bulletin-linux-rootkits-router-0-day-ai-intrus-n6m5z/ Shimi's Cyber World en 2026-05-21T14:52:14+03:00 Attackers Exploit Trusted Components: A New Era of Stealththreat-intel, vulnerability, cloud, tools, the-hacker-news https://shimiscyberworld.com/posts/apple-rejected-2-million-app-store-submissions-in-2025-for-s-vuxt8/ Shimi's Cyber World en 2026-05-21T14:17:15+03:00 Apple Rejected 2 Million App Store Submissions for Security and Fraud Preventionthreat-intel, vulnerability https://shimiscyberworld.com/posts/flipper-one-project-needs-community-help-to-build-open-linux-7i42e/ Shimi's Cyber World en 2026-05-21T14:00:00+03:00 Flipper Devices Seeks Community for Flipper One Linux Platformthreat-intel, data-breach, malware, tools https://shimiscyberworld.com/posts/when-identity-is-the-attack-path-7rspt/ Shimi's Cyber World en 2026-05-21T13:30:00+03:00 Cached AWS Access Keys: A Cloud Identity Attack Paththreat-intel, vulnerability, cloud, microsoft, identity https://shimiscyberworld.com/posts/telegram-1373735086-5042/ Shimi's Cyber World en 2026-05-21T13:19:04+03:00 New Breaches Expose Sensitive Business Data, PII for Targeted Attacksdarkweb, threat-intel, ransomware, vulnerability, data-breach https://shimiscyberworld.com/posts/nvd-CVE-2026-42396/ Shimi's Cyber World en 2026-05-21T13:16:25+03:00 CVE-2026-42396 — Insufficient Validation of Member Zone Data May Causevulnerability, cve, medium-severity https://shimiscyberworld.com/posts/nvd-CVE-2026-42002/ Shimi's Cyber World en 2026-05-21T13:16:25+03:00 CVE-2026-42002 — Concurrency and locking defects invulnerability, cve, medium-severity https://shimiscyberworld.com/posts/nvd-CVE-2026-42001/ Shimi's Cyber World en 2026-05-21T13:16:25+03:00 CVE-2026-42001: Autoprimary SOA Queries Vulnerabilityvulnerability, cve, high-severity https://shimiscyberworld.com/posts/nvd-CVE-2026-42000/ Shimi's Cyber World en 2026-05-21T13:16:25+03:00 CVE-2026-42000 — Insufficient Validation of Names Duringvulnerability, cve, medium-severity https://shimiscyberworld.com/posts/nvd-CVE-2026-41999/ Shimi's Cyber World en 2026-05-21T13:16:25+03:00 CVE-2026-41999 — Incorrect Behaviour of Views with TCP PROXYvulnerability, cve, medium-severity https://shimiscyberworld.com/posts/nvd-CVE-2026-28764/ Shimi's Cyber World en 2026-05-21T13:16:25+03:00 MediaInfoLib LXF Parsing Heap Overflow: High-Severity Vulnerability Disclosedvulnerability, cve, high-severity, buffer-overflow, cwe-823 https://shimiscyberworld.com/posts/telegram-1427288221-8966/ Shimi's Cyber World en 2026-05-21T12:42:55+03:00 Microsoft Patches YellowKey: Public PoC Violates Disclosureisrael, vulnerability, microsoft https://shimiscyberworld.com/posts/google-s-surge-in-chrome-vulnerability-discoveries-likely-dr-rbzlu/ Shimi's Cyber World en 2026-05-21T12:37:08+03:00 Google Chrome Vulnerability Surge Suggests AI's Role in Discoverythreat-intel, vulnerability, tools https://shimiscyberworld.com/posts/telegram-1542954397-4605/ Shimi's Cyber World en 2026-05-21T12:30:04+03:00 DOJ, FBI Crack Down on AI Deepfake Pornography Under 'Take It Down Act' https://shimiscyberworld.com/posts/nvd-CVE-2026-9157/ Shimi's Cyber World en 2026-05-21T12:16:30+03:00 Gmission Web Fax Vulnerability (CVE-2026-9157) Allows Remote Code Inclusionvulnerability, cve, high-severity, unrestricted-file-upload, cwe-20, cwe-434 https://shimiscyberworld.com/posts/nvd-CVE-2026-5434/ Shimi's Cyber World en 2026-05-21T12:16:30+03:00 CVE-2026-5434 — Honeywell Control Network Module (CNM) contains insertionvulnerability, cve, medium-severity, cwe-538 https://shimiscyberworld.com/posts/nvd-CVE-2026-5433/ Shimi's Cyber World en 2026-05-21T12:16:30+03:00 Honeywell Control Network Module: Critical RCE Vulnerability Discoveredvulnerability, cve, critical, high-severity, remote-code-execution https://shimiscyberworld.com/posts/nvd-CVE-2026-4858/ Shimi's Cyber World en 2026-05-21T12:16:30+03:00 Mattermost Path Traversal Allows API Calls with Admin Tokenvulnerability, cve, high-severity, path-traversal, cwe-22 https://shimiscyberworld.com/posts/nvd-CVE-2026-27393/ Shimi's Cyber World en 2026-05-21T12:16:26+03:00 CVE-2026-27393 — Tobias CF7 WOW Styler Vulnerabilityvulnerability, cve, medium-severity, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2026-27349/ Shimi's Cyber World en 2026-05-21T12:16:26+03:00 CVE-2026-27349 — WPFunnels Team Mail Mint Vulnerabilityvulnerability, cve, medium-severity, cwe-497 https://shimiscyberworld.com/posts/nvd-CVE-2026-22880/ Shimi's Cyber World en 2026-05-21T12:16:26+03:00 CVE-2026-22880 — Mattermost Mobile Apps versions <=2.37 11.4 2.0.37 11.0.4vulnerability, cve, medium-severity, cwe-352 https://shimiscyberworld.com/posts/nvd-CVE-2026-44076/ Shimi's Cyber World en 2026-05-21T11:16:23+03:00 CVE-2026-44076 — In Netatalk 3.1.0 through 4.4.2, shell injection via volumevulnerability, cve, medium-severity, cwe-78 https://shimiscyberworld.com/posts/nvd-CVE-2026-44068/ Shimi's Cyber World en 2026-05-21T11:16:22+03:00 Netatalk Path Traversal (CVE-2026-44068) Poses High Riskvulnerability, cve, high-severity, path-traversal, cwe-22 https://shimiscyberworld.com/posts/nvd-CVE-2026-44066/ Shimi's Cyber World en 2026-05-21T11:16:22+03:00 CVE-2026-44066: Netatalk Heap Out-of-Bounds Read Poses High Riskvulnerability, cve, high-severity, out-of-bounds-1, cwe-125 https://shimiscyberworld.com/posts/nvd-CVE-2026-44064/ Shimi's Cyber World en 2026-05-21T11:16:22+03:00 Netatalk CVE-2026-44064: Out-of-Bounds Access Poses High Riskvulnerability, cve, high-severity, cwe-125 https://shimiscyberworld.com/posts/nvd-CVE-2026-44062/ Shimi's Cyber World en 2026-05-21T11:16:21+03:00 Netatalk CVE-2026-44062: High-Severity RCE Risk in Legacy File Sharingvulnerability, cve, high-severity, cwe-787 https://shimiscyberworld.com/posts/nvd-CVE-2026-44060/ Shimi's Cyber World en 2026-05-21T11:16:21+03:00 CVE-2026-44060: Netatalk DoS Vulnerability Poses High Riskvulnerability, cve, high-severity, denial-of-service, cwe-191 https://shimiscyberworld.com/posts/nvd-CVE-2026-44058/ Shimi's Cyber World en 2026-05-21T11:16:21+03:00 Netatalk Authentication Bypass (CVE-2026-44058) Allows Admin Accessvulnerability, cve, high-severity, authentication-bypass, cwe-287 https://shimiscyberworld.com/posts/nvd-CVE-2026-44055/ Shimi's Cyber World en 2026-05-21T11:16:21+03:00 Netatalk CVE-2026-44055: Shell Injection Vulnerability Disclosedvulnerability, cve, high-severity, cwe-78 https://shimiscyberworld.com/posts/nvd-CVE-2026-44053/ Shimi's Cyber World en 2026-05-21T11:16:20+03:00 CVE-2026-44053: Netatalk dhcast128 Weak Crypto Exposes File Sharesvulnerability, cve, high-severity, cwe-327 https://shimiscyberworld.com/posts/nvd-CVE-2026-44052/ Shimi's Cyber World en 2026-05-21T11:16:20+03:00 CVE-2026-44052: Netatalk Exposes LDAP Passwords in Logsvulnerability, cve, high-severity, cwe-532 https://shimiscyberworld.com/posts/nvd-CVE-2026-44051/ Shimi's Cyber World en 2026-05-21T11:16:20+03:00 Netatalk Arbitrary File Read (CVE-2026-44051) Poses High Riskvulnerability, cve, high-severity, arbitrary-file-access, cwe-59 https://shimiscyberworld.com/posts/nvd-CVE-2026-44050/ Shimi's Cyber World en 2026-05-21T11:16:20+03:00 Netatalk Heap Buffer Overflow (CVE-2026-44050) — Critical RCE Riskvulnerability, cve, critical, high-severity, buffer-overflow, cwe-122 https://shimiscyberworld.com/posts/nvd-CVE-2026-44049/ Shimi's Cyber World en 2026-05-21T11:16:20+03:00 CVE-2026-44049: Netatalk Out-of-Bounds Write Poses High Riskvulnerability, cve, high-severity, out-of-bounds-1, cwe-787 https://shimiscyberworld.com/posts/nvd-CVE-2026-44048/ Shimi's Cyber World en 2026-05-21T11:16:20+03:00 Netatalk Stack Buffer Overflow (CVE-2026-44048) Poses High Riskvulnerability, cve, high-severity, buffer-overflow, cwe-121 https://shimiscyberworld.com/posts/nvd-CVE-2026-44047/ Shimi's Cyber World en 2026-05-21T11:16:20+03:00 Netatalk SQL Injection (CVE-2026-44047) Poses High Riskvulnerability, cve, high-severity, sql-injection, cwe-89 https://shimiscyberworld.com/posts/microsoft-warns-of-new-defender-zero-days-exploited-in-attac-eiqxs/ Shimi's Cyber World en 2026-05-21T10:49:48+03:00 Microsoft Defender Zero-Days Under Active Exploitationthreat-intel, data-breach, malware, vulnerability, microsoft https://shimiscyberworld.com/posts/9-year-old-linux-kernel-flaw-enables-root-command-execution-7f38n/ Shimi's Cyber World en 2026-05-21T10:35:53+03:00 Linux Kernel Flaw CVE-2026-46333 Allows Root Command Executionthreat-intel, vulnerability, the-hacker-news https://shimiscyberworld.com/posts/telegram-1427288221-8964/ Shimi's Cyber World en 2026-05-21T10:02:58+03:00 Ukrainian Teen Arrested for $721K Infostealer Operation Targeting USisrael, malware https://shimiscyberworld.com/posts/telegram-1427288221-8959/ Shimi's Cyber World en 2026-05-21T09:55:21+03:00 Operation Ramz: INTERPOL Arrests 201 Cybercriminals in MENA Regionisrael https://shimiscyberworld.com/posts/github-links-repo-breach-to-tanstack-npm-supply-chain-attack-13d14/ Shimi's Cyber World en 2026-05-21T09:54:01+03:00 GitHub Repo Breach Linked to TanStack npm Supply Chain Attackthreat-intel, data-breach, malware, tools https://shimiscyberworld.com/posts/nvd-CVE-2026-6279/ Shimi's Cyber World en 2026-05-21T08:16:23+03:00 Avada Builder RCE (CVE-2026-6279) Exposes WordPress Sitesvulnerability, cve, critical, high-severity, remote-code-execution, cwe-74 https://shimiscyberworld.com/posts/nvd-CVE-2026-2734/ Shimi's Cyber World en 2026-05-21T08:16:22+03:00 CVE-2026-2734 — In mlflow/mlflow versions up to 3.9.0, thevulnerability, cve, medium-severity, cwe-284 https://shimiscyberworld.com/posts/nvd-CVE-2026-1543/ Shimi's Cyber World en 2026-05-21T08:16:22+03:00 CVE-2026-1543 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/dragonica-lunaris-126-293-breached-accounts-lzbup/ Shimi's Cyber World en 2026-05-21T07:41:32+03:00 Dragonica Lunaris Breach Exposes 126K Player Accountsdata-breach https://shimiscyberworld.com/posts/nvd-CVE-2026-4811/ Shimi's Cyber World en 2026-05-21T07:16:31+03:00 CVE-2026-4811 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/windows93-myspace93-46-105-breached-accounts-nasew/ Shimi's Cyber World en 2026-05-21T06:45:15+03:00 Windows93 / Myspace93 Breach Exposes 46K Accounts in Plaintextdata-breach, vulnerability, microsoft https://shimiscyberworld.com/posts/highly-critical-drupal-core-flaw-exposes-postgresql-sites-to-j9qzr/ Shimi's Cyber World en 2026-05-21T06:44:11+03:00 Drupal Core RCE Flaw (CVE-2026-9082) Impacts PostgreSQL Sitesthreat-intel, vulnerability, tools https://shimiscyberworld.com/posts/nvd-CVE-2026-1881/ Shimi's Cyber World en 2026-05-21T05:16:32+03:00 CVE-2026-1881 — The Broadstreet plugin for WordPress is vulnerable tovulnerability, cve, medium-severity, cwe-639 https://shimiscyberworld.com/posts/nvd-CVE-2026-9149/ Shimi's Cyber World en 2026-05-21T03:16:35+03:00 CVE-2026-9149 — Libsolv Buffer Overflowvulnerability, cve, medium-severity, buffer-overflow, cwe-122 https://shimiscyberworld.com/posts/nvd-CVE-2026-40165/ Shimi's Cyber World en 2026-05-21T03:16:28+03:00 authentik Authentication Bypass: SAML NameID XML Comment Injection (CVE-2026-40165)vulnerability, cve, high-severity, authentication-bypass, cwe-91, cwe-287, cwe-436 https://shimiscyberworld.com/posts/nvd-CVE-2026-9150/ Shimi's Cyber World en 2026-05-21T02:16:36+03:00 CVE-2026-9150 — Libsolv Buffer Overflowvulnerability, cve, medium-severity, buffer-overflow, cwe-121 https://shimiscyberworld.com/posts/xi-and-putin-pledge-closer-cooperation-on-ai-cyberspace-and-43246/ Shimi's Cyber World en 2026-05-21T02:00:00+03:00 China and Russia Forge Deeper Cyber, AI, and Satellite Cooperationthreat-intel, data-breach, government https://shimiscyberworld.com/posts/nvd-CVE-2026-40102/ Shimi's Cyber World en 2026-05-21T01:16:37+03:00 CVE-2026-40102 — Plane is an open-source project management tool. Invulnerability, cve, medium-severity, cwe-943 https://shimiscyberworld.com/posts/nvd-CVE-2026-40094/ Shimi's Cyber World en 2026-05-21T01:16:36+03:00 CVE-2026-40094 — nimiq-blockchain provides persistent block storage forvulnerability, cve, medium-severity, cwe-754 https://shimiscyberworld.com/posts/nvd-CVE-2026-40092/ Shimi's Cyber World en 2026-05-21T01:16:36+03:00 CVE-2026-40092: Nimiq Blockchain Node Crash Vulnerabilityvulnerability, cve, high-severity, cwe-252 https://shimiscyberworld.com/posts/nvd-CVE-2026-39960/ Shimi's Cyber World en 2026-05-21T01:16:36+03:00 CVE-2026-39960 — Any User Viewing The Bug Edit Form, Including Administrators Vulnerabilityvulnerability, cve, medium-severity, cwe-79 https://shimiscyberworld.com/posts/ukraine-identifies-infostealer-operator-tied-to-28-000-stole-9zp2a/ Shimi's Cyber World en 2026-05-21T00:36:24+03:00 Ukraine Identifies Infostealer Operator Tied to 28,000 Stolen Accountsthreat-intel, data-breach, malware https://shimiscyberworld.com/posts/hackers-bypass-sonicwall-vpn-mfa-due-to-incomplete-patching-ka5eo/ Shimi's Cyber World en 2026-05-21T00:19:17+03:00 SonicWall VPN MFA Bypass Due to Incomplete Patchingthreat-intel, data-breach, malware, ransomware, vulnerability, identity, tools https://shimiscyberworld.com/posts/nvd-CVE-2026-9141/ Shimi's Cyber World en 2026-05-20T23:16:46+03:00 CVE-2026-9141: Taiko AG1000-01A SMS Gateway Critical Auth Bypassvulnerability, cve, critical, high-severity, authentication-bypass, cwe-306 https://shimiscyberworld.com/posts/nvd-CVE-2026-9139/ Shimi's Cyber World en 2026-05-20T23:16:46+03:00 Taiko AG1000-01A SMS Gateway Critical Hard-Coded Credential Vulnerabilityvulnerability, cve, critical, high-severity, cwe-798 https://shimiscyberworld.com/posts/nvd-CVE-2026-9126/ Shimi's Cyber World en 2026-05-20T23:16:45+03:00 Google Chrome Use-After-Free (CVE-2026-9126) Allows RCEvulnerability, cve, high-severity, use-after-free, cwe-416 https://shimiscyberworld.com/posts/nvd-CVE-2026-9121/ Shimi's Cyber World en 2026-05-20T23:16:44+03:00 Google Chrome GPU Out-of-Bounds Read: High-Severity Exploit Vectorvulnerability, cve, high-severity, out-of-bounds-1, cwe-125 https://shimiscyberworld.com/posts/nvd-CVE-2026-9120/ Shimi's Cyber World en 2026-05-20T23:16:43+03:00 Google Chrome WebRTC Use-After-Free: Remote Code Executionvulnerability, cve, high-severity, use-after-free, cwe-416 https://shimiscyberworld.com/posts/nvd-CVE-2026-9119/ Shimi's Cyber World en 2026-05-20T23:16:43+03:00 Google Chrome WebRTC Heap Overflow Allows Sandbox Escapevulnerability, cve, high-severity, buffer-overflow, cwe-122 https://shimiscyberworld.com/posts/nvd-CVE-2026-9118/ Shimi's Cyber World en 2026-05-20T23:16:43+03:00 Google Chrome Use-After-Free (CVE-2026-9118) Allows Remote Code Executionvulnerability, cve, high-severity, use-after-free, cwe-416 https://shimiscyberworld.com/posts/nvd-CVE-2026-9114/ Shimi's Cyber World en 2026-05-20T23:16:42+03:00 Google Chrome: High-Severity QUIC Vulnerability Allows Remote Code Executionvulnerability, cve, high-severity, use-after-free, cwe-416 https://shimiscyberworld.com/posts/nvd-CVE-2026-9112/ Shimi's Cyber World en 2026-05-20T23:16:42+03:00 Google Chrome GPU Use-After-Free: Remote Code Execution via Crafted HTMLvulnerability, cve, high-severity, use-after-free, cwe-416 https://shimiscyberworld.com/posts/nvd-CVE-2026-9111/ Shimi's Cyber World en 2026-05-20T23:16:41+03:00 Google Chrome WebRTC Use-After-Free: Critical RCE Threat on Linuxvulnerability, cve, high-severity, use-after-free, cwe-416 https://shimiscyberworld.com/posts/nvd-CVE-2026-45444/ Shimi's Cyber World en 2026-05-20T23:16:40+03:00 CVE-2026-45444: Critical File Upload Flaw in Gift Cards For WooCommerce Provulnerability, cve, critical, high-severity, unrestricted-file-upload, cwe-434 https://shimiscyberworld.com/posts/nvd-CVE-2026-39310/ Shimi's Cyber World en 2026-05-20T23:16:39+03:00 Trilium Notes Authentication Bypass (CVE-2026-39310) Exposes Datavulnerability, cve, high-severity, authentication-bypass, cwe-284, cwe-306 https://shimiscyberworld.com/posts/nvd-CVE-2026-24218/ Shimi's Cyber World en 2026-05-20T23:16:36+03:00 NVIDIA DGX OS: Critical SSH Key Vulnerability Exposes Systemsvulnerability, cve, high-severity, code-execution, cwe-321 https://shimiscyberworld.com/posts/nvd-CVE-2026-24217/ Shimi's Cyber World en 2026-05-20T23:16:36+03:00 NVIDIA BioNeMo Core Path Traversal Leads to Code Execution (CVE-2026-24217)vulnerability, cve, high-severity, code-execution, cwe-29 https://shimiscyberworld.com/posts/nvd-CVE-2026-24188/ Shimi's Cyber World en 2026-05-20T23:16:36+03:00 NVIDIA TensorRT Out-of-Bounds Write (CVE-2026-24188) Poses Data Tampering Riskvulnerability, cve, high-severity, out-of-bounds-1, cwe-787 https://shimiscyberworld.com/posts/daily-digest/ Shimi's Cyber World en 2026-05-20T23:00:00+03:00 Daily Security Digest — 2026-05-20daily-digest, vulnerability, cve, critical, high-severity, remote-code-execution, cwe-434, privilege-escalation, cwe-269, cwe-287 https://shimiscyberworld.com/posts/telegram-1427288221-8957/ Shimi's Cyber World en 2026-05-20T21:55:27+03:00 Dozens of Israeli Business Sites Defaced by Iranian Actorsisrael https://shimiscyberworld.com/posts/nvd-CVE-2026-20240/ Shimi's Cyber World en 2026-05-20T21:16:26+03:00 CVE-2026-20240 — Denial of Servicevulnerability, cve, medium-severity, denial-of-service, cwe-20 https://shimiscyberworld.com/posts/nvd-CVE-2026-20239/ Shimi's Cyber World en 2026-05-20T21:16:26+03:00 Splunk Enterprise, Cloud Vulnerability Exposes Session Cookies, Sensitive Datavulnerability, cve, high-severity, cwe-532 https://shimiscyberworld.com/posts/nvd-CVE-2026-20238/ Shimi's Cyber World en 2026-05-20T21:16:26+03:00 CVE-2026-20238 — In Splunk AI Toolkit versions below 5.7.3, a low-privilegedvulnerability, cve, medium-severity, cwe-863 https://shimiscyberworld.com/posts/telegram-1542954397-4602/ Shimi's Cyber World en 2026-05-20T21:02:25+03:00 LΣҒΔ𝕽ΩLL 🇮🇱 Exposes Sophisticated Social Engineering Tacticstelegram https://shimiscyberworld.com/posts/ftc-warns-12-major-tech-firms-of-violating-take-it-down-act-gm2ex/ Shimi's Cyber World en 2026-05-20T20:29:00+03:00 FTC Warns 12 Major Tech Firms Over Take It Down Act Violationsthreat-intel, data-breach, government https://shimiscyberworld.com/posts/nvd-CVE-2026-9101/ Shimi's Cyber World en 2026-05-20T20:16:32+03:00 CVE-2026-9101 — Prototype pollution in csv parsing logic during import canvulnerability, cve, medium-severity, cwe-1321 https://shimiscyberworld.com/posts/nvd-CVE-2026-9100/ Shimi's Cyber World en 2026-05-20T20:16:32+03:00 CVE-2026-9100 — Out-of-Bounds $1vulnerability, cve, medium-severity, out-of-bounds-1, cwe-1285 https://shimiscyberworld.com/posts/nvd-CVE-2026-9087/ Shimi's Cyber World en 2026-05-20T20:16:32+03:00 CVE-2026-9087 — Keycloak Vulnerabilityvulnerability, cve, medium-severity, cwe-639 https://shimiscyberworld.com/posts/nvd-CVE-2026-7613/ Shimi's Cyber World en 2026-05-20T20:16:29+03:00 PixelYourSite WordPress Plugin Vulnerable to Stored XSS (CVE-2026-7613)vulnerability, cve, high-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-20223/ Shimi's Cyber World en 2026-05-20T20:16:20+03:00 Cisco Secure Workload Critical RCE: Unauthenticated Site Admin Accessvulnerability, cve, critical, high-severity, cwe-306 https://shimiscyberworld.com/posts/nvd-CVE-2026-20206/ Shimi's Cyber World en 2026-05-20T20:16:20+03:00 CVE-2026-20206 — The BrowserBot Component Of Cisco ThousandEyes Enterprise Ag Vulnerabilityvulnerability, cve, medium-severity, cwe-78 https://shimiscyberworld.com/posts/nvd-CVE-2026-20199/ Shimi's Cyber World en 2026-05-20T20:16:20+03:00 CVE-2026-20199 — The SSL Certificate Handling Of Cisco ThousandEyes Virtual A Vulnerabilityvulnerability, cve, medium-severity, cwe-74 https://shimiscyberworld.com/posts/nvd-CVE-2026-20171/ Shimi's Cyber World en 2026-05-20T20:16:19+03:00 CVE-2026-20171 — The Border Gateway Protocol (BGP)&Nbsp;Enforce-First-As Feat Denial of Servicevulnerability, cve, medium-severity, denial-of-service, cwe-670 https://shimiscyberworld.com/posts/microsoft-open-sources-rampart-and-clarity-to-secure-ai-agen-alb2u/ Shimi's Cyber World en 2026-05-20T20:06:54+03:00 Microsoft Open-Sources RAMPART and Clarity for AI Agent Securitythreat-intel, vulnerability, microsoft, ai-security, tools https://shimiscyberworld.com/posts/ukraine-probes-teen-suspect-in-cyber-theft-scheme-targeting-vda36/ Shimi's Cyber World en 2026-05-20T19:33:00+03:00 Ukraine Probes Teen Suspect in US E-commerce Cyber Theftthreat-intel, data-breach, government https://shimiscyberworld.com/posts/discord-migrates-all-users-to-end-to-end-encryption-by-defau-qoz09/ Shimi's Cyber World en 2026-05-20T19:29:00+03:00 Discord Enables End-to-End Encryption by Defaultthreat-intel, data-breach, government https://shimiscyberworld.com/posts/nvd-CVE-2026-8598/ Shimi's Cyber World en 2026-05-20T19:16:27+03:00 ZKTeco CCTV Cameras: Unauthenticated Port Exposes Critical Data (CVE-2026-8598)vulnerability, cve, critical, high-severity, cwe-288 https://shimiscyberworld.com/posts/nvd-CVE-2026-8488/ Shimi's Cyber World en 2026-05-20T19:16:27+03:00 CVE-2026-8488 — Progress Software MOVEit Automation Vulnerabilityvulnerability, cve, medium-severity, cwe-770 https://shimiscyberworld.com/posts/nvd-CVE-2026-8487/ Shimi's Cyber World en 2026-05-20T19:16:27+03:00 CVE-2026-8487 — Progress Software MOVEit Automation Vulnerabilityvulnerability, cve, medium-severity, cwe-276 https://shimiscyberworld.com/posts/nvd-CVE-2026-8486/ Shimi's Cyber World en 2026-05-20T19:16:27+03:00 CVE-2026-8486 — Progress Software MOVEit Automation Vulnerabilityvulnerability, cve, medium-severity, cwe-770 https://shimiscyberworld.com/posts/nvd-CVE-2026-5783/ Shimi's Cyber World en 2026-05-20T19:16:26+03:00 Beyaz CityPLus Reflective XSS (CVE-2026-5783) Poses High Riskvulnerability, cve, high-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-4293/ Shimi's Cyber World en 2026-05-20T19:16:26+03:00 CVE-2026-4293 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2025-32750/ Shimi's Cyber World en 2026-05-20T19:16:24+03:00 Dell PowerFlex Manager: Directory Listing Vulnerability Exposes Informationvulnerability, cve, high-severity, cwe-548 https://shimiscyberworld.com/posts/nvd-CVE-2023-7346/ Shimi's Cyber World en 2026-05-20T19:16:23+03:00 CVE-2023-7346 — Ledger Bitcoin app versions 2.1.0 and 2.1.1 contain anvulnerability, cve, medium-severity, cwe-682 https://shimiscyberworld.com/posts/grafana-breach-caused-by-missed-token-rotation-after-tanstac-ijv20/ Shimi's Cyber World en 2026-05-20T18:46:37+03:00 Grafana Breach: Missed Token Rotation After TanStack Supply Chain Attackthreat-intel, data-breach, malware, tools https://shimiscyberworld.com/posts/ai-powered-app-attacks-are-faster-more-frequent-and-harder-q8cvf/ Shimi's Cyber World en 2026-05-20T17:37:36+03:00 AI-Powered Attacks Accelerate Mobile App Exploitationthreat-intel, vulnerability, tools https://shimiscyberworld.com/posts/microsoft-takes-down-malware-signing-service-behind-ransomwa-ywtug/ Shimi's Cyber World en 2026-05-20T17:36:44+03:00 Microsoft Disrupts Fox Tempest Malware-Signing-as-a-Servicethreat-intel, vulnerability, malware, ransomware, microsoft https://shimiscyberworld.com/posts/nvd-CVE-2026-8485/ Shimi's Cyber World en 2026-05-20T17:17:04+03:00 CVE-2026-8485 — Progress Software MOVEit Automation Vulnerabilityvulnerability, cve, medium-severity, cwe-789 https://shimiscyberworld.com/posts/nvd-CVE-2026-24425/ Shimi's Cyber World en 2026-05-20T17:16:38+03:00 Twig Sandbox Bypass (CVE-2026-24425) Allows Arbitrary Code Executionvulnerability, cve, high-severity, cwe-693 https://shimiscyberworld.com/posts/nvd-CVE-2026-22554/ Shimi's Cyber World en 2026-05-20T17:16:38+03:00 CVE-2026-22554: MediaInfoLib Heap-Based Buffer Overflow Risks High Impactvulnerability, cve, high-severity, buffer-overflow, cwe-122 https://shimiscyberworld.com/posts/nvd-CVE-2026-21836/ Shimi's Cyber World en 2026-05-20T17:16:36+03:00 CVE-2026-21836 — The HCL DominoIQ RAG feature is affected by a Broken Accessvulnerability, cve, medium-severity, cwe-862 https://shimiscyberworld.com/posts/identity-alone-isn-t-enough-why-device-security-has-to-shar-grj7u/ Shimi's Cyber World en 2026-05-20T17:02:12+03:00 Identity Alone Isn't Enough: Device Security Must Share the Loadthreat-intel, data-breach, malware, identity https://shimiscyberworld.com/posts/nvd-CVE-2026-5950/ Shimi's Cyber World en 2026-05-20T16:16:40+03:00 CVE-2026-5950 — BIND 9 Versions Vulnerabilityvulnerability, cve, medium-severity, cwe-606 https://shimiscyberworld.com/posts/nvd-CVE-2026-5947/ Shimi's Cyber World en 2026-05-20T16:16:40+03:00 BIND DNS Vulnerability CVE-2026-5947: Race Condition Leads to Use-After-Freevulnerability, cve, high-severity, use-after-free, cwe-362, cwe-416 https://shimiscyberworld.com/posts/nvd-CVE-2026-5946/ Shimi's Cyber World en 2026-05-20T16:16:40+03:00 BIND 9 Assertion Failure: CVE-2026-5946 Impacts DNS Handlingvulnerability, cve, high-severity, cwe-20, cwe-125, cwe-617, cwe-754, cwe-843 https://shimiscyberworld.com/posts/nvd-CVE-2026-45584/ Shimi's Cyber World en 2026-05-20T16:16:37+03:00 Microsoft Defender Heap Buffer Overflow Allows Remote Code Executionvulnerability, cve, high-severity, buffer-overflow, cwe-122 https://shimiscyberworld.com/posts/nvd-CVE-2026-45443/ Shimi's Cyber World en 2026-05-20T16:16:36+03:00 CVE-2026-45443 — ADD-ONS.ORG PDF For Elementor Forms + Drag And Drop Template Vulnerabilityvulnerability, cve, medium-severity, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2026-42834/ Shimi's Cyber World en 2026-05-20T16:16:34+03:00 Azure Portal Windows Admin Center Link Following Vulnerability (CVE-2026-42834)vulnerability, cve, high-severity, cwe-59 https://shimiscyberworld.com/posts/nvd-CVE-2026-42383/ Shimi's Cyber World en 2026-05-20T16:16:32+03:00 YITH WooCommerce Product Add-Ons Blind SQLi (CVE-2026-42383)vulnerability, cve, high-severity, sql-injection, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-41091/ Shimi's Cyber World en 2026-05-20T16:16:29+03:00 Microsoft Defender Vulnerability CVE-2026-41091: Local Privilege Escalation via Improper Link Handlingvulnerability, cve, high-severity, cwe-59 https://shimiscyberworld.com/posts/nvd-CVE-2026-3593/ Shimi's Cyber World en 2026-05-20T16:16:23+03:00 CVE-2026-3593: BIND 9 DNS-over-HTTPS Use-After-Free Vulnerabilityvulnerability, cve, high-severity, use-after-free, cwe-416 https://shimiscyberworld.com/posts/nvd-CVE-2026-3592/ Shimi's Cyber World en 2026-05-20T16:16:23+03:00 CVE-2026-3592 — BIND 9 Versions Vulnerabilityvulnerability, cve, medium-severity, cwe-408 https://shimiscyberworld.com/posts/nvd-CVE-2026-3039/ Shimi's Cyber World en 2026-05-20T16:16:23+03:00 CVE-2026-3039: BIND Servers Face High-Severity Memory Exhaustion Vulnerabilityvulnerability, cve, high-severity, cwe-771 https://shimiscyberworld.com/posts/nvd-CVE-2026-29518/ Shimi's Cyber World en 2026-05-20T16:16:17+03:00 Rsync CVE-2026-29518: TOCTOU Flaw Allows Privilege Escalationvulnerability, cve, high-severity, privilege-escalation, cwe-367 https://shimiscyberworld.com/posts/nvd-CVE-2026-27405/ Shimi's Cyber World en 2026-05-20T16:16:16+03:00 CVE-2026-27405 — Magepeople Inc. WpBookingly Vulnerabilityvulnerability, cve, medium-severity, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2026-24573/ Shimi's Cyber World en 2026-05-20T16:16:16+03:00 CVE-2026-24573 — Themeisle Visualizer Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2025-11954/ Shimi's Cyber World en 2026-05-20T16:16:14+03:00 WISECP CSRF Vulnerability (CVE-2025-11954) Poses High Riskvulnerability, cve, high-severity, cwe-352 https://shimiscyberworld.com/posts/texas-florida-top-list-of-states-reporting-millions-of-doll-qcrtp/ Shimi's Cyber World en 2026-05-20T16:04:00+03:00 Crypto ATM Scams Cost Millions in Texas, Floridathreat-intel, data-breach, government https://shimiscyberworld.com/posts/anthropic-silently-patches-claude-code-sandbox-bypass-371rj/ Shimi's Cyber World en 2026-05-20T16:00:00+03:00 Anthropic Patches Claude Code Sandbox Bypass with Prompt Injection Riskthreat-intel, vulnerability, ai-security https://shimiscyberworld.com/posts/drupal-critical-update-to-fix-bug-with-high-exploitation-ris-df3hc/ Shimi's Cyber World en 2026-05-20T15:52:29+03:00 Drupal Critical Update: Exploitation Risk Hours After Disclosurethreat-intel, data-breach, malware, vulnerability, tools https://shimiscyberworld.com/posts/webworm-deploys-echocreep-and-graphworm-backdoors-using-disc-n177a/ Shimi's Cyber World en 2026-05-20T15:51:43+03:00 Webworm Leverages Discord and MS Graph API for C2threat-intel, vulnerability, malware, microsoft https://shimiscyberworld.com/posts/telegram-1427288221-8956/ Shimi's Cyber World en 2026-05-20T15:48:28+03:00 Cyera Acquires 5-Month-Old Cybersecurity Startup for $50 Millionisrael https://shimiscyberworld.com/posts/github-confirms-being-hacked-by-teampcp-says-customer-data-mrls1/ Shimi's Cyber World en 2026-05-20T15:21:00+03:00 GitHub Confirms Breach by TeamPCP, Customer Data Unaffectedthreat-intel, data-breach, government, tools https://shimiscyberworld.com/posts/nvd-CVE-2025-31973/ Shimi's Cyber World en 2026-05-20T15:16:20+03:00 CVE-2025-31973 — HCL BigFix Service Management (SM) is susceptible to avulnerability, cve, medium-severity https://shimiscyberworld.com/posts/senator-presses-cisa-for-answers-about-alleged-github-reposi-wtzos/ Shimi's Cyber World en 2026-05-20T15:11:00+03:00 CISA Pressed on Nightwing GitHub Leak by Senator Hassanthreat-intel, data-breach, government, tools https://shimiscyberworld.com/posts/cisa-kev-CVE-2026-45498/ Shimi's Cyber World en 2026-05-20T15:00:00+03:00 CVE-2026-45498 — Microsoft Defender: Microsoft Defender Denial of Service Vulnerabilityvulnerability, cve, cisa-kev, actively-exploited https://shimiscyberworld.com/posts/cisa-kev-CVE-2010-0806/ Shimi's Cyber World en 2026-05-20T15:00:00+03:00 CVE-2010-0806 — Microsoft Internet Explorer: Microsoft Internet Explorer Use-After-Free Vulnerabilityvulnerability, cve, cisa-kev, actively-exploited https://shimiscyberworld.com/posts/cisa-kev-CVE-2010-0249/ Shimi's Cyber World en 2026-05-20T15:00:00+03:00 CVE-2010-0249 — Microsoft Internet Explorer: Microsoft Internet Explorer Use-After-Free Vulnerabilityvulnerability, cve, cisa-kev, actively-exploited https://shimiscyberworld.com/posts/cisa-kev-CVE-2009-3459/ Shimi's Cyber World en 2026-05-20T15:00:00+03:00 CVE-2009-3459 — Adobe Acrobat and Reader: Adobe Acrobat and Reader Heap-Based Buffer Overflow Vulnerabilityvulnerability, cve, cisa-kev, actively-exploited https://shimiscyberworld.com/posts/cisa-kev-CVE-2009-1537/ Shimi's Cyber World en 2026-05-20T15:00:00+03:00 CVE-2009-1537 — Microsoft DirectX: Microsoft DirectX NULL Byte Overwrite Vulnerabilityvulnerability, cve, cisa-kev, actively-exploited https://shimiscyberworld.com/posts/cisa-kev-CVE-2008-4250/ Shimi's Cyber World en 2026-05-20T15:00:00+03:00 CVE-2008-4250 — Microsoft Windows: Microsoft Windows Buffer Overflow Vulnerabilityvulnerability, cve, cisa-kev, actively-exploited https://shimiscyberworld.com/posts/agent-ai-is-coming-are-you-ready-f9lb9/ Shimi's Cyber World en 2026-05-20T14:58:00+03:00 Agent AI Era Exposes Massive Identity Gaps, Orchid Security Warnsthreat-intel, vulnerability, identity, tools https://shimiscyberworld.com/posts/over-320-npm-packages-hit-by-fresh-mini-shai-hulud-supply-ch-xgvox/ Shimi's Cyber World en 2026-05-20T14:06:49+03:00 Mini Shai-Hulud: 320+ NPM Packages Hit by Supply Chain Attackthreat-intel, vulnerability, securityweek https://shimiscyberworld.com/posts/caught-off-guard-securing-ai-after-it-hits-production-lyk30/ Shimi's Cyber World en 2026-05-20T14:00:00+03:00 Enterprises Rushing AI to Production, Security Left Behindthreat-intel, vulnerability, securityweek https://shimiscyberworld.com/posts/typosquatting-is-no-longer-a-user-problem-it-s-a-supply-cha-c1lap/ Shimi's Cyber World en 2026-05-20T13:30:00+03:00 Typosquatting Evolves: AI-Generated Lookalikes Target Supply Chainsthreat-intel, vulnerability, the-hacker-news https://shimiscyberworld.com/posts/nvd-CVE-2026-9064/ Shimi's Cyber World en 2026-05-20T13:16:28+03:00 CVE-2026-9064: 389-ds-base Denial-of-Service Vulnerability Exposes LDAP Serversvulnerability, cve, high-severity, denial-of-service, cwe-770 https://shimiscyberworld.com/posts/nvd-CVE-2026-6728/ Shimi's Cyber World en 2026-05-20T13:16:28+03:00 CVE-2026-6728 — The Slider Revolution plugin for WordPress is vulnerable tovulnerability, cve, medium-severity, cwe-200 https://shimiscyberworld.com/posts/nvd-CVE-2026-44933/ Shimi's Cyber World en 2026-05-20T13:16:28+03:00 CVE-2026-44933: Plugin Script Vulnerability Allows Host Binary Execution with Root Privilegesvulnerability, cve, high-severity, cwe-35 https://shimiscyberworld.com/posts/nvd-CVE-2026-41054/ Shimi's Cyber World en 2026-05-20T13:16:26+03:00 CVE-2026-41054: Local Privilege Escalation in havegedvulnerability, cve, high-severity, cwe-305 https://shimiscyberworld.com/posts/nvd-CVE-2026-35070/ Shimi's Cyber World en 2026-05-20T13:16:26+03:00 CVE-2026-35070 — Command Injectionvulnerability, cve, medium-severity, command-injection, cwe-77 https://shimiscyberworld.com/posts/tracking-tamperedchef-clusters-via-certificate-and-code-reus-bqfd9/ Shimi's Cyber World en 2026-05-20T13:00:46+03:00 TamperedChef Malware Uses Trojanized Apps and Malvertising for Stealthy Deliverythreat-intel, apt, malware, research, unit-42 https://shimiscyberworld.com/posts/nvd-CVE-2026-6405/ Shimi's Cyber World en 2026-05-20T11:16:23+03:00 CVE-2026-6405 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-352 https://shimiscyberworld.com/posts/nvd-CVE-2026-5200/ Shimi's Cyber World en 2026-05-20T11:16:22+03:00 AcyMailing WordPress Plugin Vulnerable to Admin Takeover (CVE-2026-5200)vulnerability, cve, high-severity, cwe-862 https://shimiscyberworld.com/posts/github-confirms-breach-of-3-800-repos-via-malicious-vscode-e-17vmp/ Shimi's Cyber World en 2026-05-20T11:14:08+03:00 GitHub Confirms 3,800 Repos Breached via Malicious VSCode Extensionthreat-intel, data-breach, malware, tools https://shimiscyberworld.com/posts/microsoft-shares-mitigation-for-yellowkey-windows-zero-day-dda5p/ Shimi's Cyber World en 2026-05-20T10:31:15+03:00 Microsoft Issues YellowKey Mitigation for BitLocker Zero-Daythreat-intel, data-breach, malware, vulnerability, microsoft https://shimiscyberworld.com/posts/nvd-CVE-2026-6566/ Shimi's Cyber World en 2026-05-20T10:16:16+03:00 CVE-2026-6566 — The Photo Gallery, Sliders, Proofing and Themes – NextGENvulnerability, cve, medium-severity, cwe-639 https://shimiscyberworld.com/posts/nvd-CVE-2026-47784/ Shimi's Cyber World en 2026-05-20T10:16:15+03:00 CVE-2026-47784: Memcached Timing Side Channel Exposes Passwordsvulnerability, cve, high-severity, cwe-208 https://shimiscyberworld.com/posts/nvd-CVE-2026-47783/ Shimi's Cyber World en 2026-05-20T10:16:15+03:00 memcached Timing Side Channel (CVE-2026-47783) Allows SASL Credential Guessingvulnerability, cve, high-severity, cwe-208 https://shimiscyberworld.com/posts/nvd-CVE-2026-44392/ Shimi's Cyber World en 2026-05-20T10:16:15+03:00 CVE-2026-44392 — Missing authorization vulnerability exists in Movable Type.vulnerability, cve, medium-severity, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2026-2955/ Shimi's Cyber World en 2026-05-20T10:16:13+03:00 CVE-2026-2955 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/telegram-1427288221-8954/ Shimi's Cyber World en 2026-05-20T10:03:54+03:00 Holidays and Long Weekends: Prime Time for Cyber Attacksisrael, microsoft https://shimiscyberworld.com/posts/nvd-CVE-2026-9057/ Shimi's Cyber World en 2026-05-20T08:16:23+03:00 Talend Administration Center: Broken Access Control Allows URL Modificationvulnerability, cve, high-severity https://shimiscyberworld.com/posts/nvd-CVE-2026-9056/ Shimi's Cyber World en 2026-05-20T08:16:23+03:00 CVE-2026-9056 — The Talend Administration Center Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss https://shimiscyberworld.com/posts/nvd-CVE-2026-7522/ Shimi's Cyber World en 2026-05-20T08:16:22+03:00 CVE-2026-7522: WordPress Advanced Database Cleaner Plugin Vulnerable to LFIvulnerability, cve, high-severity, code-execution, cwe-98 https://shimiscyberworld.com/posts/nvd-CVE-2026-5075/ Shimi's Cyber World en 2026-05-20T08:16:22+03:00 CVE-2026-5075 — The All in One SEO plugin for WordPress is vulnerable tovulnerability, cve, medium-severity, cwe-200 https://shimiscyberworld.com/posts/telegram-1427288221-8950/ Shimi's Cyber World en 2026-05-20T07:33:40+03:00 GitHub Investigates Source Code Theft Claims by TeamPCPisrael https://shimiscyberworld.com/posts/telegram-1707304340-2326/ Shimi's Cyber World en 2026-05-20T07:20:14+03:00 Crypto ATM Scams Surge: Over $388M Lost in USisrael https://shimiscyberworld.com/posts/nvd-CVE-2026-9010/ Shimi's Cyber World en 2026-05-20T07:16:59+03:00 Boost WordPress Plugin: Unauthenticated SQLi Exposes Data via current_url, user_namevulnerability, cve, high-severity, sql-injection, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-9003/ Shimi's Cyber World en 2026-05-20T07:16:59+03:00 TONNET E-LAN Hybrid Recording System SQLi (CVE-2026-9003)vulnerability, cve, high-severity, sql-injection, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-7637/ Shimi's Cyber World en 2026-05-20T07:16:56+03:00 Boost WordPress Plugin Vulnerable to PHP Object Injectionvulnerability, cve, critical, high-severity, insecure-deserialization, cwe-502 https://shimiscyberworld.com/posts/nvd-CVE-2026-24215/ Shimi's Cyber World en 2026-05-20T07:16:47+03:00 CVE-2026-24215 — The DALI Backend, Where An Attacker Denial of Servicevulnerability, cve, medium-severity, denial-of-service, cwe-400 https://shimiscyberworld.com/posts/nvd-CVE-2026-24214/ Shimi's Cyber World en 2026-05-20T07:16:47+03:00 NVIDIA Triton Inference Server: Integer Overflow Leads to RCEvulnerability, cve, high-severity, code-execution, cwe-190 https://shimiscyberworld.com/posts/nvd-CVE-2026-24213/ Shimi's Cyber World en 2026-05-20T07:16:46+03:00 NVIDIA Triton Inference Server: Out-of-Bounds Read Leads to RCEvulnerability, cve, high-severity, code-execution, cwe-125 https://shimiscyberworld.com/posts/nvd-CVE-2026-24210/ Shimi's Cyber World en 2026-05-20T07:16:46+03:00 NVIDIA Triton Inference Server DoS Vulnerability: CVE-2026-24210vulnerability, cve, high-severity, denial-of-service, cwe-190 https://shimiscyberworld.com/posts/nvd-CVE-2026-24209/ Shimi's Cyber World en 2026-05-20T07:16:46+03:00 NVIDIA Triton Inference Server: Path Traversal Exposes DoS Riskvulnerability, cve, high-severity, path-traversal, cwe-22 https://shimiscyberworld.com/posts/nvd-CVE-2026-24207/ Shimi's Cyber World en 2026-05-20T07:16:45+03:00 NVIDIA Triton Inference Server: Critical Authentication Bypass (CVE-2026-24207)vulnerability, cve, critical, high-severity, code-execution, cwe-288 https://shimiscyberworld.com/posts/nvd-CVE-2026-24206/ Shimi's Cyber World en 2026-05-20T07:16:45+03:00 NVIDIA Triton Inference Server: Critical Auth Bypass Puts AI Workloads at Riskvulnerability, cve, high-severity, authentication-bypass, cwe-288 https://shimiscyberworld.com/posts/nvd-CVE-2026-24163/ Shimi's Cyber World en 2026-05-20T07:16:45+03:00 NVIDIA TRT-LLM Vulnerability: Unsafe Deserialization Leads to RCEvulnerability, cve, high-severity, code-execution, cwe-502 https://shimiscyberworld.com/posts/nvd-CVE-2026-24160/ Shimi's Cyber World en 2026-05-20T07:16:45+03:00 CVE-2026-24160 — Denial of Servicevulnerability, cve, medium-severity, denial-of-service, cwe-690 https://shimiscyberworld.com/posts/nvd-CVE-2026-24142/ Shimi's Cyber World en 2026-05-20T07:16:44+03:00 CVE-2026-24142 — Code Executionvulnerability, cve, medium-severity, code-execution, cwe-502 https://shimiscyberworld.com/posts/nvd-CVE-2025-33255/ Shimi's Cyber World en 2026-05-20T07:16:43+03:00 NVIDIA TRT-LLM Vulnerability Exposes AI Workloads to RCEvulnerability, cve, high-severity, code-execution, cwe-502 https://shimiscyberworld.com/posts/nvd-CVE-2025-15369/ Shimi's Cyber World en 2026-05-20T07:16:42+03:00 CVE-2025-15369 — The Xpro Addons — 140+ Widgets for Elementor plugin forvulnerability, cve, medium-severity, cwe-862 https://shimiscyberworld.com/posts/telegram-1707304340-2325/ Shimi's Cyber World en 2026-05-20T07:02:04+03:00 Huawei Zero-Day Downs Luxembourg's Critical Infrastructureisrael, vulnerability https://shimiscyberworld.com/posts/github-investigating-teampcp-claimed-breach-of-4-000-intern-pen7g/ Shimi's Cyber World en 2026-05-20T07:01:15+03:00 GitHub Investigates TeamPCP Claimed Breach of 4,000 Internal Repositoriesthreat-intel, vulnerability, data-breach, tools https://shimiscyberworld.com/posts/nvd-CVE-2026-8685/ Shimi's Cyber World en 2026-05-20T05:16:41+03:00 CVE-2026-8685 — SQL Injectionvulnerability, cve, medium-severity, sql-injection, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-8038/ Shimi's Cyber World en 2026-05-20T05:16:39+03:00 CVE-2026-8038 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-7467/ Shimi's Cyber World en 2026-05-20T05:16:39+03:00 WordPress Read More & Accordion Plugin: Privilege Escalation (CVE-2026-7467)vulnerability, cve, high-severity, privilege-escalation, cwe-269 https://shimiscyberworld.com/posts/nvd-CVE-2026-7284/ Shimi's Cyber World en 2026-05-20T05:16:39+03:00 CVE-2026-7284: Critical WordPress Elementor Plugin Privilege Escalationvulnerability, cve, critical, high-severity, privilege-escalation, cwe-269 https://shimiscyberworld.com/posts/nvd-CVE-2026-6555/ Shimi's Cyber World en 2026-05-20T05:16:38+03:00 CVE-2026-6555: ProSolution WP Client Arbitrary File Upload Critical RCEvulnerability, cve, critical, high-severity, remote-code-execution, cwe-434 https://shimiscyberworld.com/posts/nvd-CVE-2026-6549/ Shimi's Cyber World en 2026-05-20T05:16:38+03:00 CVE-2026-6549 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-6456/ Shimi's Cyber World en 2026-05-20T05:16:38+03:00 WordPress Account Switcher Plugin: Critical Privilege Escalation (CVE-2026-6456)vulnerability, cve, high-severity, privilege-escalation, cwe-287 https://shimiscyberworld.com/posts/nvd-CVE-2026-6397/ Shimi's Cyber World en 2026-05-20T05:16:37+03:00 CVE-2026-6397 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-6391/ Shimi's Cyber World en 2026-05-20T05:16:37+03:00 CVE-2026-6391 — The Sentence To SEO (keywords, description and tags) pluginvulnerability, cve, medium-severity, cwe-352 https://shimiscyberworld.com/posts/nvd-CVE-2026-6072/ Shimi's Cyber World en 2026-05-20T05:16:37+03:00 CVE-2026-6072 — The Oliver POS – A WooCommerce Point of Sale (POS) pluginvulnerability, cve, medium-severity, cwe-639 https://shimiscyberworld.com/posts/nvd-CVE-2026-5293/ Shimi's Cyber World en 2026-05-20T05:16:37+03:00 CVE-2026-5293 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-43620/ Shimi's Cyber World en 2026-05-20T05:16:36+03:00 CVE-2026-43620 — Recv_files() In Receiver.C That Vulnerabilityvulnerability, cve, medium-severity, cwe-125 https://shimiscyberworld.com/posts/nvd-CVE-2026-43619/ Shimi's Cyber World en 2026-05-20T05:16:36+03:00 CVE-2026-43619 — Arbitrary File Accessvulnerability, cve, medium-severity, arbitrary-file-access, cwe-59, cwe-367 https://shimiscyberworld.com/posts/nvd-CVE-2026-43618/ Shimi's Cyber World en 2026-05-20T05:16:36+03:00 Rsync CVE-2026-43618: Integer Overflow Exposes Memory, Bypasses ASLRvulnerability, cve, high-severity, integer-overflow, cwe-125, cwe-190 https://shimiscyberworld.com/posts/nvd-CVE-2026-3985/ Shimi's Cyber World en 2026-05-20T05:16:35+03:00 Creative Mail WordPress Plugin SQLi Exposes User Datavulnerability, cve, high-severity, sql-injection, cwe-89 https://shimiscyberworld.com/posts/nvd-CVE-2026-45585/ Shimi's Cyber World en 2026-05-20T03:16:44+03:00 CVE-2026-45585 — Microsoft is aware of a security feature bypassvulnerability, cve, medium-severity, cwe-77 https://shimiscyberworld.com/posts/nvd-CVE-2026-39309/ Shimi's Cyber World en 2026-05-20T03:16:37+03:00 CVE-2026-39309 — Trilium Notes is a cross-platform, hierarchical note takingvulnerability, cve, medium-severity, cwe-290, cwe-451 https://shimiscyberworld.com/posts/nvd-CVE-2026-35593/ Shimi's Cyber World en 2026-05-20T03:16:37+03:00 CVE-2026-35593 — Remote Code Executionvulnerability, cve, medium-severity, remote-code-execution, cwe-22, cwe-73 https://shimiscyberworld.com/posts/nvd-CVE-2026-34754/ Shimi's Cyber World en 2026-05-20T03:16:34+03:00 CVE-2026-34754 — Mantis Bug Tracker (MantisBT) is an open source issuevulnerability, cve, medium-severity, cwe-284 https://shimiscyberworld.com/posts/verizon-dbir-2026-vulnerability-exploitation-overtakes-cred-cou7n/ Shimi's Cyber World en 2026-05-20T03:04:48+03:00 Verizon DBIR 2026: Vulnerability Exploitation Surpasses Credential Theftthreat-intel, vulnerability, malware, ransomware, data-breach, identity https://shimiscyberworld.com/posts/nvd-CVE-2026-34600/ Shimi's Cyber World en 2026-05-20T02:16:57+03:00 CVE-2026-34600 — Joplin is an open source note-taking and to-do applicationvulnerability, cve, medium-severity, cwe-200, cwe-281, cwe-863 https://shimiscyberworld.com/posts/nvd-CVE-2026-34358/ Shimi's Cyber World en 2026-05-20T01:16:37+03:00 CtrlPanel Privilege Escalation (CVE-2026-34358) Allows Full Admin Takeovervulnerability, cve, high-severity, privilege-escalation, cwe-284, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2026-34246/ Shimi's Cyber World en 2026-05-20T01:16:37+03:00 CVE-2026-34246 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-80, cwe-116 https://shimiscyberworld.com/posts/nvd-CVE-2026-34241/ Shimi's Cyber World en 2026-05-20T01:16:37+03:00 CVE-2026-34241: CtrlPanel XSS Allows Admin Session Hijackvulnerability, cve, high-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-34234/ Shimi's Cyber World en 2026-05-20T01:16:37+03:00 CtrlPanel RCE: Critical Flaw in Hosting Billing Software Actively Exploitedvulnerability, cve, critical, high-severity, remote-code-execution, cwe-78, cwe-284 https://shimiscyberworld.com/posts/nvd-CVE-2025-15645/ Shimi's Cyber World en 2026-05-20T01:16:36+03:00 CVE-2025-15645 — Denial of Servicevulnerability, cve, medium-severity, denial-of-service, cwe-1284 https://shimiscyberworld.com/posts/nvd-CVE-2023-7345/ Shimi's Cyber World en 2026-05-20T01:16:35+03:00 CVE-2023-7345 — Ledger Live with vulnerable versions of ledgerhq/hw-app-ethvulnerability, cve, medium-severity, cwe-704 https://shimiscyberworld.com/posts/nvd-CVE-2026-34233/ Shimi's Cyber World en 2026-05-20T00:16:42+03:00 CVE-2026-34233 — CtrlPanel is open-source billing software for hostingvulnerability, cve, medium-severity, cwe-284, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2026-34216/ Shimi's Cyber World en 2026-05-20T00:16:42+03:00 CVE-2026-34216 — Remote Code Executionvulnerability, cve, medium-severity, remote-code-execution, cwe-470 https://shimiscyberworld.com/posts/nvd-CVE-2026-32882/ Shimi's Cyber World en 2026-05-20T00:16:42+03:00 Libheif Heap Buffer Over-Read Vulnerability (CVE-2026-32882) Exposes Data, Causes DoSvulnerability, cve, high-severity, denial-of-service, cwe-125 https://shimiscyberworld.com/posts/nvd-CVE-2026-32814/ Shimi's Cyber World en 2026-05-20T00:16:42+03:00 CVE-2026-32814 — libheif is a HEIF and AVIF file format decoder and encoder.vulnerability, cve, medium-severity, cwe-200, cwe-908 https://shimiscyberworld.com/posts/nvd-CVE-2026-32741/ Shimi's Cyber World en 2026-05-20T00:16:42+03:00 libheif Heap Overflow (CVE-2026-32741) Risks HEIF/AVIF Decodersvulnerability, cve, high-severity, buffer-overflow, cwe-122 https://shimiscyberworld.com/posts/nvd-CVE-2025-57798/ Shimi's Cyber World en 2026-05-20T00:16:40+03:00 CVE-2025-57798 — The Title Input Functionality Due To A Lack Of Proper Length Denial of Servicevulnerability, cve, medium-severity, denial-of-service, cwe-770 https://shimiscyberworld.com/posts/nvd-CVE-2026-32740/ Shimi's Cyber World en 2026-05-19T23:16:18+03:00 libheif Heap-Buffer-Overflow (CVE-2026-32740) Exposes Image Processing Stacksvulnerability, cve, high-severity, cwe-787 https://shimiscyberworld.com/posts/nvd-CVE-2026-32739/ Shimi's Cyber World en 2026-05-19T23:16:18+03:00 CVE-2026-32739 — Denial of Servicevulnerability, cve, medium-severity, denial-of-service, cwe-835 https://shimiscyberworld.com/posts/daily-digest/ Shimi's Cyber World en 2026-05-19T23:00:00+03:00 Daily Security Digest — 2026-05-19daily-digest, vulnerability, cve, critical, high-severity, cwe-1392, remote-code-execution, cwe-917, cwe-94, code-execution https://shimiscyberworld.com/posts/fbi-americans-lost-over-388-million-to-scams-using-crypto-fi3g7/ Shimi's Cyber World en 2026-05-19T22:45:39+03:00 FBI: Crypto ATM Scams Cost Americans $388M in 2025threat-intel, data-breach, malware, bleepingcomputer https://shimiscyberworld.com/posts/huawei-zero-day-attack-behind-last-year-s-crash-of-luxembour-m1qhg/ Shimi's Cyber World en 2026-05-19T22:18:00+03:00 Huawei Zero-Day Caused Luxembourg's Telecom Outagethreat-intel, data-breach, government, vulnerability https://shimiscyberworld.com/posts/nvd-CVE-2026-8096/ Shimi's Cyber World en 2026-05-19T22:16:51+03:00 CVE-2026-8096 — The Kirki – Freeform Page Builder, Website Builder &vulnerability, cve, medium-severity, cwe-862 https://shimiscyberworld.com/posts/nvd-CVE-2026-8073/ Shimi's Cyber World en 2026-05-19T22:16:51+03:00 WordPress Kirki Plugin Vulnerable to Arbitrary File Deletionvulnerability, cve, high-severity, arbitrary-file-access, cwe-23 https://shimiscyberworld.com/posts/nvd-CVE-2026-41470/ Shimi's Cyber World en 2026-05-19T22:16:50+03:00 CVE-2026-41470 — RTSP Session Command Handling That Vulnerabilityvulnerability, cve, medium-severity, cwe-863 https://shimiscyberworld.com/posts/nvd-CVE-2026-33741/ Shimi's Cyber World en 2026-05-19T22:16:49+03:00 CVE-2026-33741 — Cross-Site Scripting (XSS)vulnerability, cve, medium-severity, cross-site-scripting-xss, cwe-79 https://shimiscyberworld.com/posts/nvd-CVE-2026-33642/ Shimi's Cyber World en 2026-05-19T22:16:49+03:00 Kitty Terminal Heap Over-Read/Write Vulnerability (CVE-2026-33642) Critical Severityvulnerability, cve, critical, high-severity, cwe-125, cwe-190, cwe-787 https://shimiscyberworld.com/posts/nvd-CVE-2026-32738/ Shimi's Cyber World en 2026-05-19T22:16:48+03:00 CVE-2026-32738 — Denial of Servicevulnerability, cve, medium-severity, denial-of-service, cwe-125, cwe-476 https://shimiscyberworld.com/posts/nvd-CVE-2026-47107/ Shimi's Cyber World en 2026-05-19T21:16:22+03:00 CVE-2026-47107: Windmill Sandbox Vulnerability Exposes Admin Accessvulnerability, cve, critical, high-severity, cwe-276 https://shimiscyberworld.com/posts/nvd-CVE-2026-33633/ Shimi's Cyber World en 2026-05-19T21:16:21+03:00 Kitty Terminal Heap Buffer Overflow (CVE-2026-33633) — DoS, RCE Riskvulnerability, cve, high-severity, buffer-overflow, cwe-122 https://shimiscyberworld.com/posts/nvd-CVE-2026-32134/ Shimi's Cyber World en 2026-05-19T21:16:21+03:00 CVE-2026-32134 — Null Pointer Dereferencevulnerability, cve, medium-severity, null-pointer-dereference, cwe-476