CVE

Vulnerabilities

Live CVE feed — vulnerability disclosures tracked as they drop, sourced directly from the National Vulnerability Database.

🔍
Type | Topic

CVE-2026-20240 — Denial of Service

CVE-2026-20240 — In Splunk Enterprise versions below 10.2.2, 10.0.5, 9.4.11, and 9.3.12, and Splunk Cloud Platform versions below 10.4.2603.1, 10.3.2512.9, 10.2.2510.11, 10.1.2507.21, 10.0.2503.13, and 9.3.2411.129,...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-20
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 2 Sigma

Splunk Enterprise, Cloud Vulnerability Exposes Session Cookies, Sensitive Data

CVE-2026-20239 — In Splunk Enterprise versions below 10.2.2 and 10.0.5, and Splunk Cloud Platform versions below 10.3.2512.8, 10.2.2510.11, 10.1.2507.21, and 10.0.2503.13, a user with a...

vulnerabilityCVEhigh-severitycwe-532
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 5 IOCs /⚙ 4 Sigma

CVE-2026-20238 — In Splunk AI Toolkit versions below 5.7.3, a low-privileged

CVE-2026-20238 — In Splunk AI Toolkit versions below 5.7.3, a low-privileged user that does not hold the 'admin' or 'power' roles could access confidential data...

vulnerabilityCVEmedium-severitycwe-863
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-9101 — Prototype pollution in csv parsing logic during import can

CVE-2026-9101 — Prototype pollution in csv parsing logic during import can lead to untrusted file paths (but not arguments) entering shell.openExternal after specific user behavior...

vulnerabilityCVEmedium-severitycwe-1321
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-9100 — Out-of-Bounds $1

CVE-2026-9100 — The MongoDB C Driver's legacy GridFS API accepts malformed file metadata from the database without adequate validation. Crafted documents in a GridFS collection...

vulnerabilityCVEmedium-severityout-of-bounds-1cwe-1285
/SCW Vulnerability Desk /MEDIUM /5.9 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-9087 — Keycloak Vulnerability

CVE-2026-9087 — A flaw was found in Keycloak. The cross-session verification proof is keyed only by (local userId, idpAlias) and is not bound to the...

vulnerabilityCVEmedium-severitycwe-639
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs /⚙ 2 Sigma

PixelYourSite WordPress Plugin Vulnerable to Stored XSS (CVE-2026-7613)

CVE-2026-7613 — The Cost of Goods by PixelYourSite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'csvdata[0][cost_of_goods_value]' parameter in versions up to,...

vulnerabilityCVEhigh-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /HIGH /7.2 /⚑ 2 IOCs /⚙ 3 Sigma

Cisco Secure Workload Critical RCE: Unauthenticated Site Admin Access

CVE-2026-20223 — A vulnerability in the access validation of internal REST APIs of Cisco Secure Workload could allow an unauthenticated, remote attacker to access site resources...

vulnerabilityCVEcriticalhigh-severitycwe-306
/SCW Vulnerability Desk /CRITICAL /10 /⚑ 1 IOC /⚙ 3 Sigma

CVE-2026-20206 — The BrowserBot Component Of Cisco ThousandEyes Enterprise Ag Vulnerability

CVE-2026-20206 — A vulnerability in the BrowserBot component of Cisco ThousandEyes Enterprise Agent could have allowed an authenticated, remote attacker to execute arbitrary commands on...

vulnerabilityCVEmedium-severitycwe-78
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-20199 — The SSL Certificate Handling Of Cisco ThousandEyes Virtual A Vulnerability

CVE-2026-20199 — A vulnerability in the SSL certificate handling of Cisco ThousandEyes Virtual Appliance could allow an authenticated, remote attacker to execute commands on the...

vulnerabilityCVEmedium-severitycwe-74
/SCW Vulnerability Desk /MEDIUM /4.7 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-20171 — The Border Gateway Protocol (BGP)&Nbsp;Enforce-First-As Feat Denial of Service

CVE-2026-20171 — A vulnerability in the Border Gateway Protocol (BGP) enforce-first-as feature of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-670
/SCW Vulnerability Desk /MEDIUM /6.8 /⚑ 2 IOCs /⚙ 2 Sigma

Microsoft Open-Sources RAMPART and Clarity for AI Agent Security

Microsoft has released two new open-source tools, RAMPART and Clarity, designed to enhance the security testing of AI agents during development. According to The Hacker...

threat-intelvulnerabilitymicrosoftai-securitytools
/SCW Vulnerability Desk /HIGH /⚑ 2 IOCs

ZKTeco CCTV Cameras: Unauthenticated Port Exposes Critical Data (CVE-2026-8598)

CVE-2026-8598 — An undocumented configuration export port is accessible on some models of ZKTeco CCTV cameras. This port does not require authentication and exposes critical...

vulnerabilityCVEcriticalhigh-severitycwe-288
/SCW Vulnerability Desk /CRITICAL /9.1 /⚑ 2 IOCs /⚙ 6 Sigma

CVE-2026-8488 — Progress Software MOVEit Automation Vulnerability

CVE-2026-8488 — Allocation of resources without limits or throttling vulnerability in Progress Software MOVEit Automation allows Excessive Allocation. This issue affects MOVEit Automation: before 2025.0.11,...

vulnerabilityCVEmedium-severitycwe-770
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs

CVE-2026-8487 — Progress Software MOVEit Automation Vulnerability

CVE-2026-8487 — Incorrect default permissions vulnerability in Progress Software MOVEit Automation allows Retrieve Embedded Sensitive Data. This issue affects MOVEit Automation: before 2025.0.11, from 2025.1.0...

vulnerabilityCVEmedium-severitycwe-276
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 4 Sigma

CVE-2026-8486 — Progress Software MOVEit Automation Vulnerability

CVE-2026-8486 — Allocation of resources without limits or throttling vulnerability in Progress Software MOVEit Automation allows Flooding. This issue affects MOVEit Automation: before 2025.0.11, from...

vulnerabilityCVEmedium-severitycwe-770
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 5 Sigma

Beyaz CityPLus Reflective XSS (CVE-2026-5783) Poses High Risk

CVE-2026-5783 — Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Beyaz Computer Software Design Industry and Trade Ltd. Co. CityPLus allows...

vulnerabilityCVEhigh-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /HIGH /7.6 /⚑ 3 IOCs

CVE-2026-4293 — Cross-Site Scripting (XSS)

CVE-2026-4293 — The affected Kieback & Peter DDC building controllers are vulnerable to cross-site scripting, enabling JavaScript to be executed by the victim's browser, which allows the...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 2 Sigma

Dell PowerFlex Manager: Directory Listing Vulnerability Exposes Information

CVE-2025-32750 — Dell PowerFlex Manager, version(s) <=4.6.2, contain(s) an Exposure of Information Through Directory Listing vulnerability. An unauthenticated attacker with remote access could potentially exploit...

vulnerabilityCVEhigh-severitycwe-548
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2023-7346 — Ledger Bitcoin app versions 2.1.0 and 2.1.1 contain an

CVE-2023-7346 — Ledger Bitcoin app versions 2.1.0 and 2.1.1 contain an address derivation vulnerability that allows attackers to cause incorrect Bitcoin addresses to be displayed...

vulnerabilityCVEmedium-severitycwe-682
/SCW Vulnerability Desk /MEDIUM /4 /⚑ 2 IOCs

AI-Powered Attacks Accelerate Mobile App Exploitation

Agentic AI is fundamentally reshaping the mobile application threat landscape, according to a recent report highlighted by SecurityWeek. This advanced AI capability has effectively eliminated...

threat-intelvulnerabilitytools
/SCW Vulnerability Desk /MEDIUM

Microsoft Disrupts Fox Tempest Malware-Signing-as-a-Service

Microsoft has successfully disrupted a sophisticated malware-signing-as-a-service (MSaaS) operation. The Hacker News reports this scheme, attributed to a threat actor dubbed Fox Tempest, weaponized Microsoft's...

threat-intelvulnerabilitymalwareransomwaremicrosoft
/SCW Vulnerability Desk /MEDIUM /⚑ 3 IOCs

CVE-2026-8485 — Progress Software MOVEit Automation Vulnerability

CVE-2026-8485 — Uncontrolled Memory Allocation vulnerability in Progress Software MOVEit Automation allows Excessive Allocation. This issue affects MOVEit Automation: before 2025.0.11, from 2025.1.0 before 2025.1.7....

vulnerabilityCVEmedium-severitycwe-789
/SCW Vulnerability Desk /MEDIUM /5.9 /⚑ 2 IOCs

Twig Sandbox Bypass (CVE-2026-24425) Allows Arbitrary Code Execution

CVE-2026-24425 — Twig versions 2.16.x and 3.9.0 through 3.25.x contain a sandbox bypass vulnerability when using a SourcePolicyInterface that allows attackers with template rendering capabilities...

vulnerabilityCVEhigh-severitycwe-693
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 4 IOCs

CVE-2026-22554: MediaInfoLib Heap-Based Buffer Overflow Risks High Impact

CVE-2026-22554 — MediaArea MediaInfoLib Channel Splitting heap-based buffer overflow vulnerability

vulnerabilityCVEhigh-severitybuffer-overflowcwe-122
/SCW Vulnerability Desk /HIGH /7.8 /⚑ 2 IOCs

CVE-2026-21836 — The HCL DominoIQ RAG feature is affected by a Broken Access

CVE-2026-21836 — The HCL DominoIQ RAG feature is affected by a Broken Access Control vulnerability.  Under certain circumstances, document level access restrictions will be ignored when determining...

vulnerabilityCVEmedium-severitycwe-862
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs

CVE-2026-5950 — BIND 9 Versions Vulnerability

CVE-2026-5950 — An unbounded resend loop vulnerability exists in the BIND 9 resolver state machine during bad-server handling, enabling a remote unauthenticated attacker to cause...

vulnerabilityCVEmedium-severitycwe-606
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs

BIND DNS Vulnerability CVE-2026-5947: Race Condition Leads to Use-After-Free

CVE-2026-5947 — Undefined behavior may result due to a race condition leading to a use-after-free violation. If BIND receives an incoming DNS message signed with...

vulnerabilityCVEhigh-severityuse-after-freecwe-362cwe-416
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 4 IOCs

BIND 9 Assertion Failure: CVE-2026-5946 Impacts DNS Handling

CVE-2026-5946 — Multiple flaws have been identified in `named` related to the handling of DNS messages whose CLASS is not Internet (`IN`) — for example,...

vulnerabilityCVEhigh-severitycwe-20cwe-125cwe-617cwe-754cwe-843
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 2 IOCs /⚙ 3 Sigma

Microsoft Defender Heap Buffer Overflow Allows Remote Code Execution

CVE-2026-45584 — Heap-based buffer overflow in Microsoft Defender allows an unauthorized attacker to execute code over a network.

vulnerabilityCVEhigh-severitybuffer-overflowcwe-122
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 1 IOC /⚙ 2 Sigma

CVE-2026-45443 — ADD-ONS.ORG PDF For Elementor Forms + Drag And Drop Template Vulnerability

CVE-2026-45443 — Missing Authorization vulnerability in ADD-ONS.ORG PDF for Elementor Forms + Drag And Drop Template Builder allows Exploiting Incorrectly Configured Access Control Security Levels....

vulnerabilityCVEmedium-severitycwe-862
/SCW Vulnerability Desk /MEDIUM /5 /⚑ 2 IOCs

Azure Portal Windows Admin Center Link Following Vulnerability (CVE-2026-42834)

CVE-2026-42834 — Improper link resolution before file access ('link following') in Azure Portal Windows Admin Center allows an authorized attacker to elevate privileges locally.

vulnerabilityCVEhigh-severitycwe-59
/SCW Vulnerability Desk /HIGH /7.8 /⚑ 1 IOC /⚙ 2 Sigma

YITH WooCommerce Product Add-Ons Blind SQLi (CVE-2026-42383)

CVE-2026-42383 — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in YITH YITH WooCommerce Product Add-Ons allows Blind SQL Injection....

vulnerabilityCVEhigh-severitysql-injectioncwe-89
/SCW Vulnerability Desk /HIGH /7.6 /⚑ 1 IOC /⚙ 3 Sigma

Microsoft Defender Vulnerability CVE-2026-41091: Local Privilege Escalation via Improper Link Handling

CVE-2026-41091 — Improper link resolution before file access ('link following') in Microsoft Defender allows an authorized attacker to elevate privileges locally.

vulnerabilityCVEhigh-severitycwe-59
/SCW Vulnerability Desk /HIGH /7.8 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-3593: BIND 9 DNS-over-HTTPS Use-After-Free Vulnerability

CVE-2026-3593 — A use-after-free vulnerability exists within the DNS-over-HTTPS implementation. This issue affects BIND 9 versions 9.20.0 through 9.20.22, 9.21.0 through 9.21.21, and 9.20.9-S1 through...

vulnerabilityCVEhigh-severityuse-after-freecwe-416
/SCW Vulnerability Desk /HIGH /7.4 /⚑ 4 IOCs /⚙ 4 Sigma

CVE-2026-3592 — BIND 9 Versions Vulnerability

CVE-2026-3592 — BIND resolvers are vulnerable to an amplified resource consumption/exhaustion attack. If a victim resolver makes a query to a specially crafted zone, the...

vulnerabilityCVEmedium-severitycwe-408
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs

CVE-2026-3039: BIND Servers Face High-Severity Memory Exhaustion Vulnerability

CVE-2026-3039 — BIND servers that are configured to use TKEY-based authentication via GSS-API tokens are vulnerable to excessive memory consumption when receiving and processing maliciously-constructed...

vulnerabilityCVEhigh-severitycwe-771
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 5 IOCs /⚙ 5 Sigma

Rsync CVE-2026-29518: TOCTOU Flaw Allows Privilege Escalation

CVE-2026-29518 — Rsync versions before 3.4.3 contain a time-of-check to time-of-use (TOCTOU) race condition in daemon file handling that allows attackers to redirect file writes...

vulnerabilityCVEhigh-severityprivilege-escalationcwe-367
/SCW Vulnerability Desk /HIGH /7 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-27405 — Magepeople Inc. WpBookingly Vulnerability

CVE-2026-27405 — Missing Authorization vulnerability in Magepeople inc. WpBookingly allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WpBookingly: from n/a through 1.2.9....

vulnerabilityCVEmedium-severitycwe-862
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-24573 — Themeisle Visualizer Cross-Site Scripting (XSS)

CVE-2026-24573 — Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themeisle Visualizer allows Stored XSS. This issue affects Visualizer: from n/a...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 2 Sigma

WISECP CSRF Vulnerability (CVE-2025-11954) Poses High Risk

CVE-2025-11954 — Cross-Site request forgery (CSRF) vulnerability in Sitemio Information Technologies Trade Ltd. Co. WISECP allows Cross Site Request Forgery. This issue affects WISECP: through...

vulnerabilityCVEhigh-severitycwe-352
/SCW Vulnerability Desk /HIGH /8 /⚑ 2 IOCs

Anthropic Patches Claude Code Sandbox Bypass with Prompt Injection Risk

SecurityWeek reports that Anthropic has addressed a vulnerability within the code sandbox used by its Claude AI model. A researcher discovered that this flaw could...

threat-intelvulnerabilityai-security
/SCW Vulnerability Desk /MEDIUM /⚑ 2 IOCs /⚙ 3 Sigma

Drupal Critical Update: Exploitation Risk Hours After Disclosure

Drupal has issued a critical security advisory, urging users to apply a core security update immediately. BleepingComputer reports that the vendor anticipates threat actors will...

threat-inteldata-breachmalwarevulnerabilitytools
/SCW Vulnerability Desk /MEDIUM /⚑ 2 IOCs /⚙ 3 Sigma

Webworm Leverages Discord and MS Graph API for C2

The China-aligned threat actor Webworm has resurfaced, employing custom backdoors that utilize Discord and Microsoft Graph API for command-and-control (C2) communications. The Hacker News reports...

threat-intelvulnerabilitymalwaremicrosoft
/SCW Vulnerability Desk /MEDIUM /⚑ 5 IOCs /⚙ 3 Sigma

CVE-2025-31973 — HCL BigFix Service Management (SM) is susceptible to a

CVE-2025-31973 — HCL BigFix Service Management (SM) is susceptible to a Configuration – 'Insecure Use of Base Image Version'. Using outdated or insecure base images...

vulnerabilityCVEmedium-severity
/SCW Vulnerability Desk /MEDIUM /4 /⚑ 1 IOC /⚙ 2 Sigma

CVE-2026-45498 — Microsoft Defender: Microsoft Defender Denial of Service Vulnerability

CVE-2026-45498 — Microsoft Defender contains an unspecified vulnerability that allows for denial of service.

vulnerabilityCVEcisa-kevactively-exploited
/SCW Vulnerability Desk /HIGH /⚑ 1 IOC

CVE-2010-0806 — Microsoft Internet Explorer: Microsoft Internet Explorer Use-After-Free Vulnerability

CVE-2010-0806 — Microsoft Internet Explorer contains an use-after-free vulnerability that could allow remote attackers to execute arbitrary code via vectors involving access to an invalid...

vulnerabilityCVEcisa-kevactively-exploited
/SCW Vulnerability Desk /HIGH /⚑ 2 IOCs

CVE-2010-0249 — Microsoft Internet Explorer: Microsoft Internet Explorer Use-After-Free Vulnerability

CVE-2010-0249 — Microsoft Internet Explorer contains an use-after-free vulnerability that could allow remote attackers to execute arbitrary code by accessing a pointer associated with a...

vulnerabilityCVEcisa-kevactively-exploited
/SCW Vulnerability Desk /HIGH /⚑ 2 IOCs

CVE-2009-3459 — Adobe Acrobat and Reader: Adobe Acrobat and Reader Heap-Based Buffer Overflow Vulnerability

CVE-2009-3459 — Adobe Acrobat and Reader contain a heap-based buffer overflow vulnerability which could allow remote attackers to execute arbitrary code via a crafted PDF...

vulnerabilityCVEcisa-kevactively-exploited
/SCW Vulnerability Desk /HIGH /⚑ 4 IOCs

CVE-2009-1537 — Microsoft DirectX: Microsoft DirectX NULL Byte Overwrite Vulnerability

CVE-2009-1537 — Microsoft DirectX contains a NULL byte overwrite vulnerability in the QuickTime Movie Parser Filter in quartz.dll in DirectShow which could allow remote attackers...

vulnerabilityCVEcisa-kevactively-exploited
/SCW Vulnerability Desk /HIGH /⚑ 4 IOCs

CVE-2008-4250 — Microsoft Windows: Microsoft Windows Buffer Overflow Vulnerability

CVE-2008-4250 — Microsoft Windows contains a buffer overflow vulnerability in the Windows Server Service that allows remote attackers to execute arbitrary code via a crafted...

vulnerabilityCVEcisa-kevactively-exploited
/SCW Vulnerability Desk /HIGH /⚑ 3 IOCs

Agent AI Era Exposes Massive Identity Gaps, Orchid Security Warns

Enterprises rushing to adopt Agent AI are doing so on a foundation riddled with unseen risks, according to new research from Orchid Security. Their May...

threat-intelvulnerabilityidentitytools
/SCW Vulnerability Desk /MEDIUM

Mini Shai-Hulud: 320+ NPM Packages Hit by Supply Chain Attack

Over 320 NPM packages under the `@antv` namespace have been compromised in a new supply chain attack, dubbed "Mini Shai-Hulud" by SecurityWeek. The attackers leveraged...

threat-intelvulnerabilitysecurityweek
/SCW Vulnerability Desk /HIGH /⚑ 3 IOCs

Enterprises Rushing AI to Production, Security Left Behind

Enterprises are rapidly deploying Artificial Intelligence (AI) projects into production environments, often without adequate security integration. This accelerated adoption is forcing security teams into a...

threat-intelvulnerabilitysecurityweek
/SCW Vulnerability Desk /MEDIUM

Typosquatting Evolves: AI-Generated Lookalikes Target Supply Chains

Typosquatting has fundamentally shifted from a user-centric problem to a supply chain vulnerability, according to The Hacker News. Attackers are no longer just relying on...

threat-intelvulnerabilitythe-hacker-news
/SCW Vulnerability Desk /MEDIUM /⚑ 3 IOCs

CVE-2026-9064: 389-ds-base Denial-of-Service Vulnerability Exposes LDAP Servers

CVE-2026-9064 — A flaw was found in 389-ds-base. The get_ldapmessage_controls_ext() function in the LDAP server does not enforce an upper bound on the number of...

vulnerabilityCVEhigh-severitydenial-of-servicecwe-770
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 1 IOC /⚙ 2 Sigma

CVE-2026-6728 — The Slider Revolution plugin for WordPress is vulnerable to

CVE-2026-6728 — The Slider Revolution plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 7.0.9 via the 'get_stream_data()' function....

vulnerabilityCVEmedium-severitycwe-200
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-44933: Plugin Script Vulnerability Allows Host Binary Execution with Root Privileges

CVE-2026-44933 — `PluginScript` attempts to `chroot` the plugin to the `repoManagerRoot`, this root is frequently `/` (the system root) in standard configurations or when using...

vulnerabilityCVEhigh-severitycwe-35
/SCW Vulnerability Desk /HIGH /7.8 /⚑ 2 IOCs

CVE-2026-41054: Local Privilege Escalation in haveged

CVE-2026-41054 — In `src/havegecmd.c`, the `socket_handler` function performs a credential check on the abstract UNIX socket (`\0/sys/entropy/haveged`). However, while it detects if the connecting user...

vulnerabilityCVEhigh-severitycwe-305
/SCW Vulnerability Desk /HIGH /7.8 /⚑ 1 IOC /⚙ 2 Sigma

CVE-2026-35070 — Command Injection

CVE-2026-35070 — Dell SmartFabric Storage Software, versions prior to 1.4.5, contains an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A...

vulnerabilityCVEmedium-severitycommand-injectioncwe-77
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs /⚙ 5 Sigma

CVE-2026-6405 — Cross-Site Scripting (XSS)

CVE-2026-6405 — The Anomify AI – Anomaly Detection and Alerting plugin for WordPress is vulnerable to Cross-Site Request Forgery (CSRF) leading to Stored Cross-Site Scripting...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-352
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 3 Sigma

AcyMailing WordPress Plugin Vulnerable to Admin Takeover (CVE-2026-5200)

CVE-2026-5200 — The AcyMailing – An Ultimate Newsletter Plugin and Marketing Automation Solution for WordPress plugin for WordPress is vulnerable to Missing Authorization in versions...

vulnerabilityCVEhigh-severitycwe-862
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 5 IOCs /⚙ 3 Sigma

Microsoft Issues YellowKey Mitigation for BitLocker Zero-Day

Microsoft has released mitigation guidance for YellowKey, a recently disclosed Windows BitLocker zero-day vulnerability. This flaw, as detailed by BleepingComputer, allows an attacker to gain...

threat-inteldata-breachmalwarevulnerabilitymicrosoft
/SCW Vulnerability Desk /MEDIUM /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-6566 — The Photo Gallery, Sliders, Proofing and Themes – NextGEN

CVE-2026-6566 — The Photo Gallery, Sliders, Proofing and Themes – NextGEN Gallery plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up...

vulnerabilityCVEmedium-severitycwe-639
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-47784: Memcached Timing Side Channel Exposes Passwords

CVE-2026-47784 — In memcached before 1.6.42, password data for SASL password database authentication has a timing side channel because memcmp is used by sasl_server_userdb_checkpass.

vulnerabilityCVEhigh-severitycwe-208
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 3 IOCs /⚙ 2 Sigma

memcached Timing Side Channel (CVE-2026-47783) Allows SASL Credential Guessing

CVE-2026-47783 — In memcached before 1.6.42, username data for SASL password database authentication has a timing side channel because a loop exits as soon as...

vulnerabilityCVEhigh-severitycwe-208
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-44392 — Missing authorization vulnerability exists in Movable Type.

CVE-2026-44392 — Missing authorization vulnerability exists in Movable Type. Under certain conditions, when a user without administrator privileges signs in to the product, unintended update...

vulnerabilityCVEmedium-severitycwe-862
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-2955 — Cross-Site Scripting (XSS)

CVE-2026-2955 — The AI Chatbot & Workflow Automation by AIWU plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'X-Forwarded-For' header in versions...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs /⚙ 6 Sigma

Talend Administration Center: Broken Access Control Allows URL Modification

CVE-2026-9057 — A broken access control issue has been identified in the Talend Administration Center, that allows a user with “View” permission to modify the...

vulnerabilityCVEhigh-severity
/SCW Vulnerability Desk /HIGH /8.2 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-9056 — The Talend Administration Center Cross-Site Scripting (XSS)

CVE-2026-9056 — A stored cross-site scripting vulnerability has been found in the Talend Administration Center. An attacker with permission to manage servers can store a...

vulnerabilityCVEmedium-severitycross-site-scripting-xss
/SCW Vulnerability Desk /MEDIUM /5.4 /⚑ 1 IOC /⚙ 3 Sigma

CVE-2026-7522: WordPress Advanced Database Cleaner Plugin Vulnerable to LFI

CVE-2026-7522 — The Advanced Database Cleaner – Premium plugin for WordPress is vulnerable to Local File Inclusion in versions up to, and including, 4.1.0 via...

vulnerabilityCVEhigh-severitycode-executioncwe-98
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 5 IOCs /⚙ 2 Sigma

CVE-2026-5075 — The All in One SEO plugin for WordPress is vulnerable to

CVE-2026-5075 — The All in One SEO plugin for WordPress is vulnerable to Sensitive Information Exposure via 'internalOptions' localized script data in versions up to,...

vulnerabilityCVEmedium-severitycwe-200
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 2 Sigma

Boost WordPress Plugin: Unauthenticated SQLi Exposes Data via current_url, user_name

CVE-2026-9010 — The Boost plugin for WordPress is vulnerable to time-based SQL Injection via the 'current_url' and 'user_name' parameters in versions up to, and including,...

vulnerabilityCVEhigh-severitysql-injectioncwe-89
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 3 IOCs /⚙ 2 Sigma

TONNET E-LAN Hybrid Recording System SQLi (CVE-2026-9003)

CVE-2026-9003 — E-LAN Hybrid Recording System developed by TONNET has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read...

vulnerabilityCVEhigh-severitysql-injectioncwe-89
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 3 IOCs /⚙ 3 Sigma

Boost WordPress Plugin Vulnerable to PHP Object Injection

CVE-2026-7637 — The Boost plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 2.0.3 via deserialization of untrusted input...

vulnerabilityCVEcriticalhigh-severityinsecure-deserializationcwe-502
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-24215 — The DALI Backend, Where An Attacker Denial of Service

CVE-2026-24215 — NVIDIA Triton Inference Server contains a vulnerability in the DALI backend, where an attacker could cause uncontrolled resource consumption. A successful exploit of...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-400
/SCW Vulnerability Desk /MEDIUM /5.7 /⚑ 2 IOCs /⚙ 2 Sigma

NVIDIA Triton Inference Server: Integer Overflow Leads to RCE

CVE-2026-24214 — NVIDIA Triton Inference Server contains a vulnerability in the DALI backend where an attacker could cause an integer overflow. A successful exploit of...

vulnerabilityCVEhigh-severitycode-executioncwe-190
/SCW Vulnerability Desk /HIGH /8 /⚑ 4 IOCs /⚙ 3 Sigma

NVIDIA Triton Inference Server: Out-of-Bounds Read Leads to RCE

CVE-2026-24213 — NVIDIA Triton Inference Server contains a vulnerability in the DALI backend where an attacker could cause an out-of-bounds read. A successful exploit of...

vulnerabilityCVEhigh-severitycode-executioncwe-125
/SCW Vulnerability Desk /HIGH /8 /⚑ 4 IOCs /⚙ 3 Sigma

NVIDIA Triton Inference Server DoS Vulnerability: CVE-2026-24210

CVE-2026-24210 — NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause an integer overflow. A successful exploit of this vulnerability might lead...

vulnerabilityCVEhigh-severitydenial-of-servicecwe-190
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 2 IOCs /⚙ 2 Sigma

NVIDIA Triton Inference Server: Path Traversal Exposes DoS Risk

CVE-2026-24209 — NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause a path traversal issue. A successful exploit of this vulnerability might...

vulnerabilityCVEhigh-severitypath-traversalcwe-22
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 2 IOCs /⚙ 2 Sigma

NVIDIA Triton Inference Server: Critical Authentication Bypass (CVE-2026-24207)

CVE-2026-24207 — NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause an authentication bypass. A successful exploit of this vulnerability might lead...

vulnerabilityCVEcriticalhigh-severitycode-executioncwe-288
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 5 IOCs /⚙ 3 Sigma

NVIDIA Triton Inference Server: Critical Auth Bypass Puts AI Workloads at Risk

CVE-2026-24206 — NVIDIA Triton Inference Server contains a vulnerability where an attacker could cause an authentication bypass. A successful exploit of this vulnerability might lead...

vulnerabilityCVEhigh-severityauthentication-bypasscwe-288
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 4 IOCs /⚙ 3 Sigma

NVIDIA TRT-LLM Vulnerability: Unsafe Deserialization Leads to RCE

CVE-2026-24163 — NVIDIA TRT-LLM for any platform contains a vulnerability in RPC testing, where an attacker could cause an unsafe deserialization. A successful exploit of...

vulnerabilityCVEhigh-severitycode-executioncwe-502
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-24160 — Denial of Service

CVE-2026-24160 — NVIDIA TRT-LLM for any platform contains a vulnerability where an attacker could cause an unchecked return value to a null pointer dereference. A...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-690
/SCW Vulnerability Desk /MEDIUM /5.5 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-24142 — Code Execution

CVE-2026-24142 — NVIDIA TRT-LLM for any platform contains a deserialization vulnerability and unsafe serialized handle. A successful exploit of this vulnerability might lead to code...

vulnerabilityCVEmedium-severitycode-executioncwe-502
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 2 IOCs /⚙ 3 Sigma

NVIDIA TRT-LLM Vulnerability Exposes AI Workloads to RCE

CVE-2025-33255 — NVIDIA TRT-LLM for any platform contains a vulnerability in MPI server, where an attacker could cause an unsafe deserialization. A successful exploit of...

vulnerabilityCVEhigh-severitycode-executioncwe-502
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2025-15369 — The Xpro Addons — 140+ Widgets for Elementor plugin for

CVE-2025-15369 — The Xpro Addons — 140+ Widgets for Elementor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability...

vulnerabilityCVEmedium-severitycwe-862
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 2 Sigma

Huawei Zero-Day Downs Luxembourg's Critical Infrastructure

Luxembourg experienced a nationwide outage of mobile, landline, and even emergency services for over three hours, attributed to a zero-day vulnerability in a Huawei router....

israelvulnerability
/SCW Vulnerability Desk /MEDIUM /⚑ 2 IOCs /⚙ 1 Sigma

GitHub Investigates TeamPCP Claimed Breach of 4,000 Internal Repositories

GitHub is investigating claims by the threat actor TeamPCP of unauthorized access to approximately 4,000 internal repositories. The Hacker News reports that TeamPCP has listed...

threat-intelvulnerabilitydata-breachtools
/SCW Vulnerability Desk /MEDIUM /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-8685 — SQL Injection

CVE-2026-8685 — The Infility Global plugin for WordPress is vulnerable to SQL Injection via the 'orderby' and 'order' parameters in all versions up to, and...

vulnerabilityCVEmedium-severitysql-injectioncwe-89
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-8038 — Cross-Site Scripting (XSS)

CVE-2026-8038 — The Faces of Users plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'default' shortcode attribute in the 'facesofusers' shortcode in...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs /⚙ 2 Sigma

WordPress Read More & Accordion Plugin: Privilege Escalation (CVE-2026-7467)

CVE-2026-7467 — The Read More & Accordion plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 3.5.7. This is...

vulnerabilityCVEhigh-severityprivilege-escalationcwe-269
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7284: Critical WordPress Elementor Plugin Privilege Escalation

CVE-2026-7284 — The Easy Elements for Elementor – Addons & Website Templates plugin for WordPress is vulnerable to privilege escalation via user registration in all...

vulnerabilityCVEcriticalhigh-severityprivilege-escalationcwe-269
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 4 IOCs /⚙ 2 Sigma

CVE-2026-6555: ProSolution WP Client Arbitrary File Upload Critical RCE

CVE-2026-6555 — The ProSolution WP Client plugin for WordPress is vulnerable to Arbitrary File Upload in versions up to, and including, 2.0.0. This is due...

vulnerabilityCVEcriticalhigh-severityremote-code-executioncwe-434
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-6549 — Cross-Site Scripting (XSS)

CVE-2026-6549 — The Logo Manager For Enamad plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'title' attribute of the `vc_enamad_namad`, `vc_enamad_shamed`, and...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs /⚙ 3 Sigma

WordPress Account Switcher Plugin: Critical Privilege Escalation (CVE-2026-6456)

CVE-2026-6456 — The Account Switcher plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.0.2. This is due to...

vulnerabilityCVEhigh-severityprivilege-escalationcwe-287
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-6397 — Cross-Site Scripting (XSS)

CVE-2026-6397 — The Sticky plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `cvmh-sticky` shortcode `readmoretext` attribute in versions up to and including...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-6391 — The Sentence To SEO (keywords, description and tags) plugin

CVE-2026-6391 — The Sentence To SEO (keywords, description and tags) plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and...

vulnerabilityCVEmedium-severitycwe-352
/SCW Vulnerability Desk /MEDIUM /6.1 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-6072 — The Oliver POS – A WooCommerce Point of Sale (POS) plugin

CVE-2026-6072 — The Oliver POS – A WooCommerce Point of Sale (POS) plugin for WordPress is vulnerable to Authorization Bypass Through User-Controlled Key in all...

vulnerabilityCVEmedium-severitycwe-639
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-5293 — Cross-Site Scripting (XSS)

CVE-2026-5293 — The 診断ジェネレータ作成プラグイン (Diagnosis Generator) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'js' parameter in versions up to and including...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-43620 — Recv_files() In Receiver.C That Vulnerability

CVE-2026-43620 — Rsync version 3.4.2 and prior contain a receiver-side out-of-bounds array read vulnerability in recv_files() in receiver.c that allows a malicious rsync server to crash...

vulnerabilityCVEmedium-severitycwe-125
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-43619 — Arbitrary File Access

CVE-2026-43619 — Rsync version 3.4.2 and prior contain symlink race condition vulnerabilities in path-based system calls including chmod, lchown, utimes, rename, unlink, mkdir, symlink, mknod, link,...

vulnerabilityCVEmedium-severityarbitrary-file-accesscwe-59cwe-367
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 3 Sigma

Rsync CVE-2026-43618: Integer Overflow Exposes Memory, Bypasses ASLR

CVE-2026-43618 — Rsync version 3.4.2 and prior contain an integer overflow vulnerability in the compressed-token decoder where a 32-bit signed counter is not checked for overflow,...

vulnerabilityCVEhigh-severityinteger-overflowcwe-125cwe-190
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 3 IOCs /⚙ 3 Sigma

Creative Mail WordPress Plugin SQLi Exposes User Data

CVE-2026-3985 — The Creative Mail – Easier WordPress & WooCommerce Email Marketing plugin for WordPress is vulnerable to SQL Injection via the 'checkout_uuid' parameter in...

vulnerabilityCVEhigh-severitysql-injectioncwe-89
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-45585 — Microsoft is aware of a security feature bypass

CVE-2026-45585 — Microsoft is aware of a security feature bypass vulnerability in Windows publicly referred to as "YellowKey". The proof of concept for this vulnerability...

vulnerabilityCVEmedium-severitycwe-77
/SCW Vulnerability Desk /MEDIUM /6.8 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-39309 — Trilium Notes is a cross-platform, hierarchical note taking

CVE-2026-39309 — Trilium Notes is a cross-platform, hierarchical note taking application focused on building large personal knowledge bases. In versions 0.102.1 and prior, the Electron...

vulnerabilityCVEmedium-severitycwe-290cwe-451
/SCW Vulnerability Desk /MEDIUM /5.5 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-35593 — Remote Code Execution

CVE-2026-35593 — Trilium Notes is an open-source, cross-platform hierarchical note taking application for building large personal knowledge bases. Versions 0.102.1 and prior are vulnerable to...

vulnerabilityCVEmedium-severityremote-code-executioncwe-22cwe-73
/SCW Vulnerability Desk /MEDIUM /6.8 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-34754 — Mantis Bug Tracker (MantisBT) is an open source issue

CVE-2026-34754 — Mantis Bug Tracker (MantisBT) is an open source issue tracker. Versions 2.28.1 and prior allow an authenticated user to upload attachments to private...

vulnerabilityCVEmedium-severitycwe-284
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 2 Sigma

Verizon DBIR 2026: Vulnerability Exploitation Surpasses Credential Theft

SecurityWeek reports that Verizon's 2026 Data Breach Investigations Report (DBIR) identifies vulnerability exploitation as the primary vector for breaches, outpacing credential theft. This shift signals...

threat-intelvulnerabilitymalwareransomwaredata-breachidentity
/SCW Vulnerability Desk /MEDIUM /⚑ 1 IOC /⚙ 1 Sigma

CVE-2026-34600 — Joplin is an open source note-taking and to-do application

CVE-2026-34600 — Joplin is an open source note-taking and to-do application that organises notes and lists into notebooks. Versions 3.5.2 and prior contain a logic...

vulnerabilityCVEmedium-severitycwe-200cwe-281cwe-863
/SCW Vulnerability Desk /MEDIUM /5.7 /⚑ 4 IOCs /⚙ 2 Sigma

CtrlPanel Privilege Escalation (CVE-2026-34358) Allows Full Admin Takeover

CVE-2026-34358 — CtrlPanel is open-source billing software for hosting providers. Versions 1.1.1 and prior contains a broken access control vulnerability where multiple admin controllers enforce...

vulnerabilityCVEhigh-severityprivilege-escalationcwe-284cwe-862
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 5 IOCs /⚙ 3 Sigma

CVE-2026-34246 — Cross-Site Scripting (XSS)

CVE-2026-34246 — CtrlPanel is open-source billing software for hosting providers. Versions 1.1.1 and prior contain a Stored Cross-Site Scripting (XSS) vulnerability exists in the admin...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-80cwe-116
/SCW Vulnerability Desk /MEDIUM /4.8 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-34241: CtrlPanel XSS Allows Admin Session Hijack

CVE-2026-34241 — CtrlPanel is open-source billing software for hosting providers. Versions 1.1.1 and prior contain a Stored Cross-Site Scripting (XSS) vulnerability in the ticket reply...

vulnerabilityCVEhigh-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /HIGH /8.7 /⚑ 5 IOCs /⚙ 3 Sigma

CtrlPanel RCE: Critical Flaw in Hosting Billing Software Actively Exploited

CVE-2026-34234 — CtrlPanel is open-source billing software for hosting providers. In versions 1.1.1 and prior, the web-based installer (public/installer/index.php) is vulnerable to unauthenticated Remote Code...

vulnerabilityCVEcriticalhigh-severityremote-code-executioncwe-78cwe-284
/SCW Vulnerability Desk /CRITICAL /10 /⚑ 3 IOCs /⚙ 5 Sigma

CVE-2025-15645 — Denial of Service

CVE-2025-15645 — Ledger Nano X, Flex, and Stax devices contain a denial of service vulnerability in the MCU firmware update process due to missing validation...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-1284
/SCW Vulnerability Desk /MEDIUM /4.6 /⚑ 2 IOCs /⚙ 1 Sigma

CVE-2023-7345 — Ledger Live with vulnerable versions of ledgerhq/hw-app-eth

CVE-2023-7345 — Ledger Live with vulnerable versions of ledgerhq/hw-app-eth prior to 6.34.7 contains an integer parsing vulnerability that allows attackers to manipulate EIP-712 typed data...

vulnerabilityCVEmedium-severitycwe-704
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-34233 — CtrlPanel is open-source billing software for hosting

CVE-2026-34233 — CtrlPanel is open-source billing software for hosting providers. In versions 1.1.1 and prior, multiple admin controllers expose DataTable endpoints without authorization checks, allowing...

vulnerabilityCVEmedium-severitycwe-284cwe-862
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-34216 — Remote Code Execution

CVE-2026-34216 — CtrlPanel is open-source billing software for hosting providers. In versions 1.1.1 and prior, the admin settings update endpoint accepted a fully qualified class...

vulnerabilityCVEmedium-severityremote-code-executioncwe-470
/SCW Vulnerability Desk /MEDIUM /6.6 /⚑ 2 IOCs /⚙ 3 Sigma

Libheif Heap Buffer Over-Read Vulnerability (CVE-2026-32882) Exposes Data, Causes DoS

CVE-2026-32882 — libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap buffer over-read in HeifPixelImage::overlay() in...

vulnerabilityCVEhigh-severitydenial-of-servicecwe-125
/SCW Vulnerability Desk /HIGH /7.1 /⚑ 4 IOCs /⚙ 2 Sigma

CVE-2026-32814 — libheif is a HEIF and AVIF file format decoder and encoder.

CVE-2026-32814 — libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and prior, when decoding a HEIF grid image with...

vulnerabilityCVEmedium-severitycwe-200cwe-908
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 3 IOCs /⚙ 3 Sigma

libheif Heap Overflow (CVE-2026-32741) Risks HEIF/AVIF Decoders

CVE-2026-32741 — libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and below contain a heap buffer overflow in MaskImageCodec::decode_mask_image(). When...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-122
/SCW Vulnerability Desk /HIGH /7.1 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2025-57798 — The Title Input Functionality Due To A Lack Of Proper Length Denial of Service

CVE-2025-57798 — Joplin is an open source note-taking and to-do application that organises notes and lists into notebooks. Versions 3.6.14 and prior contain a Denial...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-770
/SCW Vulnerability Desk /MEDIUM /5.5 /⚑ 2 IOCs /⚙ 3 Sigma

libheif Heap-Buffer-Overflow (CVE-2026-32740) Exposes Image Processing Stacks

CVE-2026-32740 — libheif is a HEIF and AVIF file format decoder and encoder. Versions 1.21.2 and prior contain a heap-buffer-overflow (write) vulnerability in the grid...

vulnerabilityCVEhigh-severitycwe-787
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-32739 — Denial of Service

CVE-2026-32739 — libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and below, a crafted 800-byte HEIF sequence file causes...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-835
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 2 Sigma

Huawei Zero-Day Caused Luxembourg's Telecom Outage

A Huawei zero-day vulnerability was responsible for a major telecom network outage in Luxembourg last year, according to *The Record by Recorded Future*. The incident,...

threat-inteldata-breachgovernmentvulnerability
/SCW Vulnerability Desk /MEDIUM /⚑ 2 IOCs /⚙ 1 Sigma

CVE-2026-8096 — The Kirki – Freeform Page Builder, Website Builder &

CVE-2026-8096 — The Kirki – Freeform Page Builder, Website Builder & Customizer plugin for WordPress is vulnerable to authorization bypass in all versions up to,...

vulnerabilityCVEmedium-severitycwe-862
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 3 Sigma

WordPress Kirki Plugin Vulnerable to Arbitrary File Deletion

CVE-2026-8073 — The Kirki – Freeform Page Builder, Website Builder & Customizer plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file...

vulnerabilityCVEhigh-severityarbitrary-file-accesscwe-23
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 5 IOCs /⚙ 3 Sigma

CVE-2026-41470 — RTSP Session Command Handling That Vulnerability

CVE-2026-41470 — LIVE555 before 2026.04.22 contains an authorization bypass vulnerability in RTSP session command handling that allows attackers to replay valid Session tokens from unauthenticated...

vulnerabilityCVEmedium-severitycwe-863
/SCW Vulnerability Desk /MEDIUM /5.9 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-33741 — Cross-Site Scripting (XSS)

CVE-2026-33741 — EspoCRM is an open source customer relationship management application. Versions 9.3.3 and below allow authenticated users to upload SVG attachments through normal attachment-capable...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.8 /⚑ 2 IOCs /⚙ 3 Sigma

Kitty Terminal Heap Over-Read/Write Vulnerability (CVE-2026-33642) Critical Severity

CVE-2026-33642 — Kitty is a cross-platform GPU based terminal. In versions 0.46.2 and below, the handle_compose_command() function in kitty/graphics.c performs bounds validation on composition offsets...

vulnerabilityCVEcriticalhigh-severitycwe-125cwe-190cwe-787
/SCW Vulnerability Desk /CRITICAL /9.9 /⚑ 1 IOC /⚙ 3 Sigma

CVE-2026-32738 — Denial of Service

CVE-2026-32738 — libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and below, a crafted 792-byte HEIF sequence file with...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-125cwe-476
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-47107: Windmill Sandbox Vulnerability Exposes Admin Access

CVE-2026-47107 — Windmill prior to 1.703.2 contains an incorrect default permissions vulnerability in nsjail sandbox configuration files where /etc is bind-mounted without read-write restrictions, allowing...

vulnerabilityCVEcriticalhigh-severitycwe-276
/SCW Vulnerability Desk /CRITICAL /9.6 /⚑ 5 IOCs /⚙ 4 Sigma

Kitty Terminal Heap Buffer Overflow (CVE-2026-33633) — DoS, RCE Risk

CVE-2026-33633 — Kitty is a cross-platform GPU based terminal. Versions 0.46.2 and below contain a heap buffer overflow in load_image_data() that allows any process which...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-122
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-32134 — Null Pointer Dereference

CVE-2026-32134 — NanoMQ MQTT Broker (NanoMQ) is an all-around Edge Messaging Platform. In versions 0.24.10 and below, when NanoMQ handles high-concurrency reconnect traffic using a...

vulnerabilityCVEmedium-severitynull-pointer-dereferencecwe-476
/SCW Vulnerability Desk /MEDIUM /5.9 /⚑ 2 IOCs /⚙ 1 Sigma

CVE-2026-47358: Terrascan SSRF Allows Local File Read in Server Mode

CVE-2026-47358 — Terrascan v1.18.3 and prior are vulnerable to Server-Side Request Forgery (SSRF) via external URL resolution in uploaded IaC templates when running in server...

vulnerabilityCVEhigh-severityserver-side-request-forgerycwe-73cwe-610cwe-918
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 1 IOC /⚙ 3 Sigma

CVE-2026-47357: Terrascan SSRF Exposes Local Files, Credentials

CVE-2026-47357 — Terrascan v1.18.3 and prior are vulnerable to Server-Side Request Forgery (SSRF) via the remote_url parameter in the remote directory scan endpoint (POST /v1/{iac}/{iacVersion}/{cloud}/remote/dir/scan)...

vulnerabilityCVEhigh-severityserver-side-request-forgerycwe-73cwe-610cwe-918
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 1 IOC /⚙ 3 Sigma

Terrascan SSRF Vulnerability (CVE-2026-47356) Exposes Scan Results

CVE-2026-47356 — Terrascan v1.18.3 and prior are vulnerable to Server-Side Request Forgery (SSRF) via the webhook_url parameter in the file scan endpoint (POST /v1/{iac}/{iacVersion}/{cloud}/local/file/scan) when...

vulnerabilityCVEhigh-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 4 IOCs /⚙ 3 Sigma

Trapdoor Android Ad Fraud Scheme Hits 659 Million Daily Bid Requests

The Hacker News reports on a new ad fraud and malvertising operation, dubbed "Trapdoor," specifically targeting Android users. This sophisticated scheme involves 455 malicious Android...

threat-intelvulnerabilitymalware
/SCW Vulnerability Desk /MEDIUM /⚑ 4 IOCs /⚙ 3 Sigma

Drupal Patches Critical Flaw — Exploits Expected Imminently

Drupal is set to release a patch for a highly critical vulnerability, with SecurityWeek reporting that attackers could develop working exploits within hours or days...

threat-intelvulnerability
/SCW Vulnerability Desk /HIGH /⚑ 1 IOC /⚙ 3 Sigma

Motorola Factory Test Component Exposes Sensitive Device Data via Improper Authentication

CVE-2026-5804 — An improper authentication vulnerability was discovered in the Motorola Factory Test component (com.motorola.motocit). The application contained a reference to a writable file descriptor in external storage which...

vulnerabilityCVEhigh-severity
/SCW Vulnerability Desk /HIGH /8.4 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-8711: NGINX JavaScript Heap Overflow Risks Code Execution

CVE-2026-8711 — NGINX JavaScript has a vulnerability when the js_fetch_proxy directive is configured with at least one client-controlled NGINX variable (for example, $http_*, $arg_*, $cookie_*) and...

vulnerabilityCVEhigh-severitycode-executioncwe-122
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 3 IOCs /⚙ 6 Sigma

CVE-2026-47100: Funnel Builder for WooCommerce Checkout Vulnerability

CVE-2026-47100 — Funnel Builder for WooCommerce Checkout prior to 3.15.0.3 contains a missing authorization vulnerability in the public checkout endpoint that allows unauthenticated attackers to...

vulnerabilityCVEhigh-severitycwe-862
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 3 IOCs

CVE-2026-45557 — Technitium DNS Server aggressively tries to fetch missing

CVE-2026-45557 — Technitium DNS Server aggressively tries to fetch missing RRSIG records or mismatched DNSKEY records. An attacker in control of a domain can cause...

vulnerabilityCVEmedium-severitycwe-405cwe-406cwe-770
/SCW Vulnerability Desk /MEDIUM /5.8 /⚑ 4 IOCs

CVE-2026-44159: Tyler Identity Local Ships with Default Admin Credentials

CVE-2026-44159 — Tyler Identity Local (TID-L) uses documented, default administrative credentials. Users are not required to change the credentials before deployment. TID-L has not been...

vulnerabilityCVEcriticalhigh-severitycwe-1392
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 3 IOCs

HestiaCP IP Spoofing Vulnerability Bypasses Auth Controls

CVE-2026-43634 — HestiaCP versions 1.2.0 through 1.9.4 contain an IP spoofing vulnerability that allows unauthenticated remote attackers to bypass authentication security controls by supplying an...

vulnerabilityCVEhigh-severitycwe-348
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 1 IOC

CVE-2026-2587: Critical RCE in Glassfish Gadget Handler

CVE-2026-2587 — A critical Remote Code Execution (RCE) vulnerability was identified in the server-side template rendering mechanism used by the Glassfish gadget handler. The application...

vulnerabilityCVEcriticalhigh-severityremote-code-executioncwe-917
/SCW Vulnerability Desk /CRITICAL /9.6 /⚑ 3 IOCs

GlassFish Administration Console RCE: Critical Flaw Demands Immediate Attention

CVE-2026-2586 — An authenticated Remote Code Execution (RCE) vulnerability was identified in GlassFish's Administration Console. A user with access to the panel can send crafted...

vulnerabilityCVEcriticalhigh-severityremote-code-executioncwe-94cwe-917
/SCW Vulnerability Desk /CRITICAL /9.1 /⚑ 3 IOCs

HestiaCP Web Terminal RCE: Critical Deserialization Vulnerability

CVE-2026-43633 — HestiaCP versions 1.9.0 through 1.9.4 contain a deserialization vulnerability in the web terminal component caused by a session format mismatch between PHP and...

vulnerabilityCVEcriticalhigh-severitycode-executioncwe-502
/SCW Vulnerability Desk /CRITICAL /10 /⚑ 1 IOC

CVE-2025-40904 — The Smart Polling Functionality Due To Improper Validation O Cross-Site Scripting (XSS)

CVE-2025-40904 — A Stored HTML Injection vulnerability was discovered in the Smart Polling functionality due to improper validation of an input parameter. An authenticated user...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 4 Sigma

CVE-2025-40903 — The Schedule Restore Archive Functionality Due To Improper V Cross-Site Scripting (XSS)

CVE-2025-40903 — A Stored HTML Injection vulnerability was discovered in the Schedule Restore Archive functionality due to improper validation of an input parameter. An authenticated...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /5.9 /⚑ 2 IOCs

CVE-2025-40902 — The Users Functionality Due To Improper Validation Of An Inp Cross-Site Scripting (XSS)

CVE-2025-40902 — A Stored HTML Injection vulnerability was discovered in the Users functionality due to improper validation of an input parameter. An authenticated user with...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /5.9 /⚑ 2 IOCs /⚙ 4 Sigma

CVE-2025-40901 — The Credentials Manager Functionality Due To Improper Valida Cross-Site Scripting (XSS)

CVE-2025-40901 — A Stored HTML Injection vulnerability was discovered in the Credentials Manager functionality due to improper validation of an input parameter. An authenticated user...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /5.9 /⚑ 2 IOCs /⚙ 4 Sigma

CVE-2025-40900 — The Reports Functionality Due To Improper Validation Of An I Cross-Site Scripting (XSS)

CVE-2025-40900 — An Angular template injection vulnerability was discovered in the Reports functionality due to improper validation of an input parameter. An authenticated user with...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-1336
/SCW Vulnerability Desk /MEDIUM /4.6 /⚑ 2 IOCs /⚙ 5 Sigma

Microsoft Critical Vulnerabilities Double, Attackers Target Privilege Escalation

Microsoft's total vulnerability count remained stable in 2025, but critical flaws saw a significant year-over-year increase, according to BleepingComputer. This surge in critical vulnerabilities highlights...

threat-inteldata-breachmalwarevulnerabilitycloudmicrosoftidentity
/SCW Vulnerability Desk /MEDIUM /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-8912: WordPress Contest Gallery Plugin SQLi

CVE-2026-8912 — The Contest Gallery plugin for WordPress is vulnerable to SQL Injection via the 'form_input' parameter in versions up to, and including, 28.1.6. This...

vulnerabilityCVEhigh-severitysql-injectioncwe-89
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 5 IOCs /⚙ 3 Sigma

Piotnet Forms Plugin for WordPress Critical RCE Vulnerability (CVE-2026-4883)

CVE-2026-4883 — The Piotnet Forms plugin for WordPress is vulnerable to arbitrary file upload due to missing file type validation in the 'piotnetforms_ajax_form_builder' function in...

vulnerabilityCVEcriticalhigh-severityremote-code-executioncwe-434
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 3 IOCs

Microsoft MSHTA: Legacy Tool Fuels Ongoing Malware Campaigns

Bitdefender Labs is reporting that attackers are still leveraging Microsoft HTML Application Host (MSHTA), a built-in Windows utility. MSHTA's ability to execute VBScript and JavaScript...

malwarethreat-intelresearchvulnerabilitymicrosofttools
/SCW Vulnerability Desk /MEDIUM

Unpatched ChromaDB Vulnerability Allows Server Takeover

SecurityWeek reports on a critical, unpatched vulnerability in ChromaDB that allows for remote, unauthenticated arbitrary code execution and sensitive information leakage. This isn't some theoretical...

threat-intelvulnerabilityidentity
/SCW Vulnerability Desk /MEDIUM /⚑ 2 IOCs /⚙ 1 Sigma

Keycloak Vulnerability CVE-2026-7571 Allows Implicit Flow Bypass

CVE-2026-7571 — A flaw was found in Keycloak. A low-privilege user, with knowledge of user credentials and client ID, can bypass a security control intended...

vulnerabilityCVEhigh-severityinformation-disclosurecwe-472
/SCW Vulnerability Desk /HIGH /7.1 /⚑ 2 IOCs

Keycloak Session Fixation Flaw Allows Account Takeover (CVE-2026-7507)

CVE-2026-7507 — A session fixation vulnerability was found in Keycloak's login-actions endpoints. An unauthenticated attacker could exploit this flaw by pre-creating an authentication session and...

vulnerabilityCVEhigh-severitycwe-290
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 3 IOCs /⚙ 6 Sigma

Keycloak CVE-2026-7504: Critical URL Validation Bypass

CVE-2026-7504 — A flaw was found in Keycloak's URL validation logic during redirect operations. By crafting a malicious request, an attacker could bypass validation to...

vulnerabilityCVEhigh-severitycwe-601
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 3 IOCs

Keycloak DoS Vulnerability (CVE-2026-7307) Exposes SAML Endpoints

CVE-2026-7307 — A flaw was found in Keycloak. A remote, unauthenticated attacker can send a specially crafted XML input to the Security Assertion Markup Language...

vulnerabilityCVEhigh-severitydenial-of-servicecwe-1286
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 2 IOCs /⚙ 1 Sigma

CVE-2026-4630 — Keycloak Information Disclosure

CVE-2026-4630 — A flaw was found in Keycloak. An authenticated client could exploit an Insecure Direct Object Reference (IDOR) vulnerability in the Authorization Services Protection...

vulnerabilityCVEmedium-severityinformation-disclosurecwe-639
/SCW Vulnerability Desk /MEDIUM /6.8 /⚑ 2 IOCs

CVE-2026-45442 — Brainstorm Force Presto Player Vulnerability

CVE-2026-45442 — Missing Authorization vulnerability in Brainstorm Force Presto Player allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Presto Player: from n/a...

vulnerabilityCVEmedium-severitycwe-862
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-37982 — Keycloak Vulnerability

CVE-2026-37982 — A flaw was found in Keycloak. This authentication vulnerability allows a remote attacker to replay `ExecuteActionsActionToken` tokens within Keycloak's WebAuthn (Web Authentication) flow....

vulnerabilityCVEmedium-severity
/SCW Vulnerability Desk /MEDIUM /6.8 /⚑ 1 IOC

CVE-2026-37981 — Keycloak Information Disclosure

CVE-2026-37981 — A flaw was found in Keycloak. A broken access control vulnerability in the Account Resources user lookup endpoint allows a remote authenticated user,...

vulnerabilityCVEmedium-severityinformation-disclosurecwe-1220
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-37979 — Keycloak Vulnerability

CVE-2026-37979 — A flaw was found in Keycloak. This access control vulnerability in Keycloak's OpenID Connect (OIDC) token introspection endpoint allows a confidential client to...

vulnerabilityCVEmedium-severity
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 1 IOC /⚙ 2 Sigma

CVE-2026-37978 — Keycloak Vulnerability

CVE-2026-37978 — A flaw was found in Keycloak. A low-privilege administrator with the 'view-clients' role can exploit this by invoking the 'evaluate-scopes' Admin API endpoints...

vulnerabilityCVEmedium-severitycwe-639
/SCW Vulnerability Desk /MEDIUM /4.9 /⚑ 2 IOCs

Microsoft 365 Organizations Hit by EvilTokens Phishing-as-a-Service

A new phishing-as-a-service (PhaaS) platform, EvilTokens, emerged in February 2026, rapidly compromising over 340 Microsoft 365 organizations across five countries within its first five weeks,...

threat-intelvulnerabilitymicrosoftidentityphishing
/SCW Vulnerability Desk /MEDIUM

Microsoft Confirms Windows Update Failures in Restricted Networks

Microsoft has confirmed that Windows Update failures are impacting customers operating in restricted network environments. This issue specifically arises after installing the January 2026 optional...

threat-inteldata-breachmalwarevulnerabilitymicrosoft
/SCW Vulnerability Desk /MEDIUM /⚑ 2 IOCs

Drupal Core Security Update Imminent: Patch or Get Hacked

Drupal has announced an urgent core security release scheduled for May 20, 2026, between 5-9 p.m. UTC. As reported by The Hacker News, the Drupal...

threat-intelvulnerabilitytools
/SCW Vulnerability Desk /HIGH /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-2611: MLflow Assistant Critical RCE via Origin Validation Bypass

CVE-2026-2611 — In MLflow version 3.9.0, the MLflow Assistant feature introduced improper origin validation in its /ajax-api endpoints. This vulnerability allows a remote attacker to...

vulnerabilityCVEcriticalhigh-severitycwe-346
/SCW Vulnerability Desk /CRITICAL /9.6 /⚑ 3 IOCs /⚙ 3 Sigma

DirtyDecrypt Linux Kernel Vulnerability PoC Released

A proof-of-concept (PoC) for the DirtyDecrypt Linux kernel vulnerability has been publicly released, according to SecurityWeek. This vulnerability, which was patched in April, allows local...

threat-intelvulnerabilitytoolssecurityweek
/SCW Vulnerability Desk /HIGH /⚑ 2 IOCs

SEPPMail Secure E-Mail Gateway RCE and Mail Traffic Access Vulnerabilities

Critical security vulnerabilities have been identified in SEPPMail Secure E-Mail Gateway, an enterprise-grade email security solution. The Hacker News reports that these flaws could allow...

threat-intelvulnerability
/SCW Vulnerability Desk /HIGH /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-44408 — There is an unauthorized access vulnerability in ZTE

CVE-2026-44408 — There is an unauthorized access vulnerability in ZTE MU5250. Due to improper permission control of the Web interface, an unauthorized attacker can  modify...

vulnerabilityCVEmedium-severitycwe-200
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 2 IOCs /⚙ 5 Sigma

CVE-2026-8922 — Keycloak Vulnerability

CVE-2026-8922 — A flaw was found in Keycloak. When both realm-level and client-level `notBefore` revocation policies are configured, Keycloak's OpenID Connect (OIDC) Introspection feature fails...

vulnerabilityCVEmedium-severitycwe-303
/SCW Vulnerability Desk /MEDIUM /5.4 /⚑ 2 IOCs

CVE-2026-4885: Piotnet Addons for Elementor Pro RCE via File Upload

CVE-2026-4885 — The Piotnet Addons for Elementor Pro plugin for WordPress is vulnerable to arbitrary file upload due to missing file type validation in the...

vulnerabilityCVEcriticalhigh-severityremote-code-executioncwe-434
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-47317 — Samsung Open Source Escargot Vulnerability

CVE-2026-47317 — Uncontrolled Recursion vulnerability in Samsung Open Source Escargot allows Excessive Allocation. This issue affects Escargot: 590345cc6258317c5da850d846ce6baaf2afc2d3.

vulnerabilityCVEmedium-severitycwe-674
/SCW Vulnerability Desk /MEDIUM /5.5 /⚑ 2 IOCs /⚙ 1 Sigma

CVE-2026-47316 — Samsung Open Source Escargot Vulnerability

CVE-2026-47316 — Improper Check or Handling of Exceptional Conditions vulnerability in Samsung Open Source Escargot allows Input Data Manipulation. This issue affects Escargot: 590345cc6258317c5da850d846ce6baaf2afc2d3.

vulnerabilityCVEmedium-severitycwe-703
/SCW Vulnerability Desk /MEDIUM /5.5 /⚑ 2 IOCs /⚙ 4 Sigma

CVE-2026-47315 — Samsung Open Source Escargot Vulnerability

CVE-2026-47315 — Improper Check for Unusual or Exceptional Conditions vulnerability in Samsung Open Source Escargot allows Input Data Manipulation. This issue affects Escargot: 590345cc6258317c5da850d846ce6baaf2afc2d3.

vulnerabilityCVEmedium-severitycwe-754
/SCW Vulnerability Desk /MEDIUM /5.5 /⚑ 2 IOCs

Samsung Escargot Out-of-Bounds Write Poses High Risk

CVE-2026-47314 — Out-of-bounds write vulnerability in Samsung Open Source Escargot allows Overflow Buffers. This issue affects Escargot: 590345cc6258317c5da850d846ce6baaf2afc2d3.

vulnerabilityCVEhigh-severityout-of-bounds-1cwe-787
/SCW Vulnerability Desk /HIGH /7.8 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-47313 — Samsung Open Source Escargot Vulnerability

CVE-2026-47313 — Memory allocation with excessive size value vulnerability in Samsung Open Source Escargot allows Excessive Allocation. This issue affects Escargot: 590345cc6258317c5da850d846ce6baaf2afc2d3.

vulnerabilityCVEmedium-severitycwe-789
/SCW Vulnerability Desk /MEDIUM /5.5 /⚑ 2 IOCs

CVE-2026-47312 — Samsung Open Source Escargot Vulnerability

CVE-2026-47312 — Release of invalid pointer or reference vulnerability in Samsung Open Source Escargot allows Buffer Manipulation. This issue affects Escargot: 590345cc6258317c5da850d846ce6baaf2afc2d3.

vulnerabilityCVEmedium-severitycwe-763
/SCW Vulnerability Desk /MEDIUM /5.5 /⚑ 2 IOCs /⚙ 1 Sigma

CVE-2026-8830 — Keycloak Vulnerability

CVE-2026-8830 — A flaw was found in Keycloak. An authenticated user can bypass configured WebAuthn policies during credential registration by manipulating client-side JavaScript. This occurs...

vulnerabilityCVEmedium-severitycwe-603
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-8814 — Versions of the package exifreader before 4.39.0 are

CVE-2026-8814 — Versions of the package exifreader before 4.39.0 are vulnerable to Improper Handling of Highly Compressed Data (Data Amplification) due to decompressing PNG zTXt...

vulnerabilityCVEmedium-severitycwe-409
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 6 Sigma

CVE-2026-8813: ExifReader DoS Via Crafted ICC mluc Tags

CVE-2026-8813 — This affects versions of the package exifreader before 4.39.0. A crafted image containing an ICC mluc tag can set an attacker-controlled record count...

vulnerabilityCVEhigh-severitydenial-of-servicecwe-1284
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 3 IOCs /⚙ 3 Sigma

Samsung Escargot Heap Overflow (CVE-2026-47311) Poses High Risk

CVE-2026-47311 — Heap-based buffer overflow vulnerability in Samsung Open Source Escargot allows Overflow Buffers. This issue affects Escargot: 590345cc6258317c5da850d846ce6baaf2afc2d3.

vulnerabilityCVEhigh-severitybuffer-overflowcwe-122
/SCW Vulnerability Desk /HIGH /7.8 /⚑ 3 IOCs /⚙ 3 Sigma

Samsung Open Source Escargot Vulnerability: Use-After-Free Allows Pointer Manipulation

CVE-2026-47310 — Use after free vulnerability in Samsung Open Source Escargot allows Pointer Manipulation. This issue affects Escargot: 590345cc6258317c5da850d846ce6baaf2afc2d3.

vulnerabilityCVEhigh-severityuse-after-freecwe-416
/SCW Vulnerability Desk /HIGH /7.8 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-47309 — Samsung Open Source Escargot Vulnerability

CVE-2026-47309 — Uncontrolled Recursion vulnerability in Samsung Open Source Escargot allows Oversized Serialized Data Payloads. This issue affects Escargot: 590345cc6258317c5da850d846ce6baaf2afc2d3.

vulnerabilityCVEmedium-severitycwe-674
/SCW Vulnerability Desk /MEDIUM /5.5 /⚑ 2 IOCs /⚙ 2 Sigma

GitHub Actions Supply Chain Attack Hijacks Tags to Steal CI/CD Credentials

Threat actors have compromised the popular GitHub Actions workflow, `actions-cool/issues-helper`, to execute malicious code designed to harvest sensitive credentials. The Hacker News reports that this...

threat-intelvulnerabilityidentitytools
/SCW Vulnerability Desk /HIGH /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-47308 — Samsung Open Source Walrus Null Pointer Dereference

CVE-2026-47308 — NULL pointer dereference vulnerability in Samsung Open Source Walrus allows Pointer Manipulation. This issue affects Walrus: f339b8ee4ea701772e8ae640b3d1b12ac02b1ae9.

vulnerabilityCVEmedium-severitynull-pointer-dereferencecwe-476
/SCW Vulnerability Desk /MEDIUM /5.5 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-32994 — The /api/v1/autotranslate.translateMessage endpoint in

CVE-2026-32994 — The /api/v1/autotranslate.translateMessage endpoint in versions <8.5.0, <8.4.2, <8.3.4, <8.2.4, <8.1.5, <8.0.6, <7.13.8, and <7.10.12 allows any authenticated user to retrieve the full content...

vulnerabilityCVEmedium-severitycwe-284
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-47307 — Samsung Open Source Walrus Denial of Service

CVE-2026-47307 — NULL pointer dereference vulnerability in Samsung Open Source Walrus allows an attacker to cause a denial of service via a crafted WebAssembly module...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-476
/SCW Vulnerability Desk /MEDIUM /5.5 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-28733 — Code Execution

CVE-2026-28733 — in OpenHarmony v6.0 and prior versions allow a local attacker arbitrary code execution.

vulnerabilityCVEmedium-severitycode-executioncwe-416
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-27766 — in OpenHarmony v6.0 and prior versions allow a local

CVE-2026-27766 — in OpenHarmony v6.0 and prior versions allow a local attacker cause information leak.

vulnerabilityCVEmedium-severitycwe-364
/SCW Vulnerability Desk /MEDIUM /5.5 /⚑ 2 IOCs /⚙ 3 Sigma

OpenHarmony RCE: Remote Code Execution in Pre-Installed Apps (CVE-2026-27648)

CVE-2026-27648 — in OpenHarmony v6.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps.

vulnerabilityCVEhigh-severitycode-executioncwe-787
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 2 IOCs

CVE-2026-25850 — in OpenHarmony v6.0 and prior versions allow a local

CVE-2026-25850 — in OpenHarmony v6.0 and prior versions allow a local attacker cause information leak

vulnerabilityCVEmedium-severitycwe-281
/SCW Vulnerability Desk /MEDIUM /5.5 /⚑ 2 IOCs /⚙ 3 Sigma

OpenHarmony CVE-2026-25781 Allows Local DOS, Unrecoverable Impact

CVE-2026-25781 — in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS and it cannot be recovered.

vulnerabilityCVEhigh-severitydenial-of-servicecwe-787
/SCW Vulnerability Desk /HIGH /8.4 /⚑ 2 IOCs

OpenHarmony v6.0 RCE: Pre-Installed Apps Vulnerable

CVE-2026-24792 — in OpenHarmony v6.0 and prior versions allow a remote attacker arbitrary code execution in pre-installed apps.

vulnerabilityCVEhigh-severitycode-executioncwe-364
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 2 IOCs

O+ Connect Vulnerability: Local Privilege Escalation (CVE-2026-22069) Exposes Systems

CVE-2026-22069 — A local privilege escalation vulnerability exists in O+ Connect because it fails to validate the identity of the caller on the pipe interface....

vulnerabilityCVEhigh-severityprivilege-escalationcwe-266
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs

CVE-2026-33234 — Server-Side Request Forgery

CVE-2026-33234 — AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. In versions 0.1.0 through 0.6.51, SendEmailBlock in autogpt_platform/backend/backend/blocks/email_block.py...

vulnerabilityCVEmedium-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /MEDIUM /5 /⚑ 2 IOCs /⚙ 3 Sigma

AutoGPT Insecure Deserialization (CVE-2026-33233) Leads to RCE

CVE-2026-33233 — AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. In versions 0.6.34 through 0.6.51, the backend deserializes...

vulnerabilityCVEhigh-severityinsecure-deserializationcwe-94cwe-345cwe-502
/SCW Vulnerability Desk /HIGH /7.6 /⚑ 1 IOC /⚙ 2 Sigma

AutoGPT DoS: Unauthenticated Attack Exhausts Disk Space

CVE-2026-33232 — AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Versions 0.4.2 through 0.6.51 are vulnerable to an...

vulnerabilityCVEhigh-severitydenial-of-servicecwe-400cwe-459cwe-770
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 3 IOCs /⚙ 3 Sigma

Mullvad VPN macOS Installer Flaw Allows Root Code Execution

CVE-2026-32323 — Mullvad VPN is a VPN client app for desktop and mobile. When using macOS with versions 2026.1 and below, Mullvad VPN may allow...

vulnerabilityCVEhigh-severitycode-executioncwe-269cwe-345cwe-427
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-32244 — Discourse is an open-source discussion platform. In

CVE-2026-32244 — Discourse is an open-source discussion platform. In versions prior to 2026.1.4, 2026.3.1, 2026.4.1 and 2026.5.0-latest.1, outdated cached AI summaries can leak removed content...

vulnerabilityCVEmedium-severitycwe-200cwe-524cwe-672
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 4 IOCs /⚙ 3 Sigma

AutoGPT Authenticated Session Hijacking via IDOR (CVE-2026-30950)

CVE-2026-30950 — AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Versions 0.6.36 through 0.6.50 are vulnerable to Authenticated...

vulnerabilityCVEhigh-severitycwe-862
/SCW Vulnerability Desk /HIGH /7.1 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-27892 — Unrestricted File Upload

CVE-2026-27892 — FacturaScripts is an open source accounting and invoicing software. In versions prior to 2026, the Library module stores and serves uploaded images byte-for-byte,...

vulnerabilityCVEmedium-severityunrestricted-file-uploadcwe-200cwe-212
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 3 IOCs /⚙ 3 Sigma

FacturaScripts CVE-2026-27891: Critical Zip Slip Leads to RCE

CVE-2026-27891 — FacturaScripts is an open source accounting and invoicing software. Versions 2026 and below contain a critical vulnerability in the Plugins::add() function. The system...

vulnerabilityCVEhigh-severityremote-code-executioncwe-20cwe-434
/SCW Vulnerability Desk /HIGH /7.2 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-27737 — Cross-Site Scripting (XSS)

CVE-2026-27737 — BigBlueButton is an open-source virtual classroom. In versions prior to 3.0.19, the recording playback (presentation format) was not sanitizing user's input in public...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-8851: SOGo SQL Injection Exposes Database Data

CVE-2026-8851 — SOGo 5.12.7 contains a SQL injection vulnerability in the Access Control List management functionality that allows authenticated users to extract arbitrary data from...

vulnerabilityCVEhigh-severitysql-injectioncwe-89
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-8838: Critical RCE in amazon-redshift-python-driver

CVE-2026-8838 — Unsafe use of Python's eval() on server-received data in the vector_in() function in amazon-redshift-python-driver before 2.1.14 allows a rogue server or man-in-the-middle actor...

vulnerabilityCVEcriticalhigh-severitycwe-94
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-4137: MLflow Temporary Files Vulnerability Exposes Models to RCE

CVE-2026-4137 — In mlflow/mlflow versions prior to 3.11.0, the `get_or_create_nfs_tmp_dir()` function in `mlflow/utils/file_utils.py` creates temporary directories with world-writable permissions (0o777), and the `_create_model_downloading_tmp_dir()` function in...

vulnerabilityCVEhigh-severitycode-executioncwe-378
/SCW Vulnerability Desk /HIGH /7 /⚑ 4 IOCs /⚙ 3 Sigma

Dokploy PaaS: Critical OS Command Injection CVE-2026-27130

CVE-2026-27130 — Dokploy is a free, self-hostable Platform as a Service (PaaS). Versions 0.26.6 and below have OS command injection through the appName parameter. 3...

vulnerabilityCVEcriticalhigh-severitycommand-injectioncwe-78
/SCW Vulnerability Desk /CRITICAL /9.9 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-25244: WebdriverIO RCE via Malicious Git Branch Names

CVE-2026-25244 — WebdriverIO is a test automation framework for unit, e2e and component testing using WebDriver, WebDriver BiDi and Appium. Versions below 9.24.0 contain a...

vulnerabilityCVEcriticalhigh-severityremote-code-executioncwe-78
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 3 IOCs /⚙ 3 Sigma

Joplin Path Traversal (CVE-2026-22810) Allows Arbitrary File Overwrites

CVE-2026-22810 — Joplin is an open source note-taking and to-do application that organises notes and lists into notebooks. Versions prior to 3.5.7 contain a path...

vulnerabilityCVEhigh-severitypath-traversalcwe-24
/SCW Vulnerability Desk /HIGH /8.2 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-47092: Claude HUD Vulnerability Allows Local Code Execution

CVE-2026-47092 — Claude HUD through 0.0.12, patched in commit 234d9aa, contains a command injection vulnerability that allows local attackers to execute arbitrary commands by manipulating...

vulnerabilityCVEhigh-severitycode-executioncwe-427
/SCW Vulnerability Desk /HIGH /7.8 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-45246 — The Refresh-Free Configuration Rewrite Path That Vulnerability

CVE-2026-45246 — Summarize prior to 0.15.1 contains an insecure file permission vulnerability in the refresh-free configuration rewrite path that allows local users to read sensitive...

vulnerabilityCVEmedium-severitycwe-732
/SCW Vulnerability Desk /MEDIUM /5.5 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-45245: Hover Summary Feature Exposes Authenticated Requests

CVE-2026-45245 — Summarize prior to 0.15.1 contains a vulnerability in the hover summary feature that allows malicious pages to dispatch synthetic mouseover events over attacker-controlled...

vulnerabilityCVEhigh-severitycwe-918cwe-940
/SCW Vulnerability Desk /HIGH /7.4 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-45244 — Summarize prior to 0.15.1 contains a missing authorization

CVE-2026-45244 — Summarize prior to 0.15.1 contains a missing authorization vulnerability that allows attackers to execute browser automation actions without per-call user approval when the...

vulnerabilityCVEmedium-severitycwe-862
/SCW Vulnerability Desk /MEDIUM /5.4 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-21789 — HCL Connections contains a broken access control

CVE-2026-21789 — HCL Connections contains a broken access control vulnerability that may allow unauthorized user to update data in certain scenarios.

vulnerabilityCVEmedium-severitycwe-863
/SCW Vulnerability Desk /MEDIUM /4.6 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2025-65954 — SimpleSAMLphp-casserver is a CAS 1.0 and 2.0 compliant CAS

CVE-2025-65954 — SimpleSAMLphp-casserver is a CAS 1.0 and 2.0 compliant CAS server in the form of a SimpleSAMLphp module. In versions below 6.3.1 and 7.0.0,...

vulnerabilityCVEmedium-severitycwe-601
/SCW Vulnerability Desk /MEDIUM /4.7 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-8836: Critical lwIP Stack Buffer Overflow in SNMPv3 USM Handler

CVE-2026-8836 — A vulnerability was found in lwIP up to 2.2.1. Affected is the function snmp_parse_inbound_frame of the file src/apps/snmp/snmp_msg.c of the component snmpv3 USM...

vulnerabilityCVEcriticalhigh-severitybuffer-overflowcwe-119cwe-121
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 5 IOCs /⚙ 1 Sigma

CVE-2026-45243 — The Content Script Window.PostMessage Bridge That Vulnerability

CVE-2026-45243 — Summarize prior to 0.15.1 contains a missing authorization vulnerability in the content script window.postMessage bridge that allows malicious pages to perform unauthorized operations...

vulnerabilityCVEmedium-severitycwe-862
/SCW Vulnerability Desk /MEDIUM /6.1 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-45242: Summarize Daemon Path Traversal Vulnerability

CVE-2026-45242 — Summarize prior to 0.15.1 contains a path traversal vulnerability in the /v1/summarize daemon endpoint that allows authenticated callers to write files to arbitrary...

vulnerabilityCVEhigh-severitypath-traversalcwe-862
/SCW Vulnerability Desk /HIGH /7.1 /⚑ 4 IOCs

CVE-2026-45231 — Cross-Site Scripting (XSS)

CVE-2026-45231 — DumbAssets through 1.0.11 contains a stored cross-site scripting vulnerability in asset fields including name, description, modelNumber, serialNumber, and tags that are stored without...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.1 /⚑ 2 IOCs /⚙ 3 Sigma

Microsoft Edge RCE: Critical Browser Vulnerability Hits Chromium Users

CVE-2026-45495 — Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

vulnerabilityCVEhigh-severityremote-code-executioncwe-20cwe-94cwe-119
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 1 IOC

CVE-2026-45494 — Microsoft Edge (Chromium-based) Spoofing

CVE-2026-45494 — Microsoft Edge (Chromium-based) Spoofing Vulnerability

vulnerabilityCVEmedium-severitycwe-79
/SCW Vulnerability Desk /MEDIUM /5.4 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-45492 — Improper input validation in Microsoft Edge

CVE-2026-45492 — Improper input validation in Microsoft Edge (Chromium-based) allows an unauthorized attacker to bypass a security feature over a network.

vulnerabilityCVEmedium-severitycwe-20
/SCW Vulnerability Desk /MEDIUM /5.4 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-45230: Critical Path Traversal in DumbAssets Allows Arbitrary File Deletion

CVE-2026-45230 — DumbAssets through 1.0.11 contains a path traversal vulnerability in the POST /api/delete-file endpoint and filesToDelete array parameters that allows unauthenticated attackers to delete...

vulnerabilityCVEcriticalhigh-severitypath-traversalcwe-22
/SCW Vulnerability Desk /CRITICAL /9.1 /⚑ 4 IOCs /⚙ 3 Sigma

Azure Local Disconnected Operations Critical Privilege Escalation (CVE-2026-42822)

CVE-2026-42822 — Improper authentication in Azure Local Disconnected Operations allows an unauthorized attacker to elevate privileges over a network.

vulnerabilityCVEcriticalhigh-severitycwe-287
/SCW Vulnerability Desk /CRITICAL /10 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-32849 — Null Pointer Dereference

CVE-2026-32849 — NetBSD prior to commit ec8451e contains a signed integer overflow vulnerability in the cryptodev_op() function in sys/opencrypto/cryptodev.c where the local variable iov_len is...

vulnerabilityCVEmedium-severitynull-pointer-dereferencecwe-190cwe-476
/SCW Vulnerability Desk /MEDIUM /5.5 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-32848 — Cryptodev_op() Within The Opencrypto Subsystem That Race Condition

CVE-2026-32848 — NetBSD prior to commit ec8451e contains a race condition vulnerability in cryptodev_op() within the opencrypto subsystem that allows local attackers to trigger a...

vulnerabilityCVEmedium-severityrace-conditioncwe-362cwe-415
/SCW Vulnerability Desk /MEDIUM /4.7 /⚑ 3 IOCs /⚙ 2 Sigma

INTERPOL Operation Ramz Disrupts MENA Cybercrime Networks

INTERPOL recently coordinated Operation Ramz, a significant cybercrime crackdown across the Middle East and North Africa (MENA) region. The Hacker News reports that this initiative,...

threat-intelvulnerability
/SCW Vulnerability Desk /MEDIUM /⚙ 3 Sigma

CVE-2026-8843 — Creating a "2dsphere_bucket" index on a non-timeseries

CVE-2026-8843 — Creating a "2dsphere_bucket" index on a non-timeseries bucket collection will succeed, but any subsequent attempt to insert a document which triggers updating that...

vulnerabilityCVEmedium-severitycwe-617
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs

CVE-2026-36438 — Intelbras VIP-1230-D-G4 Version V2.800.00IB00C.0.T Vulnerability

CVE-2026-36438 — An issue in Intelbras VIP-1230-D-G4 Version V2.800.00IB00C.0.T allows a remote attacker to obtain sensitive information via password reset functionality under /OutsideCmd

vulnerabilityCVEmedium-severity
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 1 IOC /⚙ 3 Sigma

CVE-2026-41949 — The File Preview Endpoint That Vulnerability

CVE-2026-41949 — Dify version 1.14.1 and prior contain an authorization bypass vulnerability in the file preview endpoint that allows any authenticated user to read up...

vulnerabilityCVEmedium-severitycwe-639
/SCW Vulnerability Desk /MEDIUM /5.9 /⚑ 2 IOCs /⚙ 3 Sigma

Dify Path Traversal (CVE-2026-41948) Allows Internal API Access

CVE-2026-41948 — Dify version 1.14.1 and prior contain a path traversal vulnerability that allows authenticated users to manipulate requests forwarded to the Plugin Daemon's internal...

vulnerabilityCVEhigh-severitypath-traversalcwe-23
/SCW Vulnerability Desk /HIGH /7.7 /⚑ 4 IOCs /⚙ 3 Sigma

Dify Authorization Bypass (CVE-2026-41947) Exposes LLM Trace Data

CVE-2026-41947 — Dify version 1.14.1 and prior contains an authorization bypass vulnerability that allows authenticated editor users to set and enable trace configurations for any...

vulnerabilityCVEhigh-severitycwe-639
/SCW Vulnerability Desk /HIGH /7.4 /⚑ 3 IOCs /⚙ 3 Sigma

Exchange 0-Day, npm Worm, and Cisco Exploits Highlight Supply Chain Risks

The Hacker News's weekly recap highlights a critical convergence of attack vectors, underscoring systemic trust issues across the digital infrastructure. Active exploitation of an Exchange...

threat-intelvulnerabilitymalwareransomwaredata-breachcloudmicrosoft
/SCW Vulnerability Desk /HIGH /⚑ 4 IOCs /⚙ 1 Sigma

gNUTS DTLS Flaw (CVE-2026-42009) Exposes Systems to DoS Attacks

CVE-2026-42009 — A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer Security (DTLS) packet reordering logic....

vulnerabilityCVEhigh-severitydenial-of-servicecwe-475
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 2 IOCs /⚙ 2 Sigma

Phishing Detection Gap: Beyond the Click to Business Disruption

Many Security Operations Centers (SOCs) are still struggling with a critical gap: phishing emails that appear clean enough to bypass initial security layers, yet are...

threat-intelvulnerabilitydata-breachphishingthe-hacker-news
/SCW Vulnerability Desk /MEDIUM /⚑ 2 IOCs

Millions Impacted Across US Healthcare Data Breaches

Multiple healthcare data breaches, affecting hundreds of thousands to millions of individuals, have recently been added to the HHS tracker, according to SecurityWeek. This isn't...

threat-intelvulnerabilitydata-breachsecurityweek
/SCW Vulnerability Desk /MEDIUM /⚑ 1 IOC

7-Eleven Hit by Data Breach; ShinyHunters Claims 600K Salesforce Records

SecurityWeek reports that 7-Eleven has confirmed a data breach following claims by the threat actor group ShinyHunters. The group alleges to have exfiltrated over 600,000...

threat-intelvulnerabilityransomwaredata-breach
/SCW Vulnerability Desk /HIGH /⚑ 2 IOCs /⚙ 3 Sigma

Developer Workstations: New Supply Chain Attack Vector Targeting Secrets

Supply chain attacks are evolving beyond merely injecting malicious code into trusted software. According to The Hacker News, attackers are now focused on stealing the...

threat-intelvulnerabilitycloudidentity
/SCW Vulnerability Desk /MEDIUM /⚑ 5 IOCs /⚙ 3 Sigma

CVE-2026-8802 — Opensourcepos Open Source Point Of Sale Path Traversal

CVE-2026-8802 — A vulnerability was detected in opensourcepos Open Source Point of Sale up to 3.4.2. This issue affects the function getPicThumb of the file...

vulnerabilityCVEmedium-severitypath-traversalcwe-22
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-41119 — Dell Live Optics Windows and Personal Edition collectors

CVE-2026-41119 — Dell Live Optics Windows and Personal Edition collectors contain an improper certificate validation vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability...

vulnerabilityCVEmedium-severitycwe-295
/SCW Vulnerability Desk /MEDIUM /6.8 /⚑ 2 IOCs

MiniPlasma Exploit Released for Unpatched 2020 Windows CVE

A researcher has released the MiniPlasma exploit, leveraging the original proof-of-concept (PoC) code to target an unpatched Windows vulnerability from 2020. This development, highlighted by...

threat-intelvulnerabilitymicrosoftsecurityweek
/SCW Vulnerability Desk /MEDIUM /⚑ 2 IOCs

Shai-Hulud Worm Clones Target NPM Developers

The Shai-Hulud worm, a recently released malware, is already being cloned and weaponized. SecurityWeek reports that at least one threat actor has adopted its source...

threat-intelvulnerabilitymalwaretoolssecurityweek
/SCW Vulnerability Desk /MEDIUM /⚑ 2 IOCs

CVE-2026-7498: Basamak DernekWeb Stored XSS Poses High Risk

CVE-2026-7498 — Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Basamak Information Technology Consulting and Organization Trade Ltd. Co. DernekWeb allows...

vulnerabilityCVEhigh-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 3 Sigma

Mattermost Calls Plugin Exposes TURN Server Credentials via CVE-2026-6347

CVE-2026-6347 — Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13, 11.4.x <= 11.4.3 fail to sanitize sensitive configuration fields in the Mattermost Calls plugin which...

vulnerabilityCVEhigh-severitycwe-200
/SCW Vulnerability Desk /HIGH /7.6 /⚑ 5 IOCs

Mattermost CVE-2026-6346: Support Packets Leak Sensitive Credentials

CVE-2026-6346 — Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13, 11.4.x <= 11.4.3 fail to sanitize sensitive configuration fields before including them in support packet...

vulnerabilityCVEhigh-severitycwe-200
/SCW Vulnerability Desk /HIGH /8.7 /⚑ 5 IOCs /⚙ 2 Sigma

CVE-2026-6345 — Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13,

CVE-2026-6345 — Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13, 11.4.x <= 11.4.3 fail prevent disclosure of created user password which allows a malicious attacker...

vulnerabilityCVEmedium-severitycwe-522
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-6343 — Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13,

CVE-2026-6343 — Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13, 11.4.x <= 11.4.3 fail to check public/private permissions which allows members without these permissions to...

vulnerabilityCVEmedium-severitycwe-863
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 4 Sigma

CVE-2026-6339 — Mattermost versions 11.5.x <= 11.5.1, 11.4.x <= 11.4.3 fail

CVE-2026-6339 — Mattermost versions 11.5.x <= 11.5.1, 11.4.x <= 11.4.3 fail to validate the X-Requested-With header on the burn-on-read reveal endpoint which allows an authenticated...

vulnerabilityCVEmedium-severitycwe-346
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 5 Sigma

CVE-2026-5163 — Mattermost versions 11.5.x <= 11.5.1 fail to verify channel

CVE-2026-5163 — Mattermost versions 11.5.x <= 11.5.1 fail to verify channel membership when processing AI-assisted message rewrites which allows an authenticated attacker to read the...

vulnerabilityCVEmedium-severitycwe-862
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-3471 — Mattermost Desktop App versions <=6.1 6.0.1 5.4.13.0 fail

CVE-2026-3471 — Mattermost Desktop App versions <=6.1 6.0.1 5.4.13.0 fail to prevent an invalid URL from loading in a pop-up window in the Mattermost Desktop...

vulnerabilityCVEmedium-severitycwe-939
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-3117 — Mattermost Plugins versions <=11.5 11.1.5 10.13.11 11.3.4.0

CVE-2026-3117 — Mattermost Plugins versions <=11.5 11.1.5 10.13.11 11.3.4.0 fail to properly check for permissions when processing commands in the Gitlab plugin which allows normal...

vulnerabilityCVEmedium-severitycwe-862
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-28732 — Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13,

CVE-2026-28732 — Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13, 11.4.x <= 11.4.3 Fail to enforce slash command trigger-word uniqueness during command updates which allows...

vulnerabilityCVEmedium-severitycwe-863
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 3 Sigma

Malicious npm Packages Deliver Infostealers and Phantom Bot DDoS Malware

The Hacker News reports the discovery of four new npm packages embedding information-stealing malware. One of these, `chalk-tempalte`, is a direct clone of the open-source...

threat-intelvulnerabilitymalware
/SCW Vulnerability Desk /MEDIUM /⚑ 5 IOCs /⚙ 4 Sigma

CVE-2026-6342 — Mattermost Plugins versions <=11.5 11.1.5 10.13.11 11.3.4.0

CVE-2026-6342 — Mattermost Plugins versions <=11.5 11.1.5 10.13.11 11.3.4.0 fail to appropriately check for valid namespaces which allows plugin users to create subscriptions to groups...

vulnerabilityCVEmedium-severitycwe-863
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-6341 — Mattermost Plugins versions <=11.5 11.1.5 10.13.11 11.3.4.0

CVE-2026-6341 — Mattermost Plugins versions <=11.5 11.1.5 10.13.11 11.3.4.0 fail to have API-level checks on which groups the user can create issues or attach comments...

vulnerabilityCVEmedium-severitycwe-863
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-6340 — Denial of Service

CVE-2026-6340 — Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13, 11.4.x <= 11.4.3 fail to validate 7zip archive structure before processing which allows an authenticated...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-789
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-3637 — Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13,

CVE-2026-3637 — Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13, 11.4.x <= 11.4.3 fail to check the create_post channel permission during post edit operations which...

vulnerabilityCVEmedium-severitycwe-862
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-28759 — Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13,

CVE-2026-28759 — Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13, 11.4.x <= 11.4.3 fail to validate that a remote cluster has access to a channel...

vulnerabilityCVEmedium-severitycwe-863
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-2325 — Denial of Service

CVE-2026-2325 — Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13, 11.4.x <= 11.4.3 fail to limit the size of the request body on the start...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-770
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 2 Sigma

NGINX Vulnerability Exploitation Underway: DoS and RCE Risks

Exploitation of a critical NGINX vulnerability has begun, according to SecurityWeek. This flaw presents a significant risk to organizations leveraging NGINX, a widely adopted web...

threat-intelvulnerability
/SCW Vulnerability Desk /MEDIUM /⚑ 2 IOCs /⚙ 1 Sigma

DirtyDecrypt Linux Root Escalation Exploit Now Public

A critical local privilege escalation vulnerability, dubbed 'DirtyDecrypt,' now has a public proof-of-concept exploit. BleepingComputer reports this flaw, residing in the Linux kernel's rxgk module,...

threat-inteldata-breachmalwarevulnerabilitybleepingcomputer
/SCW Vulnerability Desk /MEDIUM /⚑ 3 IOCs

JDownloader Installers Replaced with Malware, Deepfake Sextortion Targets Schools

Malwarebytes Blog reported a significant supply chain compromise where attackers replaced legitimate JDownloader installer downloads with malware. This tactic leverages the trust users place in...

malwarethreat-intelransomwarevulnerabilitydata-breachcloud
/SCW Vulnerability Desk /HIGH /⚑ 4 IOCs /⚙ 3 Sigma

Fast16 Malware: Pre-Stuxnet Cyber Sabotage on Nuclear Simulations

A recent analysis, sourced by The Hacker News, confirms that the Lua-based Fast16 malware was a sophisticated cyber sabotage tool. Developed even before Stuxnet, its...

threat-intelvulnerabilitymalwaremicrosofttools
/SCW Vulnerability Desk /MEDIUM /⚑ 3 IOCs /⚙ 3 Sigma

Pwn2Own Berlin 2026: Researchers Uncover 47 Zero-Days, $1.3M Payout

The Pwn2Own Berlin 2026 hacking contest has concluded, with security researchers demonstrating 47 zero-day vulnerabilities and collecting a staggering $1,298,250 in bounties. BleepingComputer reports that...

threat-inteldata-breachmalwarevulnerabilitycloudbleepingcomputer
/SCW Vulnerability Desk /MEDIUM

MiniPlasma Windows 0-Day Grants SYSTEM Privileges on Patched Systems

A new Windows privilege escalation zero-day, codenamed MiniPlasma, has been disclosed by security researcher Chaotic Eclipse. The Hacker News reports that this vulnerability allows attackers...

threat-intelvulnerabilitycloudmicrosofttools
/SCW Vulnerability Desk /HIGH /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-8786 — Tencent WeKnora Vulnerability

CVE-2026-8786 — A vulnerability has been found in Tencent WeKnora up to 0.3.6. Affected by this issue is the function getKnowledgeBaseForInitialization of the file internal/handler/initialization.go...

vulnerabilityCVEmedium-severitycwe-285cwe-639
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-8785: SQL Injection in projectworlds hospital-management-system-in-php

CVE-2026-8785 — A flaw has been found in projectworlds hospital-management-system-in-php 1.0. Affected by this vulnerability is the function getAllPatientDetail of the file update_info.php of the...

vulnerabilityCVEhigh-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-8784 — Npitre Cramfs-Tools Vulnerability

CVE-2026-8784 — A vulnerability was detected in npitre cramfs-tools up to 2.2. Affected is the function change_file_status of the file cramfsck.c. Performing a manipulation results...

vulnerabilityCVEmedium-severitycwe-59cwe-61
/SCW Vulnerability Desk /MEDIUM /4.2 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-8783 — Omec-Project Amf Null Pointer Dereference

CVE-2026-8783 — A security vulnerability has been detected in omec-project amf up to 2.1.3-dev. This impacts the function UERadioCapabilityCheckResponse of the file ngap/dispatcher.go. Such manipulation...

vulnerabilityCVEmedium-severitynull-pointer-dereferencecwe-404cwe-476
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 3 IOCs /⚙ 1 Sigma

CVE-2026-8773 — Linlinjava Litemall Vulnerability

CVE-2026-8773 — A security vulnerability has been detected in linlinjava litemall up to 1.8.0. Affected by this vulnerability is the function backup/load of the file...

vulnerabilityCVEmedium-severitycwe-74cwe-88
/SCW Vulnerability Desk /MEDIUM /4.7 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-8772 — SQL Injection

CVE-2026-8772 — A weakness has been identified in linlinjava litemall up to 1.8.0. Affected is an unknown function of the component Admin Endpoint. Executing a...

vulnerabilityCVEmedium-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /MEDIUM /4.7 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-8771: High-Severity SQL Injection in linlinjava litemall

CVE-2026-8771 — A security flaw has been discovered in linlinjava litemall up to 1.8.0. This impacts the function list of the file litemall-wx-api/src/main/java/org/linlinjava/litemall/wx/web/WxGoodsController.java of the...

vulnerabilityCVEhigh-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-8769 — A vulnerability was determined in vercel ai up to 3.0.97.

CVE-2026-8769 — A vulnerability was determined in vercel ai up to 3.0.97. The impacted element is the function createJsonResponseHandler/createJsonErrorResponseHandler of the file packages/provider-utils/src/response-handler.ts of the...

vulnerabilityCVEmedium-severitycwe-400cwe-404
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 3 IOCs /⚙ 2 Sigma

Vercel AI SSRF (CVE-2026-8768) Poses Remote Threat

CVE-2026-8768 — A vulnerability was found in vercel ai up to 3.0.97. The affected element is the function validateDownloadUrl of the file packages/provider-utils/src/download-blob.ts of the...

vulnerabilityCVEhigh-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-8767 — Vercel Ai Command Injection

CVE-2026-8767 — A vulnerability has been found in vercel ai up to 3.0.97. Impacted is the function run of the file .github/workflows/prettier-on-automerge.yml of the component...

vulnerabilityCVEmedium-severitycommand-injectioncwe-77cwe-78
/SCW Vulnerability Desk /MEDIUM /5 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-8766 — Kilo-Org Kilocode Information Disclosure

CVE-2026-8766 — A flaw has been found in Kilo-Org kilocode up to 7.0.47. This issue affects the function Load of the file packages/opencode/src/config/config.ts of the...

vulnerabilityCVEmedium-severityinformation-disclosurecwe-200cwe-284
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-8765 — Kilo-Org Kilocode Path Traversal

CVE-2026-8765 — A vulnerability was detected in Kilo-Org kilocode up to 7.0.47. This vulnerability affects the function Bun.file of the file packages/opencode/src/kilocode/review/worktree-diff.ts of the component...

vulnerabilityCVEmedium-severitypath-traversalcwe-22
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 3 Sigma

H3C Magic B3 Vulnerability (CVE-2026-8764) Exposes Routers to Remote Buffer Overflow

CVE-2026-8764 — A security vulnerability has been detected in H3C Magic B3 up to 100R002. This affects the function UpdateWanParams of the file /goform/aspForm. Such...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-120
/SCW Vulnerability Desk /HIGH /7.2 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-8759: xiandafu beetl SpEL Injection Vulnerability

CVE-2026-8759 — A vulnerability was identified in xiandafu beetl up to 3.20.2. Affected is an unknown function of the file beetl-classic-integration/beetl-spring-classic/src/main/java/org/beetl/ext/spring/SpELFunction.java of the component SpELFunction....

vulnerabilityCVEhigh-severitycwe-20cwe-917
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-8758: Metasoft MetaCRM Unrestricted File Upload Exposes Systems

CVE-2026-8758 — A vulnerability was determined in Metasoft 美特软件 MetaCRM up to 6.4.0 Beta06. This impacts an unknown function of the file /common/jsp/upload3.jsp. Executing a...

vulnerabilityCVEhigh-severityunrestricted-file-uploadcwe-284cwe-434
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-8757: adenhq hive Path Traversal Vulnerability Publicly Disclosed

CVE-2026-8757 — A vulnerability was found in adenhq hive up to 0.11.0. This affects the function _read_events_tail of the file core/framework/server/routes_sessions.py of the component Delete...

vulnerabilityCVEhigh-severitypath-traversalcwe-22
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-8756: fishaudio Bert-VITS2 Path Traversal Vulnerability Publicly Disclosed

CVE-2026-8756 — A vulnerability has been found in fishaudio Bert-VITS2 up to 8f7fbd8c4770965225d258db548da27dc8dd934c. The impacted element is the function generate_config of the file webui_preprocess.py of...

vulnerabilityCVEhigh-severitypath-traversalcwe-22
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-8755: fishaudio Bert-VITS2 Path Traversal Vulnerability

CVE-2026-8755 — A flaw has been found in fishaudio Bert-VITS2 up to 8f7fbd8c4770965225d258db548da27dc8dd934c. The affected element is the function _get_all_models of the file hiyoriUI.py of...

vulnerabilityCVEhigh-severitypath-traversalcwe-22
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 3 Sigma

Zechat 1.5 SQL Injection Allows Unauthenticated Database Extraction

CVE-2018-25339 — Zechat 1.5 contains a SQL injection vulnerability in the v parameter that allows unauthenticated attackers to extract database information using time-based blind techniques....

vulnerabilityCVEhigh-severitysql-injectioncwe-89
/SCW Vulnerability Desk /HIGH /8.2 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2018-25338: Zechat SQLi Allows Unauthenticated Database Extraction

CVE-2018-25338 — Zechat 1.5 contains a SQL injection vulnerability in the hashtag parameter that allows unauthenticated attackers to extract database information using union-based techniques. Attackers...

vulnerabilityCVEhigh-severitysql-injectioncwe-89
/SCW Vulnerability Desk /HIGH /8.2 /⚑ 3 IOCs /⚙ 3 Sigma

WordPress Plugin Peugeot Music 1.0 Critical Arbitrary File Upload

CVE-2018-25335 — WordPress Plugin Peugeot Music 1.0 contains an arbitrary file upload vulnerability that allows unauthenticated attackers to upload malicious files by sending POST requests...

vulnerabilityCVEcriticalhigh-severityarbitrary-file-accesscwe-306
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 5 IOCs /⚙ 3 Sigma

Nordex N149/4.0-4.5 Wind Turbine Web Server Vulnerability: Unauthenticated SQLi

CVE-2018-25333 — Nordex N149/4.0-4.5 Wind Turbine Web Server 4.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting...

vulnerabilityCVEhigh-severitysql-injectioncwe-89
/SCW Vulnerability Desk /HIGH /8.2 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2018-25332: GitBucket RCE Exposes Unauthenticated Command Execution

CVE-2018-25332 — GitBucket 4.23.1 contains an unauthenticated remote code execution vulnerability that allows attackers to execute arbitrary commands by exploiting weak secret token generation and...

vulnerabilityCVEcriticalhigh-severityremote-code-executioncwe-306
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 5 IOCs /⚙ 3 Sigma

Joomla! EkRishta XSS and SQLi Flaws Pose High Risk (CVE-2018-25330)

CVE-2018-25330 — Joomla! extension EkRishta 2.10 contains persistent cross-site scripting and SQL injection vulnerabilities that allow attackers to inject malicious code through profile fields and...

vulnerabilityCVEhigh-severitysql-injectioncwe-89
/SCW Vulnerability Desk /HIGH /8.2 /⚑ 2 IOCs /⚙ 2 Sigma

WordPress Plugin WP with Spritz RFI Allows Arbitrary File Access

CVE-2018-25329 — WordPress Plugin WP with Spritz 1.0 contains a remote file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files by injecting file...

vulnerabilityCVEhigh-severityarbitrary-file-accesscwe-98
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 4 IOCs /⚙ 2 Sigma

CVE-2018-25328: VX Search Buffer Overflow Allows Code Execution

CVE-2018-25328 — VX Search 10.6.18 contains a local buffer overflow vulnerability that allows attackers to overwrite the instruction pointer by supplying an oversized string in...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-120
/SCW Vulnerability Desk /HIGH /8.4 /⚑ 3 IOCs /⚙ 3 Sigma

Google Drive for WordPress Path Traversal Allows Unauthenticated File Read

CVE-2018-25326 — Google Drive for WordPress 2.2 contains a path traversal vulnerability that allows unauthenticated attackers to read arbitrary files by injecting directory traversal sequences...

vulnerabilityCVEhigh-severitypath-traversalcwe-22
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 5 IOCs /⚙ 2 Sigma

WooCommerce CSV Importer Path Traversal Allows Arbitrary File Deletion

CVE-2018-25325 — Woocommerce CSV Importer 3.3.6 contains a path traversal vulnerability that allows any registered user to delete arbitrary files by submitting unescaped filenames through...

vulnerabilityCVEhigh-severitypath-traversalcwe-22
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 4 IOCs /⚙ 1 Sigma

CVE-2018-25323: Allok AVI DivX MPEG Converter SEH Buffer Overflow

CVE-2018-25323 — Allok AVI DivX MPEG to DVD Converter 2.6.1217 contains a structured exception handler buffer overflow vulnerability that allows local attackers to execute arbitrary...

vulnerabilityCVEhigh-severitycode-executioncwe-120
/SCW Vulnerability Desk /HIGH /8.4 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2018-25322: Allok Fast AVI MPEG Splitter Stack Buffer Overflow

CVE-2018-25322 — Allok Fast AVI MPEG Splitter 1.2 contains a stack based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-121
/SCW Vulnerability Desk /HIGH /8.4 /⚑ 3 IOCs /⚙ 4 Sigma

ACL Analytics RCE: Critical Arbitrary Code Execution via EXECUTE Function

CVE-2018-25320 — ACL Analytics versions 11.x through 13.0.0.579 contain an arbitrary code execution vulnerability that allows attackers to execute arbitrary commands by leveraging the EXECUTE...

vulnerabilityCVEcriticalhigh-severitycode-executioncwe-94
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-8752 — The Function Exec Of The File H2o-Core/Src/Main/Java/Water/R Improper Access Control

CVE-2026-8752 — A weakness has been identified in h2oai h2o-3 up to 7402. This vulnerability affects the function exec of the file h2o-core/src/main/java/water/rapids/ast/prims/misc/AstSetProperty.java of the...

vulnerabilityCVEmedium-severityimproper-access-controlcwe-266cwe-284
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-8751: h2oai h2o-3 Insecure Deserialization Vulnerability (HIGH)

CVE-2026-8751 — A security flaw has been discovered in h2oai h2o-3 up to 7402. This affects the function importBinaryModel of the file h2o-core/src/main/java/hex/Model.java of the...

vulnerabilityCVEhigh-severityinsecure-deserializationcwe-20cwe-502
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-8750 — H2oai H2o-3 Information Disclosure

CVE-2026-8750 — A vulnerability was identified in h2oai h2o-3 up to 7402. Affected by this issue is the function importFiles of the file h2o-core/src/main/java/water/persist/PersistNFS.java of...

vulnerabilityCVEmedium-severityinformation-disclosurecwe-200cwe-284
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-8747 — The Function CheckComment Of The File Zb_system/Function/C_s Vulnerability

CVE-2026-8747 — A weakness has been identified in Z-BlogPHP 1.7.4.3430. This affects the function CheckComment of the file zb_system/function/c_system_event.php of the component Commend Approval Handler....

vulnerabilityCVEmedium-severitycwe-266cwe-285
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-8746 — Open5GS Use-After-Free

CVE-2026-8746 — A security flaw has been discovered in Open5GS up to 2.7.7. Affected by this issue is the function discover_handler in the library /lib/sbi/nghttp2-server.c...

vulnerabilityCVEmedium-severityuse-after-freecwe-119cwe-416
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-8745 — Open5GS Denial of Service

CVE-2026-8745 — A vulnerability was identified in Open5GS up to 2.7.7. Affected by this vulnerability is the function ogs_timer_add in the library /src/ausf/nausf-handler.c of the...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-404
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-8744 — Denial of Service

CVE-2026-8744 — A vulnerability was determined in Open5GS up to 2.7.7. Affected is the function ogs_sbi_subscription_data_add/ogs_sbi_nf_service_add in the library /lib/sbi/context.c of the component NRF. Executing...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-404
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-8743 — Open5GS Vulnerability

CVE-2026-8743 — A vulnerability was found in Open5GS up to 2.7.6. This impacts the function ran_ue_find_by_amf_ue_ngap_id of the file src/amf/context.c of the component AMF/MME. Performing...

vulnerabilityCVEmedium-severitycwe-266cwe-285
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-8740 — Sanluan PublicCMS 5.202506.D Vulnerability

CVE-2026-8740 — A flaw has been found in Sanluan PublicCMS 5.202506.d. The impacted element is the function execute of the file publiccms-core/src/main/java/com/publiccms/views/directive/tools/TemplateResultDirective.java of the component...

vulnerabilityCVEmedium-severitycwe-791cwe-1336
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-8739 — Sanluan PublicCMS 5.202506.D Vulnerability

CVE-2026-8739 — A vulnerability was detected in Sanluan PublicCMS 5.202506.d. The affected element is the function getSignKey of the file publiccms-core/src/main/java/com/publiccms/logic/component/config/SafeConfigComponent.java. The manipulation of the...

vulnerabilityCVEmedium-severitycwe-320cwe-321
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-8738 — Sanluan PublicCMS 5.202506.D Vulnerability

CVE-2026-8738 — A security vulnerability has been detected in Sanluan PublicCMS 5.202506.d. Impacted is the function TradeOrderController.pay/TradePaymentController.pay/AccountGatewayComponent.pay of the file publiccms-trade/src/main/java/com/publiccms/controller/web/trade/TradeOrderController.java

vulnerabilityCVEmedium-severitycwe-840
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 1 Sigma

CVE-2026-8737 — The Function Execute Of The File Publiccms-Trade/Src/Main/Ja Vulnerability

CVE-2026-8737 — A weakness has been identified in Sanluan PublicCMS 5.202506.d. This issue affects the function execute of the file publiccms-trade/src/main/java/com/publiccms/views/directive/trade/TradeAddressListDirective.java of the component Trade...

vulnerabilityCVEmedium-severitycwe-287cwe-306
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-8736 — Oinone Pamirs Path Traversal

CVE-2026-8736 — A security flaw has been discovered in Oinone Pamirs up to 7.2.0. This vulnerability affects the function request.getParameter of the file LocalFileClient.java of...

vulnerabilityCVEmedium-severitypath-traversalcwe-22
/SCW Vulnerability Desk /MEDIUM /4.1 /⚑ 2 IOCs /⚙ 3 Sigma

Grafana GitHub Token Breach Led to Codebase Download

Grafana recently disclosed that an unauthorized party gained access to its GitHub environment by obtaining a token. This access allowed the attacker to download the...

threat-intelvulnerabilitydata-breachtools
/SCW Vulnerability Desk /MEDIUM /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-8735 — Oinone Pamirs Insecure Deserialization

CVE-2026-8735 — A vulnerability was identified in Oinone Pamirs up to 7.2.0. This affects the function JsonUtils.parseMap of the file PamirsParserConfig.java of the component appConfigQuery...

vulnerabilityCVEmedium-severityinsecure-deserializationcwe-20cwe-502
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 3 Sigma

Oinone Pamirs SQL Injection (CVE-2026-8734) Poses Remote Threat

CVE-2026-8734 — A vulnerability was determined in Oinone Pamirs up to 7.2.0. Affected by this issue is the function RSQLToSQLNodeConnector.makeVariable of the component queryListByWrapper Interface....

vulnerabilityCVEhigh-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-8733 — Investintech SlimPDFReader Buffer Overflow

CVE-2026-8733 — A vulnerability was found in Investintech SlimPDFReader up to 2.0.13. Affected by this vulnerability is the function sub_3B4610 of the file SlimPDFReader.exe. The...

vulnerabilityCVEmedium-severitybuffer-overflowcwe-119cwe-121
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-8731 — Open5GS Denial of Service

CVE-2026-8731 — A vulnerability has been found in Open5GS up to 2.7.7. Affected is the function ogs_sbi_client_add in the library /lib/sbi/client.c of the component NRF....

vulnerabilityCVEmedium-severitydenial-of-servicecwe-404
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 1 Sigma

CVE-2026-8730 — Open5GS Denial of Service

CVE-2026-8730 — A flaw has been found in Open5GS up to 2.7.6. This impacts the function ogs_sbi_nf_instance_set_id in the library /lib/sbi/context.c of the component NRF....

vulnerabilityCVEmedium-severitydenial-of-servicecwe-404
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-8729 — Open5GS Denial of Service

CVE-2026-8729 — A vulnerability was detected in Open5GS up to 2.7.7. This affects an unknown function in the library /lib/sbi/message.c of the component NRF. Performing...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-404
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-8728 — Open5GS Denial of Service

CVE-2026-8728 — A security vulnerability has been detected in Open5GS up to 2.7.7. The impacted element is the function ogs_sbi_discovery_option_parse_plmn_list in the library /lib/sbi/conv.c of...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-404
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 1 Sigma

CVE-2026-8719: WordPress AI Engine Plugin Privilege Escalation

CVE-2026-8719 — The AI Engine – The Chatbot, AI Framework & MCP for WordPress plugin for WordPress is vulnerable to Privilege Escalation in version 3.4.9....

vulnerabilityCVEhigh-severityprivilege-escalationcwe-269
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 4 IOCs /⚙ 2 Sigma

CVE-2026-8725: CoreWorxLab CAAL SSRF Vulnerability Publicly Exploitable

CVE-2026-8725 — A weakness has been identified in CoreWorxLab CAAL up to 1.6.0. The affected element is an unknown function of the file src/caal/webhooks.py of...

vulnerabilityCVEhigh-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-8724 — Dataease SQL Injection

CVE-2026-8724 — A security flaw has been discovered in Dataease 2.10.20. Impacted is the function SqlparserUtils.transFilter of the file SqlparserUtils.java of the component Data Dashboard....

vulnerabilityCVEmedium-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /MEDIUM /4.7 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-8723 — ### Summary `qs.stringify` throws `TypeError` when

CVE-2026-8723 — ### Summary `qs.stringify` throws `TypeError` when called with `arrayFormat: 'comma'` and `encodeValuesOnly: true` on an array containing `null` or `undefined`. The throw is...

vulnerabilityCVEmedium-severitycwe-476
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 1 Sigma

CVE-2026-46728: Das U-Boot Signature Bypass Flaw

CVE-2026-46728 — Das U-Boot before 2026.04 allows FIT (Flat Image Tree) signature verification bypass because hashed-nodes is omitted from a hash.

vulnerabilityCVEhigh-severitycwe-346
/SCW Vulnerability Desk /HIGH /8.2 /⚑ 3 IOCs /⚙ 3 Sigma

Microsoft Rejects Critical Azure Vulnerability Report, No CVE

A security researcher claims Microsoft quietly patched a critical Azure Backup for AKS vulnerability. The researcher alleges Microsoft rejected his initial report and declined to...

threat-inteldata-breachmalwarevulnerabilitycloudmicrosoft
/SCW Vulnerability Desk /MEDIUM /⚑ 1 IOC /⚙ 3 Sigma

Pwn2Own Berlin 2026 Concludes: 47 Zero-Days, $1.3 Million Awarded

The Pwn2Own Berlin 2026 hacking conference wrapped up, yielding an astounding 47 new zero-day vulnerabilities and distributing $1.3 million in rewards, as reported by Cyber...

israelvulnerability
/SCW Vulnerability Desk /MEDIUM /⚑ 1 IOC /⚙ 3 Sigma

Microsoft Windows LPE: Nightmare Eclipse Resurfaces Old CVE-2020-17103 Flaw

Security researcher Nightmare Eclipse claims Microsoft has failed to adequately patch CVE-2020-17103, a vulnerability originally reported by James Forshaw of Google Project Zero in 2020....

vulnerabilitymicrosoftthreat-intel
/SCW Vulnerability Desk /MEDIUM /⚑ 3 IOCs /⚙ 3 Sigma

WordPress Plugin Backup and Restore: Arbitrary File Deletion Exposes Installations

CVE-2021-47979 — WordPress Plugin Backup and Restore 1.0.3 contains an arbitrary file deletion vulnerability that allows authenticated attackers to delete files by manipulating parameters in...

vulnerabilityCVEhigh-severityarbitrary-file-accesscwe-22
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 2 IOCs /⚙ 4 Sigma

TextPattern CMS RCE via Plugin Upload (CVE-2021-47976)

CVE-2021-47976 — TextPattern CMS 4.9.0-dev contains a remote code execution vulnerability that allows authenticated attackers to upload arbitrary PHP files by exploiting the plugin upload...

vulnerabilityCVEhigh-severityremote-code-executioncwe-352
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 3 Sigma

EgavilanMedia PHPCRUD SQLi Exposes Unauthenticated Data Access

CVE-2021-47956 — EgavilanMedia PHPCRUD 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the firstname...

vulnerabilityCVEhigh-severitysql-injectioncwe-89
/SCW Vulnerability Desk /HIGH /8.2 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2021-47954: Unauthenticated SQLi in LayerBB 1.1.4

CVE-2021-47954 — LayerBB 1.1.4 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the search_query parameter....

vulnerabilityCVEhigh-severitysql-injectioncwe-89
/SCW Vulnerability Desk /HIGH /8.2 /⚑ 4 IOCs /⚙ 3 Sigma

python jsonpickle RCE (CVE-2021-47952) Exploits Malicious JSON Payloads

CVE-2021-47952 — python jsonpickle 2.0.0 contains a remote code execution vulnerability that allows attackers to execute arbitrary Python commands by deserializing malicious JSON payloads containing...

vulnerabilityCVEcriticalhigh-severityremote-code-executioncwe-94
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2020-37244: Supsystic Membership SQLi Puts User Data at Risk

CVE-2020-37244 — Supsystic Membership 1.4.7 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the...

vulnerabilityCVEhigh-severitysql-injectioncwe-89
/SCW Vulnerability Desk /HIGH /8.2 /⚑ 4 IOCs /⚙ 3 Sigma

Supsystic Pricing Table SQLi & XSS: Unauthenticated RCE Risk

CVE-2020-37243 — Supsystic Pricing Table 1.8.7 contains an SQL injection vulnerability in the 'sidx' GET parameter that allows unauthenticated attackers to execute arbitrary SQL queries...

vulnerabilityCVEhigh-severitysql-injectioncwe-89
/SCW Vulnerability Desk /HIGH /8.2 /⚑ 3 IOCs /⚙ 3 Sigma

Supsystic Ultimate Maps SQLi: Unauthenticated RCE Risk

CVE-2020-37242 — Supsystic Ultimate Maps 1.1.12 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through...

vulnerabilityCVEhigh-severitysql-injectioncwe-89
/SCW Vulnerability Desk /HIGH /8.2 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2020-37239: libbabl Double Free Bypasses Memory Safety

CVE-2020-37239 — libbabl 0.1.62 contains a broken double free detection vulnerability that allows attackers to bypass memory safety checks by exploiting signature overwriting in freed...

vulnerabilityCVEcriticalhigh-severitycode-executioncwe-415
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 3 IOCs /⚙ 3 Sigma

Advanced SystemCare Service Vulnerability: Local Privilege Escalation

CVE-2020-37232 — Advanced System Care Service 13.0.0.157 contains an unquoted service path vulnerability in the AdvancedSystemCareService13 service binary path that allows local attackers to escalate...

vulnerabilityCVEhigh-severitycwe-428
/SCW Vulnerability Desk /HIGH /7.8 /⚑ 2 IOCs /⚙ 3 Sigma

Privacy Drive 3.17.0 Unquoted Path Leads to Local Privilege Escalation

CVE-2020-37231 — Privacy Drive 3.17.0 contains an unquoted service path vulnerability in the pdsvc.exe service binary that allows local attackers to escalate privileges by exploiting...

vulnerabilityCVEhigh-severitycwe-428
/SCW Vulnerability Desk /HIGH /7.8 /⚑ 3 IOCs /⚙ 3 Sigma

Syncplify.me Server! CVE-2020-37230: Local Privilege Escalation

CVE-2020-37230 — Syncplify.me Server! 5.0.37 contains an unquoted service path vulnerability in the SMWebRestServicev5 service that allows local attackers to escalate privileges by exploiting the...

vulnerabilityCVEhigh-severitycwe-428
/SCW Vulnerability Desk /HIGH /7.8 /⚑ 3 IOCs /⚙ 3 Sigma

OKI sPSV Port Manager: Local Privilege Escalation via Unquoted Path

CVE-2020-37229 — OKI sPSV Port Manager 1.0.41 contains an unquoted service path vulnerability in the sPSVOpLclSrv service that allows local attackers to escalate privileges by...

vulnerabilityCVEhigh-severitycwe-428
/SCW Vulnerability Desk /HIGH /7.8 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2020-37228: iDS6 DSSPro Digital Signage CAPTCHA Bypass

CVE-2020-37228 — iDS6 DSSPro Digital Signage System 6.2 contains a CAPTCHA security bypass vulnerability that allows attackers to bypass authentication by requesting the autoLoginVerifyCode object....

vulnerabilityCVEcriticalhigh-severitycwe-307
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2020-37227: HS Brand Logo Slider Unrestricted File Upload Leads to RCE

CVE-2020-37227 — HS Brand Logo Slider 2.1 contains an unrestricted file upload vulnerability that allows authenticated users to bypass client-side file extension validation by uploading...

vulnerabilityCVEhigh-severityremote-code-executioncwe-434
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 4 IOCs /⚙ 1 Sigma

CVE-2025-4202 — The Multicollab: Content Team Collaboration and Editorial

CVE-2025-4202 — The Multicollab: Content Team Collaboration and Editorial Workflow plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability...

vulnerabilityCVEmedium-severitycwe-862
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 3 Sigma

Critical NGINX Vulnerability: PoC Code Publicly Released

SecurityWeek reports that proof-of-concept (PoC) code has been publicly released for a critical-severity vulnerability affecting NGINX Plus and NGINX open-source versions. This flaw, present since...

threat-intelvulnerabilitytools
/SCW Vulnerability Desk /HIGH /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-8657: jsondiffpatch Prototype Pollution Poses High Risk

CVE-2026-8657 — Versions of the package jsondiffpatch before 0.7.6 are vulnerable to Prototype Pollution via the jsondiffpatch.patch() and jsondiffpatch/formatters/jsonpatch.patch() APIs. An attacker can perform prototype...

vulnerabilityCVEhigh-severitycwe-1321
/SCW Vulnerability Desk /HIGH /8.2 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-8656 — Cross-Site Scripting (XSS)

CVE-2026-8656 — Versions of the package jsondiffpatch before 0.7.6 are vulnerable to Cross-site Scripting (XSS) via the annotated formatter due to improper sanitization of JSON...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.1 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-8681 — The Essential Chat Support plugin for WordPress is

CVE-2026-8681 — The Essential Chat Support plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.0.1. This is due...

vulnerabilityCVEmedium-severitycwe-862
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 2 Sigma

Open WebUI XSS Allows Privilege Escalation to Super Admin

CVE-2026-45665 — Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.0, a Stored Cross-Site Scripting (XSS) vulnerability exists...

vulnerabilityCVEhigh-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-45351 — Open WebUI is a self-hosted artificial intelligence

CVE-2026-45351 — Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.9, when a regular user [non-admin] logs into...

vulnerabilityCVEmedium-severitycwe-200
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-45350: Open WebUI API Flaw Exposes Tools to Unauthorized Access

CVE-2026-45350 — Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.6, there is a vulnerability in chat completion...

vulnerabilityCVEhigh-severitycwe-862
/SCW Vulnerability Desk /HIGH /7.1 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-45345 — Open WebUI is a self-hosted artificial intelligence

CVE-2026-45345 — Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.5.7, a user can modify another user's model...

vulnerabilityCVEmedium-severitycwe-285
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-45338: Open WebUI SSRF Vulnerability Exposes Internal Resources

CVE-2026-45338 — Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, a Server-Side Request Forgery (SSRF) vulnerability exists...

vulnerabilityCVEhigh-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /HIGH /7.7 /⚑ 3 IOCs /⚙ 3 Sigma

Open WebUI CVE-2026-45315: Polyglot Upload Enables XSS

CVE-2026-45315 — Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.3, the audio transcription upload endpoint takes the...

vulnerabilityCVEhigh-severitycwe-79cwe-434cwe-646
/SCW Vulnerability Desk /HIGH /8.7 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-45303: Open WebUI Vulnerability Allows Script Injection

CVE-2026-45303 — Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.6.5, through the HTML rendering view, scripts can...

vulnerabilityCVEhigh-severitycwe-79
/SCW Vulnerability Desk /HIGH /7.7 /⚑ 3 IOCs /⚙ 3 Sigma

Open WebUI Vulnerability Exposes All User Files

CVE-2026-45301 — Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.3.16, a missing permission check in all files...

vulnerabilityCVEhigh-severitycwe-284
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-44571 — Open WebUI is a self-hosted artificial intelligence

CVE-2026-44571 — Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.6, in standard channels (i.e., channels whose channel.type...

vulnerabilityCVEmedium-severitycwe-862
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 2 Sigma

Open WebUI CVE-2026-44570: Inconsistent Auth Exposes User AI Memories

CVE-2026-44570 — Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.6.19, authorization controls surrounding the memories API were...

vulnerabilityCVEhigh-severitycwe-639
/SCW Vulnerability Desk /HIGH /8.3 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-44569: Open WebUI IDOR Exposes Offline AI Messages

CVE-2026-44569 — Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.6.19, there's an IDOR in the channels message...

vulnerabilityCVEhigh-severitycwe-862
/SCW Vulnerability Desk /HIGH /7.1 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-44567: Open WebUI API Fails Role Validation, Allows Unauthorized Access

CVE-2026-44567 — Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.1.124, the API does not properly validate that...

vulnerabilityCVEhigh-severitycwe-602cwe-863
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 2 Sigma

Open WebUI Vulnerability Allows Arbitrary File Uploads via Path Traversal

CVE-2026-44566 — Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.1.124, when attaching files to a promp, the...

vulnerabilityCVEhigh-severitycwe-22cwe-434
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 3 Sigma

Open WebUI Path Traversal (CVE-2026-44565) Allows Arbitrary File Upload

CVE-2026-44565 — Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.6.10, when uploading an audio file, the name...

vulnerabilityCVEhigh-severitycwe-22
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 3 IOCs /⚙ 3 Sigma

Open WebUI XSS Vulnerability Exposes Offline AI Platforms

CVE-2026-44549 — Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.0, Excel file attachments are previewed in an...

vulnerabilityCVEhigh-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 4 IOCs /⚙ 3 Sigma

radare2 Use-After-Free (CVE-2026-8696) Risks Denial of Service, RCE

CVE-2026-8696 — radare2 6.1.5 contains a use-after-free vulnerability in the gdbr_pids_list() function within the GDB client core that allows remote attackers to cause a denial...

vulnerabilityCVEhigh-severityuse-after-freecwe-416
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 4 IOCs /⚙ 2 Sigma

CVE-2026-45675: Open WebUI Vulnerable to Admin Role Race Condition

CVE-2026-45675 — Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, he LDAP and OAuth authentication flows use...

vulnerabilityCVEhigh-severitycwe-269cwe-362
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-45671: Open WebUI File Deletion Flaw Impacts Self-Hosted AI

CVE-2026-45671 — Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, any authenticated user can permanently delete files...

vulnerabilityCVEhigh-severitycwe-639
/SCW Vulnerability Desk /HIGH /8 /⚑ 4 IOCs /⚙ 3 Sigma

Open WebUI CVE-2026-45399: Low-Privilege Users Disrupt System-Wide AI Tasks

CVE-2026-45399 — Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, any authenticated user with low privileges can...

vulnerabilityCVEhigh-severitycwe-862
/SCW Vulnerability Desk /HIGH /7.1 /⚑ 4 IOCs /⚙ 2 Sigma

Open WebUI Vulnerability Exposes User Chat Conversations

CVE-2026-45349 — Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, a user just needs to use the...

vulnerabilityCVEhigh-severitycwe-639
/SCW Vulnerability Desk /HIGH /7.1 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-45339 — Open WebUI is a self-hosted artificial intelligence

CVE-2026-45339 — Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, Open WebUI allows admins to restrict which...

vulnerabilityCVEmedium-severitycwe-863
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-45331: Open WebUI Vulnerability Exposes Internal Networks

CVE-2026-45331 — Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, validate_url() in backend/open_webui/retrieval/web/utils.py calls validators.ipv6(ip, private=True), but...

vulnerabilityCVEhigh-severitycwe-918
/SCW Vulnerability Desk /HIGH /8.5 /⚑ 5 IOCs /⚙ 3 Sigma

CVE-2026-44562 — Open WebUI is a self-hosted artificial intelligence

CVE-2026-44562 — Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the POST /api/v1/models/import endpoint allows users with...

vulnerabilityCVEmedium-severitycwe-283cwe-862
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-44560 — Open WebUI is a self-hosted artificial intelligence

CVE-2026-44560 — Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the type: "file" (non-full-context), type: "text" with...

vulnerabilityCVEmedium-severitycwe-862
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-44558 — Open WebUI is a self-hosted artificial intelligence

CVE-2026-44558 — Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the channel router does not call filter_allowed_access_grants...

vulnerabilityCVEmedium-severitycwe-862
/SCW Vulnerability Desk /MEDIUM /5.4 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-44556: Open WebUI API Bypasses LLM Access Controls

CVE-2026-44556 — Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the /responses endpoint in the OpenAI router...

vulnerabilityCVEhigh-severitycwe-284cwe-862
/SCW Vulnerability Desk /HIGH /7.1 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-44555: Open WebUI Exposes Restricted AI Models

CVE-2026-44555 — Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, Open WebUI supports model composition via base_model_id:...

vulnerabilityCVEhigh-severitycwe-862
/SCW Vulnerability Desk /HIGH /7.6 /⚑ 4 IOCs /⚙ 2 Sigma

Open WebUI Vulnerability: Unauthorized Collection Deletion (CVE-2026-44554)

CVE-2026-44554 — Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the POST /api/v1/retrieval/process/web endpoint accepts a user-supplied...

vulnerabilityCVEhigh-severitycwe-862
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 4 IOCs /⚙ 3 Sigma

Open WebUI Vulnerability: Revoked Admins Retain Access

CVE-2026-44553 — Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, administrative role changes and user deletions do...

vulnerabilityCVEhigh-severitycwe-613
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 3 IOCs /⚙ 2 Sigma

Open WebUI Vulnerability: Redis Key Collision Exposes Multi-Instance Deployments

CVE-2026-44552 — Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the tool_servers and terminal_servers keys in utils/tools.py...

vulnerabilityCVEhigh-severitycwe-668
/SCW Vulnerability Desk /HIGH /8.7 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-44551: Open WebUI LDAP Bypass via Empty Password

CVE-2026-44551 — Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, the LDAP authentication endpoint does not validate...

vulnerabilityCVEcriticalhigh-severitycwe-287
/SCW Vulnerability Desk /CRITICAL /9.1 /⚑ 3 IOCs /⚙ 2 Sigma

Funnel Builder WordPress Plugin Exploited to Steal Credit Cards

A critical vulnerability in the Funnel Builder plugin for WordPress is under active exploitation, according to BleepingComputer. Attackers are injecting malicious JavaScript snippets directly into...

threat-inteldata-breachmalwarevulnerability
/SCW Vulnerability Desk /HIGH /⚑ 3 IOCs /⚙ 3 Sigma

coreMQTT CVE-2026-8686: DoS via Crafted MQTT v5.0 Packet

CVE-2026-8686 — Missing bounds validation in the MQTT v5.0 property parser in coreMQTT before 5.0.1 allows an MQTT broker to cause a denial of service...

vulnerabilityCVEhigh-severitydenial-of-servicecwe-125
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 4 IOCs /⚙ 1 Sigma

Vvveb CMS Vulnerability (CVE-2026-46408) Allows Cart Hijacking

CVE-2026-46408 — Vvveb is a powerful and easy to use CMS with page builder to build websites, blogs or ecommerce stores. Prior to 1.0.8.3, the...

vulnerabilityCVEhigh-severitycwe-639
/SCW Vulnerability Desk /HIGH /7.6 /⚑ 3 IOCs /⚙ 2 Sigma

Vvveb CMS API Token Disclosure (CVE-2026-46407) High Severity

CVE-2026-46407 — Vvveb is a powerful and easy to use CMS with page builder to build websites, blogs or ecommerce stores. Prior to 1.0.8.3, the...

vulnerabilityCVEhigh-severitycwe-639
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 3 IOCs /⚙ 2 Sigma

phpMyFAQ Stored XSS: Authenticated Users Can Steal Admin Sessions

CVE-2026-46367 — phpMyFAQ before 4.1.2 contains a stored cross-site scripting vulnerability in Utils::parseUrl() that allows authenticated users to inject JavaScript via malformed URLs in comments....

vulnerabilityCVEhigh-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /HIGH /7.6 /⚑ 3 IOCs /⚙ 3 Sigma

phpMyFAQ Information Disclosure (CVE-2026-46366) Exposes Restricted Content

CVE-2026-46366 — phpMyFAQ before 4.1.2 contains an information disclosure vulnerability in the getIdFromSolutionId() method that lacks permission filtering, allowing unauthenticated attackers to enumerate restricted FAQ...

vulnerabilityCVEhigh-severityinformation-disclosurecwe-863
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-46364: Critical SQL Injection in phpMyFAQ Unauthenticated API Access

CVE-2026-46364 — phpMyFAQ before 4.1.2 contains an unauthenticated SQL injection vulnerability in BuiltinCaptcha::garbageCollector() and BuiltinCaptcha::saveCaptcha() methods that interpolate unsanitized User-Agent headers into DELETE and INSERT...

vulnerabilityCVEcriticalhigh-severitysql-injectioncwe-89
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-46361 — Cross-Site Scripting (XSS)

CVE-2026-46361 — phpMyFAQ before 4.1.2 contains a stored cross-site scripting vulnerability in search.twig where result.question and result.answerPreview are rendered with the raw filter, disabling autoescape...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.9 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-46359: phpMyFAQ SQL Injection via OAuth Token Claims

CVE-2026-46359 — phpMyFAQ before 4.1.2 contains a sql injection vulnerability in CurrentUser::setTokenData that allows authenticated attackers to execute arbitrary SQL by injecting malicious OAuth token...

vulnerabilityCVEhigh-severitysql-injectioncwe-89
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 5 IOCs /⚙ 3 Sigma

CVE-2026-45010: phpMyFAQ 2FA Bypass Grants Admin Access

CVE-2026-45010 — phpMyFAQ before 4.1.2 contains an improper restriction of excessive authentication attempts vulnerability in the /admin/check endpoint, which accepts arbitrary user-id parameters without session...

vulnerabilityCVEcriticalhigh-severitycwe-307
/SCW Vulnerability Desk /CRITICAL /9.1 /⚑ 3 IOCs /⚙ 2 Sigma

Vvveb CMS CVE-2026-44826 Allows Negative Order Totals, Exposing Merchants to Financial Fraud

CVE-2026-44826 — Vvveb is a powerful and easy to use CMS with page builder to build websites, blogs or ecommerce stores. Prior to 1.0.8.2, Vvveb...

vulnerabilityCVEhigh-severitycwe-1284
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2021-47966: PHP Timeclock SQLi Exposes Employee Data

CVE-2021-47966 — PHP Timeclock 1.04 contains time-based and boolean-based blind SQL injection vulnerabilities in the login_userid parameter of login.php that allows unauthenticated attackers to extract...

vulnerabilityCVEhigh-severitysql-injectioncwe-89
/SCW Vulnerability Desk /HIGH /8.2 /⚑ 5 IOCs /⚙ 3 Sigma

WordPress Plugin WP Super Edit RCE via Unrestricted File Upload

CVE-2021-47965 — WordPress Plugin WP Super Edit 2.5.4 and earlier contains an unrestricted file upload vulnerability in the FCKeditor component that allows attackers to upload...

vulnerabilityCVEcriticalhigh-severityremote-code-executioncwe-434
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 3 IOCs /⚙ 3 Sigma

Schlix CMS RCE (CVE-2021-47964) Exposes Servers to Authenticated Attackers

CVE-2021-47964 — Schlix CMS 2.2.6-6 contains a remote code execution vulnerability that allows authenticated attackers to execute arbitrary PHP code by uploading malicious extension packages...

vulnerabilityCVEhigh-severityremote-code-executioncwe-94
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 4 IOCs /⚙ 3 Sigma

Anote 1.0 RCE via Persistent XSS (CVE-2021-47963)

CVE-2021-47963 — Anote 1.0 contains a persistent cross-site scripting vulnerability that allows attackers to execute arbitrary code by injecting malicious payloads into markdown files stored...

vulnerabilityCVEhigh-severityremote-code-executioncwe-79
/SCW Vulnerability Desk /HIGH /7.2 /⚑ 3 IOCs /⚙ 3 Sigma

WordPress WPGraphQL DoS: Unauthenticated Attackers Can Crash Servers

CVE-2021-47959 — WordPress Plugin WPGraphQL 1.3.5 contains a denial of service vulnerability that allows unauthenticated attackers to exhaust server resources by sending batched GraphQL queries...

vulnerabilityCVEhigh-severitydenial-of-servicecwe-770
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 3 IOCs /⚙ 5 Sigma

CVE-2026-8695: radare2 Use-After-Free Allows Remote Code Execution

CVE-2026-8695 — radare2 6.1.5 contains a use-after-free vulnerability in the gdbr_threads_list() function that allows remote attackers to trigger memory corruption by sending a valid qfThreadInfo...

vulnerabilityCVEhigh-severitycode-executioncwe-416
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 4 IOCs /⚙ 2 Sigma

CVE-2026-46383 — Microsoft APM is an open-source, community-driven

CVE-2026-46383 — Microsoft APM is an open-source, community-driven dependency manager for AI agents. Prior to 0.13.0, Microsoft APM contains a Windows-specific archive extraction boundary failure...

vulnerabilityCVEmedium-severitycwe-22cwe-73
/SCW Vulnerability Desk /MEDIUM /5.5 /⚑ 3 IOCs /⚙ 3 Sigma

Microsoft APM Vulnerability CVE-2026-45539 Exposes AI Agent Files

CVE-2026-45539 — Microsoft APM is an open-source, community-driven dependency manager for AI agents. From 0.5.4 to 0.12.4, two primitive integrators in apm-cli enumerate package files...

vulnerabilityCVEhigh-severitycwe-59cwe-200
/SCW Vulnerability Desk /HIGH /7.4 /⚑ 4 IOCs /⚙ 3 Sigma

Tabby Terminal Vulnerability CVE-2026-45037 Allows OS Protocol Handler Hijack

CVE-2026-45037 — Tabby (formerly Terminus) is a highly configurable terminal emulator. Prior to 1.0.232, Tabby's terminal linkifier passes any detected URI directly to the operating...

vulnerabilityCVEhigh-severitycwe-184cwe-601
/SCW Vulnerability Desk /HIGH /7.1 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-45036: Tabby Terminal ZMODEM Flaw Enables Code Execution

CVE-2026-45036 — Tabby (formerly Terminus) is a highly configurable terminal emulator. Prior to 1.0.233, Tabby before 1.0.233 automatically confirms ZMODEM protocol detection on all terminal...

vulnerabilityCVEhigh-severitycode-executioncwe-78
/SCW Vulnerability Desk /HIGH /7 /⚑ 5 IOCs /⚙ 3 Sigma

CVE-2026-44717: Critical RCE in MCP Calculate Server Due to `eval()`

CVE-2026-44717 — MCP Calculate Server is a mathematical calculation service based on MCP protocol and SymPy library. Prior to 0.1.1, the use of eval() to...

vulnerabilityCVEcriticalhigh-severityremote-code-executioncwe-94
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-44714: bitcoinj Library Flaw Allows Arbitrary P2PKH/P2WPKH Spends

CVE-2026-44714 — The bitcoinj library is a Java implementation of the Bitcoin protocol. Prior to 0.17.1, ScriptExecution.correctlySpends() contains two fast-path verification bugs for standard P2PKH...

vulnerabilityCVEhigh-severitycwe-347
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-44641: Microsoft APM Plugin Path Traversal Vulnerability

CVE-2026-44641 — Microsoft APM is an open-source, community-driven dependency manager for AI agents. Prior to 0.8.12, Microsoft APM normalizes marketplace plugins by copying plugin components...

vulnerabilityCVEhigh-severitycwe-22cwe-73
/SCW Vulnerability Desk /HIGH /7.1 /⚑ 4 IOCs /⚙ 1 Sigma

CVE-2026-44310 — Gitsign is a keyless Sigstore to signing tool for Git

CVE-2026-44310 — Gitsign is a keyless Sigstore to signing tool for Git commits with your a GitHub / OIDC identity. From 0.4.0 to before 0.15.0,...

vulnerabilityCVEmedium-severitycwe-129cwe-390
/SCW Vulnerability Desk /MEDIUM /5.4 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-44309 — Gitsign is a keyless Sigstore to signing tool for Git

CVE-2026-44309 — Gitsign is a keyless Sigstore to signing tool for Git commits with your a GitHub / OIDC identity. Prior to 0.16.0, gitsign verify...

vulnerabilityCVEmedium-severitycwe-295cwe-347
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-42207 — Magento Long Term Support (LTS) is an unofficial,

CVE-2026-42207 — Magento Long Term Support (LTS) is an unofficial, community-driven project provides an alternative to the Magento Community Edition e-commerce platform with a high...

vulnerabilityCVEmedium-severitycwe-601
/SCW Vulnerability Desk /MEDIUM /6.1 /⚑ 2 IOCs /⚙ 2 Sigma

OpenMRS RCE: Critical Vulnerability Allows Unrestricted Java Reflection

CVE-2026-41258 — OpenMRS is an open source electronic medical record system platform. From 2.7.0 to before 2.7.9 and 2.8.6, the ConceptReferenceRangeUtility.evaluateCriteria() method in OpenMRS Core...

vulnerabilityCVEcriticalhigh-severitycwe-94
/SCW Vulnerability Desk /CRITICAL /9.1 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-23695 — Cross-Site Scripting (XSS)

CVE-2026-23695 — Cockpit CMS through version 2.14.0, patched in commit 72a83fc, contains a stored cross-site scripting vulnerability in the Set field type's Display template option,...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /5.4 /⚑ 2 IOCs

Turla Transforms Kazuar Backdoor into Modular P2P Botnet

The Russian state-sponsored hacking group Turla has evolved its custom backdoor, Kazuar, into a sophisticated modular peer-to-peer (P2P) botnet. This upgrade, reported by The Hacker...

threat-intelvulnerabilitymalware
/SCW Vulnerability Desk /HIGH /⚑ 3 IOCs /⚙ 4 Sigma

CVE-2026-45736 — ws is an open source WebSocket client and server for

CVE-2026-45736 — ws is an open source WebSocket client and server for Node.js. Prior to 8.20.1, the websocket.close() implementation is vulnerable to uninitialized memory disclosure...

vulnerabilityCVEmedium-severitycwe-908
/SCW Vulnerability Desk /MEDIUM /4.4 /⚑ 2 IOCs /⚙ 1 Sigma

Nvidia, Android, Audi, Canvas: Security Week Highlights Key Flaws

SecurityWeek highlighted several critical security developments that warrant attention. Among these, an Nvidia cloud gaming data breach surfaced, underscoring the persistent risks associated with large-scale...

threat-intelvulnerabilitydata-breachcloudai-security
/SCW Vulnerability Desk /HIGH /⚑ 3 IOCs /⚙ 3 Sigma

OpenClaw Flaws Chained for Data Theft, Persistence

The Hacker News reports on a critical set of four vulnerabilities, collectively dubbed "Claw Chain" by Cyera, impacting OpenClaw. These flaws aren't theoretical; they can...

threat-intelvulnerabilitymalwarecloud
/SCW Vulnerability Desk /MEDIUM /⚑ 3 IOCs /⚙ 3 Sigma

CISA Mandates Cisco SD-WAN Patch for Federal Agencies

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an emergency directive requiring all federal agencies to patch a critical vulnerability in Cisco SD-WAN...

threat-inteldata-breachgovernmentvulnerabilityidentitytools
/SCW Vulnerability Desk /HIGH /⚑ 2 IOCs /⚙ 3 Sigma

JDownloader Installer Compromised, Delivering Python RAT via Unpatched CMS

Attackers compromised the JDownloader website between May 6-7, affecting the Windows "Download Alternative Installer" links and the Linux shell installer. Malwarebytes Blog reports that during...

malwarethreat-intelransomwarevulnerabilitydata-breachmicrosoftidentity
/SCW Vulnerability Desk /HIGH /⚑ 5 IOCs /⚙ 2 Sigma

American Lending Center Data Breach Exposes 123,000 Individuals

American Lending Center, a non-bank lender, has confirmed a data breach impacting approximately 123,000 individuals. According to SecurityWeek, the incident stemmed from a ransomware attack...

threat-intelvulnerabilitymalwareransomwaredata-breach
/SCW Vulnerability Desk /HIGH /⚑ 2 IOCs /⚙ 3 Sigma

Trusted Tools: The Silent Threat in Your Attack Surface

The Hacker News highlights a critical shift in the threat landscape: the most dangerous activities within organizations now mimic legitimate administration. Threat actors are increasingly...

threat-intelvulnerabilitymalwaretools
/SCW Vulnerability Desk /MEDIUM /⚑ 5 IOCs

CVE-2026-41971 — Permission control vulnerability in the security control

CVE-2026-41971 — Permission control vulnerability in the security control module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

vulnerabilityCVEmedium-severitycwe-840
/SCW Vulnerability Desk /MEDIUM /5.5 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-41970 — Out-of-Bounds $1

CVE-2026-41970 — Out-of-bounds write vulnerability in the distributed file system module. Impact: Successful exploitation of this vulnerability may affect availability.

vulnerabilityCVEmedium-severityout-of-bounds-1cwe-787
/SCW Vulnerability Desk /MEDIUM /6.8 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-41969 — Permission control vulnerability in the projection module.

CVE-2026-41969 — Permission control vulnerability in the projection module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

vulnerabilityCVEmedium-severitycwe-275
/SCW Vulnerability Desk /MEDIUM /6.2 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-41968 — Permission control vulnerability in the manufacturability

CVE-2026-41968 — Permission control vulnerability in the manufacturability design module. Impact: Successful exploitation of this vulnerability may affect availability.

vulnerabilityCVEmedium-severitycwe-840
/SCW Vulnerability Desk /MEDIUM /5.9 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-41967 — Permission control vulnerability in the manufacturability

CVE-2026-41967 — Permission control vulnerability in the manufacturability design module. Impact: Successful exploitation of this vulnerability may affect availability.

vulnerabilityCVEmedium-severitycwe-840
/SCW Vulnerability Desk /MEDIUM /5.9 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-41966 — Permission control vulnerability in the smart sensing

CVE-2026-41966 — Permission control vulnerability in the smart sensing service. Impact: Successful exploitation of this vulnerability may affect service confidentiality.

vulnerabilityCVEmedium-severitycwe-840
/SCW Vulnerability Desk /MEDIUM /5.6 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-41965 — Use-After-Free

CVE-2026-41965 — Use-After-Free (UAF) vulnerability in the web. Impact: Successful exploitation of this vulnerability may affect availability.

vulnerabilityCVEmedium-severityuse-after-freecwe-840
/SCW Vulnerability Desk /MEDIUM /5.6 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-41964: High-Severity Web Permission Control Vulnerability Disclosed

CVE-2026-41964 — Permission control vulnerability in the web. Impact: Successful exploitation of this vulnerability may affect availability.

vulnerabilityCVEhigh-severitycwe-362
/SCW Vulnerability Desk /HIGH /8.4 /⚑ 2 IOCs /⚙ 4 Sigma

CVE-2026-41961 — Permission control vulnerability in contacts. Impact:

CVE-2026-41961 — Permission control vulnerability in contacts. Impact: Successful exploitation of this vulnerability may affect availability.

vulnerabilityCVEmedium-severitycwe-840
/SCW Vulnerability Desk /MEDIUM /5.9 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-41960 — Permission control vulnerability in calls. Impact:

CVE-2026-41960 — Permission control vulnerability in calls. Impact: Successful exploitation of this vulnerability may affect availability.

vulnerabilityCVEmedium-severitycwe-200
/SCW Vulnerability Desk /MEDIUM /5.8 /⚑ 2 IOCs /⚙ 3 Sigma

TeamPCP Releases Shai-Hulud Worm Source Code, Incentivizes Supply Chain Attacks

The hacking group TeamPCP has publicly released the source code for its Shai-Hulud worm, according to SecurityWeek. This isn't just a code dump; TeamPCP is...

threat-intelvulnerabilitymalwaretools
/SCW Vulnerability Desk /HIGH /⚑ 2 IOCs

Microsoft Exchange Zero-Day Exploited via XSS in Outlook on the web

Microsoft has issued mitigations for a high-severity zero-day vulnerability in Exchange Server, actively exploited in the wild. BleepingComputer reports that this flaw allows threat actors...

threat-inteldata-breachmalwarevulnerabilitymicrosoft
/SCW Vulnerability Desk /MEDIUM /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-8425 — The Notify Odoo plugin for WordPress is vulnerable to

CVE-2026-8425 — The Notify Odoo plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.1. This is due...

vulnerabilityCVEmedium-severitycwe-352
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-8398: DAEMON Tools Lite Supply Chain Compromise

CVE-2026-8398 — A supply chain attack compromised the official installation packages of DAEMON Tools Lite (Windows versions 12.5.0.2421 through 12.5.0.2434), distributed from the legitimate website...

vulnerabilityCVEcriticalhigh-severitycwe-506
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 5 IOCs /⚙ 4 Sigma

CVE-2026-7563 — The Classified Listing – AI-Powered Classified ads &

CVE-2026-7563 — The Classified Listing – AI-Powered Classified ads & Business Directory Plugin plugin for WordPress is vulnerable to unauthorized access in all versions up...

vulnerabilityCVEmedium-severitycwe-862
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-7046 — SQL Injection

CVE-2026-7046 — The NEX-Forms – Ultimate Forms Plugin for WordPress plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'table' parameter in...

vulnerabilityCVEmedium-severitysql-injectioncwe-89
/SCW Vulnerability Desk /MEDIUM /4.9 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-6415 — Cross-Site Scripting (XSS)

CVE-2026-6415 — The Advanced Custom Fields: Font Awesome plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to and including 5.0.2. This...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs /⚙ 3 Sigma

WordPress Quick Playground Plugin Path Traversal (CVE-2026-6403)

CVE-2026-6403 — The Quick Playground plugin for WordPress is vulnerable to Path Traversal in versions up to and including 1.3.3. This is due to insufficient...

vulnerabilityCVEhigh-severitypath-traversalcwe-22
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-6228: WordPress Frontend Admin Plugin Privilege Escalation

CVE-2026-6228 — The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to Privilege Escalation in versions up to and including 3.28.36. This is due...

vulnerabilityCVEhigh-severityprivilege-escalationcwe-269
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 5 IOCs /⚙ 3 Sigma

WordPress Form Notify Plugin: Critical Authentication Bypass (CVE-2026-5229)

CVE-2026-5229 — The Form Notify plugin for WordPress is vulnerable to Authentication Bypass in versions up to and including 1.1.10. This is due to the...

vulnerabilityCVEcriticalhigh-severityauthentication-bypasscwe-287
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-4683 — Denial of Service

CVE-2026-4683 — The Smartcat Translator for WPML plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-862
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 3 Sigma

Chrome 148 Update Patches Critical Vulnerabilities

Google has rolled out Chrome 148, addressing several critical vulnerabilities within the browser. According to SecurityWeek, this update specifically resolves critical-severity use-after-free bugs and other...

threat-intelvulnerability
/SCW Vulnerability Desk /MEDIUM /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-6646 — Cross-Site Scripting (XSS)

CVE-2026-6646 — The The7 theme for WordPress is vulnerable to Stored Cross-Site Scripting via the 'dt_default_button' shortcode in all versions up to, and including, 14.3.2....

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-4094: WooCommerce Currency Switcher Plugin Vulnerable to Data Loss

CVE-2026-4094 — The FOX – Currency Switcher Professional for WooCommerce plugin for WordPress is vulnerable to unauthorized data loss due to a missing capability check...

vulnerabilityCVEhigh-severitycwe-862
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 4 IOCs /⚙ 3 Sigma

VMware Fusion TOCTOU Flaw Grants Root Privileges

CVE-2026-41702 — VMware Fusion contains a TOCTOU (Time-of-check Time-of-use) vulnerability that occurs during an operation performed by a SETUID binary. A malicious actor with local non-administrative user...

vulnerabilityCVEhigh-severitycwe-367
/SCW Vulnerability Desk /HIGH /7.8 /⚑ 3 IOCs /⚙ 2 Sigma

Musetheque V4 CSRF Vulnerability (CVE-2026-28761) Poses High Risk

CVE-2026-28761 — Cross-site request forgery vulnerability exists in Musetheque V4 Information Disclosure for IPKNOWLEDGE V4L1 rev2203.0 and earlier. If a user views a malicious page...

vulnerabilityCVEhigh-severityinformation-disclosurecwe-352
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 1 IOC /⚙ 2 Sigma

CVE-2026-24662 — Cross-Site Scripting (XSS)

CVE-2026-24662 — Cross-site scripting vulnerability exists in Musetheque V4 Information Disclosure for IPKNOWLEDGE V4L1 rev2203.0 and earlier. If a file containing malicious contents is uploaded,...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /5.4 /⚑ 2 IOCs /⚙ 2 Sigma

mlflow Unauthenticated Access: FastAPI Routes Exposed in Versions < 3.10.0

CVE-2026-2652 — A vulnerability in mlflow/mlflow versions 3.9.0 and earlier allows unauthenticated access to certain FastAPI routes when the server is started with authentication enabled...

vulnerabilityCVEhigh-severityauthentication-bypasscwe-305
/SCW Vulnerability Desk /HIGH /8.6 /⚑ 5 IOCs /⚙ 3 Sigma

CVE-2026-6811 — Stack exhaustion vulnerability in the MongoDB PHP driver

CVE-2026-6811 — Stack exhaustion vulnerability in the MongoDB PHP driver can cause application crashes when processing deeply nested BSON documents in unusual circumstances when the...

vulnerabilityCVEmedium-severitycwe-674
/SCW Vulnerability Desk /MEDIUM /5.9 /⚑ 2 IOCs /⚙ 4 Sigma

CVE-2026-45248 — The GET /Api/V1/Demo/Registered-Users Endpoint That Authentication Bypass

CVE-2026-45248 — Hedera Guardian through 3.5.1 contains an authentication bypass vulnerability in the GET /api/v1/demo/registered-users endpoint that allows unauthenticated attackers to retrieve sensitive user information....

vulnerabilityCVEmedium-severityauthentication-bypasscwe-306
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 3 Sigma

ZITADEL LDAP Filter Injection Exposes Usernames, Attributes

CVE-2026-44671 — ZITADEL is an open source identity management platform. From 2.71.11 to before 3.4.10 and 4.15.0, a vulnerability was discovered in Zitadel's LDAP identity...

vulnerabilityCVEhigh-severityauthentication-bypasscwe-90
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-45370: python-utcp Exposes Process Secrets via Environment Variables

CVE-2026-45370 — python-utcp is the python implementation of UTCP. Prior to 1.1.3, _prepare_environment() in cli_communication_protocol.py passes a full copy of os.environ to every CLI subprocess....

vulnerabilityCVEhigh-severitycwe-526
/SCW Vulnerability Desk /HIGH /7.7 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-45369: Python-UTCP RCE via Unsanitized Shell Commands

CVE-2026-45369 — python-utcp is the python implementation of UTCP. Prior to 1.1.3, the _substitute_utcp_args method in cli_communication_protocol.py inserts user-controlled tool_args values directly into shell command...

vulnerabilityCVEhigh-severitycwe-78
/SCW Vulnerability Desk /HIGH /8.3 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-44673: libyang Integer Overflow Leads to Heap Corruption

CVE-2026-44673 — libyang is a YANG data modeling language library. Prior to SO 5.2.15, lyb_read_string() in src/parser_lyb.c contains an integer overflow that results in a...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-190
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-44661 — Server-Side Request Forgery

CVE-2026-44661 — python-utcp is the python implementation of UTCP. Prior to 1.1.3, the utcp-http plugin is vulnerable to a blind Server-Side Request Forgery (SSRF) caused...

vulnerabilityCVEmedium-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /MEDIUM /4.7 /⚑ 2 IOCs /⚙ 3 Sigma

PrestaShop XSS: Critical Back-Office Takeover via Customer Service View

CVE-2026-44212 — PrestaShop is an open source e-commerce web application. Prior to 8.2.6 and 9.1.1, there is a stored Cross-Site Scripting (XSS) vulnerability in the...

vulnerabilityCVEcriticalhigh-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /CRITICAL /9.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-8634: Crabbox Environment Variable Exposure Critical Vulnerability

CVE-2026-8634 — Crabbox prior to v0.12.0 contains an environment variable exposure vulnerability that allows attackers with access to a malicious or compromised repository to forward...

vulnerabilityCVEcriticalhigh-severitycwe-94
/SCW Vulnerability Desk /CRITICAL /9.1 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-8629: Crabbox Privilege Escalation Puts Shared Environments at Risk

CVE-2026-8629 — Crabbox prior to v0.12.0 contains a privilege escalation vulnerability that allows users with shared visibility-only access to obtain Code, WebVNC, and Egress agent...

vulnerabilityCVEhigh-severityprivilege-escalationcwe-639
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 5 IOCs /⚙ 3 Sigma

Amazon SageMaker Python SDK: RCE via Missing Integrity Verification (CVE-2026-8597)

CVE-2026-8597 — Missing integrity verification in the Triton inference handler in Amazon SageMaker Python SDK v2 before v2.257.2 and v3 before v3.8.0 might allow a...

vulnerabilityCVEhigh-severitycode-executioncwe-354
/SCW Vulnerability Desk /HIGH /7.2 /⚑ 4 IOCs /⚙ 3 Sigma

Amazon SageMaker Python SDK: CVE-2026-8596 Allows Code Execution

CVE-2026-8596 — Cleartext storage of sensitive information in the ModelBuilder/Serve component in Amazon SageMaker Python SDK before v2.257.2 and v3 before v3.8.0 might allow a...

vulnerabilityCVEhigh-severitycode-executioncwe-312
/SCW Vulnerability Desk /HIGH /7.2 /⚑ 4 IOCs /⚙ 2 Sigma

libsixel Signed Integer Overflow (CVE-2026-44637) Leads to Heap Write

CVE-2026-44637 — libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. From to 1.8.7-r1, a signed integer overflow in the SIXEL parser's image-buffer doubling...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-190cwe-787
/SCW Vulnerability Desk /HIGH /7.1 /⚑ 5 IOCs /⚙ 3 Sigma

CVE-2026-44636: libsixel Integer Overflow Leads to Heap Buffer Overflow

CVE-2026-44636 — libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. From to 1.8.7-r1, signed integer overflow in sixel_encode_highcolor's allocation size calculation can lead...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-122cwe-190
/SCW Vulnerability Desk /HIGH /7.4 /⚑ 4 IOCs /⚙ 2 Sigma

CVE-2026-43996 — OpenImageIO is a toolset for reading, writing, and

CVE-2026-43996 — OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to...

vulnerabilityCVEmedium-severitycwe-125
/SCW Vulnerability Desk /MEDIUM /5.5 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-43909: OpenImageIO Vulnerability Exposes Apps to OOB Read/Write

CVE-2026-43909 — OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to...

vulnerabilityCVEhigh-severityout-of-bounds-1cwe-125cwe-190cwe-787
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 2 Sigma

OpenImageIO CVE-2026-43908: High-Severity Integer Overflow Leads to RCE

CVE-2026-43908 — OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to...

vulnerabilityCVEhigh-severityout-of-bounds-1cwe-190cwe-787
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 2 IOCs /⚙ 3 Sigma

OpenImageIO CVE-2026-43907: Heap Overflow in DPX Processing

CVE-2026-43907 — OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to...

vulnerabilityCVEhigh-severitycode-executioncwe-190cwe-787
/SCW Vulnerability Desk /HIGH /8.3 /⚑ 5 IOCs /⚙ 3 Sigma

CVE-2026-8621: Crabbox Authentication Bypass Allows Impersonation

CVE-2026-8621 — Crabbox prior to v0.12.0 contains an authentication bypass vulnerability that allows non-admin shared-token callers to impersonate other owners or organizations by spoofing identity...

vulnerabilityCVEhigh-severityauthentication-bypasscwe-287
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-45375: Critical XSS in SiYuan Knowledge Management System

CVE-2026-45375 — SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, SiYuan's Bazaar (community marketplace) renders the name and version fields of a...

vulnerabilityCVEcriticalhigh-severitycwe-79cwe-116
/SCW Vulnerability Desk /CRITICAL /9 /⚑ 4 IOCs /⚙ 6 Sigma

CVE-2026-45148 — SiYuan is an open-source personal knowledge management

CVE-2026-45148 — SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, broken access control in the searchAsset, searchTag, searchWidget, and searchTemplate publish-mode Readers...

vulnerabilityCVEmedium-severitycwe-863
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-45147 — SiYuan is an open-source personal knowledge management

CVE-2026-45147 — SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, POST /api/tag/getTag is registered with model.CheckAuth only, omitting both model.CheckAdminRole and model.CheckReadonly,...

vulnerabilityCVEmedium-severitycwe-285cwe-862
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 3 IOCs /⚙ 3 Sigma

Live Helper Chat REST API Vulnerability Allows Unauthorized Chat Tampering

CVE-2026-44633 — Live Helper Chat is an open-source application that enables live support websites. In 4.84v, the Live Helper Chat REST API chat update endpoint...

vulnerabilityCVEhigh-severitycwe-863
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 3 IOCs /⚙ 3 Sigma

Gradient CI/CD System Critical Vulnerability Allows Unauthenticated Worker Registration

CVE-2026-44592 — Gradient is a nix-based continuous integration system. In 1.1.0, when GRADIENT_DISCOVERABLE=true (the default, and the NixOS module default), anyone who can reach /proto...

vulnerabilityCVEcriticalhigh-severitycwe-306cwe-345cwe-862
/SCW Vulnerability Desk /CRITICAL /9.4 /⚑ 1 IOC /⚙ 3 Sigma

CVE-2026-44586: SiYuan Stored XSS Leads to RCE in Desktop App

CVE-2026-44586 — SiYuan is an open-source personal knowledge management system. From 2.1.12 to before 3.7.0. SiYuan's Bazaar marketplace renders package author metadata from the public...

vulnerabilityCVEhigh-severitycross-site-scripting-xsscwe-79cwe-94
/SCW Vulnerability Desk /HIGH /8.3 /⚑ 3 IOCs /⚙ 3 Sigma

Windows 11, Microsoft Edge Hacked at Pwn2Own Berlin

The first day of Pwn2Own Berlin 2026 saw security researchers successfully exploit 24 unique zero-day vulnerabilities in Windows 11 and Microsoft Edge. According to BleepingComputer,...

threat-inteldata-breachmalwarevulnerabilitymicrosoft
/SCW Vulnerability Desk /MEDIUM /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-46470 — GStreamer Gst-Plugins-Good Denial of Service

CVE-2026-46470 — An issue was discovered in GStreamer gst-plugins-good before 1.28.2. When parsing MP4 audio tracks, the isomp4 plugin's qtdemux_audio_caps function does not sufficiently validate...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-369
/SCW Vulnerability Desk /MEDIUM /4 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-46469 — GStreamer Gst-Plugins-Good Denial of Service

CVE-2026-46469 — An issue was discovered in GStreamer gst-plugins-good before 1.28.2. When parsing MP4 audio tracks, the isomp4 plugin's qtdemux_parse_trak function does not sufficiently validate...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-369
/SCW Vulnerability Desk /MEDIUM /4 /⚑ 2 IOCs /⚙ 1 Sigma

CVE-2026-44542: Critical Path Traversal in FileBrowser Quantum

CVE-2026-44542 — FileBrowser Quantum is a free, self-hosted, web-based file manager. Prior to 1.3.1-stable and 1.3.9-beta, attacker-controlled path input is joined with a trusted base...

vulnerabilityCVEcriticalhigh-severityarbitrary-file-accesscwe-22
/SCW Vulnerability Desk /CRITICAL /9.1 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-44520 — Server-Side Request Forgery

CVE-2026-44520 — Docling-Graph turns documents into validated Pydantic objects, then builds a directed knowledge graph with explicit semantic relationships. Prior to 1.5.1, the URLInputHandler class...

vulnerabilityCVEmedium-severityserver-side-request-forgerycwe-601cwe-918
/SCW Vulnerability Desk /MEDIUM /5.7 /⚑ 3 IOCs /⚙ 3 Sigma

Microsoft Exchange Server XSS Allows Network Spoofing (CVE-2026-42897)

CVE-2026-42897 — Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a...

vulnerabilityCVEhigh-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-42572 — Hatchet is a platform for orchestrating background tasks,

CVE-2026-42572 — Hatchet is a platform for orchestrating background tasks, AI agents, and durable workflows at scale. Prior to 0.83.39, a missing authorization directive on...

vulnerabilityCVEmedium-severitycwe-639cwe-863
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 3 IOCs /⚙ 2 Sigma

Mongoose Query Sanitization Bypass Via $nor Operator (CVE-2026-42334)

CVE-2026-42334 — Mongoose is a MongoDB object modeling tool designed to work in an asynchronous environment. Prior to 6.13.9, 7.8.9, 8.22.1, and 9.1.6, a vulnerability...

vulnerabilityCVEhigh-severitycwe-74
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 3 IOCs /⚙ 3 Sigma

Microsoft Authenticator Critical Info Disclosure (CVE-2026-41615)

CVE-2026-41615 — Exposure of sensitive information to an unauthorized actor in Microsoft Authenticator allows an unauthorized attacker to disclose information over a network.

vulnerabilityCVEcriticalhigh-severitycwe-200
/SCW Vulnerability Desk /CRITICAL /9.6 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2025-15024: Yordam Library Automation System Code Injection

CVE-2025-15024 — Improper Control of Generation of Code ('Code Injection') vulnerability in Yordam Information Technology Consulting, Training and Electronic Systems Industry and Trade Inc. Library...

vulnerabilityCVEhigh-severitycwe-94
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 4 Sigma

CVE-2025-15023: Yordam Library System Authorization Flaw

CVE-2025-15023 — Incorrect Authorization vulnerability in Yordam Information Technology Consulting, Training and Electronic Systems Industry and Trade Inc. Library Automation System allows Exploiting Incorrectly Configured...

vulnerabilityCVEhigh-severitycwe-863
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 3 Sigma

Stealer Backdoor Found in 3 Node-IPC Versions Targeting Developer Secrets

Cybersecurity researchers are sounding the alarm about "malicious activity" found in newly published versions of `node-ipc`. According to The Hacker News, citing Socket and StepSecurity,...

threat-intelvulnerabilitymalware
/SCW Vulnerability Desk /MEDIUM /⚑ 4 IOCs /⚙ 3 Sigma

Diffusers RCE: Hugging Face Pipeline Loading Bypasses `trust_remote_code`

CVE-2026-44827 — Diffusers is the a library for pretrained diffusion models. Prior to 0.38.0, diffusers 0.37.0 allows remote code execution without the trust_remote_code=True safeguard when...

vulnerabilityCVEhigh-severityremote-code-executioncwe-94
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 1 IOC /⚙ 6 Sigma

CVE-2026-44516: Valtimo Logs Sensitive Data Regardless of Debug Settings

CVE-2026-44516 — Valtimo is an open-source business process automation platform. From 12.4.0 to 12.33.0 and 13.26.0, the LoggingRestClientCustomizer in the web module automatically intercepts all...

vulnerabilityCVEhigh-severitycwe-532
/SCW Vulnerability Desk /HIGH /7.6 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-44514 — Both The Desktop Deployment (Default Http://Localhost:7500) Vulnerability

CVE-2026-44514 — Kubetail is a real-time logging dashboard for Kubernetes. Prior to 0.14.0, Kubetail's dashboard exposes WebSocket endpoints that did not adequately validate the Origin...

vulnerabilityCVEmedium-severitycwe-1385
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-44513: Diffusers RCE Bypasses trust_remote_code Flag

CVE-2026-44513 — Diffusers is the a library for pretrained diffusion models. Prior to 0.38.0, a trust_remote_code bypass in DiffusionPipeline.from_pretrained allows arbitrary remote code execution despite...

vulnerabilityCVEhigh-severityremote-code-executioncwe-94
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 5 IOCs /⚙ 3 Sigma

CVE-2026-44511: Katalyst Koi Admin Sessions Persist After Logout

CVE-2026-44511 — Katalyst Koi is a framework for building Rails admin functionality. Prior to 4.20.0 and 5.6.0, admin session cookies were not invalidated when an...

vulnerabilityCVEhigh-severitycwe-613
/SCW Vulnerability Desk /HIGH /7.4 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-44312 — css_parser is a Ruby CSS parser. Prior to 2.1.0 and 1.22.0,

CVE-2026-44312 — css_parser is a Ruby CSS parser. Prior to 2.1.0 and 1.22.0, the CSS Parser gem does not validate HTTPS connections, allowing a Man-in-the-Middle...

vulnerabilityCVEmedium-severitycwe-295cwe-829
/SCW Vulnerability Desk /MEDIUM /5.8 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-42555: Valtimo RCE Via Spring Expression Language

CVE-2026-42555 — Valtimo is an open-source business process automation platform. com.ritense.valtimo:document from 12.0.0 to before 12.32.0, com.ritense.valtimo:case from 13.0.0 to before 13.23.0, and com.ritense.valtimo:contract from...

vulnerabilityCVEcriticalhigh-severityremote-code-executioncwe-94
/SCW Vulnerability Desk /CRITICAL /9.1 /⚑ 5 IOCs /⚙ 4 Sigma

Cisco Catalyst SD-WAN Manager XXE Flaw Allows Arbitrary File Read

CVE-2026-20224 — A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an unauthenticated, remote attacker to read arbitrary...

vulnerabilityCVEhigh-severityarbitrary-file-accesscwe-20
/SCW Vulnerability Desk /HIGH /8.6 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-20210 — The Web UI Of Cisco Catalyst SD-WAN Manager, Formerly SD-WAN Vulnerability

CVE-2026-20210 — A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, remote attacker with read-only permissions...

vulnerabilityCVEmedium-severitycwe-779
/SCW Vulnerability Desk /MEDIUM /5.4 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-20209 — The Web UI Of Cisco Catalyst SD-WAN Manager, Formerly SD-WAN Vulnerability

CVE-2026-20209 — A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, remote attacker with read-only permissions...

vulnerabilityCVEmedium-severitycwe-779
/SCW Vulnerability Desk /MEDIUM /5.4 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-20182: Critical Authentication Bypass in Cisco SD-WAN Leads to Admin Access

CVE-2026-20182 — May 2026: This security advisory provides the details and fix information for a vulnerability that was discovered and fixed after the was disclosed...

vulnerabilityCVEcriticalhigh-severitycwe-287
/SCW Vulnerability Desk /CRITICAL /10 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2025-62313 — HCL AION is affected by a vulnerability where adequate

CVE-2025-62313 — HCL AION is affected by a vulnerability where adequate protections against brute-force attempts are not enforced. This may allow repeated authentication attempts, potentially...

vulnerabilityCVEmedium-severitycwe-307
/SCW Vulnerability Desk /MEDIUM /5.4 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2025-62310 — HCL AION is affected by a vulnerability where encryption is

CVE-2025-62310 — HCL AION is affected by a vulnerability where encryption is not enforced for certain data transmissions or operations. This may expose sensitive information...

vulnerabilityCVEmedium-severitycwe-319
/SCW Vulnerability Desk /MEDIUM /5.4 /⚑ 2 IOCs

CVE-2025-62308 — HCL AION is affected by a vulnerability where sensitive

CVE-2025-62308 — HCL AION is affected by a vulnerability where sensitive backend infrastructure details may be exposed. Exposure of such information could reveal internal system...

vulnerabilityCVEmedium-severitycwe-201
/SCW Vulnerability Desk /MEDIUM /5.1 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2025-62305 — HCL AION is affected by a vulnerability where certain

CVE-2025-62305 — HCL AION is affected by a vulnerability where certain operations may trigger out-of-band interactions, potentially resulting in unintended disclosure of sensitive information. Such...

vulnerabilityCVEmedium-severitycwe-201
/SCW Vulnerability Desk /MEDIUM /5.1 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-42589: Gotenberg RCE via ExifTool Argument Injection

CVE-2026-42589 — Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.31.0, Gotenberg's /forms/pdfengines/metadata/write HTTP endpoint accepts a JSON metadata object and passes...

vulnerabilityCVEcriticalhigh-severitycwe-78
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 4 IOCs

CVE-2026-42283: DevSpace UI WebSocket Exposes Developer Endpoints

CVE-2026-42283 — DevSpace is a client-only developer tool for cloud-native development with Kubernetes. Prior to 6.3.21, DevSpace's UI server WebSocket accepts connections from all origins...

vulnerabilityCVEhigh-severitycwe-200cwe-306
/SCW Vulnerability Desk /HIGH /7.7 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-40893: Gotenberg Allows Arbitrary File Manipulation

CVE-2026-40893 — Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.31.0, Gotenberg only checks if the tag is exactly FileName, so System:FileName...

vulnerabilityCVEhigh-severityarbitrary-file-accesscwe-73cwe-184
/SCW Vulnerability Desk /HIGH /8.2 /⚑ 3 IOCs /⚙ 3 Sigma

PAN-OS RCE, Mythos cURL Bug, AI Tokenizer Attacks Highlight Week's Exploits

This past week has seen a relentless barrage of security incidents, highlighting both novel attack vectors and the resurgence of long-standing vulnerabilities. According to The...

threat-intelvulnerabilitytools
/SCW Vulnerability Desk /HIGH /⚑ 3 IOCs /⚙ 1 Sigma

NGINX Vulnerability: 18-Year-Old Flaw Allows DoS, Potential RCE

An 18-year-old vulnerability in the NGINX open-source web server has been uncovered, according to BleepingComputer. This flaw, initially discovered using an autonomous scanning system, presents...

threat-inteldata-breachmalwarevulnerability
/SCW Vulnerability Desk /HIGH /⚑ 2 IOCs /⚙ 1 Sigma

CVE-2026-44482: SoundCloud Client RCE via Malicious Track Metadata

CVE-2026-44482 — soundcloud-rpc is a SoundCloud Client with Discord Rich Presence, Dark Mode, Last.fm and AdBlock support. Prior to 0.1.8, a track title containing an...

vulnerabilityCVEcriticalhigh-severitycwe-20cwe-79cwe-94cwe-862
/SCW Vulnerability Desk /CRITICAL /9.6 /⚑ 4 IOCs /⚙ 3 Sigma

Nerdbank.MessagePack Stack Overflow Vulnerability (CVE-2026-44375) Patched

CVE-2026-44375 — Nerdbank.MessagePack is a NativeAOT-compatible MessagePack serialization library. Prior to 1.1.62, Nerdbank.MessagePack contains an uncontrolled stack allocation vulnerability in DateTime decoding. A malicious MessagePack...

vulnerabilityCVEhigh-severitycwe-789
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-44374 — Information Disclosure

CVE-2026-44374 — Backstage is an open framework for building developer portals. Prior to 0.6.11, the unprocessed entities read endpoints in @backstage/plugin-catalog-backend-module-unprocessed do not enforce permission...

vulnerabilityCVEmedium-severityinformation-disclosurecwe-863
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-42559: RMCP Rust SDK Vulnerable to DNS Rebinding

CVE-2026-42559 — RMCP is an official Rust SDK for the Model Context Protocol. Prior to version 1.4.0, the rmcp crate's Streamable HTTP server transport (crates/rmcp/src/transport/streamable_http_server/)...

vulnerabilityCVEhigh-severitycwe-346cwe-350
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 3 Sigma

vCluster Platform Critical XSS (CVE-2026-42457) Bypasses Admin Restrictions

CVE-2026-42457 — vCluster Platform provides a Kubernetes platform for managing virtual clusters, multi-tenancy, and cluster sharing. Prior to 4.4.3, 4.5.5, 4.6.2, 4.7.1, and 4.8.0, there...

vulnerabilityCVEcriticalhigh-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /CRITICAL /9 /⚑ 5 IOCs /⚙ 3 Sigma

CVE-2026-41937: Vvveb Unrestricted File Upload Enables RCE for Admins

CVE-2026-41937 — Vvveb before 1.0.8.3 contains an unrestricted file upload vulnerability in the plugin upload endpoint that allows super_admin users to execute arbitrary PHP code...

vulnerabilityCVEhigh-severitycwe-61cwe-434
/SCW Vulnerability Desk /HIGH /7.2 /⚑ 3 IOCs /⚙ 3 Sigma

Vvveb Prior to 1.0.8.3 Vulnerable to DoS via Uncontrolled Recursion

CVE-2026-41935 — Vvveb before 1.0.8.3 contains an uncontrolled recursion vulnerability in the admin controller dispatch cycle where Base::init() repeatedly invokes permission() on error handlers, causing...

vulnerabilityCVEhigh-severitydenial-of-servicecwe-209cwe-674
/SCW Vulnerability Desk /HIGH /7.1 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-41933 — Information Disclosure

CVE-2026-41933 — Vvveb before 1.0.8.3 contains a directory listing information disclosure vulnerability that allows unauthenticated attackers to enumerate files and directories by accessing multiple paths...

vulnerabilityCVEmedium-severityinformation-disclosurecwe-548
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-41932 — Cross-Site Scripting (XSS)

CVE-2026-41932 — Vvveb before 1.0.8.3 contains a stored cross-site scripting vulnerability in the customer signup flow where the Signup::addUser() controller copies raw POST username values...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.1 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-6637: PostgreSQL 'refint' Module Allows RCE, SQLi

CVE-2026-6637 — Stack buffer overflow in PostgreSQL module "refint" allows an unprivileged database user to execute arbitrary code as the operating system user running the...

vulnerabilityCVEhigh-severitysql-injectioncwe-89cwe-121
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-6575 — Buffer over-read in PostgreSQL function

CVE-2026-6575 — Buffer over-read in PostgreSQL function pg_restore_attribute_stats() accepts array values of unmatched length, which causes query planning to read past end of one array....

vulnerabilityCVEmedium-severitycwe-126
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 2 Sigma

PostgreSQL Denial-of-Service Vulnerability: CVE-2026-6479 Impacts Older Versions

CVE-2026-6479 — Uncontrolled recursion in PostgreSQL SSL and GSS negotiation allows an attacker able to connect to a PostgreSQL AF_UNIX socket to achieve sustained denial...

vulnerabilityCVEhigh-severitydenial-of-servicecwe-674
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 5 IOCs /⚙ 3 Sigma

CVE-2026-6478 — Scram-Sha-256 Passwords, The Default In All Supported Releas Vulnerability

CVE-2026-6478 — Covert timing channel in comparison of MD5-hashed password in PostgreSQL authentication allows an attacker to recover user credentials sufficient to authenticate. This does...

vulnerabilityCVEmedium-severitycwe-385
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 1 Sigma

CVE-2026-6477: PostgreSQL libpq Vulnerability Allows Superuser Client Stack Overwrite

CVE-2026-6477 — Use of inherently dangerous function PQfn(..., result_is_int=0, ...) in PostgreSQL libpq lo_export(), lo_read(), lo_lseek64(), and lo_tell64() functions allows the server superuser to overwrite...

vulnerabilityCVEhigh-severitycwe-242
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 1 IOC /⚙ 3 Sigma

PostgreSQL CVE-2026-6476: SQL Injection Grants Superuser Access

CVE-2026-6476 — SQL injection in PostgreSQL pg_createsubscriber allows an attacker with pg_create_subscription rights to execute arbitrary SQL as a superuser. The attack takes effect when...

vulnerabilityCVEhigh-severitysql-injectioncwe-89
/SCW Vulnerability Desk /HIGH /7.2 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-6475: PostgreSQL Symlink Vulnerability Allows Superuser Hijack

CVE-2026-6475 — Symlink following in PostgreSQL pg_basebackup plain format and in pg_rewind allows an origin superuser to overwrite local files, e.g. /var/lib/postgres/.bashrc, that hijack the...

vulnerabilityCVEhigh-severitycwe-61
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 1 IOC /⚙ 3 Sigma

CVE-2026-6474 — Externally-controlled format string in PostgreSQL

CVE-2026-6474 — Externally-controlled format string in PostgreSQL timeofday() function allows an attacker to retrieve portions of server memory, via crafted timezone zones. Versions before PostgreSQL...

vulnerabilityCVEmedium-severitycwe-134
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 4 Sigma

PostgreSQL Vulnerability CVE-2026-6473 Allows Remote Code Execution

CVE-2026-6473 — Integer wraparound in multiple PostgreSQL server features allows an unprivileged database user to cause the server to undersize an allocation and write out-of-bounds....

vulnerabilityCVEhigh-severitycwe-190
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-6472 — Missing authorization in PostgreSQL CREATE TYPE allows an

CVE-2026-6472 — Missing authorization in PostgreSQL CREATE TYPE allows an object creator to hijack other queries that use search_path to find user-defined types, including extension-defined...

vulnerabilityCVEmedium-severitycwe-862
/SCW Vulnerability Desk /MEDIUM /5.4 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2025-15025: Yordam Library System Authorization Bypass Vulnerability

CVE-2025-15025 — Authorization bypass through User-Controlled key vulnerability in Yordam Information Technology Consulting, Training and Electronic Systems Industry and Trade Inc. Library Automation System allows...

vulnerabilityCVEhigh-severitycwe-639
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 4 IOCs /⚙ 2 Sigma

Ghostwriter Targets Ukrainian Government with Geofenced PDF Phishing

The Belarus-aligned threat group, Ghostwriter, has launched a new wave of attacks against Ukrainian governmental organizations, according to The Hacker News. Active since at least...

threat-intelvulnerabilityphishing
/SCW Vulnerability Desk /MEDIUM /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-6008 — Im Park Information Technology, Electronics, Press, Publishi Vulnerability

CVE-2026-6008 — Authorization bypass through User-Controlled key vulnerability in Im Park Information Technology, Electronics, Press, Publishing and Advertising, Education Ltd. Co. DijiDemi allows Privilege Abuse....

vulnerabilityCVEmedium-severitycwe-639
/SCW Vulnerability Desk /MEDIUM /6.8 /⚑ 2 IOCs /⚙ 2 Sigma

Database Backup for WordPress Plugin Vulnerable to Auth Bypass

CVE-2026-4031 — The Database Backup for WordPress plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 2.5.2. This is...

vulnerabilityCVEhigh-severitycwe-862
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-4030: WordPress Plugin Exposes Multisite Files to Unauthenticated Attackers

CVE-2026-4030 — The Database Backup for WordPress plugin for WordPress is vulnerable to unauthorized arbitrary file read and deletion in all versions up to, and...

vulnerabilityCVEhigh-severityarbitrary-file-accesscwe-862
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 5 IOCs /⚙ 3 Sigma

CVE-2026-4029: WordPress Multisite Plugin Exposes Database

CVE-2026-4029 — The Database Backup for WordPress plugin for WordPress is vulnerable to unauthorized database export in all versions up to, and including, 2.5.2. This...

vulnerabilityCVEhigh-severitycwe-862
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 4 IOCs

CVE-2026-43644 — Cross-Site Scripting (XSS)

CVE-2026-43644 — podinfo through 6.11.2 contains a reflected cross-site scripting vulnerability in the /echo and /api/echo endpoints where the echoHandler writes request body content directly...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /5.4 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2025-12008: Yaay Social Media App Authorization Bypass Exposes User Data

CVE-2025-12008 — Authorization bypass through User-Controlled key vulnerability in APPYAP Technology and Information Inc. Yaay Social Media App allows Accessing Functionality Not Properly Constrained by...

vulnerabilityCVEhigh-severitycwe-639
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 4 IOCs /⚙ 6 Sigma

Mythos Tool Excels at Code Audits, Falls Short on Exploit Validation, Benchmarking Shows

Independent analysis by SecurityWeek highlights the Mythos tool's strengths in vulnerability discovery, particularly for source code audits, reverse engineering, and native-code analysis. These capabilities make...

threat-intelvulnerability
/SCW Vulnerability Desk /HIGH /⚑ 1 IOC

AI Hallucinations Pose Critical Infrastructure Security Risk

AI hallucinations are not just an academic problem; they are creating tangible security risks, especially within critical infrastructure decision-making. The Hacker News reports that these...

threat-intelvulnerabilityai-securitythe-hacker-news
/SCW Vulnerability Desk /MEDIUM /⚑ 3 IOCs

CVE-2026-2347: Critical Authorization Bypass in Akilli E-Commerce Website

CVE-2026-2347 — Authorization bypass through User-Controlled key vulnerability in Akilli Commerce Software Technologies Ltd. Co. E-Commerce Website allows Session Hijacking. This issue affects E-Commerce Website:...

vulnerabilityCVEcriticalhigh-severitycwe-639
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2025-11024: Akilli E-Commerce Blind SQLi Critical Vulnerability

CVE-2025-11024 — Improper neutralization of special elements used in an SQL command ('SQL injection') vulnerability in Akilli Commerce Software Technologies Ltd. Co. E-Commerce Website allows...

vulnerabilityCVEcriticalhigh-severitysql-injectioncwe-89
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 3 IOCs /⚙ 3 Sigma

Windows Zero-Days Expose BitLocker Bypass, CTFMON Privilege Escalation

An anonymous cybersecurity researcher, operating under the alias Chaotic Eclipse, has disclosed two new Windows zero-day vulnerabilities. These critical flaws include a BitLocker bypass, codenamed...

threat-intelvulnerabilitymicrosofttools
/SCW Vulnerability Desk /HIGH /⚑ 2 IOCs /⚙ 3 Sigma

WordPress InfusedWoo Pro Plugin Vulnerable to Arbitrary File Read (CVE-2026-6514)

CVE-2026-6514 — The InfusedWoo Pro plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 5.1.2 via the popup_submit....

vulnerabilityCVEhigh-severityarbitrary-file-accesscwe-918
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 4 IOCs /⚙ 2 Sigma

CVE-2026-6512: Critical Authorization Bypass in InfusedWoo Pro WordPress Plugin

CVE-2026-6512 — The InfusedWoo Pro plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 5.1.2. This is due to...

vulnerabilityCVEcriticalhigh-severitycwe-862
/SCW Vulnerability Desk /CRITICAL /9.1 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-6504 — Cross-Site Scripting (XSS)

CVE-2026-6504 — The Royal Elementor Addons and Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'title_tag' parameter in all versions up...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-6206 — The MW WP Form plugin for WordPress is vulnerable to

CVE-2026-6206 — The MW WP Form plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 5.1.2 via the _get_post_property_from_querystring()...

vulnerabilityCVEmedium-severitycwe-639
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-6174 — Cross-Site Scripting (XSS)

CVE-2026-6174 — The CC Child Pages plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'more' parameter in all versions up to, and...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-6145 — The User Registration & Membership plugin for WordPress is

CVE-2026-6145 — The User Registration & Membership plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 5.1.5. This is...

vulnerabilityCVEmedium-severitycwe-862
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs

VMware Fusion High-Severity Vulnerability Patched

VMware has issued a patch for a high-severity vulnerability impacting VMware Fusion, according to *SecurityWeek*. This update was released while Broadcom, VMware's parent company, attended...

threat-intelvulnerability
/SCW Vulnerability Desk /MEDIUM /⚑ 1 IOC /⚙ 3 Sigma

Fragnesia Linux Flaw (CVE-2026-46300) Grants Root Privileges

Linux distributions are actively patching a critical kernel privilege escalation vulnerability, dubbed Fragnasia and tracked as CVE-2026-46300. BleepingComputer reports this high-severity flaw enables attackers to...

threat-inteldata-breachmalwarevulnerabilitybleepingcomputer
/SCW Vulnerability Desk /MEDIUM /⚑ 2 IOCs

Windows YellowKey & GreenPlasma Zero-Days Released

A security researcher has publicly released details on two critical Windows zero-day vulnerabilities, dubbed YellowKey and GreenPlasma, according to SecurityWeek. These exploits represent significant risks...

threat-intelvulnerabilitymicrosoft
/SCW Vulnerability Desk /MEDIUM /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-6670 — Path Traversal

CVE-2026-6670 — The Media Sync plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.4.9 via the 'sub_dir' and...

vulnerabilityCVEmedium-severitypath-traversalcwe-22
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-6510: Critical Privilege Escalation in InfusedWoo Pro WordPress Plugin

CVE-2026-6510 — The InfusedWoo Pro plugin for WordPress is vulnerable to privilege escalation via missing authorization in all versions up to, and including, 5.1.2. This...

vulnerabilityCVEcriticalhigh-severityprivilege-escalationcwe-862
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 4 IOCs /⚙ 2 Sigma

InfusedWoo Pro Plugin Privilege Escalation (CVE-2026-6506)

CVE-2026-6506 — The InfusedWoo Pro plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 5.1.2. This is due to...

vulnerabilityCVEhigh-severityprivilege-escalationcwe-862
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 5 IOCs

CVE-2026-6271: WordPress Career Section Plugin RCE via File Upload

CVE-2026-6271 — The Career Section plugin for WordPress is vulnerable to Arbitrary File Upload in all versions up to, and including, 1.7 via the CV...

vulnerabilityCVEcriticalhigh-severityremote-code-executioncwe-434
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-6252 — Cross-Site Scripting (XSS)

CVE-2026-6252 — The Meta Field Block plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'tagName' block attribute in all versions up to,...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs /⚙ 1 Sigma

CVE-2026-6225 — SQL Injection

CVE-2026-6225 — The Taskbuilder – Project Management & Task Management Tool With Kanban Board plugin for WordPress is vulnerable to time-based blind SQL Injection via...

vulnerabilityCVEmedium-severitysql-injectioncwe-89
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 3 Sigma

WordPress Fluent Forms IDOR Exposes Sensitive Data, Bypasses Access Controls

CVE-2026-5395 — The Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder plugin for WordPress is vulnerable to Insecure Direct Object Reference...

vulnerabilityCVEhigh-severitycwe-639
/SCW Vulnerability Desk /HIGH /8.2 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-5365 — The LatePoint plugin for WordPress is vulnerable to

CVE-2026-5365 — The LatePoint plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to and including 5.3.2. This is due to...

vulnerabilityCVEmedium-severitycwe-352
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-5193 — Privilege Escalation

CVE-2026-5193 — The Essential Addons for Elementor – Popular Elementor Templates & Widgets plugin for WordPress is vulnerable to privilege escalation in all versions up...

vulnerabilityCVEmedium-severityprivilege-escalationcwe-269
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 2 Sigma

WordPress Motors Plugin: Authenticated File Deletion Vulnerability (CVE-2026-3892)

CVE-2026-3892 — The Motors – Car Dealership & Classified Listings Plugin plugin for WordPress is vulnerable to arbitrary file deletion in all versions up to,...

vulnerabilityCVEhigh-severityarbitrary-file-accesscwe-73
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 3 IOCs /⚙ 1 Sigma

ManageWP Worker Plugin Vulnerable to Unauthenticated XSS (CVE-2026-3718)

CVE-2026-3718 — The ManageWP Worker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'MWP-Key-Name' HTTP request header in all versions up to,...

vulnerabilityCVEhigh-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /HIGH /7.2 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-3694 — Cross-Site Scripting (XSS)

CVE-2026-3694 — The Bold Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'text' attribute of the bt_bb_button shortcode in all...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-8280 — GitLab CE/EE Affecting All Versions From 8.3 Before 18.9.7, Denial of Service

CVE-2026-8280 — GitLab has remediated an issue in GitLab CE/EE affecting all versions from 8.3 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-770
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-8181: WordPress Burst Statistics Plugin Critical Auth Bypass

CVE-2026-8181 — The Burst Statistics – Privacy-Friendly WordPress Analytics (Google Analytics Alternative) plugin for WordPress is vulnerable to Authentication Bypass in versions 3.4.0 to 3.4.1.1....

vulnerabilityCVEcriticalhigh-severityprivilege-escalationcwe-287
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 3 IOCs /⚙ 6 Sigma

GitLab CVE-2026-7481: Developer XSS Vulnerability Patched

CVE-2026-7481 — GitLab has remediated an issue in GitLab EE affecting all versions from 16.4 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that...

vulnerabilityCVEhigh-severitycwe-79
/SCW Vulnerability Desk /HIGH /8.7 /⚑ 4 IOCs /⚙ 3 Sigma

GitLab EE XSS (CVE-2026-7377) Allows JavaScript Execution in Dashboards

CVE-2026-7377 — GitLab has remediated an issue in GitLab EE affecting all versions from 18.7 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that,...

vulnerabilityCVEhigh-severitycwe-79
/SCW Vulnerability Desk /HIGH /8.7 /⚑ 4 IOCs /⚙ 3 Sigma

GitLab XSS Vulnerability (CVE-2026-6073) Puts User Sessions at Risk

CVE-2026-6073 — GitLab has remediated an issue in GitLab EE affecting all versions from 18.7 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that...

vulnerabilityCVEhigh-severitycwe-79
/SCW Vulnerability Desk /HIGH /8.7 /⚑ 4 IOCs /⚙ 2 Sigma

Fluent Forms CVE-2026-5396: Authorization Bypass Threatens WordPress Submissions

CVE-2026-5396 — The Fluent Forms plugin for WordPress is vulnerable to Authorization Bypass Through User-Controlled Key in all versions up to, and including, 6.1.21. This...

vulnerabilityCVEhigh-severitycwe-639
/SCW Vulnerability Desk /HIGH /8.2 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-5243 — Cross-Site Scripting (XSS)

CVE-2026-5243 — The The Plus Addons for Elementor – Addons for Elementor, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable to stored...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-4527 — GitLab CE/EE Affecting All Versions From 11.10 Before 18.9.7 Vulnerability

CVE-2026-4527 — GitLab has remediated an issue in GitLab CE/EE affecting all versions from 11.10 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that...

vulnerabilityCVEmedium-severitycwe-352
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-4524 — GitLab CE/EE Affecting All Versions From 18.9.1 Before 18.9. Vulnerability

CVE-2026-4524 — GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.9.1 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that...

vulnerabilityCVEmedium-severitycwe-288
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 2 Sigma

GitLab CVE-2026-1659: Unauthenticated DoS Risk Patched

CVE-2026-1659 — GitLab has remediated an issue in GitLab CE/EE affecting all versions from 9.0 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that...

vulnerabilityCVEhigh-severitydenial-of-servicecwe-770
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 4 IOCs /⚙ 1 Sigma

CVE-2026-1322 — GitLab CE/EE Affecting All Versions From 16.0 Before 18.9.7, Vulnerability

CVE-2026-1322 — GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.0 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that...

vulnerabilityCVEmedium-severitycwe-840
/SCW Vulnerability Desk /MEDIUM /6.8 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-1184 — GitLab EE Affecting All Versions From 11.9 Before 18.9.7, 18 Denial of Service

CVE-2026-1184 — GitLab has remediated an issue in GitLab EE affecting all versions from 11.9 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-502
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2025-15345 — Cross-Site Scripting (XSS)

CVE-2025-15345 — The MapGeo – Interactive Geo Maps plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'map' parameter in the display-map shortcode...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-80
/SCW Vulnerability Desk /MEDIUM /6.1 /⚑ 2 IOCs /⚙ 3 Sigma

GitLab CVE-2025-14870: Unauthenticated DoS Risk in CE/EE

CVE-2025-14870 — GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.5 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that...

vulnerabilityCVEhigh-severitydenial-of-servicecwe-770
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 4 IOCs /⚙ 1 Sigma

GitLab DoS Vulnerability (CVE-2025-14869) Impacts Unauthenticated Users

CVE-2025-14869 — GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.5 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that...

vulnerabilityCVEhigh-severitydenial-of-servicecwe-1284
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 4 IOCs /⚙ 3 Sigma

NGINX Rewrite Module Flaw (CVE-2026-42945) Enables Unauthenticated RCE

The Hacker News reports a critical vulnerability, CVE-2026-42945, impacting NGINX Plus and NGINX Open, which remained undetected for 18 years. Discovered by depthfirst, this heap...

threat-intelvulnerability
/SCW Vulnerability Desk /HIGH /⚑ 3 IOCs /⚙ 1 Sigma

CVE-2026-7648 — The LearnPress – WordPress LMS Plugin for Create and Sell

CVE-2026-7648 — The LearnPress – WordPress LMS Plugin for Create and Sell Online Courses plugin for WordPress is vulnerable to payment bypass through user-controlled key...

vulnerabilityCVEmedium-severitycwe-639
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-7525 — The My Calendar – Accessible Event Manager plugin for

CVE-2026-7525 — The My Calendar – Accessible Event Manager plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 3.7.9....

vulnerabilityCVEmedium-severitycwe-862
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-5361 — Cross-Site Scripting (XSS)

CVE-2026-5361 — The Envira Gallery Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the REST API in versions up to and including...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-5486 — SQL Injection

CVE-2026-5486 — The Unlimited Elements for Elementor plugin for WordPress is vulnerable to SQL Injection via the 'data[filter_search]' parameter in the get_cat_addons AJAX action in...

vulnerabilityCVEmedium-severitysql-injectioncwe-89
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-46446: SOGo SQL Injection Exposes Cleartext Passwords

CVE-2026-46446 — SOGo before 5.12.7, when PostgreSQL or MariaDB is used, and cleartext passwords are stored, allows SQL injection. This is related to c_password =...

vulnerabilityCVEhigh-severitysql-injectioncwe-89
/SCW Vulnerability Desk /HIGH /7.1 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-46445: High-Severity SQL Injection Impacts SOGo with PostgreSQL

CVE-2026-46445 — SOGo before 5.12.7, when PostgreSQL is used, allows SQL injection.

vulnerabilityCVEhigh-severitysql-injectioncwe-89
/SCW Vulnerability Desk /HIGH /7.1 /⚑ 2 IOCs /⚙ 3 Sigma

Yubico webauthn-server-core Vulnerability Leads to Impersonation

CVE-2026-46419 — Yubico webauthn-server-core (aka java-webauthn-server) 2.8.0 before 2.8.2 incorrectly checks a function's return value in the second factor flow, leading to impersonation.

vulnerabilityCVEhigh-severitycwe-253
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-44919 — In OpenStack Ironic through 35.x before a3f6d73, during

CVE-2026-44919 — In OpenStack Ironic through 35.x before a3f6d73, during image handling, an infinite loop in checksum calculations can occur via the file:///dev/zero URL.

vulnerabilityCVEmedium-severitycwe-696
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 1 Sigma

CVE-2026-41281 — Information Disclosure

CVE-2026-41281 — Android App "あんしんフィルター for au" provided by KDDI CORPORATION contains Cleartext Transmission of Sensitive Information (CWE-319) vulnerability. A man-in-the-middle attacker may access and...

vulnerabilityCVEmedium-severityinformation-disclosurecwe-319
/SCW Vulnerability Desk /MEDIUM /4.8 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-32991: Team Member Privilege Escalation to Owner Account

CVE-2026-32991 — Improper authorization checks of team members privileges allow a team member to escalate privileges to the team owner account.

vulnerabilityCVEhigh-severitycwe-863
/SCW Vulnerability Desk /HIGH /7.1 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-29206: SQL Injection in sqloptimizer via Slow Query Logs

CVE-2026-29206 — Insufficient sanitization of SQL queries in the `sqloptimizer` utility script allows SQL Injections on behalf of the root user if Slow Query logging...

vulnerabilityCVEhigh-severitysql-injectioncwe-89
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 3 IOCs /⚙ 7 Sigma

OPNsense RCE: Critical Flaw Allows Root Access via DHCP Input

CVE-2026-45158 — OPNsense is a FreeBSD based firewall and routing platform. Prior to 26.1.8, unsanitized user input is passed to the DHCP configuration of the...

vulnerabilityCVEcriticalhigh-severityremote-code-executioncwe-88
/SCW Vulnerability Desk /CRITICAL /9.1 /⚑ 4 IOCs /⚙ 3 Sigma

Hoppscotch CVE-2026-44478: Unauthenticated Infrastructure Secret Leak

CVE-2026-44478 — hoppscotch is an open source API development ecosystem. The fix for CVE-2026-28215 in version 2026.2.0 addresses the unauthenticated POST /v1/onboarding/config endpoint by checking...

vulnerabilityCVEhigh-severitycwe-284cwe-287
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 4 IOCs /⚙ 2 Sigma

CVE-2026-44471: gitoxide Symlink Vulnerability Exposes Filesystem to Attack

CVE-2026-44471 — gitoxide is an implementation of git written in Rust. Prior to 0.21.1, a malicious tree can be constructed that will, when checked out...

vulnerabilityCVEhigh-severitycwe-59
/SCW Vulnerability Desk /HIGH /7.8 /⚑ 3 IOCs /⚙ 3 Sigma

ERPNext SQL Injection (CVE-2026-44447) Exposes Sensitive Data

CVE-2026-44447 — ERPNext is a free and open source Enterprise Resource Planning tool. Prior to 16.9.0, some endpoints were vulnerable to SQL injection through specially...

vulnerabilityCVEhigh-severitysql-injectioncwe-89
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-44446: ERPNext SQL Injection Exposes Sensitive Data

CVE-2026-44446 — ERPNext is a free and open source Enterprise Resource Planning tool. Prior to 15.104.3 and 16.14.0, some endpoints were vulnerable to SQL injection...

vulnerabilityCVEhigh-severitysql-injectioncwe-89
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 4 IOCs /⚙ 3 Sigma

ERPNext Critical Authorization Bypass (CVE-2026-44442)

CVE-2026-44442 — ERPNext is a free and open source Enterprise Resource Planning tool. Prior to 16.9.1, certain endpoints failed to enforce proper authorization checks, allowing...

vulnerabilityCVEcriticalhigh-severitycwe-862
/SCW Vulnerability Desk /CRITICAL /9.9 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-44440 — Path Traversal

CVE-2026-44440 — ERPNext is a free and open source Enterprise Resource Planning tool. Prior to 15.101.1 and 16.10.0, an Improper Limitation of a Pathname to...

vulnerabilityCVEmedium-severitypath-traversalcwe-22
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-44426 — ShellHub is a centralized SSH gateway. Prior to 0.24.2, GET

CVE-2026-44426 — ShellHub is a centralized SSH gateway. Prior to 0.24.2, GET /api/namespaces/:tenant returns the full namespace object — including the members list (user IDs,...

vulnerabilityCVEmedium-severitycwe-639
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-44424 — ShellHub is a centralized SSH gateway. Prior to 0.24.2, GET

CVE-2026-44424 — ShellHub is a centralized SSH gateway. Prior to 0.24.2, GET /api/devices/:uid returns the full device object whenever the caller is authenticated, without verifying...

vulnerabilityCVEmedium-severitycwe-639
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-44423 — ShellHub is a centralized SSH gateway. Prior to 0.24.2, GET

CVE-2026-44423 — ShellHub is a centralized SSH gateway. Prior to 0.24.2, GET /api/sessions/:uid returns the full session object for any authenticated caller, without scoping by...

vulnerabilityCVEmedium-severitycwe-639
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 3 Sigma

OPNsense RCE: Critical Flaw Allows Root Access Via Malformed Email Address

CVE-2026-44194 — OPNsense is a FreeBSD based firewall and routing platform. Prior to 26.1.8, an authenticated Remote Code Execution (RCE) vulnerability in the OPNsense core...

vulnerabilityCVEcriticalhigh-severityremote-code-executioncwe-78
/SCW Vulnerability Desk /CRITICAL /9.1 /⚑ 4 IOCs /⚙ 3 Sigma

OPNsense RCE Vulnerability (CVE-2026-44193) Exposes Firewalls

CVE-2026-44193 — OPNsense is a FreeBSD based firewall and routing platform. Prior to 26.1.7, the XMLRPC method opnsense.restore_config_section fails to sanitize user supplied input leading...

vulnerabilityCVEcriticalhigh-severityremote-code-executioncwe-88
/SCW Vulnerability Desk /CRITICAL /9.1 /⚑ 4 IOCs /⚙ 5 Sigma

CVE-2026-32993: Unauthenticated HTTP Header Injection Vulnerability

CVE-2026-32993 — Improper sanitization of the `status` query parameter of the `/unprotected/nova_error` endpoint allows unauthenticated attacker to inject arbitrary HTTP header to the response.

vulnerabilityCVEhigh-severitycwe-93
/SCW Vulnerability Desk /HIGH /8.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-32992: DNS Cluster SSL Verification Disabled, High-Severity MiTM Risk

CVE-2026-32992 — SSL verification is disabled in the DNS Cluster system. This could allow for a malicious server to man-in-the-middle the request and capture credentials....

vulnerabilityCVEhigh-severitycwe-295
/SCW Vulnerability Desk /HIGH /8.2 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-29205: Arbitrary File Read via cpdavd Endpoints

CVE-2026-29205 — Incorrect privileges management and insufficient path filtering allow to read arbitrary file on the server via the cpdavd attachment download endpoints.

vulnerabilityCVEhigh-severityarbitrary-file-accesscwe-250
/SCW Vulnerability Desk /HIGH /8.6 /⚑ 3 IOCs /⚙ 3 Sigma

CubeCart CVE-2026-45714: Authenticated RCE Via Template Injection

CVE-2026-45714 — CubeCart is an ecommerce software solution. Prior to 6.7.0, an Authenticated Server-Side Template Injection (SSTI) vulnerability exists in multiple modules of CubeCart (including...

vulnerabilityCVEcriticalhigh-severitycwe-94cwe-1336
/SCW Vulnerability Desk /CRITICAL /9.1 /⚑ 5 IOCs /⚙ 7 Sigma

CubeCart RCE (CVE-2026-45708) Allows Unauthenticated Remote Code Execution

CVE-2026-45708 — CubeCart is an ecommerce software solution. Prior to 6.7.3, an admin with documents edit permission can save raw into the Invoice Editor. The...

vulnerabilityCVEhigh-severitycwe-94
/SCW Vulnerability Desk /HIGH /7.2 /⚑ 4 IOCs /⚙ 3 Sigma

Quark Drive Mass Assignment Flaw Grants Admin Takeover

CVE-2026-45229 — Quark Drive before 0.8.5 contains a mass assignment vulnerability in the POST /update endpoint that allows authenticated attackers to overwrite administrator credentials by...

vulnerabilityCVEhigh-severitycwe-915
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-45228 — Cross-Site Scripting (XSS)

CVE-2026-45228 — Quark Drive before 0.8.5 contains a stored cross-site scripting vulnerability in the System Configuration page where the template renders push_config key names using...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /5.4 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-45055: CubeCart Password Reset Flaw Leads to Account Takeover

CVE-2026-45055 — CubeCart is an ecommerce software solution. Prior to 6.7.2, CubeCart 6.6.x – 6.7.1 builds CC_STORE_URL directly from the Host request header at bootstrap,...

vulnerabilityCVEhigh-severitycwe-20cwe-345cwe-601cwe-784
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 5 IOCs /⚙ 3 Sigma

CVE-2026-45054 — CubeCart is an ecommerce software solution. Prior to 6.7.0,

CVE-2026-45054 — CubeCart is an ecommerce software solution. Prior to 6.7.0, the admin orders-transactions listing page (admin.php?_g=orders&node=transactions) builds a raw ORDER BY SQL fragment from...

vulnerabilityCVEmedium-severitycwe-89
/SCW Vulnerability Desk /MEDIUM /4.9 /⚑ 2 IOCs /⚙ 3 Sigma

CubeCart RCE: Critical Flaw Exposes E-commerce Stores to Webshells

CVE-2026-45053 — CubeCart is an ecommerce software solution. Prior to 6.7.0, an Authenticated Arbitrary File Upload vulnerability exists in the REST API File Manager endpoint...

vulnerabilityCVEcriticalhigh-severityremote-code-executioncwe-434
/SCW Vulnerability Desk /CRITICAL /9.1 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-44377: Critical RCE in CubeCart eCommerce Platform

CVE-2026-44377 — CubeCart is an ecommerce software solution. Prior to 6.7.0, an Authenticated Server-Side Template Injection (SSTI) vulnerability exists in multiple modules of CubeCart (including...

vulnerabilityCVEcriticalhigh-severityremote-code-executioncwe-94cwe-1336
/SCW Vulnerability Desk /CRITICAL /9.1 /⚑ 5 IOCs /⚙ 4 Sigma

CVE-2026-44376 — Cross-Site Scripting (XSS)

CVE-2026-44376 — CubeCart is an ecommerce software solution. Prior to 6.7.0, an unauthenticated Reflected XSS vulnerability exists in the CubeCart v6.x search feature. Due to...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.1 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-44373 — Path Traversal

CVE-2026-44373 — Nitro is a next generation server toolkit. Prior to 3.0.260429-beta, an attacker could bypass a proxy route rule by sending percent-encoded path traversal...

vulnerabilityCVEmedium-severitypath-traversalcwe-22
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-42602: Azure Authenticator Extension Authentication Bypass

CVE-2026-42602 — azureauthextension is the Azure Authenticator Extension. From 0.124.0 to 0.150.0, a server-side authentication bypass in azureauthextension allows any party who holds a single...

vulnerabilityCVEhigh-severityauthentication-bypasscwe-208cwe-287cwe-290cwe-294cwe-347
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-42561: Python-Multipart DoS Vulnerability Patched

CVE-2026-42561 — Python-Multipart is a streaming multipart parser for Python. Prior to 0.0.27, python-multipart has a denial of service vulnerability in multipart part header parsing....

vulnerabilityCVEhigh-severitydenial-of-servicecwe-770
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-42304: Twisted DNS DoS Freezes Servers with Chained Pointers

CVE-2026-42304 — Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to 26.4.0rc2, the twisted.names module is vulnerable to a Denial of...

vulnerabilityCVEhigh-severitydenial-of-servicecwe-400cwe-407
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 3 IOCs /⚙ 2 Sigma

CubeCart SQLi Vulnerability (CVE-2026-39358) Exposes E-commerce Data

CVE-2026-39358 — CubeCart is an ecommerce software solution. Prior to 6.6.0, Authenticated Time-Based Blind SQL Injection vulnerabilities were identified in the sorting parameters (sort[price], sort_activity,...

vulnerabilityCVEhigh-severitysql-injectioncwe-89
/SCW Vulnerability Desk /HIGH /7.2 /⚑ 5 IOCs /⚙ 3 Sigma

HCL BigFix SCM Reporting Site Vulnerable to XSS via Outdated jQuery

CVE-2026-21821 — The HCL BigFix SCM Reporting site contains an outdated and unsupported version of the jQuery 1.x library. Since jQuery 1.x has reached end-of-life...

vulnerabilityCVEhigh-severitycross-site-scripting-xsscwe-1104
/SCW Vulnerability Desk /HIGH /8.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-44351: Critical fast-jwt Auth Bypass via Empty Key

CVE-2026-44351 — fast-jwt provides fast JSON Web Token (JWT) implementation. Prior to 6.2.4, a critical authentication-bypass vulnerability in fast-jwt's async key-resolver flow allows any unauthenticated...

vulnerabilityCVEcriticalhigh-severitycwe-287cwe-326cwe-1391
/SCW Vulnerability Desk /CRITICAL /9.1 /⚑ 3 IOCs /⚙ 6 Sigma

CVE-2026-42552: Flight PHP Framework Leaks Critical Server Info

CVE-2026-42552 — Flight is an extensible micro-framework for PHP. Prior to 3.18.1, the default error handler Engine::_error() writes the full exception message, exception code, and...

vulnerabilityCVEhigh-severitypath-traversalcwe-209
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 3 IOCs /⚙ 2 Sigma

Flight PHP Framework CVE-2026-42551: CSRF & Cache Poisoning Risk

CVE-2026-42551 — Flight is an extensible micro-framework for PHP. Prior to 3.18.1, Request::getMethod() unconditionally honors the X-HTTP-Method-Override header and the $_REQUEST['_method'] parameter on any HTTP...

vulnerabilityCVEhigh-severitycwe-436
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-42550: Flight PHP Framework SQL Injection Vulnerability

CVE-2026-42550 — Flight is an extensible micro-framework for PHP. Prior to 3.18.1, SimplePdo::insert(), SimplePdo::update(), and SimplePdo::delete() build SQL statements by concatenating the $table argument and...

vulnerabilityCVEhigh-severitycwe-89
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 5 IOCs /⚙ 3 Sigma

CVE-2026-42549 — Flight is an extensible micro-framework for PHP. Prior to

CVE-2026-42549 — Flight is an extensible micro-framework for PHP. Prior to 3.18.1, the make:controller CLI command calls mkdir(..., recursive: true) on a path built from...

vulnerabilityCVEmedium-severitycwe-22
/SCW Vulnerability Desk /MEDIUM /4.4 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-33381 — When a user's access to mint tokens for a service account

CVE-2026-33381 — When a user's access to mint tokens for a service account is revoked, it is sometimes still possible to do so for a...

vulnerabilityCVEmedium-severity
/SCW Vulnerability Desk /MEDIUM /5.9 /⚑ 1 IOC /⚙ 2 Sigma

CVE-2026-33380 — SQL Expressions Arbitrary File Access

CVE-2026-33380 — A vulnerability in SQL Expressions allows an authenticated attacker to read arbitrary files from the Grafana server's filesystem. Only instances with the sqlExpressions...

vulnerabilityCVEmedium-severityarbitrary-file-access
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 1 IOC /⚙ 3 Sigma

CVE-2026-33378 — Using the $__timeGroup macro, one can achieve an OOM by

CVE-2026-33378 — Using the $__timeGroup macro, one can achieve an OOM by overloading the server. This requires a SQL datasource. If the server is set...

vulnerabilityCVEmedium-severity
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 1 IOC /⚙ 3 Sigma

CVE-2026-33377: Dashboard Privilege Escalation Vulnerability

CVE-2026-33377 — An Editor can overwrite a dashboard not owned by them to acquire admin on that specific dashboard. The user must have write access...

vulnerabilityCVEhigh-severity
/SCW Vulnerability Desk /HIGH /7.1 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-33376: IPv6 Auth Proxy Bypass Risk

CVE-2026-33376 — When using an IPv6 allow-list for the Auth Proxy feature, it defaults to /32 addresses. Addresses specifying a mask explicitly are not affected;...

vulnerabilityCVEhigh-severity
/SCW Vulnerability Desk /HIGH /7.4 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-28383 — Denial of Service

CVE-2026-28383 — A request to the Grafana plugin resources endpoint can cause unbounded memory allocation by reading the entire request body into memory. An authenticated...

vulnerabilityCVEmedium-severitydenial-of-service
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 1 IOC /⚙ 1 Sigma

CVE-2026-28380 — Any Editor could delete any snapshot, even if they have no

CVE-2026-28380 — Any Editor could delete any snapshot, even if they have no access to read or write them.

vulnerabilityCVEmedium-severity
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 1 IOC /⚙ 3 Sigma

CVE-2026-28379 — Race Condition

CVE-2026-28379 — A race condition in Grafana Live allows authenticated users with Viewer role to trigger a server crash by sending concurrent requests that cause...

vulnerabilityCVEmedium-severityrace-condition
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 1 IOC /⚙ 1 Sigma

CVE-2026-28376 — The Grafana Live push endpoint can be exploited to cause

CVE-2026-28376 — The Grafana Live push endpoint can be exploited to cause unbounded memory allocation by sending a large or streaming request body, potentially leading...

vulnerabilityCVEmedium-severity
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 1 IOC /⚙ 1 Sigma

CVE-2026-28374 — Editors could delete any annotation, even those they do not

CVE-2026-28374 — Editors could delete any annotation, even those they do not have read access to. The editor user cannot create or read the annotations....

vulnerabilityCVEmedium-severity
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 1 IOC /⚙ 2 Sigma

CVE-2026-8496 — Cross-Site Scripting (XSS)

CVE-2026-8496 — A cross-site scripting (XSS) vulnerability exists in Alinto SOGo, version 5.12.7. A maliciously crafted ICS calendar invitation files allows arbitrary JavaScript execution within...

vulnerabilityCVEmedium-severitycross-site-scripting-xss
/SCW Vulnerability Desk /MEDIUM /6.1 /⚑ 1 IOC /⚙ 3 Sigma

Netty DoS Vulnerability (CVE-2026-42587) Bypasses Decompression Limits

CVE-2026-42587 — Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, HttpContentDecompressor accepts a maxAllocation parameter to limit decompression buffer size...

vulnerabilityCVEhigh-severitydenial-of-servicecwe-400
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 4 IOCs /⚙ 4 Sigma

CVE-2026-42586 — Netty is an asynchronous, event-driven network application

CVE-2026-42586 — Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, the Netty Redis codec encoder (RedisEncoder) writes user-controlled string content...

vulnerabilityCVEmedium-severitycwe-93
/SCW Vulnerability Desk /MEDIUM /6.8 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-42585 — Netty is an asynchronous, event-driven network application

CVE-2026-42585 — Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, Netty incorrectly parses malformed Transfer-Encoding, enabling request smuggling attacks. This...

vulnerabilityCVEmedium-severitycwe-444
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 6 Sigma

CVE-2026-42584: Netty HTTP/2 Handling Vulnerability Exposes Data Corruption

CVE-2026-42584 — Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, HttpClientCodec pairs each inbound response with an outbound request by...

vulnerabilityCVEhigh-severitycwe-444
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-42583: Netty Lz4FrameDecoder Vulnerability Exposes Apps to DoS

CVE-2026-42583 — Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, Lz4FrameDecoder allocates a ByteBuf of size decompressedLength (up to 32...

vulnerabilityCVEhigh-severitycwe-400cwe-770
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-42582: Netty QpackDecoder Vulnerability Exposes Apps to DoS

CVE-2026-42582 — Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final, when decoding header blocks, the non-Huffman branch of io.netty.handler.codec.http3.QpackDecoder#decodeHuffmanEncodedLiteral may execute new...

vulnerabilityCVEhigh-severitycwe-770cwe-789
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 3 IOCs /⚙ 6 Sigma

CVE-2026-42580 — Netty is an asynchronous, event-driven network application

CVE-2026-42580 — Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, Netty's chunk size parser silently overflows int, enabling request smuggling...

vulnerabilityCVEmedium-severitycwe-190cwe-444
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 3 IOCs /⚙ 3 Sigma

Netty DNS Codec Vulnerability (CVE-2026-42579) Exposes Systems to High-Severity Attacks

CVE-2026-42579 — Netty is an asynchronous, event-driven network application framework. Prior to 4.2.13.Final and 4.1.133.Final, Netty's DNS codec does not enforce RFC 1035 domain name...

vulnerabilityCVEhigh-severitycwe-20cwe-400cwe-626
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 3 IOCs /⚙ 2 Sigma

Netty CVE-2026-42577: Stale Connections Lead to 100% CPU Busy-Loops

CVE-2026-42577 — Netty is an asynchronous, event-driven network application framework. From 4.2.0.Final to 4.2.13.Final , Netty's epoll transport fails to detect and close TCP connections...

vulnerabilityCVEhigh-severitycwe-772
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 3 IOCs /⚙ 1 Sigma

CVE-2026-41255 — CKAN is an open-source DMS (data management system) for

CVE-2026-41255 — CKAN is an open-source DMS (data management system) for powering data hubs and data portals. Prior to 2.10.10 and 2.11.5, Access to the...

vulnerabilityCVEmedium-severitycwe-352
/SCW Vulnerability Desk /MEDIUM /6.1 /⚑ 2 IOCs /⚙ 2 Sigma

Arqit Symmetric Key Agreement Platform Exposes Critical Keys via HTTP GET

CVE-2026-33583 — Exposure of the QKEY (used as input into the ‘OTA-Quantum’ device registration process) and internal system keys via an unauthenticated and unencrypted HTTP...

vulnerabilityCVEhigh-severitycwe-749
/SCW Vulnerability Desk /HIGH /8.7 /⚑ 3 IOCs /⚙ 3 Sigma

Zoom Rooms Installer: High-Severity Privilege Escalation via Untrusted Path

CVE-2026-30906 — Untrusted search path in the installer for Zoom Rooms for Windows before version 7.0.0 may allow an authenticated user to enable an escalation...

vulnerabilityCVEhigh-severitycwe-426
/SCW Vulnerability Desk /HIGH /7.8 /⚑ 3 IOCs /⚙ 2 Sigma

Zoom Workplace VDI Plugin Vulnerability Allows Local Privilege Escalation

CVE-2026-30905 — External Control of File Name or Path in the Zoom Workplace VDI Plugin Windows Universal Installer before version 6.6.11 may allow an authenticated...

vulnerabilityCVEhigh-severitycwe-73
/SCW Vulnerability Desk /HIGH /7.8 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-22677 — The Session Import Endpoint That Path Traversal

CVE-2026-22677 — Hermes WebUI prior to 0.51.44 - Release T contains a path traversal vulnerability in the session import endpoint that allows authenticated attackers to...

vulnerabilityCVEmedium-severitypath-traversalcwe-22
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 2 Sigma

vm2 Sandbox Escape (CVE-2026-45411) Poses Critical RCE Risk

CVE-2026-45411 — vm2 is an open source vm/sandbox for Node.js. Prior to 3.11.3, it is possible to catch a host exception using the yield* expression...

vulnerabilityCVEcriticalhigh-severitycwe-668
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 4 IOCs /⚙ 3 Sigma

Next.js CVE-2026-45109: Middleware Bypass Via Turbopack

CVE-2026-45109 — Next.js is a React framework for building full-stack web applications. From 15.2.0 to before 15.5.18 and 16.2.6, it was found that the fix...

vulnerabilityCVEhigh-severitycwe-288
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 3 IOCs /⚙ 1 Sigma

Next.js Partial Prerendering Vulnerability: DoS via Connection Exhaustion

CVE-2026-44579 — Next.js is a React framework for building full-stack web applications. From to before 15.5.16 and 16.2.5, applications using Partial Prerendering through the Cache...

vulnerabilityCVEhigh-severitycwe-770
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 4 IOCs /⚙ 2 Sigma

Next.js SSRF via Crafted WebSocket Requests (CVE-2026-44578)

CVE-2026-44578 — Next.js is a React framework for building full-stack web applications. From 13.4.13 to before 15.5.16 and 16.2.5, self-hosted applications using the built-in Node.js...

vulnerabilityCVEhigh-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /HIGH /8.6 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-44009: Critical vm2 Sandbox Escape Threatens Node.js Apps

CVE-2026-44009 — vm2 is an open source vm/sandbox for Node.js. Prior to 3.11.2, This vulnerability is fixed in 3.11.2.

vulnerabilityCVEcriticalhigh-severitycwe-668
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-44008: Critical vm2 Sandbox Escape in Node.js

CVE-2026-44008 — vm2 is an open source vm/sandbox for Node.js. Prior to 3.11.2, the new method neutralizeArraySpeciesBatch works with objects from the other side but...

vulnerabilityCVEcriticalhigh-severitycwe-668
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 3 IOCs /⚙ 3 Sigma

vm2 Sandbox Escape (CVE-2026-44007) Allows Arbitrary OS Commands

CVE-2026-44007 — vm2 is an open source vm/sandbox for Node.js. Prior to 3.11.1, when a NodeVM is created with nesting: true, sandbox code can unconditionally...

vulnerabilityCVEcriticalhigh-severitycwe-284
/SCW Vulnerability Desk /CRITICAL /9.1 /⚑ 3 IOCs /⚙ 3 Sigma

vm2 Sandbox Escape (CVE-2026-44006) Poses Critical Threat to Node.js

CVE-2026-44006 — vm2 is an open source vm/sandbox for Node.js. Prior to 3.11.0, It is possible to reach BaseHandler.getPrototypeOf, which can be used to get...

vulnerabilityCVEcriticalhigh-severitycwe-94
/SCW Vulnerability Desk /CRITICAL /10 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-44005: Critical vm2 Sandbox Escape Threatens Node.js Applications

CVE-2026-44005 — vm2 is an open source vm/sandbox for Node.js. From 3.9.6 to 3.10.5, vm2's bridge exposes mutable proxies for real host-realm intrinsic prototypes and...

vulnerabilityCVEcriticalhigh-severitycwe-94cwe-1321
/SCW Vulnerability Desk /CRITICAL /10 /⚑ 3 IOCs /⚙ 5 Sigma

CVE-2026-44004: vm2 Sandbox Vulnerability Leads to Host Memory Exhaustion

CVE-2026-44004 — vm2 is an open source vm/sandbox for Node.js. Prior to 3.11.0, sandboxed code can call Buffer.alloc() with an arbitrary size to allocate memory...

vulnerabilityCVEhigh-severitycwe-770
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 4 IOCs /⚙ 3 Sigma

vm2 Sandbox Escape (CVE-2026-44001) Allows Host Node.js Process Crash

CVE-2026-44001 — vm2 is an open source vm/sandbox for Node.js. Prior to 3.11.0, a sandbox escape vulnerability in vm2 v3.10.5 allows any sandboxed code to...

vulnerabilityCVEhigh-severitycwe-248
/SCW Vulnerability Desk /HIGH /8.6 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-44000 — vm2 is an open source vm/sandbox for Node.js. Prior to

CVE-2026-44000 — vm2 is an open source vm/sandbox for Node.js. Prior to 3.11.0, a sandbox boundary violation in vm2 allows host object identity to cross...

vulnerabilityCVEmedium-severitycwe-693
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-43999: Critical vm2 Sandbox Bypass Leads to RCE

CVE-2026-43999 — vm2 is an open source vm/sandbox for Node.js. Prior to 3.11.0, NodeVM's builtin allowlist can be bypassed when the module builtin is allowed...

vulnerabilityCVEcriticalhigh-severityremote-code-executioncwe-863
/SCW Vulnerability Desk /CRITICAL /9.9 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-43998: vm2 Sandbox Bypass Leads to RCE in Node.js

CVE-2026-43998 — vm2 is an open source vm/sandbox for Node.js. In 3.10.5, NodeVM's require.root path restriction can be bypassed using filesystem symlinks, allowing sandboxed code...

vulnerabilityCVEhigh-severityremote-code-executioncwe-59
/SCW Vulnerability Desk /HIGH /8.5 /⚑ 3 IOCs /⚙ 3 Sigma

vm2 Sandbox Escape (CVE-2026-43997) Exposes Node.js Hosts

CVE-2026-43997 — vm2 is an open source vm/sandbox for Node.js. Prior to 3.11.0, it is possible to obtain the host Object. There are various ways...

vulnerabilityCVEcriticalhigh-severitycwe-94
/SCW Vulnerability Desk /CRITICAL /10 /⚑ 4 IOCs /⚙ 3 Sigma

Google Documents First AI-Assisted 0-Day Exploit in the Wild

LΣҒΔ𝕽ΩLL 🇮🇱 reports that Google has documented the first in-the-wild exploitation of a zero-day vulnerability believed to have been developed with AI assistance. The attack...

vulnerability
/SCW Vulnerability Desk /HIGH /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-44577 — Next.js is a React framework for building full-stack web

CVE-2026-44577 — Next.js is a React framework for building full-stack web applications. From 10.0.0 to before 15.5.16 and 16.2.5, when self-hosting Next.js with the default...

vulnerabilityCVEmedium-severitycwe-770
/SCW Vulnerability Desk /MEDIUM /5.9 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-44576 — Next.js is a React framework for building full-stack web

CVE-2026-44576 — Next.js is a React framework for building full-stack web applications. From 14.2.0 to before 15.5.16 and 16.2.5, applications using React Server Components can...

vulnerabilityCVEmedium-severitycwe-436
/SCW Vulnerability Desk /MEDIUM /5.4 /⚑ 2 IOCs /⚙ 3 Sigma

Next.js App Router Flaw Bypasses Middleware Authorization

CVE-2026-44575 — Next.js is a React framework for building full-stack web applications. From 15.2.0 to before 15.5.16 and 16.2.5, App Router applications that rely on...

vulnerabilityCVEhigh-severitycwe-288
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 4 IOCs /⚙ 3 Sigma

Next.js Middleware Bypass (CVE-2026-44574) Exposes Dynamic Routes

CVE-2026-44574 — Next.js is a React framework for building full-stack web applications. From 15.4.0 to before 15.5.16 and 16.2.5, applications that rely on middleware to...

vulnerabilityCVEhigh-severitycwe-288
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 4 IOCs /⚙ 2 Sigma

Next.js Vulnerability Exposes Protected Data via Pages Router

CVE-2026-44573 — Next.js is a React framework for building full-stack web applications. From 12.2.0 to before 15.5.16 and 16.2.5, Applications using the Pages Router with...

vulnerabilityCVEhigh-severitycwe-863
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 3 IOCs

CVE-2026-2695 — A command injection vulnerability was discovered in

CVE-2026-2695 — A command injection vulnerability was discovered in TeamViewer DEX Platform On-Premises (former 1E DEX Platform On-Premises) prior to version 9.2. Improper input validation allows authenticated...

vulnerabilityCVEmedium-severitycwe-20
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 2 IOCs

Microsoft BitLocker Zero-Day Exposes Protected Drives

A cybersecurity researcher has publicly released proof-of-concept (PoC) exploits for two unpatched Microsoft Windows vulnerabilities, dubbed YellowKey and GreenPlasma. BleepingComputer reports that these flaws include...

threat-inteldata-breachmalwarevulnerabilitymicrosofttools
/SCW Vulnerability Desk /HIGH /⚑ 2 IOCs /⚙ 1 Sigma

Lenovo Personal Cloud Storage RCE Vulnerability (CVE-2026-6281)

CVE-2026-6281 — A potential vulnerability was reported in some Lenovo Personal Cloud Storage devices that could allow a remote authenticated user on the local network...

vulnerabilityCVEhigh-severitycwe-78
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs

BIG-IP Appliance Mode Bypass Vulnerability (CVE-2026-42930)

CVE-2026-42930 — When running in Appliance mode, an authenticated attacker assigned the 'Administrator' role may be able to bypass Appliance mode restrictions on a BIG-IP...

vulnerabilityCVEhigh-severitycwe-35
/SCW Vulnerability Desk /HIGH /8.7 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-42924: F5 iControl SOAP Privilege Escalation

CVE-2026-42924 — An authenticated attacker with the Resource Administrator or Administrator role can create SNMP configuration objects through iControl SOAP resulting in privilege escalation.  Note:...

vulnerabilityCVEhigh-severityprivilege-escalationcwe-78
/SCW Vulnerability Desk /HIGH /8.7 /⚑ 2 IOCs /⚙ 2 Sigma

F5 BIG-IP, BIG-IQ CVE-2026-42406: Critical RCE for Privileged Attackers

CVE-2026-42406 — A vulnerability exists in BIG-IP and BIG-IQ systems where a highly privileged, authenticated attacker with at least the Certificate Manager role can modify...

vulnerabilityCVEhigh-severitycwe-267
/SCW Vulnerability Desk /HIGH /8.7 /⚑ 3 IOCs /⚙ 3 Sigma

JupyterLab CVE-2026-42266: PyPI Extension Manager Bypass

CVE-2026-42266 — jupyterlab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook Architecture. From 4.0.0 to 4.5.6, the allow-list of...

vulnerabilityCVEhigh-severitycwe-88cwe-602
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 2 IOCs /⚙ 3 Sigma

BIG-IP, BIG-IQ Configuration Utility RCE via Authenticated Access

CVE-2026-41957 — An authenticated remote code execution vulnerability through undisclosed vectors exists in the BIG-IP and BIG-IQ Configuration utility.  Note: Software versions which have reached...

vulnerabilityCVEhigh-severityremote-code-executioncwe-502
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 3 Sigma

BIG-IP Privilege Escalation: CVE-2026-41953 Allows Resource Admin to Root

CVE-2026-41953 — A vulnerability exists in BIG-IP systems where a highly privileged, authenticated attacker with at least the Resource Administrator role can modify configuration objects...

vulnerabilityCVEhigh-severityprivilege-escalationcwe-77
/SCW Vulnerability Desk /HIGH /8.7 /⚑ 3 IOCs

CVE-2026-41225: Critical iControl REST Vulnerability Allows Arbitrary Command Execution

CVE-2026-41225 — A vulnerability exists in iControl REST where a highly privileged, authenticated attacker with at least the Manager role can create configuration objects that...

vulnerabilityCVEcriticalhigh-severitycwe-648
/SCW Vulnerability Desk /CRITICAL /9.1 /⚑ 3 IOCs /⚙ 3 Sigma

F5 BIG-IP, BIG-IQ Privilege Escalation: CVE-2026-40698

CVE-2026-40698 — A vulnerability exists in BIG-IP and BIG-IQ systems where a highly privileged, authenticated attacker with at least the Resource Administrator role can create...

vulnerabilityCVEhigh-severityprivilege-escalationcwe-77
/SCW Vulnerability Desk /HIGH /8.7 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-40631: F5 iControl SOAP Privilege Escalation

CVE-2026-40631 — An authenticated attacker with the Resource Administrator or Administrator role can modify configuration objects through iControl SOAP resulting in privilege escalation.  Note: Software...

vulnerabilityCVEhigh-severityprivilege-escalationcwe-552
/SCW Vulnerability Desk /HIGH /8.7 /⚑ 2 IOCs /⚙ 1 Sigma

F5 BIG-IP DNS Vulnerability Allows Privilege Escalation

CVE-2026-40061 — When BIG-IP DNS is provisioned, a vulnerability exists in an undisclosed iControl REST and BIG-IP TMOS Shell (tmsh) command that may allow an...

vulnerabilityCVEhigh-severitycwe-77
/SCW Vulnerability Desk /HIGH /8.7 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-34176: High-Severity Command Injection in iControl REST Endpoint

CVE-2026-34176 — When running in Appliance mode, an authenticated remote command injection vulnerability exists in an undisclosed iControl REST endpoint. A successful exploit can allow...

vulnerabilityCVEhigh-severitycommand-injectioncwe-78
/SCW Vulnerability Desk /HIGH /8.7 /⚑ 2 IOCs

F5 BIG-IP Scripted Monitors Allow High-Privilege Command Execution (CVE-2026-32673)

CVE-2026-32673 — A vulnerability exists in BIG-IP scripted monitors that may allow an authenticated attacker with the Resource Administrator or Administrator role to execute arbitrary...

vulnerabilityCVEhigh-severitycwe-250
/SCW Vulnerability Desk /HIGH /8.7 /⚑ 3 IOCs /⚙ 3 Sigma

F5 BIG-IP/BIG-IQ CVE-2026-32643: High-Privilege RCE

CVE-2026-32643 — A vulnerability exists in BIG-IP and BIG-IQ systems where a highly privileged, authenticated attacker with at least the Certificate Manager role can modify...

vulnerabilityCVEhigh-severitycwe-250
/SCW Vulnerability Desk /HIGH /8.7 /⚑ 3 IOCs /⚙ 2 Sigma

Ecommerce Systempay 1.0 Critical Weak Crypto Vulnerability (CVE-2020-37168)

CVE-2020-37168 — Ecommerce Systempay 1.0 contains a weak cryptographic implementation vulnerability that allows attackers to brute force the 16-character production secret key used for payment...

vulnerabilityCVEcriticalhigh-severitycwe-328
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 5 IOCs /⚙ 3 Sigma

Microsoft BitLocker Bypass, Privilege Escalation Exploits Released on Patch Tuesday

A researcher known as Nightmare Eclipse has again released exploits for Microsoft vulnerabilities, coinciding with Patch Tuesday. Following a previous Windows 0-day PoC, the researcher...

malwarevulnerabilitymicrosoft
/SCW Vulnerability Desk /HIGH /⚑ 5 IOCs /⚙ 3 Sigma

Microsoft Autopatch Bug Deployed Restricted Drivers in EU

Microsoft has addressed a critical bug within Windows Autopatch that allowed restricted driver updates to be deployed on managed Windows devices in the European Union....

threat-inteldata-breachmalwarevulnerabilitymicrosoft
/SCW Vulnerability Desk /MEDIUM /⚑ 3 IOCs /⚙ 2 Sigma

Microsoft MDASH AI System Discovers 16 Windows Vulnerabilities

Microsoft has introduced MDASH, a multi-model AI-driven system designed to scale vulnerability discovery and remediation, according to The Hacker News. This system, short for "multi-model...

threat-intelvulnerabilitycloudmicrosoftai-security
/SCW Vulnerability Desk /MEDIUM /⚑ 2 IOCs /⚙ 1 Sigma

FamousSparrow Expands Targeting, Hits Azerbaijani Energy Firm via Exchange

The Hacker News reports that a threat actor, attributed by Bitdefender with moderate-to-high confidence to the China-linked group FamousSparrow (UAT-9244), executed a "multi-wave intrusion" against...

threat-intelvulnerabilitymicrosoft
/SCW Vulnerability Desk /MEDIUM /⚑ 2 IOCs /⚙ 3 Sigma

Microsoft on Pace to Break Annual Vulnerability Record

Microsoft is on track to set a new record for patched vulnerabilities in 2026, having already addressed over 500 issues within the first five months...

threat-inteldata-breachgovernmentvulnerabilitymicrosoft
/SCW Vulnerability Desk /MEDIUM /⚑ 1 IOC /⚙ 3 Sigma

Instructure Canvas Disruption Under Government Scrutiny

The Committee on Homeland Security is now demanding a briefing from Instructure regarding the recent Canvas disruption and associated data breach, according to SecurityWeek. This...

threat-intelvulnerabilitydata-breach
/SCW Vulnerability Desk /MEDIUM /⚑ 2 IOCs /⚙ 3 Sigma

AppSec Tools Miss 'Lethal Paths' to Data, Say Wiz and Okta/GitLab

The Hacker News highlights a critical flaw in traditional Application Security (AppSec) approaches: the overwhelming volume of 'toast' alerts that desensitize security teams. According to...

threat-intelvulnerabilitycloudtools
/SCW Vulnerability Desk /MEDIUM

Remediation Failure: Most Fixes Unconfirmed, Attackers Win

Security teams are drowning in data, yet failing at the most critical step: confirming remediation. The Hacker News highlights a stark reality: despite unprecedented visibility...

threat-intelvulnerability
/SCW Vulnerability Desk /MEDIUM /⚑ 1 IOC /⚙ 3 Sigma

OpenLoop Health Data Breach Impacts 716,000 Patients

SecurityWeek reports that telehealth provider OpenLoop Health suffered a data breach in January, resulting in the exfiltration of personal information belonging to 716,000 users. While...

threat-intelvulnerabilitydata-breach
/SCW Vulnerability Desk /MEDIUM /⚑ 2 IOCs /⚙ 3 Sigma

Microsoft Outlook Zero-Click Vulnerability: A Critical Enterprise Threat

Microsoft has patched a critical zero-click vulnerability in Outlook, identified as CVE-2026-40361. SecurityWeek reports this flaw is reminiscent of the "BadWinmail" vulnerability from a decade...

threat-intelvulnerabilitymicrosoft
/SCW Vulnerability Desk /MEDIUM /⚑ 2 IOCs /⚙ 3 Sigma

GemStuffer Abuses RubyGems for Covert UK Council Data Exfiltration

A new campaign, dubbed GemStuffer, is actively exploiting the RubyGems repository, according to The Hacker News. This isn't your typical malware distribution scheme. Instead, attackers...

threat-intelvulnerabilitymalwarethe-hacker-news
/SCW Vulnerability Desk /MEDIUM /⚑ 3 IOCs

RubyGems Suspends Registrations After Malicious Package Flood

RubyGems, the package manager for Ruby, was forced to suspend new gem registrations after attackers flooded the platform with over 500 malicious packages. SecurityWeek reports...

threat-intelvulnerability
/SCW Vulnerability Desk /MEDIUM /⚑ 2 IOCs /⚙ 3 Sigma

Android Adds Intrusion Logging for Spyware Forensics

Google has rolled out a new opt-in feature for Android, dubbed Intrusion Logging, designed to enhance forensic analysis of sophisticated spyware attacks. This capability, part...

threat-intelvulnerability
/SCW Vulnerability Desk /MEDIUM /⚑ 2 IOCs

ICS Patch Tuesday: Siemens, Schneider, CISA Release Advisories

SecurityWeek reports that the May 2026 Patch Tuesday for Industrial Control Systems (ICS) saw new security advisories from key vendors Siemens and Schneider Electric, alongside...

threat-intelvulnerabilitytools
/SCW Vulnerability Desk /HIGH /⚑ 3 IOCs

Fuji Tellus Driver Grants All Users Kernel R/W: CVE-2026-8108

CVE-2026-8108 — The installation of Fuji Tellus adds a driver to the kernel which grants all users read and write permissions.

vulnerabilityCVEhigh-severitycwe-749
/SCW Vulnerability Desk /HIGH /7.8 /⚑ 2 IOCs /⚙ 3 Sigma

MonsterInsights WordPress Plugin Exposes Google OAuth Tokens

CVE-2026-5371 — The MonsterInsights – Google Analytics Dashboard for WordPress (Website Stats Made Easy) plugin for WordPress is vulnerable to unauthorized access and modification of...

vulnerabilityCVEhigh-severitycwe-862
/SCW Vulnerability Desk /HIGH /7.1 /⚑ 4 IOCs /⚙ 3 Sigma

ChurchCRM CVE-2026-44548: High-Severity CSRF Allows Silent Record Deletion

CVE-2026-44548 — ChurchCRM is an open-source church management system. Prior to 7.3.2, top-level cross-site GET navigation from an attacker-controlled page to FundRaiserDelete.php, PropertyTypeDelete.php, or NoteDelete.php...

vulnerabilityCVEhigh-severitycwe-352cwe-650
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-44547: ChurchCRM Critical Vulnerability Persists in 7.2.x Releases

CVE-2026-44547 — ChurchCRM is an open-source church management system. From 7.2.0 to 7.2.2, The fix for CVE-2026-4058 is incomplete. The hardening commit was merged and...

vulnerabilityCVEcriticalhigh-severitycwe-287cwe-304
/SCW Vulnerability Desk /CRITICAL /9.6 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-44347 — Warpgate is an open source SSH, HTTPS and MySQL bastion

CVE-2026-44347 — Warpgate is an open source SSH, HTTPS and MySQL bastion host for Linux. Prior to 0.23.3, the SSO flow does not validate the...

vulnerabilityCVEmedium-severitycwe-352
/SCW Vulnerability Desk /MEDIUM /5.8 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-44341 — GoJobs is a REST API for a Job Board platform. The

CVE-2026-44341 — GoJobs is a REST API for a Job Board platform. The application exposes a job retrieval endpoint that allows unauthenticated users to access...

vulnerabilityCVEmedium-severitycwe-284cwe-639
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-44245 — Kyverno is a policy engine designed for cloud native

CVE-2026-44245 — Kyverno is a policy engine designed for cloud native platform engineering teams. Prior to 2.5.2, Vue 3's v-html directive is the framework-documented mechanism...

vulnerabilityCVEmedium-severitycwe-79
/SCW Vulnerability Desk /MEDIUM /6.1 /⚑ 2 IOCs /⚙ 3 Sigma

ChurchCRM CVE-2026-42289: CSRF Allows Admin Account Creation

CVE-2026-42289 — ChurchCRM is an open-source church management system. Prior to 7.3.2, UserEditor.php processes user account creation and permission updates entirely through $_POST parameters with...

vulnerabilityCVEhigh-severitycwe-269cwe-306cwe-352
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 3 Sigma

ChurchCRM RCE: Unpatched Setup Wizard Leaves Systems Exposed

CVE-2026-42288 — ChurchCRM is an open-source church management system. Prior to 7.3.2, The fix for CVE-2026-39337 is incomplete. The pre-authentication remote code execution vulnerability in...

vulnerabilityCVEcriticalhigh-severityremote-code-executioncwe-94
/SCW Vulnerability Desk /CRITICAL /10 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-41901: Critical Server-Side Template Injection in Thymeleaf

CVE-2026-41901 — Thymeleaf is a server-side Java template engine for web and standalone environments. Prior to 3.1.5.RELEASE, a security bypass vulnerability exists in the expression...

vulnerabilityCVEcriticalhigh-severitycwe-917cwe-1336
/SCW Vulnerability Desk /CRITICAL /9 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-1250: WordPress Court Booking Plugin SQL Injection

CVE-2026-1250 — The Court Reservation – Manage Your Court Bookings Online plugin for WordPress is vulnerable to generic SQL Injection via the ‘id’ parameter in...

vulnerabilityCVEhigh-severitysql-injectioncwe-89
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2025-15463 — Code Execution

CVE-2025-15463 — The The Advanced Custom Fields: Extended plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 0.9.2.3....

vulnerabilityCVEmedium-severitycode-executioncwe-94
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-8449: Linux ksmbd Heap Corruption Allows Remote Kernel RCE

CVE-2026-8449 — Linux ksmbd contains a remote memory corruption vulnerability in the ACL inheritance path that allows remote clients with directory creation permissions to trigger...

vulnerabilityCVEhigh-severitycode-executioncwe-125
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 5 IOCs /⚙ 3 Sigma

Heym Sandbox Escape Vulnerability (CVE-2026-45227) Allows Arbitrary Host Commands

CVE-2026-45227 — Heym before 0.0.21 contains a sandbox escape vulnerability in the custom Python tool executor that allows authenticated workflow authors to bypass sandbox restrictions...

vulnerabilityCVEhigh-severitycwe-693
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 3 Sigma

Heym Path Traversal (CVE-2026-45225) Allows Arbitrary File Writes

CVE-2026-45225 — Heym before 0.0.21 contains a path traversal vulnerability in the file upload endpoint that allows authenticated users to write attacker-controlled files to arbitrary...

vulnerabilityCVEhigh-severitypath-traversalcwe-22
/SCW Vulnerability Desk /HIGH /7.6 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-44304: Lemur LDAP Auth Flaw Allows Privilege Escalation

CVE-2026-44304 — Lemur manages TLS certificate creation. Prior to 1.9.0, Lemur's LDAP authentication module (lemur/auth/ldap.py) constructs LDAP search filters using unsanitized user input via Python...

vulnerabilityCVEhigh-severitycwe-90
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-44262: Critical RCE in Laravel Scramble API Docs

CVE-2026-44262 — Scramble generates API documentation for Laravel project. From 0.13.2 to before 0.13.22, when documentation endpoints are publicly accessible and validation rules reference user-controlled...

vulnerabilityCVEcriticalhigh-severitycwe-94
/SCW Vulnerability Desk /CRITICAL /9.4 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-44260: efw4.X Readonly Flag Bypass Leads to File Modification

CVE-2026-44260 — efw4.X is an Enterprise Framework for Web. Prior to 4.08.010, the readonly flag set on the JSP tag is intended to prevent file...

vulnerabilityCVEhigh-severitycwe-863
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 3 IOCs /⚙ 3 Sigma

Micronaut Framework DoS Vulnerability (CVE-2026-44241) Risks Heap Exhaustion

CVE-2026-44241 — Micronaut Framework is a JVM-based full stack Java framework designed for building modular, easily testable JVM applications. From 4.3.0 to before 4.10.22, TimeConverterRegistrar...

vulnerabilityCVEhigh-severitycwe-400
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-44015: Nginx UI SSRF Bypasses Network Segmentation

CVE-2026-44015 — Nginx UI is a web user interface for the Nginx web server. In 2.3.4 and earlier, an authenticated user can perform Server-Side Request...

vulnerabilityCVEhigh-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /HIGH /8.5 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-43948: wger Workout Manager Critical Account Takeover

CVE-2026-43948 — wger is a free, open-source workout and fitness manager. Prior to 2.6, the reset_user_password and gym_permissions_user_edit views in wger perform a gym-scope authorization...

vulnerabilityCVEcriticalhigh-severitycwe-863
/SCW Vulnerability Desk /CRITICAL /9.9 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-42855: arduino-esp32 Digest Auth Bypass Threatens IoT Security

CVE-2026-42855 — arduino-esp32 is an Arduino core for the ESP32, ESP32-S2, ESP32-S3, ESP32-C3, ESP32-C6 and ESP32-H2 microcontrollers. Prior to 3.3.8, the WebServer Digest authentication implementation...

vulnerabilityCVEhigh-severitycwe-287
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-42854: Critical RCE in arduino-esp32 WebServer

CVE-2026-42854 — arduino-esp32 is an Arduino core for the ESP32, ESP32-S2, ESP32-S3, ESP32-C3, ESP32-C6 and ESP32-H2 microcontrollers. Prior to 3.3.8, the WebServer multipart form parser...

vulnerabilityCVEcriticalhigh-severityremote-code-executioncwe-121
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 3 IOCs /⚙ 7 Sigma

Granian HTTP Server Vulnerability: Unauthenticated DoS via WebSocket Protocol Header

CVE-2026-42544 — Granian is a Rust HTTP server for Python applications. From 1.2.0 to 2.7.4, Granian aborts a worker process when an unauthenticated client sends...

vulnerabilityCVEhigh-severitycwe-20cwe-248cwe-400
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 3 IOCs /⚙ 4 Sigma

CVE-2026-40902: PhpSpreadsheet DoS Vulnerability Exploited with Malicious XLSX

CVE-2026-40902 — PhpSpreadsheet is a pure PHP library for reading and writing spreadsheet files. Prior to 1.30.4, 2.1.16, 2.4.5, 3.10.5, and 5.7.0, the XLSX reader's...

vulnerabilityCVEhigh-severitycwe-770
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-40863: PhpSpreadsheet DoS Vulnerability Hits High Severity

CVE-2026-40863 — PhpSpreadsheet is a pure PHP library for reading and writing spreadsheet files. Prior to 1.30.4, 2.1.16, 2.4.5, 3.10.5, and 5.7.0, the SpreadsheetML XML...

vulnerabilityCVEhigh-severitydenial-of-servicecwe-770
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-26289: PowerSYSTEM Center REST API Exposes Admin Data

CVE-2026-26289 — PowerSYSTEM Center REST API endpoint for device account export allows an authenticated user with limited permissions to expose sensitive information normally restricted to...

vulnerabilityCVEhigh-severitycwe-863
/SCW Vulnerability Desk /HIGH /8.2 /⚑ 2 IOCs /⚙ 3 Sigma

Wing FTP Server RCE (CVE-2026-44403) Allows Admin Lua Injection

CVE-2026-44403 — Wing FTP Server 8.1.2 contains an authenticated remote code execution vulnerability in the session serialization mechanism that allows authenticated administrators to inject arbitrary...

vulnerabilityCVEhigh-severityremote-code-executioncwe-94
/SCW Vulnerability Desk /HIGH /7.2 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-44246: nnU-Net Agentic Workflow Injection Puts GitHub Workflows at Risk

CVE-2026-44246 — nnU-Net is a semantic segmentation framework that automatically adapts its pipeline to a dataset. Prior to 2.4.1, the nnU-Net Issue Triage workflow in...

vulnerabilityCVEhigh-severity
/SCW Vulnerability Desk /HIGH /7.2 /⚑ 4 IOCs /⚙ 6 Sigma

CVE-2026-44240: basic-ftp Client-Side DoS Poses Risk to Node.js Applications

CVE-2026-44240 — basic-ftp is an FTP client for Node.js. Prior to 5.3.1, basic-ftp is vulnerable to client-side denial of service when parsing FTP control-channel multiline...

vulnerabilityCVEhigh-severitydenial-of-servicecwe-400cwe-770
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 4 IOCs /⚙ 2 Sigma

CVE-2026-35504 — PowerSYSTEM Center email notification service is affected

CVE-2026-35504 — PowerSYSTEM Center email notification service is affected by a CRLF injection vulnerability when using SMTPS communication.

vulnerabilityCVEmedium-severitycwe-93
/SCW Vulnerability Desk /MEDIUM /5.5 /⚑ 2 IOCs /⚙ 2 Sigma

HashiCorp Nomad Code Execution (CVE-2026-7474) via Path Traversal

CVE-2026-7474 — HashiCorp Nomad and Nomad Enterprise prior to 2.0.1 are vulnerable to code execution on the client host through a path traversal attack. This...

vulnerabilityCVEhigh-severitycode-executioncwe-22
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-44225: Pulpy Packager Allows Arbitrary File Access

CVE-2026-44225 — Pulpy is a lightweight, cross-platform desktop application packager for web apps. Prior to 0.1.1, Pulpy injects a pulpy.fs JavaScript API into every packaged...

vulnerabilityCVEcriticalhigh-severityarbitrary-file-accesscwe-22cwe-284
/SCW Vulnerability Desk /CRITICAL /9.3 /⚑ 3 IOCs /⚙ 3 Sigma

ArcadeDB Critical Vulnerability Bypasses Authorization Across Databases

CVE-2026-44221 — ArcadeDB is a Multi-Model DBMS. Prior to 2.6.4, authenticated users and API tokens scoped to a specific database could read, write, and mutate...

vulnerabilityCVEcriticalhigh-severitycwe-863
/SCW Vulnerability Desk /CRITICAL /9 /⚑ 5 IOCs /⚙ 3 Sigma

CVE-2026-42889: Relay Obsidian Server Authentication Bypass Critical

CVE-2026-42889 — Relay adds real-time collaboration to Obsidian. Relay Server versions 0.9.0 through 0.9.6 contain an authentication bypass in the multi-document WebSocket endpoints. When authentication...

vulnerabilityCVEcriticalhigh-severityauthentication-bypasscwe-639cwe-863
/SCW Vulnerability Desk /CRITICAL /9.1 /⚑ 4 IOCs

Adobe After Effects Stack-Based Buffer Overflow (CVE-2026-34690) Allows RCE

CVE-2026-34690 — After Effects versions 26.0, 25.6.4 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in...

vulnerabilityCVEhigh-severitycode-executioncwe-121
/SCW Vulnerability Desk /HIGH /7.8 /⚑ 2 IOCs /⚙ 3 Sigma

Adobe Commerce Stored XSS Puts Low-Privilege Attackers in Control (CVE-2026-34686)

CVE-2026-34686 — Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be...

vulnerabilityCVEhigh-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /HIGH /8.7 /⚑ 3 IOCs /⚙ 3 Sigma

Adobe Commerce Path Traversal (CVE-2026-34653) Allows File System Read/Write

CVE-2026-34653 — Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by an Improper Limitation of a Pathname to a Restricted...

vulnerabilityCVEhigh-severitypath-traversalcwe-22
/SCW Vulnerability Desk /HIGH /8.7 /⚑ 3 IOCs /⚙ 3 Sigma

Adobe Commerce DoS Vulnerability (CVE-2026-34649) Puts E-commerce at Risk

CVE-2026-34649 — Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by an Uncontrolled Resource Consumption vulnerability that could lead to...

vulnerabilityCVEhigh-severitycwe-400
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 2 IOCs /⚙ 2 Sigma

Adobe Commerce DoS Vulnerability: CVE-2026-34648 Puts E-Commerce at Risk

CVE-2026-34648 — Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by an Uncontrolled Resource Consumption vulnerability that could lead to...

vulnerabilityCVEhigh-severitycwe-400
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 2 IOCs /⚙ 1 Sigma

Adobe Commerce Vulnerability Allows Unauthorized Write Access

CVE-2026-34646 — Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by an Incorrect Authorization vulnerability that could result in a...

vulnerabilityCVEhigh-severitycwe-863
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 3 IOCs /⚙ 3 Sigma

Adobe Commerce CVE-2026-34645: Critical Auth Bypass Grants Write Access

CVE-2026-34645 — Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by an Incorrect Authorization vulnerability that could result in a...

vulnerabilityCVEhigh-severitycwe-863
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-23827: Unauthenticated RCE in AOS-8 and AOS-10 Network Management

CVE-2026-23827 — A heap-based buffer overflow vulnerability exists in a Network management service of AOS-8 and AOS-10 that could allow an unauthenticated remote attacker to...

vulnerabilityCVEhigh-severityremote-code-execution
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 3 IOCs /⚙ 3 Sigma

AOS-8 Operating System Vulnerability Could Lead to DoS

CVE-2026-23826 — A vulnerability in a network management service of AOS-8 Operating System could allow an unauthenticated remote attacker to exploit this vulnerability by sending...

vulnerabilityCVEhigh-severity
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-23825: Unauthenticated DoS in AOS-8, AOS-10 Operating Systems

CVE-2026-23825 — Vulnerabilities exist in a protocol-handling component of AOS-8 and AOS-10 Operating Systems. An unauthenticated attacker could exploit these vulnerabilities by sending specially crafted...

vulnerabilityCVEhigh-severity
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-23824: AOS-8 and AOS-10 Protocol Vulnerabilities Lead to DoS

CVE-2026-23824 — Vulnerabilities exist in a protocol-handling component of AOS-8 and AOS-10 Operating Systems. An unauthenticated attacker could exploit these vulnerabilities by sending specially crafted...

vulnerabilityCVEhigh-severity
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 3 IOCs /⚙ 2 Sigma

MongoDB Ops Manager RCE via Webhook Template Injection (CVE-2026-8431)

CVE-2026-8431 — An administrative user with access to configure webhooks can execute arbitrary commands by configuring and then triggering webhooks containing specific FreeMarker template syntax. ...

vulnerabilityCVEhigh-severitycwe-77
/SCW Vulnerability Desk /HIGH /7.2 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-8430: SPIP RCE Limited to Nginx Configurations

CVE-2026-8430 — SPIP versions prior to 4.4.14 contain a remote code execution vulnerability in the public space that is limited to certain nginx configurations, allowing...

vulnerabilityCVEhigh-severityremote-code-executioncwe-94
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 3 IOCs /⚙ 3 Sigma

SPIP RCE Vulnerability (CVE-2026-8429) Bypasses Security Protections

CVE-2026-8429 — SPIP versions prior to 4.4.14 contain a remote code execution vulnerability in the private space that allows attackers to execute arbitrary code in...

vulnerabilityCVEhigh-severityremote-code-executioncwe-94
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-34684 — Code Execution

CVE-2026-34684 — Substance3D - Designer versions 15.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the...

vulnerabilityCVEmedium-severitycode-executioncwe-787
/SCW Vulnerability Desk /MEDIUM /5.5 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-34683 — Code Execution

CVE-2026-34683 — Substance3D - Designer versions 15.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the...

vulnerabilityCVEmedium-severitycode-executioncwe-787
/SCW Vulnerability Desk /MEDIUM /5.5 /⚑ 2 IOCs /⚙ 2 Sigma

Substance3D Designer Out-of-Bounds Write Allows RCE

CVE-2026-34682 — Substance3D - Designer versions 15.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the...

vulnerabilityCVEhigh-severitycode-executioncwe-787
/SCW Vulnerability Desk /HIGH /7.8 /⚑ 2 IOCs /⚙ 3 Sigma

Substance3D Designer RCE: Malicious File Opens Door to Arbitrary Code Execution

CVE-2026-34681 — Substance3D - Designer versions 15.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the...

vulnerabilityCVEhigh-severitycode-executioncwe-787
/SCW Vulnerability Desk /HIGH /7.8 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-34664 — Path Traversal

CVE-2026-34664 — Substance3D - Designer versions 15.1.0 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability...

vulnerabilityCVEmedium-severitypath-traversalcwe-22
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 2 IOCs /⚙ 2 Sigma

Adobe Connect Critical RCE: Incorrect Authorization Leads to Code Execution

CVE-2026-34660 — Adobe Connect versions 2025.9.15, 2025.8.157 and earlier are affected by an Incorrect Authorization vulnerability that could result in arbitrary code execution in the...

vulnerabilityCVEcriticalhigh-severitycode-executioncwe-863
/SCW Vulnerability Desk /CRITICAL /9.3 /⚑ 3 IOCs /⚙ 3 Sigma

Adobe Connect CVE-2026-34659: Critical RCE via Deserialization of Untrusted Data

CVE-2026-34659 — Adobe Connect versions 2025.9.15, 2025.8.157 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could result in arbitrary code execution...

vulnerabilityCVEcriticalhigh-severitycode-executioncwe-502
/SCW Vulnerability Desk /CRITICAL /9.6 /⚑ 3 IOCs /⚙ 3 Sigma

AOS-10 AP Command Injection: CVE-2026-23823 Exposes Networks

CVE-2026-23823 — A vulnerability in the command line interface of Access Points running AOS-10 could allow an authenticated remote attacker to perform command injection. Successful...

vulnerabilityCVEhigh-severitycommand-injection
/SCW Vulnerability Desk /HIGH /7.2 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-23822 — The XML Handling Component Of AOS-8 DHCP Services Vulnerability

CVE-2026-23822 — A vulnerability in the XML handling component of AOS-8 DHCP services could allow an unauthenticated remote attacker to trigger a denial-of-service condition. Successful...

vulnerabilityCVEmedium-severity
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 1 IOC /⚙ 3 Sigma

CVE-2026-23821: Aruba AOS-10 APs Vulnerable to RCE

CVE-2026-23821 — A vulnerability in the configuration processing logic of Access Points running AOS-10 could allow an authenticated remote attacker to execute system commands under...

vulnerabilityCVEhigh-severity
/SCW Vulnerability Desk /HIGH /7.2 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-23820: Aruba AOS-8/10 AP CLI Vulnerability Allows Arbitrary Command Execution

CVE-2026-23820 — A vulnerability in the command line interface of Access Points running AOS-10 and AOS-8 Instant could allow an authenticated remote attacker to execute...

vulnerabilityCVEhigh-severity
/SCW Vulnerability Desk /HIGH /7.2 /⚑ 2 IOCs /⚙ 3 Sigma

AOS-10/AOS-8 Instant AP Vulnerability Allows Remote Code Execution

CVE-2026-23819 — A vulnerability in the web-based management interface of Access Points running AOS-10 and AOS-8 Instant could allow an unauthenticated remote attacker to execute...

vulnerabilityCVEhigh-severity
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 2 Sigma

Microsoft Releases Windows 10 KB5087544 Extended Security Update

Microsoft has rolled out the Windows 10 KB5087544 extended security update. BleepingComputer reports this update addresses vulnerabilities from May 2026 Patch Tuesday. It also includes...

threat-inteldata-breachmalwarevulnerabilitymicrosofttools
/SCW Vulnerability Desk /MEDIUM /⚑ 3 IOCs

Fortinet Warns of Critical RCE Flaws in FortiSandbox and FortiAuthenticator

Fortinet has issued urgent security patches for critical remote code execution (RCE) vulnerabilities impacting its FortiSandbox and FortiAuthenticator products. BleepingComputer reports that these flaws could...

threat-inteldata-breachmalwarevulnerabilitycloudtools
/SCW Vulnerability Desk /HIGH /⚑ 4 IOCs /⚙ 3 Sigma

Fortinet FortiAuthenticator Critical Improper Access Control Vulnerability

CVE-2026-44277 — A improper access control vulnerability in Fortinet FortiAuthenticator 8.0.2, FortiAuthenticator 8.0.0, FortiAuthenticator 6.6.0 through 6.6.8, FortiAuthenticator 6.5.0 through 6.5.6 may allow attacker to...

vulnerabilityCVEcriticalhigh-severityimproper-access-controlcwe-284
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 4 IOCs /⚙ 3 Sigma

Pingvin Share X Critical 2FA Bypass (CVE-2026-44196)

CVE-2026-44196 — Pingvin Share X is a secure and easy self-hosted file sharing platform. From 1.14.1 to 1.16.2, a critical authentication bypass vulnerability allows an...

vulnerabilityCVEcriticalhigh-severityauthentication-bypasscwe-287cwe-697
/SCW Vulnerability Desk /CRITICAL /9.1 /⚑ 2 IOCs /⚙ 2 Sigma

Cleanuparr CVE-2026-44183: Critical RCE via X-Forwarded-For Header Spoofing

CVE-2026-44183 — Cleanuparr is a tool for automating the cleanup of unwanted or blocked files in Sonarr, Radarr, and supported download clients like qBittorrent. Prior...

vulnerabilityCVEcriticalhigh-severitycwe-290cwe-348
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 3 IOCs /⚙ 2 Sigma

Microsoft Dynamics 365 On-Premises Critical Code Injection (CVE-2026-42898)

CVE-2026-42898 — Improper control of generation of code ('code injection') in Microsoft Dynamics 365 (on-premises) allows an authorized attacker to execute code over a network....

vulnerabilityCVEcriticalhigh-severitycwe-94
/SCW Vulnerability Desk /CRITICAL /9.9 /⚑ 2 IOCs /⚙ 3 Sigma

Microsoft Dynamics 365 On-Premises Critical RCE via Unnecessary Privileges

CVE-2026-42833 — Execution with unnecessary privileges in Microsoft Dynamics 365 (on-premises) allows an authorized attacker to execute code over a network.

vulnerabilityCVEcriticalhigh-severitycwe-250
/SCW Vulnerability Desk /CRITICAL /9.1 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-42823: Critical Privilege Escalation in Azure Logic Apps

CVE-2026-42823 — Improper access control in Azure Logic Apps allows an authorized attacker to elevate privileges over a network.

vulnerabilityCVEcriticalhigh-severityimproper-access-controlcwe-284
/SCW Vulnerability Desk /CRITICAL /9.9 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-42048: Langflow Path Traversal Exposes Servers to Arbitrary Deletion

CVE-2026-42048 — Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.0, Langflow is vulnerable to Path Traversal in the...

vulnerabilityCVEcriticalhigh-severitypath-traversalcwe-22
/SCW Vulnerability Desk /CRITICAL /9.6 /⚑ 3 IOCs /⚙ 3 Sigma

Microsoft SSO Plugin for Jira & Confluence Critical Auth Bypass

CVE-2026-41103 — Incorrect implementation of authentication algorithm in Microsoft SSO Plugin for Jira & Confluence allows an unauthorized attacker to elevate privileges over a network....

vulnerabilityCVEcriticalhigh-severitycwe-303
/SCW Vulnerability Desk /CRITICAL /9.1 /⚑ 2 IOCs /⚙ 2 Sigma

Microsoft Windows DNS Heap Overflow (CVE-2026-41096) Allows Remote Code Execution

CVE-2026-41096 — Heap-based buffer overflow in Microsoft Windows DNS allows an unauthorized attacker to execute code over a network.

vulnerabilityCVEcriticalhigh-severitybuffer-overflowcwe-122
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 2 IOCs

CVE-2026-41089: Critical Netlogon RCE Threatens Windows Networks

CVE-2026-41089 — Stack-based buffer overflow in Windows Netlogon allows an unauthorized attacker to execute code over a network.

vulnerabilityCVEcriticalhigh-severitybuffer-overflowcwe-121
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 2 IOCs

Windows Hyper-V Critical Privilege Escalation via Use-After-Free

CVE-2026-40402 — Use after free in Windows Hyper-V allows an unauthorized attacker to elevate privileges locally.

vulnerabilityCVEcriticalhigh-severityuse-after-freecwe-416
/SCW Vulnerability Desk /CRITICAL /9.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-40379: Critical Azure Entra ID Spoofing Vulnerability

CVE-2026-40379 — Exposure of sensitive information to an unauthorized actor in Azure Entra ID allows an unauthorized attacker to perform spoofing over a network.

vulnerabilityCVEcriticalhigh-severitycwe-200
/SCW Vulnerability Desk /CRITICAL /9.3 /⚑ 2 IOCs /⚙ 2 Sigma

Azure SDK Critical Vulnerability Allows Authentication Bypass

CVE-2026-33117 — Improper authentication in Azure SDK allows an unauthorized attacker to bypass a security feature over a network.

vulnerabilityCVEcriticalhigh-severitycwe-287cwe-347
/SCW Vulnerability Desk /CRITICAL /9.1 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-29204: Critical Client Area Vulnerability Exposes cPanel Accounts

CVE-2026-29204 — Insufficient ownership checks in `clientarea.php` allow an authenticated client area user to submit requests using another user’s `addonId` without any ownership validation leading...

vulnerabilityCVEcriticalhigh-severitycwe-639
/SCW Vulnerability Desk /CRITICAL /10 /⚑ 3 IOCs /⚙ 2 Sigma

Fortinet FortiSandbox Critical RCE: Unauthenticated Attackers Can Execute Commands

CVE-2026-26083 — A missing authorization vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.1, FortiSandbox 4.4.0 through 4.4.8, FortiSandbox Cloud 5.0.2 through 5.0.5, FortiSandbox PaaS 23.4 all...

vulnerabilityCVEcriticalhigh-severitycwe-862
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 5 IOCs

Microsoft May 2026 Patch Tuesday: 120 Flaws, Critical RCEs in Office

Microsoft's May 2026 Patch Tuesday addressed 120 vulnerabilities, with BleepingComputer noting no zero-days were publicly disclosed. Among these, 17 are rated 'Critical,' including 14 remote...

threat-inteldata-breachmalwarevulnerabilitycloudmicrosoft
/SCW Vulnerability Desk /HIGH /⚑ 1 IOC /⚙ 3 Sigma

Microsoft Patches 137 Vulnerabilities, Including Critical Azure, Windows Flaws

Microsoft's latest security updates address 137 vulnerabilities, according to SecurityWeek. This significant patch Tuesday includes fixes for critical flaws across key products like Azure, Windows,...

threat-intelvulnerabilitycloudmicrosoftidentity
/SCW Vulnerability Desk /HIGH /⚑ 4 IOCs /⚙ 3 Sigma

Exaforce Raises $125 Million for Agentic SOC Platform

SecurityWeek reports that Exaforce has secured an additional $125 million in funding, bringing its total raised capital to $200 million. The company intends to allocate...

threat-intelvulnerability
/SCW Vulnerability Desk /MEDIUM

CVE-2026-43993: JunoClaw AI Platform SSRF Vulnerability

CVE-2026-43993 — JunoClaw is an agentic AI platform built on Juno Network. Prior to 0.x.y-security-1, the WAVS bridge's computeDataVerify called fetch() on agent-supplied URLs without...

vulnerabilityCVEhigh-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /HIGH /8.2 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-43992: JunoClaw AI Exposes BIP-39 Seeds in Tool Calls

CVE-2026-43992 — JunoClaw is an agentic AI platform built on Juno Network. Prior to 0.x.y-security-1, every MCP write tool (send_tokens, execute_contract, instantiate_contract, upload_wasm, ibc_transfer, etc.)...

vulnerabilityCVEcriticalhigh-severitycwe-200cwe-312cwe-522cwe-532
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 3 IOCs /⚙ 3 Sigma

JunoClaw Command Bypass Vulnerability CVE-2026-43991 Poses High Risk

CVE-2026-43991 — JunoClaw is an agentic AI platform built on Juno Network. Prior to 0.x.y-security-1, substring-based blocklist in plugin-shell's command-safety check could be bypassed by...

vulnerabilityCVEhigh-severitycwe-78cwe-184
/SCW Vulnerability Desk /HIGH /8.4 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-43990: JunoClaw Agentic AI Shell Injection Risk

CVE-2026-43990 — JunoClaw is an agentic AI platform built on Juno Network. Prior to 0.x.y-security-1, plugin-shell's run_command wrapped every agent-supplied command in 'sh -c' /...

vulnerabilityCVEhigh-severitycwe-77cwe-78
/SCW Vulnerability Desk /HIGH /8.4 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-43989: JunoClaw Agentic AI Exposes Filesystem to Agents

CVE-2026-43989 — JunoClaw is an agentic AI platform built on Juno Network. Prior to 0.x.y-security-1, the upload_wasm MCP tool accepted a filesystem path from the...

vulnerabilityCVEhigh-severitycwe-20cwe-22cwe-59cwe-73
/SCW Vulnerability Desk /HIGH /8.5 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-25431 — WPMU DEV Hustle Vulnerability

CVE-2026-25431 — Missing Authorization vulnerability in WPMU DEV Hustle allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Hustle: through 7.8.10.1.

vulnerabilityCVEmedium-severitycwe-862
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 2 Sigma

Adobe Patches 52 Vulnerabilities Across 10 Products

Adobe has released patches for 52 vulnerabilities affecting 10 of its products. According to SecurityWeek, many of these flaws could lead to arbitrary code execution,...

threat-intelvulnerabilitycloud
/SCW Vulnerability Desk /MEDIUM /⚑ 2 IOCs /⚙ 3 Sigma

Exim BDAT Vulnerability (CVE-2026-45185) Exposes GnuTLS Builds to RCE

Exim has issued critical security updates to address a severe vulnerability, tracked as CVE-2026-45185 and dubbed "Dead.Letter." This use-after-free flaw affects specific Exim configurations, potentially...

threat-intelvulnerabilitytools
/SCW Vulnerability Desk /HIGH /⚑ 3 IOCs /⚙ 3 Sigma

Ivanti Endpoint Manager RCE via SQL Injection (CVE-2026-8111)

CVE-2026-8111 — SQL injection in the web console of Ivanti Endpoint Manager before version 2024 SU6 allows a remote authenticated attacker to achieve remote code execution.

vulnerabilityCVEhigh-severityremote-code-executioncwe-89
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 3 Sigma

Ivanti Endpoint Manager Privilege Escalation (CVE-2026-8110)

CVE-2026-8110 — Incorrect permissions assignment in the agent of Ivanti Endpoint Manager before version 2024 SU6 allows a local authenticated attacker to escalate their privileges.

vulnerabilityCVEhigh-severitycwe-732
/SCW Vulnerability Desk /HIGH /7.8 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-8109 — An exposed dangerous method on the Core Server of Ivanti

CVE-2026-8109 — An exposed dangerous method on the Core Server of Ivanti Endpoint Manager before version 2024 SU6 allows a remote authenticated attacker to leak access credentials.

vulnerabilityCVEmedium-severitycwe-749
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 3 Sigma

Ivanti Virtual Traffic Manager RCE via OS Command Injection

CVE-2026-8051 — OS command injection in Ivanti Virtual Traffic Manager before version 22.9r4 allows a remote authenticated attacker with admin privileges to achieve remote code...

vulnerabilityCVEhigh-severityremote-code-executioncwe-78
/SCW Vulnerability Desk /HIGH /7.2 /⚑ 2 IOCs /⚙ 2 Sigma

Ivanti Xtraction Critical Vulnerability Allows Remote File Manipulation

CVE-2026-8043 — External control of a file name in Ivanti Xtraction before version 2026.2 allows a remote authenticated attacker to read sensitive files and write...

vulnerabilityCVEcriticalhigh-severityinformation-disclosurecwe-73
/SCW Vulnerability Desk /CRITICAL /9.6 /⚑ 3 IOCs /⚙ 3 Sigma

Ivanti Secure Access Client: Local Privilege Escalation via Race Condition (CVE-2026-7432)

CVE-2026-7432 — A race condition in Ivanti Secure Access Client before 22.8R6 allows a locally authenticated user to escalate privileges to SYSTEM

vulnerabilityCVEhigh-severityrace-conditioncwe-362
/SCW Vulnerability Desk /HIGH /7.8 /⚑ 2 IOCs

CVE-2026-7431 — An incorrect permission assignment for critical resource of

CVE-2026-7431 — An incorrect permission assignment for critical resource of Ivanti Secure Access Client   before 22.8R6 allows a local authenticated user to read or modify...

vulnerabilityCVEmedium-severitycwe-732
/SCW Vulnerability Desk /MEDIUM /4.4 /⚑ 2 IOCs

CVE-2026-5061 — The consul-template library before version 0.42.0 is

CVE-2026-5061 — The consul-template library before version 0.42.0 is vulnerable to a sandbox path bypass in the file template helper that may allow reading an...

vulnerabilityCVEmedium-severitycwe-59
/SCW Vulnerability Desk /MEDIUM /4.7 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-43939: YAF.NET Cross-Site Scripting Vulnerability

CVE-2026-43939 — YetAnotherForum.NET (YAF.NET) is a C# ASP.NET forum. Prior to 4.0.5 and 3.2.12, the thread posting and reply feature accepts user-supplied content via a...

vulnerabilityCVEhigh-severitycwe-79cwe-80cwe-116
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 3 Sigma

YetAnotherForum.NET XSS via User-Agent Logging (CVE-2026-43938)

CVE-2026-43938 — YetAnotherForum.NET (YAF.NET) is a C# ASP.NET forum. Prior to 4.0.5 and 3.2.12, the application's database logger (YAFNET.Core/Logger/DbLogger.cs) captures the incoming request's User-Agent header...

vulnerabilityCVEhigh-severitycwe-79cwe-80cwe-116
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 4 IOCs /⚙ 3 Sigma

YetAnotherForum.NET Vulnerability Allows Arbitrary SQL Execution by Low-Privileged Users

CVE-2026-43937 — YetAnotherForum.NET (YAF.NET) is a C# ASP.NET forum. Prior to 4.0.5, Any admin OnPost… handler executes its side effects before the ResultFilterAttribute rewrites the...

vulnerabilityCVEhigh-severitycwe-89cwe-841
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-42260: Open-WebSearch SSRF Exposes Internal Networks

CVE-2026-42260 — Open-WebSearch is a multi-engine MCP server, CLI, and local daemon for agent web search and content retrieval. Prior to 2.1.7, isPublicHttpUrl / assertPublicHttpUrl...

vulnerabilityCVEhigh-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /HIGH /8.2 /⚑ 3 IOCs /⚙ 3 Sigma

RubyGems Suspends Signups After Hundreds of Malicious Packages Uploaded

RubyGems, the standard package manager for the Ruby programming language, has temporarily paused new account signups. This action follows what The Hacker News describes as...

threat-intelvulnerability
/SCW Vulnerability Desk /MEDIUM /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-45091: Critical Secret Exposure in sealed-env Library

CVE-2026-45091 — sealed-env is a cross-stack, zero-trust secret management library for Node.js and Java/Spring Boot. In sealed-env enterprise mode, versions 0.1.0-alpha.1 through 0.1.0-alpha.3 embedded the...

vulnerabilityCVEcriticalhigh-severitycwe-200cwe-522
/SCW Vulnerability Desk /CRITICAL /9.1 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-42006 — An attacker can cause uncontrolled memory usage with

CVE-2026-42006 — An attacker can cause uncontrolled memory usage with excessive bracing over IMAP. The fix in CVE-2026-27857 was incomplete, only blocking one way of...

vulnerabilityCVEmedium-severitycwe-400
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs

CVE-2026-40638 — Dell PowerScale InsightIQ, versions 5.0.0 through 6.2.0,

CVE-2026-40638 — Dell PowerScale InsightIQ, versions 5.0.0 through 6.2.0, contains an execution with unnecessary privileges vulnerability. A high privileged attacker with local access could potentially...

vulnerabilityCVEmedium-severitycwe-250
/SCW Vulnerability Desk /MEDIUM /6.7 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-40016 — Attacker can upload a malicious Sieve script over

CVE-2026-40016 — Attacker can upload a malicious Sieve script over ManageSieve service (or locally) to bypass configured CPU time limits for Sieve up to 130...

vulnerabilityCVEmedium-severitycwe-400
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 2 Sigma

Dell PowerScale InsightIQ Vulnerability Allows OS Command Injection

CVE-2026-35071 — Dell PowerScale InsightIQ, versions 6.0.0 through 6.2.0, contains an improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability....

vulnerabilityCVEhigh-severitycommand-injectioncwe-78
/SCW Vulnerability Desk /HIGH /8.2 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-33603 — Attacker can use a specially crafted base64 exchange

CVE-2026-33603 — Attacker can use a specially crafted base64 exchange between Dovecot and Client to fake SCRAM TLS channel binding. This requires that the attacker...

vulnerabilityCVEmedium-severitycwe-99
/SCW Vulnerability Desk /MEDIUM /6.8 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-27851: Safe Filter Bug Enables SQL/LDAP Injection

CVE-2026-27851 — When safe filter is used with variable expansion, all following pipelines on the same string are incorrectly interpreted as safe too, enabling unsafe...

vulnerabilityCVEhigh-severitycwe-235
/SCW Vulnerability Desk /HIGH /7.4 /⚑ 3 IOCs

West Pharmaceutical Services Hit by Disruptive Ransomware Attack

West Pharmaceutical Services has confirmed a significant ransomware attack. Attackers successfully exfiltrated data before deploying file-encrypting ransomware, forcing the company to take systems offline globally....

threat-intelvulnerabilitymalwareransomware
/SCW Vulnerability Desk /MEDIUM /⚙ 3 Sigma

TrickMo Android Trojan Leverages TON for C2 and SOCKS5 Pivots

A new variant of the TrickMo Android banking trojan has emerged, actively exploiting The Open Network (TON) for its command-and-control (C2) infrastructure. According to The...

threat-intelvulnerabilitymalware
/SCW Vulnerability Desk /MEDIUM /⚑ 3 IOCs

Unanswered SOC Alerts: WAF, DLP, OT/IoT Signals Left Uninvestigated

Security operations teams are drowning in alerts, but the critical issue isn't always volume; it's the blind spots. The most dangerous alerts are those consistently...

threat-intelvulnerability
/SCW Vulnerability Desk /MEDIUM

CVE-2026-45218: WP Travel Blind SQL Injection Puts User Data at Risk

CVE-2026-45218 — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WP Travel WP Travel wp-travel allows Blind SQL Injection.This...

vulnerabilityCVEhigh-severitysql-injectioncwe-89
/SCW Vulnerability Desk /HIGH /7.7 /⚑ 4 IOCs /⚙ 6 Sigma

CVE-2026-45215 — Saad Iqbal WP EasyPay Wp-Easy-Pay Vulnerability

CVE-2026-45215 — Insertion of Sensitive Information Into Sent Data vulnerability in Saad Iqbal WP EasyPay wp-easy-pay allows Retrieve Embedded Sensitive Data.This issue affects WP EasyPay:...

vulnerabilityCVEmedium-severitycwe-201
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 3 Sigma

Xpro Elementor Addons SQL Injection (CVE-2026-45214) Poses High Risk

CVE-2026-45214 — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Xpro Xpro Elementor Addons xpro-elementor-addons allows Blind SQL Injection.This...

vulnerabilityCVEhigh-severitysql-injectioncwe-89
/SCW Vulnerability Desk /HIGH /8.5 /⚑ 4 IOCs /⚙ 3 Sigma

BEAR Woo-Bulk-Editor SQLi Puts WooCommerce Stores at Risk

CVE-2026-45213 — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in RealMag777 BEAR woo-bulk-editor allows Blind SQL Injection.This issue affects...

vulnerabilityCVEhigh-severitysql-injectioncwe-89
/SCW Vulnerability Desk /HIGH /7.6 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-45212 — Gabe Livan Asset CleanUp: Page Speed Booster Wp-Asset-Clean- Vulnerability

CVE-2026-45212 — Missing Authorization vulnerability in Gabe Livan Asset CleanUp: Page Speed Booster wp-asset-clean-up allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Asset...

vulnerabilityCVEmedium-severitycwe-862
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 2 Sigma

APIExperts Square for WooCommerce SQLi (CVE-2026-45211) Exposes E-commerce Data

CVE-2026-45211 — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Saad Iqbal APIExperts Square for WooCommerce woosquare allows Blind...

vulnerabilityCVEhigh-severitysql-injectioncwe-89
/SCW Vulnerability Desk /HIGH /8.5 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-45210 — Broadstreet Broadstreet Ads Broadstreet Vulnerability

CVE-2026-45210 — Missing Authorization vulnerability in Broadstreet Broadstreet Ads broadstreet allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Broadstreet Ads: from n/a through...

vulnerabilityCVEmedium-severitycwe-862
/SCW Vulnerability Desk /MEDIUM /5.4 /⚑ 2 IOCs /⚙ 3 Sigma

Aman Views for WPForms Vulnerability Allows Blind SQL Injection

CVE-2026-42742 — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Aman Views for WPForms views-for-wpforms-lite allows Blind SQL Injection.This...

vulnerabilityCVEhigh-severitysql-injectioncwe-89
/SCW Vulnerability Desk /HIGH /8.5 /⚑ 4 IOCs /⚙ 2 Sigma

Ninja Forms Views Blind SQL Injection (CVE-2026-42741) — High Severity

CVE-2026-42741 — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Aman Ninja Forms Views – Display & Edit Ninja...

vulnerabilityCVEhigh-severitysql-injectioncwe-89
/SCW Vulnerability Desk /HIGH /8.5 /⚑ 4 IOCs /⚙ 2 Sigma

CVE-2026-41713: High-Severity AI Model Manipulation Vulnerability

CVE-2026-41713 — A malicious user could craft input that is stored in conversation memory and later interpreted by the model in an unintended way. Applications...

vulnerabilityCVEhigh-severitycwe-1336
/SCW Vulnerability Desk /HIGH /8.2 /⚑ 2 IOCs /⚙ 3 Sigma

Spring AI Chat Memory Vulnerability Exposes User Data

CVE-2026-41712 — Spring AI's chat memory component contained a problematic default that, when not explicitly overridden, could result in unintended data exposure between users.

vulnerabilityCVEhigh-severity
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 2 IOCs /⚙ 2 Sigma

Turboard FOR-S Privilege Escalation via Incorrect Authorization (CVE-2026-2465)

CVE-2026-2465 — Incorrect Authorization vulnerability in E-Kalite Software Hardware Engineering Design and Internet Services Industry and Trade Ltd. Co. Turboard FOR-S allows Privilege Escalation. This...

vulnerabilityCVEhigh-severityprivilege-escalationcwe-863
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 3 Sigma

Agentic AI: Security's Next Blind Spot Already in Production

Agentic AI is already active in production environments across numerous organizations, executing tasks, consuming data, and taking actions. Critically, this often occurs without meaningful oversight...

threat-intelvulnerabilitythe-hacker-news
/SCW Vulnerability Desk /MEDIUM /⚑ 3 IOCs

CVE-2026-6001: ABIS BAPSİS Authorization Bypass Exposes Trusted Identifiers

CVE-2026-6001 — Authorization bypass through User-Controlled key vulnerability in ABIS Technology Ltd. Co. BAPSİS allows Exploitation of Trusted Identifiers. This issue affects BAPSİS: before v.202604152042....

vulnerabilityCVEhigh-severitycwe-639
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 4 IOCs /⚙ 2 Sigma

Solid Edge SE2026 Vulnerability Allows Code Execution via PAR Files

CVE-2026-44412 — A vulnerability has been identified in Solid Edge SE2026 (All versions < V226.0 Update 5). The affected applications contain a stack based overflow...

vulnerabilityCVEhigh-severitystack-based-buffer-overflowcwe-121
/SCW Vulnerability Desk /HIGH /7.8 /⚑ 3 IOCs /⚙ 3 Sigma

Solid Edge SE2026 Vulnerability Allows Code Execution via PAR Files

CVE-2026-44411 — A vulnerability has been identified in Solid Edge SE2026 (All versions < V226.0 Update 5). The affected application is vulnerable to uninitialized pointer...

vulnerabilityCVEhigh-severitycwe-824
/SCW Vulnerability Desk /HIGH /7.8 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-41551: Critical Path Traversal in ROS# Exposes Arbitrary Files

CVE-2026-41551 — A vulnerability has been identified in ROS# (All versions < V2.2.2). Affected versions contain a path traversal vulnerability because user input is not...

vulnerabilityCVEcriticalhigh-severitypath-traversalcwe-23
/SCW Vulnerability Desk /CRITICAL /9.1 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-33893: Siemens Teamcenter Hardcoded Key Exposes Unauthorized Access

CVE-2026-33893 — A vulnerability has been identified in Teamcenter V2312 (All versions < V2312.0014), Teamcenter V2406 (All versions < V2406.0012), Teamcenter V2412 (All versions <...

vulnerabilityCVEhigh-severitycwe-798
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 5 IOCs /⚙ 3 Sigma

CVE-2026-27662: Control Panel Exposes Web Browser, High Severity

CVE-2026-27662 — Affected devices do not properly restrict access to the web browser via the Control Panel when no corresponding security mechanisms are in place....

vulnerabilityCVEhigh-severitycwe-1188
/SCW Vulnerability Desk /HIGH /7.7 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-25787: Critical XSS in Motion Control Diagnostics

CVE-2026-25787 — Affected devices do not properly validate and sanitize Technology Object (TO) name rendered on the "Motion Control Diagnostics" page of the web interface....

vulnerabilityCVEcriticalhigh-severitycwe-79
/SCW Vulnerability Desk /CRITICAL /9.1 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-25786: Critical XSS in PLC/Station Name Field

CVE-2026-25786 — Affected devices do not properly validate and sanitize PLC/station name rendered on the "communication" parameters page of the web interface. This could allow...

vulnerabilityCVEcriticalhigh-severitycwe-79
/SCW Vulnerability Desk /CRITICAL /9.1 /⚑ 2 IOCs /⚙ 3 Sigma

SIMATIC CN 4100 DoS Vulnerability: CVE-2026-22925 Poses High Risk

CVE-2026-22925 — A vulnerability has been identified in SIMATIC CN 4100 (All versions < V5.0). The affected application is susceptible to resource exhaustion when subjected...

vulnerabilityCVEhigh-severitycwe-770
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 2 IOCs /⚙ 2 Sigma

SIMATIC CN 4100 Critical Vulnerability: Unauthenticated Resource Exhaustion

CVE-2026-22924 — A vulnerability has been identified in SIMATIC CN 4100 (All versions < V5.0). The affected application does not properly restrict unauthenticated connections and...

vulnerabilityCVEcriticalhigh-severitycwe-306
/SCW Vulnerability Desk /CRITICAL /9.1 /⚑ 2 IOCs /⚙ 3 Sigma

Akilli Commerce E-Commerce Website SQLi Vulnerability (CVE-2025-6577)

CVE-2025-6577 — Improper neutralization of special elements used in an SQL command ('SQL injection') vulnerability in Akilli Commerce Software Technologies Ltd. Co. E-Commerce Website allows...

vulnerabilityCVEcriticalhigh-severitysql-injectioncwe-89
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2025-40949: Critical RUGGEDCOM ROX Command Injection

CVE-2025-40949 — A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.17.1), RUGGEDCOM ROX MX5000RE (All versions < V2.17.1), RUGGEDCOM ROX RX1400...

vulnerabilityCVEcriticalhigh-severitycwe-78
/SCW Vulnerability Desk /CRITICAL /9.1 /⚑ 5 IOCs /⚙ 3 Sigma

RUGGEDCOM ROX RCE via Feature Key Installation (CVE-2025-40947)

CVE-2025-40947 — A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.17.1), RUGGEDCOM ROX MX5000RE (All versions < V2.17.1), RUGGEDCOM ROX RX1400...

vulnerabilityCVEhigh-severityremote-code-executioncwe-78
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 5 IOCs /⚙ 3 Sigma

CVE-2025-40946: KACO new energy Inverter Credential Derivation Flaw

CVE-2025-40946 — A vulnerability has been identified in blueplanet 100 NX3 M8 (All versions), blueplanet 100 TL3 GEN2 (All versions < V6.1.4.9), blueplanet 105 TL3...

vulnerabilityCVEhigh-severitycwe-321
/SCW Vulnerability Desk /HIGH /8.3 /⚑ 4 IOCs /⚙ 2 Sigma

CVE-2025-40833: IPv4 Null Pointer Dereference Triggers DoS

CVE-2025-40833 — The affected devices contain a null pointer dereference vulnerability while processing specially crafted IPv4 requests. This could allow an attacker to cause denial...

vulnerabilityCVEhigh-severitydenial-of-servicecwe-476
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-7661 — Cross-Site Scripting (XSS)

CVE-2026-7661 — The Bootstrap Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `box` shortcode in all versions up to, and including,...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-7659 — Cross-Site Scripting (XSS)

CVE-2026-7659 — The Advanced Social Media Icons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `social` shortcode in all versions up to,...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-6913 — Cross-Site Scripting (XSS)

CVE-2026-6913 — The Shortcodely plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'widget_area' parameter in all versions up to, and including, 1.0.1...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs /⚙ 2 Sigma

LifePress Plugin XSS: Unauthenticated Attackers Inject Malicious Scripts

CVE-2026-6690 — The LifePress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'n' parameter of the lp_update_mds AJAX action in all versions...

vulnerabilityCVEhigh-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /HIGH /7.2 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-6256 — Cross-Site Scripting (XSS)

CVE-2026-6256 — The Credits Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'link' attribute of the 'credits' shortcode in all versions...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-6247 — Cross-Site Scripting (XSS)

CVE-2026-6247 — The scratchblocks for WP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'element' attribute of the 'scratchblocks' shortcode in all...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-6237 — Cross-Site Scripting (XSS)

CVE-2026-6237 — The Quick Table plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'style' attribute of the 'qtbl' shortcode in all versions...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-5715 — Cross-Site Scripting (XSS)

CVE-2026-5715 — The Voyage Plus plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'class' attribute of the 'post-content' shortcode in all versions...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-5340 — Cross-Site Scripting (XSS)

CVE-2026-5340 — The Fancy Image Show plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's `fancy-img-show` shortcode in all versions up to,...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-5028 — SQL Injection

CVE-2026-5028 — The Eight Day Week Print Workflow plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'title' parameter in the `pp-get-articles`...

vulnerabilityCVEmedium-severitysql-injectioncwe-89
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-4920 — Cross-Site Scripting (XSS)

CVE-2026-4920 — The Next Date plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'default' shortcode attribute in all versions up to, and...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-4859 — Cross-Site Scripting (XSS)

CVE-2026-4859 — The SP Blog Designer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'design' attribute of the `wpsbd_post_carousel` shortcode in all...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-39432: Timetics Plugin Missing Authorization Exposes Access Controls

CVE-2026-39432 — Missing Authorization vulnerability in Arraytics Timetics allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Timetics: from n/a through 1.0.53.

vulnerabilityCVEhigh-severitycwe-862
/SCW Vulnerability Desk /HIGH /8.2 /⚑ 3 IOCs /⚙ 2 Sigma

WordPress AIWU Plugin SQLi: Unauthenticated Data Extraction

CVE-2026-2993 — The AI Chatbot & Workflow Automation by AIWU plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 1.4.17...

vulnerabilityCVEhigh-severitysql-injectioncwe-89
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-2300 — Cross-Site Scripting (XSS)

CVE-2026-2300 — The BJ Lazy Load plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `filter_images()` function in all versions up to, and...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs /⚙ 3 Sigma

Mini Shai-Hulud Worm Hits TanStack, Mistral AI, Guardrails AI Packages

The threat actor TeamPCP is reportedly behind a new supply chain attack campaign, dubbed Mini Shai-Hulud. The Hacker News reports that popular npm and PyPI...

threat-intelvulnerabilitymalware
/SCW Vulnerability Desk /MEDIUM /⚑ 3 IOCs /⚙ 3 Sigma

Instructure Reaches Ransom Agreement with ShinyHunters to Stop Canvas Leak

American educational technology firm Instructure, parent company of Canvas, has reportedly reached an "agreement" with the cybercrime group ShinyHunters following a breach. The Hacker News...

threat-intelvulnerabilityransomwaredata-breachmicrosoft
/SCW Vulnerability Desk /MEDIUM /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-1681 — Issuing an ICMP ping via the `net ping` shell command to a

CVE-2026-1681 — Issuing an ICMP ping via the `net ping` shell command to a device's own IPv4 address causes the network stack to recursively re-enter...

vulnerabilityCVEmedium-severitycwe-674
/SCW Vulnerability Desk /MEDIUM /6.1 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-1185 — Code Execution

CVE-2026-1185 — A configuration file on the local file system had improper input validation which could allow code execution and potentially lead to privilege escalation....

vulnerabilityCVEmedium-severitycode-executioncwe-732
/SCW Vulnerability Desk /MEDIUM /5.4 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-0804 — Path Traversal

CVE-2026-0804 — An ACAP configuration file lacked sufficient input validation, which could allow a path traversal attack leading to potential privilege escalation. This vulnerability can...

vulnerabilityCVEmedium-severitypath-traversalcwe-35
/SCW Vulnerability Desk /MEDIUM /6.7 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-0802 — Command Injection

CVE-2026-0802 — An ACAP configuration file lacked sufficient input validation, which could allow command injection and potentially lead to privilege escalation. This vulnerability can only...

vulnerabilityCVEmedium-severitycommand-injectioncwe-1287
/SCW Vulnerability Desk /MEDIUM /6 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-0541 — Privilege Escalation

CVE-2026-0541 — ACAP applications can gain elevated privileges due to improper input validation during the installation process, potentially leading to privilege escalation. This vulnerability can...

vulnerabilityCVEmedium-severityprivilege-escalationcwe-732
/SCW Vulnerability Desk /MEDIUM /6.7 /⚑ 2 IOCs

OpenAI Launches Daybreak for AI-Powered Vulnerability Detection

OpenAI has rolled out Daybreak, a new cybersecurity initiative leveraging its frontier AI models and Codex Security. The Hacker News reports that Daybreak aims to...

threat-intelvulnerabilityai-security
/SCW Vulnerability Desk /MEDIUM /⚑ 1 IOC

CVE-2026-41872: Kura Sushi App Vulnerable to MITM via Improper Certificate Validation

CVE-2026-41872 — "Kura Sushi Official App" provided by EPG, Inc. is vulnerable to improper certificate validation. A man-in-the-middle attack may allow eavesdropping on, or altering,...

vulnerabilityCVEhigh-severitycwe-295
/SCW Vulnerability Desk /HIGH /7.4 /⚑ 2 IOCs /⚙ 3 Sigma

Apple iOS 26.5 Brings End-to-End Encrypted RCS Messaging

Apple has officially rolled out iOS 26.5, introducing support for end-to-end encrypted (E2EE) Rich Communication Services (RCS) messaging in beta. The Hacker News reports this...

threat-intelvulnerabilitytools
/SCW Vulnerability Desk /MEDIUM /⚑ 4 IOCs

Zyxel NWA1100-N Firmware DoS: CVE-2026-7287 Buffer Overflow

CVE-2026-7287 — ** UNSUPPORTED WHEN ASSIGNED ** A buffer overflow vulnerability in the formWep(), formWlAc(), formPasswordSetup(), formUpgradeCert(), and formDelcert() functions of the “webs” binary in...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-120
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 3 IOCs /⚙ 4 Sigma

CVE-2026-7257 — The Configuration File Of Zyxel WRE6505 Vulnerability

CVE-2026-7257 — ** UNSUPPORTED WHEN ASSIGNED ** An insecure storage of sensitive information vulnerability in the configuration file of Zyxel WRE6505 v2 firmware version V1.00(ABDV.3)C0...

vulnerabilityCVEmedium-severitycwe-922
/SCW Vulnerability Desk /MEDIUM /4.4 /⚑ 2 IOCs /⚙ 3 Sigma

Zyxel WRE6505 v2: High-Severity Command Injection Vulnerability

CVE-2026-7256 — ** UNSUPPORTED WHEN ASSIGNED ** A command injection vulnerability in the CGI program of Zyxel WRE6505 v2 firmware version V1.00(ABDV.3)C0 could allow an...

vulnerabilityCVEhigh-severitycommand-injectioncwe-78
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-7255 — The Web Management Interface Of Zyxel WRE6505 Vulnerability

CVE-2026-7255 — ** UNSUPPORTED WHEN ASSIGNED ** An improper restriction of excessive authentication attempts vulnerability in the web management interface of Zyxel WRE6505 v2 firmware...

vulnerabilityCVEmedium-severitycwe-307
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-45430: Backdrop CMS Salesforce Module CSRF Risk

CVE-2026-45430 — The Salesforce module before 1.x-1.0.1 for Backdrop CMS does not properly use a random state parameter to protect the authorization flow against CSRF...

vulnerabilityCVEhigh-severitycwe-352
/SCW Vulnerability Desk /HIGH /7.1 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-40137 — SAP TAF_APPLAUNCHER within Business Server Pages allows an

CVE-2026-40137 — SAP TAF_APPLAUNCHER within Business Server Pages allows an unauthenticated attacker to craft malicious links that, when clicked by a victim, redirects them to...

vulnerabilityCVEmedium-severitycwe-79
/SCW Vulnerability Desk /MEDIUM /6.1 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-40136 — SAP Financial Consolidation allows an authenticated

CVE-2026-40136 — SAP Financial Consolidation allows an authenticated attacker to disconnect other users by terminating their sessions temporarily preventing access. However, the application itself cannot...

vulnerabilityCVEmedium-severitycwe-404
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-40135 — Command Injection

CVE-2026-40135 — An OS Command Injection vulnerability exists in the SAP NetWeaver Application Server for ABAP and ABAP Platform that allows an authenticated attacker with...

vulnerabilityCVEmedium-severitycommand-injectioncwe-77
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-40134 — Due to insufficient authorization checks in the SAP

CVE-2026-40134 — Due to insufficient authorization checks in the SAP Incentive and Commission Management application, authenticated users could invoke a remote-enabled function module to perform...

vulnerabilityCVEmedium-severitycwe-862
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-40133 — Due to missing authorization check in SAP S/4HANA Condition

CVE-2026-40133 — Due to missing authorization check in SAP S/4HANA Condition Maintenance, an authenticated attacker could gain unauthorized access to view and modify condition table...

vulnerabilityCVEmedium-severitycwe-862
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-40132 — Due to missing authorization check in SAP Strategic

CVE-2026-40132 — Due to missing authorization check in SAP Strategic Enterprise Management (Scorecard Wizard in Business Server Pages), an authenticated attacker could access information that...

vulnerabilityCVEmedium-severitycwe-862
/SCW Vulnerability Desk /MEDIUM /5.4 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-40129 — SAP Application Server ABAP For SAP NetWeaver And ABAP Platf Vulnerability

CVE-2026-40129 — Due to a Code Injection vulnerability in SAP Application Server ABAP for SAP NetWeaver and ABAP Platform, an authenticated attacker could send specially...

vulnerabilityCVEmedium-severitycwe-94
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 2 Sigma

SAP Commerce Cloud: Critical RCE via Spring Security Misconfiguration

CVE-2026-34263 — Due to improper Spring Security configuration, SAP Commerce cloud allows an unauthenticated user to perform malicious configuration upload and code injection, resulting in...

vulnerabilityCVEcriticalhigh-severitycode-executioncwe-459
/SCW Vulnerability Desk /CRITICAL /9.6 /⚑ 3 IOCs /⚙ 3 Sigma

SAP S/4HANA SQLi: Critical Flaw Exposes Data, Risks Availability

CVE-2026-34260 — SAP S/4HANA (SAP Enterprise Search for ABAP) contains a SQL injection vulnerability that allows an authenticated attacker to inject malicious SQL statements through...

vulnerabilityCVEcriticalhigh-severitysql-injectioncwe-89
/SCW Vulnerability Desk /CRITICAL /9.6 /⚑ 4 IOCs /⚙ 3 Sigma

SAP Forecasting & Replenishment OS Command Execution (CVE-2026-34259)

CVE-2026-34259 — Due to an OS Command Execution vulnerability in SAP Forecasting & Replenishment, an authenticated attacker with administrative authorizations could abuse a non-remote-enabled function...

vulnerabilityCVEhigh-severitycwe-77
/SCW Vulnerability Desk /HIGH /8.2 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-34258 — SAPUI5 (Search UI) allows an unauthenticated attacker to

CVE-2026-34258 — SAPUI5 (Search UI) allows an unauthenticated attacker to manipulate specific URL parameters on the Search UI to include malicious content. Successful exploitation may...

vulnerabilityCVEmedium-severitycwe-451
/SCW Vulnerability Desk /MEDIUM /4.7 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-27682 — SAP NetWeaver Application Server ABAP (Applications Based On Cross-Site Scripting (XSS)

CVE-2026-27682 — Due to a reflected cross-site scripting (XSS) vulnerability in SAP NetWeaver Application Server ABAP (Applications based on Business Server Pages), an unauthenticated attacker...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /4.7 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-0502 — Due to insufficient CSRF protection in SAP BusinessObjects

CVE-2026-0502 — Due to insufficient CSRF protection in SAP BusinessObjects Business Intelligence Platform ,an authenticated user could be tricked by an attacker to send unintended...

vulnerabilityCVEmedium-severitycwe-352
/SCW Vulnerability Desk /MEDIUM /5.4 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-45321: TanStack npm Packages Hit by Critical Supply Chain Attack

CVE-2026-45321 — On 2026-05-11, between approximately 19:20 and 19:26 UTC, 84 malicious versions across 42 @tanstack/* packages were published to the npm registry. The publishes...

vulnerabilityCVEcriticalhigh-severitycwe-506
/SCW Vulnerability Desk /CRITICAL /9.6 /⚑ 5 IOCs /⚙ 3 Sigma

CVE-2026-8349 — Omec-Project Amf Vulnerability

CVE-2026-8349 — A flaw has been found in omec-project amf up to 2.1.1. This vulnerability affects unknown code of the component NGAP Message Handler. Executing...

vulnerabilityCVEmedium-severitycwe-119
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-8346 — D-Link DIR-816 1.10CNB05_R1B011D88210 Command Injection

CVE-2026-8346 — A vulnerability was detected in D-Link DIR-816 1.10CNB05_R1B011D88210. This affects the function portForward. Performing a manipulation of the argument ip_address results in command...

vulnerabilityCVEmedium-severitycommand-injectioncwe-74cwe-77
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-8345 — D-Link DIR-816 1.10CNB05_R1B011D88210 Command Injection

CVE-2026-8345 — A security vulnerability has been detected in D-Link DIR-816 1.10CNB05_R1B011D88210. Affected by this issue is the function sub_445E7C of the file /goform/singlePortForward. Such...

vulnerabilityCVEmedium-severitycommand-injectioncwe-74cwe-77
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 5 Sigma

Vaultwarden CVE-2026-43914: Brute-Force Bypass via 2FA Email

CVE-2026-43914 — Vaultwarden is a Bitwarden-compatible server written in Rust. Prior to 1.35.4, there is a security vulnerability in Vaultwarden that allows bypassing the login...

vulnerabilityCVEhigh-severitycwe-307
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 3 Sigma

Vaultwarden CVE-2026-43913: Unconfirmed Owners Can Purge Vaults

CVE-2026-43913 — Vaultwarden is a Bitwarden-compatible server written in Rust. Prior to 1.35.5, Vaultwarden allows an unconfirmed organization owner to purge the entire organization vault....

vulnerabilityCVEhigh-severitycwe-863
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 3 IOCs /⚙ 3 Sigma

Vaultwarden CVE-2026-43912 Allows Org Data Access via Group Management Flaw

CVE-2026-43912 — Vaultwarden is a Bitwarden-compatible server written in Rust. Prior to 1.35.5, Vaultwarden does not enforce that a groups_users.users_organizations_uuid entry belongs to the same...

vulnerabilityCVEhigh-severitycwe-285
/SCW Vulnerability Desk /HIGH /8.7 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-43911 — Vaultwarden is a Bitwarden-compatible server written in

CVE-2026-43911 — Vaultwarden is a Bitwarden-compatible server written in Rust. Prior to 1.35.5, refresh tokens are not invalidated when the user's security_stamp is rotated by...

vulnerabilityCVEmedium-severitycwe-613
/SCW Vulnerability Desk /MEDIUM /6.8 /⚑ 2 IOCs /⚙ 6 Sigma

CVE-2026-43901 — Wireshark MCP is an MCP Server that turns tshark into a

CVE-2026-43901 — Wireshark MCP is an MCP Server that turns tshark into a structured analysis interface, then layers in optional Wireshark suite utilities. In 1.1.5...

vulnerabilityCVEmedium-severitycwe-22
/SCW Vulnerability Desk /MEDIUM /6.8 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-43900: DeepChat XSS Bypass Threatens AI Implementations

CVE-2026-43900 — DeepChat is an open-source artificial intelligence agent platform that unifies models, tools, and agents. Prior to v1.0.4-beta.1, a Cross-Site Scripting (XSS) vulnerability exists...

vulnerabilityCVEcriticalhigh-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /CRITICAL /9.3 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-43899: DeepChat RCE Via Incomplete Patch for External Protocol Execution

CVE-2026-43899 — DeepChat is an open-source artificial intelligence agent platform that unifies models, tools, and agents. Prior to v1.0.4-beta.1, An incomplete mitigation for CVE-2025-55733 leaves...

vulnerabilityCVEcriticalhigh-severitycwe-20
/SCW Vulnerability Desk /CRITICAL /9.6 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-34963: barebox EFI PE Loader Memory Safety Flaws

CVE-2026-34963 — barebox version prior to 2026.04.0 contains multiple memory-safety vulnerabilities in the EFI PE loader in efi/loader/pe.c where integer overflow in virtual image size...

vulnerabilityCVEhigh-severitycode-executioncwe-190
/SCW Vulnerability Desk /HIGH /8.4 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-34962 — barebox version prior to 2026.04.0 contains a

CVE-2026-34962 — barebox version prior to 2026.04.0 contains a denial-of-service vulnerability in ext4 directory parsing in fs/ext4/ext4_common.c where the ext4fs_iterate_dir() function fails to validate that...

vulnerabilityCVEmedium-severitycwe-835
/SCW Vulnerability Desk /MEDIUM /6.2 /⚑ 2 IOCs

CVE-2026-8344 — Command Injection

CVE-2026-8344 — A weakness has been identified in D-Link DIR-816 1.10CNB05_R1B011D88210. Affected by this vulnerability is the function sub_445E7C of the file /goform/formDMZ.cgi. This manipulation...

vulnerabilityCVEmedium-severitycommand-injectioncwe-74cwe-77
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-43893: ExifTool Argument Injection Threatens File Operations

CVE-2026-43893 — exiftool-vendored provides cross-platform Node.js access to ExifTool. Prior to 35.19.0, exiftool-vendored starts ExifTool in -stay_open True -@ - mode, where arguments are read...

vulnerabilityCVEhigh-severityremote-code-executioncwe-88
/SCW Vulnerability Desk /HIGH /8.2 /⚑ 3 IOCs /⚙ 3 Sigma

Outline CVE-2026-43890: Authorization Bypass Exposes Documents

CVE-2026-43890 — Outline is a service that allows for collaborative documentation. From 0.84.0 to 1.7.0, the subscriptions.create API endpoint in server/routes/api/subscriptions/subscriptions.ts exhibits a broken authorization...

vulnerabilityCVEhigh-severitycwe-639
/SCW Vulnerability Desk /HIGH /7.7 /⚑ 4 IOCs /⚙ 2 Sigma

CVE-2026-43889 — Outline is a service that allows for collaborative

CVE-2026-43889 — Outline is a service that allows for collaborative documentation. Prior to 1.7.0, the shares.create API accepts both collectionId and documentId simultaneously and, when...

vulnerabilityCVEmedium-severitycwe-863
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 2 Sigma

Outline Service Vulnerability CVE-2026-43888 Allows Directory Traversal

CVE-2026-43888 — Outline is a service that allows for collaborative documentation. Prior to 1.7.0, ZipHelper.extract computes the extraction path for each entry by passing a...

vulnerabilityCVEhigh-severitycwe-22
/SCW Vulnerability Desk /HIGH /8.7 /⚑ 3 IOCs /⚙ 3 Sigma

Outline Collaboration Service Vulnerability Allows Client-Side Code Execution

CVE-2026-43887 — Outline is a service that allows for collaborative documentation. From 0.84.0 to 1.6.1, the Outline comment section permits users to mention other users;...

vulnerabilityCVEhigh-severitycode-executioncwe-79
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 3 Sigma

Outline Service Vulnerability Elevates OAuth Tokens to Full API Access

CVE-2026-43886 — Outline is a service that allows for collaborative documentation. From 0.84.0 to 1.6.1, a logic error in OAuthInterface.validateScope() uses Array.some() to validate requested...

vulnerabilityCVEhigh-severitycwe-269
/SCW Vulnerability Desk /HIGH /8.2 /⚑ 3 IOCs /⚙ 3 Sigma

WWBN AVideo SSRF Bypass via Redirects (CVE-2026-43884)

CVE-2026-43884 — WWBN AVideo is an open source video platform. In versions up to and including 29.0, two endpoints (plugin/AI/receiveAsync.json.php and objects/EpgParser.php) in AVideo call...

vulnerabilityCVEhigh-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /HIGH /7.7 /⚑ 5 IOCs /⚙ 3 Sigma

CVE-2026-43876 — WWBN AVideo is an open source video platform. In versions

CVE-2026-43876 — WWBN AVideo is an open source video platform. In versions up to and including 29.0, objects/notifySubscribers.json.php takes the raw message POST parameter and...

vulnerabilityCVEmedium-severitycwe-79
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-43875 — WWBN AVideo is an open source video platform. In versions

CVE-2026-43875 — WWBN AVideo is an open source video platform. In versions up to and including 29.0, plugin/MobileManager/oauth2.php completes an OAuth login by sending an...

vulnerabilityCVEmedium-severitycwe-598
/SCW Vulnerability Desk /MEDIUM /6.8 /⚑ 2 IOCs

WWBN AVideo CVE-2026-43873: Shared Secret Leak Exposes Databases

CVE-2026-43873 — WWBN AVideo is an open source video platform. In versions up to and including 29.0, plugin/CloneSite/cloneClient.json.php echoes the local CloneSite shared secret ($objClone->myKey,...

vulnerabilityCVEhigh-severitycwe-209
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 4 IOCs /⚙ 3 Sigma

jotty·page Path Traversal Vulnerability (CVE-2026-42564) Exposes Data

CVE-2026-42564 — jotty·page is a self-hosted app for your checklists and notes. Prior to 1.22.0, an unauthenticated path traversal vulnerability exists in /api/app-icons/[filename]. The filename...

vulnerabilityCVEhigh-severitypath-traversalcwe-22cwe-200
/SCW Vulnerability Desk /HIGH /8.2 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-42046: libcaca Integer Overflow Resurfaces, RCE Risk

CVE-2026-42046 — libcaca is a colour ASCII art library. In 0.99.beta20 and earlier, an integer overflow vulnerability in libcaca's canvas import functionality allows an attacker...

vulnerabilityCVEhigh-severityremote-code-executioncwe-122cwe-190cwe-787
/SCW Vulnerability Desk /HIGH /7.8 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-34961 — Out-of-Bounds $1

CVE-2026-34961 — barebox prior to version 2026.04.0 contains out-of-bounds read vulnerabilities in ext4 extent parsing due to missing validation of the eh_entries field against buffer...

vulnerabilityCVEmedium-severityout-of-bounds-1cwe-125
/SCW Vulnerability Desk /MEDIUM /6.2 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-34960 — Out-of-Bounds $1

CVE-2026-34960 — barebox prior to version 2026.04.0 contains an out-of-bounds read vulnerability in DHCP option parsing within the dhcp_message_type() function that fails to verify the...

vulnerabilityCVEmedium-severityout-of-bounds-1cwe-125
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 1 Sigma

AD CS Exploitation: Misconfigurations and Shadow Credentials Under Attack

Palo Alto Unit 42 has released analysis detailing advanced exploitation techniques targeting Active Directory Certificate Services (AD CS). The report highlights two primary attack vectors:...

threat-intelAPTmalwareresearchvulnerabilityidentitytools
/SCW Vulnerability Desk /MEDIUM /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-43874: WWBN AVideo WebSocket Vulnerability Allows RCE

CVE-2026-43874 — WWBN AVideo is an open source video platform. In versions up to and including 29.0, the server-side mitigation for the YPTSocket autoEvalCodeOnHTML eval...

vulnerabilityCVEhigh-severitycwe-94
/SCW Vulnerability Desk /HIGH /7.2 /⚑ 4 IOCs /⚙ 6 Sigma

Pi-hole Privilege Escalation via Systemd Scripts (CVE-2026-41489)

CVE-2026-41489 — Pi-hole is a DNS sinkhole that protects devices from unwanted content without installing any client-side software. From 6.0 to before Core 6.4.2 and...

vulnerabilityCVEhigh-severityprivilege-escalationcwe-15cwe-269cwe-732
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 5 IOCs /⚙ 3 Sigma

CVE-2026-8321: Inkeep Agents Authentication Bypass Vulnerability

CVE-2026-8321 — A vulnerability was detected in inkeep agents 0.58.14. This vulnerability affects the function createDevContext of the file agents-api/src/middleware/runAuth.ts of the component runAuth Middleware....

vulnerabilityCVEhigh-severityauthentication-bypasscwe-287cwe-288
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-8320 — Jishenghua JshERP Server-Side Request Forgery

CVE-2026-8320 — A security vulnerability has been detected in jishenghua jshERP up to 3.6. This affects the function getUserByWeixinCode of the file jshERP-boot/src/main/java/com/jsh/erp/service/UserService.java of the...

vulnerabilityCVEmedium-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /MEDIUM /4.7 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-8319 — A weakness has been identified in aiwaves-cn agents up to

CVE-2026-8319 — A weakness has been identified in aiwaves-cn agents up to e8c4e3c2d19739d3dff59e577d1c97090cc15f59. Affected by this issue is the function recall_relevant_memories_to_working_memory of the file core/cat/looking_glass/stray_cat.py...

vulnerabilityCVEmedium-severitycwe-400cwe-404
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-45026 — Cross-Site Scripting (XSS)

CVE-2026-45026 — WeGIA is a web manager for charitable institutions. In versions prior to 3.7.3, a Stored Cross-Site Scripting (XSS) vulnerability allows an authenticated user...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.8 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-45025 — Cross-Site Scripting (XSS)

CVE-2026-45025 — WeGIA is a web manager for charitable institutions. In versions prior to 3.7.3, a Stored Cross-Site Scripting (XSS) vulnerability allows an authenticated user...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.8 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-42887 — Cross-Site Scripting (XSS)

CVE-2026-42887 — Audiobookshelf is a self-hosted audiobook and podcast server. Prior to 2.33.0, a stored cross-site scripting (XSS) vulnerability exists in the Login Page due...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /4.5 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-42886 — Audiobookshelf is a self-hosted audiobook and podcast

CVE-2026-42886 — Audiobookshelf is a self-hosted audiobook and podcast server. Prior to 2.32.2, the POST /api/backups/upload endpoint decompresses the details entry from an uploaded .audiobookshelf...

vulnerabilityCVEmedium-severitycwe-409
/SCW Vulnerability Desk /MEDIUM /4.9 /⚑ 2 IOCs /⚙ 1 Sigma

CVE-2026-42883 — Audiobookshelf is a self-hosted audiobook and podcast

CVE-2026-42883 — Audiobookshelf is a self-hosted audiobook and podcast server. Prior to 2.32.2, the GET /api/libraries/:id/download endpoint validates that the requesting user has access to...

vulnerabilityCVEmedium-severitycwe-863
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 3 Sigma

oxyno-zeta/s3-proxy Critical Auth Bypass (CVE-2026-42882)

CVE-2026-42882 — oxyno-zeta/s3-proxy is an aws s3 proxy written in go. Prior to 5.0.0, s3-proxy contains an authentication bypass caused by inconsistent URL path interpretation...

vulnerabilityCVEcriticalhigh-severitypath-traversalcwe-22cwe-863
/SCW Vulnerability Desk /CRITICAL /9.4 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-42876 — External Secrets Operator reads information from a

CVE-2026-42876 — External Secrets Operator reads information from a third-party service and automatically injects the values as Kubernetes Secrets. Prior to 2.4.1, a user who...

vulnerabilityCVEmedium-severitycwe-285
/SCW Vulnerability Desk /MEDIUM /4.9 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-42872 — Cross-Site Scripting (XSS)

CVE-2026-42872 — WeGIA is a web manager for charitable institutions. In versions prior to 3.7.0, a reflected Cross-Site Scripting (XSS) vulnerability exists in lista_arquivos_etapa.php due...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.1 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-42869: SOCFortress CoPilot Critical Auth Bypass

CVE-2026-42869 — SOCFortress CoPilot focuses on providing a single pane of glass for all your security operations needs. Prior to 0.1.57, SOCFortress CoPilot ships a...

vulnerabilityCVEcriticalhigh-severitycwe-287cwe-522cwe-798
/SCW Vulnerability Desk /CRITICAL /10 /⚑ 3 IOCs /⚙ 4 Sigma

CVE-2026-42565 — Open Redirect

CVE-2026-42565 — @workos/authkit-session is a toolkit for building WorkOS AuthKit framework integrations. Prior to 0.5.1, an open redirect vulnerability exists in AuthService.handleCallback due to insufficient...

vulnerabilityCVEmedium-severityopen-redirectcwe-601
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-42050 — ImageMagick is free and open-source software used for

CVE-2026-42050 — ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-21 and 6.9.13-46, a malicious MIFF file could...

vulnerabilityCVEmedium-severitycwe-121
/SCW Vulnerability Desk /MEDIUM /5.5 /⚑ 2 IOCs /⚙ 2 Sigma

MLflow Arbitrary File Read Vulnerability Bypasses Path Validation

CVE-2026-2614 — A vulnerability in the `_create_model_version()` handler of `mlflow/server/handlers.py` in mlflow/mlflow versions 3.9.0 and earlier allows an unauthenticated remote attacker to read arbitrary files...

vulnerabilityCVEhigh-severityarbitrary-file-accesscwe-22
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-8318 — VectifyAI PageIndex Vulnerability

CVE-2026-8318 — A security flaw has been discovered in VectifyAI PageIndex up to f50e52975313c6716c02b20a119577a1929decba. Affected by this vulnerability is the function toc_transformer of the file...

vulnerabilityCVEmedium-severitycwe-404cwe-835
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 3 IOCs /⚙ 2 Sigma

Crabbox Path Traversal (CVE-2026-45224) Enables Arbitrary File Deletion

CVE-2026-45224 — Crabbox before 0.9.0 contains a path traversal vulnerability in the Islo provider's workspace path resolution that allows attackers to supply absolute or relative...

vulnerabilityCVEhigh-severitypath-traversalcwe-22
/SCW Vulnerability Desk /HIGH /7.1 /⚑ 4 IOCs

CVE-2026-45223: Crabbox Authentication Bypass Allows Admin Privilege Escalation

CVE-2026-45223 — Crabbox before 0.9.0 contains an authentication bypass vulnerability in the coordinator user-token verification path where the verifyUserToken() function fails to reject payloads containing...

vulnerabilityCVEhigh-severityauthentication-bypasscwe-290
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 5 IOCs /⚙ 3 Sigma

CVE-2026-45222 — Summarize versions through 0.14.1, fixed in commit 0cfb0fb,

CVE-2026-45222 — Summarize versions through 0.14.1, fixed in commit 0cfb0fb, creates the daemon configuration directory and file with default filesystem permissions that may be world-readable...

vulnerabilityCVEmedium-severitycwe-732
/SCW Vulnerability Desk /MEDIUM /6.1 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-42864: Unauthenticated RCE in FireFighter Incident Management App

CVE-2026-42864 — FireFighter is an incident management application. Prior to 0.0.54, the POST /api/v2/firefighter/raid/jira_bot endpoint (CreateJiraBotView) is reachable without authentication (permission_classes = [permissions.AllowAny]). Its attachments...

vulnerabilityCVEcriticalhigh-severitycwe-306cwe-918
/SCW Vulnerability Desk /CRITICAL /9.9 /⚑ 4 IOCs /⚙ 3 Sigma

OpenClaw Improper Authentication: CVE-2026-8305 Publicly Exploitable

CVE-2026-8305 — A vulnerability was detected in OpenClaw up to 2026.1.24. The impacted element is the function handleBlueBubblesWebhookRequest of the file extensions/bluebubbles/src/monitor.ts of the component...

vulnerabilityCVEhigh-severitycwe-287
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 4 IOCs /⚙ 2 Sigma

OpenClaw Improper Access Control Bypasses Denylist, Allows Persistent Malicious Configs

CVE-2026-45006 — OpenClaw before 2026.4.23 contains an improper access control vulnerability in the gateway tool's config.apply and config.patch operations that allows compromised models to write...

vulnerabilityCVEhigh-severityimproper-access-controlcwe-184
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 4 IOCs /⚙ 3 Sigma

OpenClaw RCE: Arbitrary Code Execution via Plugin Setup Resolver

CVE-2026-45004 — OpenClaw before 2026.4.23 contains an arbitrary code execution vulnerability in the bundled plugin setup resolver that loads setup-api.js from process.cwd() during provider setup...

vulnerabilityCVEhigh-severitycode-executioncwe-427
/SCW Vulnerability Desk /HIGH /7.8 /⚑ 5 IOCs /⚙ 3 Sigma

OpenClaw CVE-2026-45001: Gateway Bypass Exposes Operator Settings

CVE-2026-45001 — OpenClaw before 2026.4.20 contains a guard bypass vulnerability in the agent-facing gateway config.patch and config.apply endpoints that fails to protect operator-trusted settings including...

vulnerabilityCVEhigh-severityserver-side-request-forgerycwe-862
/SCW Vulnerability Desk /HIGH /7.1 /⚑ 4 IOCs /⚙ 3 Sigma

OpenClaw CVE-2026-44995: Arbitrary Code Execution via Environment Variable Flaw

CVE-2026-44995 — OpenClaw before 2026.4.20 contains an improper environment variable validation vulnerability in MCP stdio server configuration that allows attackers to execute arbitrary code. Malicious...

vulnerabilityCVEhigh-severitycwe-829
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 3 Sigma

JetBrains TeamCity CVE-2026-44413: Authenticated Exposure of Server API

CVE-2026-44413 — In JetBrains TeamCity before 2026.1 2025.11.5 authenticated users could expose server API to unauthorised access

vulnerabilityCVEhigh-severitycwe-306
/SCW Vulnerability Desk /HIGH /8.2 /⚑ 2 IOCs /⚙ 3 Sigma

Bitwarden Server CVE-2026-43640: SCIM API Key Exposed Without Re-Auth

CVE-2026-43640 — Bitwarden Server prior to v2026.4.1 does not require master-password re-authentication when retrieving or rotating an organization's SCIM API key, allowing an authenticated user...

vulnerabilityCVEhigh-severitycwe-303
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 2 IOCs /⚙ 3 Sigma

Bitwarden Server CVE-2026-43639 Allows Organization Takeover on Cloud

CVE-2026-43639 — Bitwarden Server prior to v2026.4.0 contains a missing authorization vulnerability that allows a provider service user to add an arbitrary organization to their...

vulnerabilityCVEhigh-severitycwe-862
/SCW Vulnerability Desk /HIGH /8 /⚑ 3 IOCs /⚙ 2 Sigma

Open edX Enterprise Service Vulnerability Allows SSRF via SAML Metadata

CVE-2026-42860 — The Open edx Enterprise Service app provides enterprise features to the Open edX platform. From 7.0.2 to 7.0.4, the sync_provider_data endpoint in SAMLProviderDataViewSet...

vulnerabilityCVEhigh-severitycwe-918
/SCW Vulnerability Desk /HIGH /8.5 /⚑ 4 IOCs /⚙ 3 Sigma

Open edX Platform SSRF via Unvalidated URL Parameter (CVE-2026-42858)

CVE-2026-42858 — Open edX Platform enables the authoring and delivery of online learning at any scale. The sync_provider_data endpoint in SAMLProviderDataViewSet allows authenticated Enterprise Admin...

vulnerabilityCVEhigh-severitycwe-918
/SCW Vulnerability Desk /HIGH /8.5 /⚑ 5 IOCs /⚙ 3 Sigma

CVE-2026-42315: pyLoad Directory Traversal Puts Data at Risk

CVE-2026-42315 — pyLoad is a free and open-source download manager written in Python. Prior to 0.5.0b3.dev100, when passing a folder name in the set_package_data() API...

vulnerabilityCVEhigh-severitycwe-22cwe-36
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-42313: pyLoad Proxy Bypass Exposes Outbound Traffic

CVE-2026-42313 — pyLoad is a free and open-source download manager written in Python. Prior to 0.5.0b3.dev100, the set_config_value() API method (@permission(Perms.SETTINGS)) in src/pyload/core/api/__init__.py gates security-sensitive...

vulnerabilityCVEhigh-severitycwe-441cwe-863cwe-918
/SCW Vulnerability Desk /HIGH /8.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-42312 — pyLoad is a free and open-source download manager written

CVE-2026-42312 — pyLoad is a free and open-source download manager written in Python. Prior to 0.5.0b3.dev100, the set_config_value() API method (@permission(Perms.SETTINGS)) in src/pyload/core/api/__init__.py gates security-sensitive...

vulnerabilityCVEmedium-severitycwe-295cwe-306cwe-863
/SCW Vulnerability Desk /MEDIUM /6.8 /⚑ 4 IOCs /⚙ 2 Sigma

CVE-2026-41431: Zen Browser Updater Strips Signature Verification

CVE-2026-41431 — Zen is a firefox-based browser. Prior to 1.19.9b, Zen Browser ships a Mozilla Application Resource (MAR) updater (org.mozilla.updater) that has had all MAR...

vulnerabilityCVEhigh-severitycwe-347
/SCW Vulnerability Desk /HIGH /8 /⚑ 3 IOCs /⚙ 3 Sigma

MLflow SSRF Vulnerability (CVE-2026-2393) Exposes Internal Services

CVE-2026-2393 — A Server-Side Request Forgery (SSRF) vulnerability exists in MLflow versions prior to 3.9.0. The `_create_webhook()` function in `mlflow/server/handlers.py` accepts a user-controlled `url` parameter...

vulnerabilityCVEhigh-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /HIGH /7.1 /⚑ 4 IOCs /⚙ 3 Sigma

pgAdmin 4 Path Traversal (CVE-2026-7819) Allows Arbitrary File Writes

CVE-2026-7819 — Symbolic-link path traversal (CWE-61, CWE-22) in pgAdmin 4 File Manager. check_access_permission used os.path.abspath, which resolves '..' but does not resolve symbolic links, while...

vulnerabilityCVEhigh-severitypath-traversal
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 4 IOCs

CVE-2026-7818: pgAdmin 4 Deserialization Flaw Allows RCE

CVE-2026-7818 — Deserialization of untrusted data (CWE-502) in pgAdmin 4 FileBackedSessionManager. The session manager performed unsafe deserialization of session-file contents (using Python's standard object-serialization module)...

vulnerabilityCVEhigh-severityremote-code-execution
/SCW Vulnerability Desk /HIGH /7 /⚑ 4 IOCs

CVE-2026-7817 — PgAdmin 4: Server-Side Request Forgery

CVE-2026-7817 — Local file inclusion (LFI) and server-side request forgery (SSRF) vulnerabilities in pgAdmin 4 LLM API configuration endpoints. User-supplied api_key_file and api_url preferences were...

vulnerabilityCVEmedium-severityserver-side-request-forgery
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 1 IOC /⚙ 6 Sigma

pgAdmin 4 CVE-2026-7816: OS Command Injection via Query Export

CVE-2026-7816 — OS command injection (CWE-78) vulnerability in pgAdmin 4 Import/Export query export. User-supplied input was interpolated directly into a psql \copy metacommand template without...

vulnerabilityCVEhigh-severitycommand-injection
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 4 IOCs /⚙ 3 Sigma

pgAdmin 4 SQLi (CVE-2026-7815) Allows RCE on PostgreSQL Servers

CVE-2026-7815 — SQL injection vulnerability in pgAdmin 4 Maintenance Tool. Four user-supplied JSON fields (buffer_usage_limit, vacuum_parallel, vacuum_index_cleanup, reindex_tablespace) were concatenated directly into the rendered VACUUM/ANALYZE/REINDEX...

vulnerabilityCVEhigh-severitysql-injection
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 4 IOCs

CVE-2026-7813: Critical Authorization Bypass in pgAdmin 4 Server Mode

CVE-2026-7813 — Authorization vulnerability in pgAdmin 4 server mode affecting Server Groups, Servers, Shared Servers, Background Processes, and Debugger modules. Multiple endpoints fetched user-owned objects...

vulnerabilityCVEcriticalhigh-severityprivilege-escalation
/SCW Vulnerability Desk /CRITICAL /9.9 /⚑ 5 IOCs /⚙ 3 Sigma

CVE-2026-44200 — Wagtail is an open source content management system built

CVE-2026-44200 — Wagtail is an open source content management system built on Django. Prior to 7.0.7, 7.3.2, and 7.4, a CMS user with limited access...

vulnerabilityCVEmedium-severitycwe-280
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs

CVE-2026-44199 — Wagtail is an open source content management system built

CVE-2026-44199 — Wagtail is an open source content management system built on Django. Prior to 7.0.7, 7.3.2, and 7.4, a CMS user with limited access...

vulnerabilityCVEmedium-severitycwe-280
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-44197 — Wagtail is an open source content management system built

CVE-2026-44197 — Wagtail is an open source content management system built on Django. Prior to 7.0.7, 7.3.2, and 7.4, a CMS user without the ability...

vulnerabilityCVEmedium-severitycwe-280
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 2 Sigma

Grav Critical Vulnerability Allows Unauthenticated Admin Access

CVE-2026-42613 — Grav is a file-based Web platform. Prior to 2.0.0-beta.2, the Login::register() method in the Login plugin accepts attacker-controlled groups and access fields from...

vulnerabilityCVEcriticalhigh-severitycwe-20cwe-862
/SCW Vulnerability Desk /CRITICAL /9.4 /⚑ 3 IOCs /⚙ 2 Sigma

Grav XSS Vulnerability (CVE-2026-42612) Allows Publisher Account Takeover

CVE-2026-42612 — Grav is a file-based Web platform. Prior to 2.0.0-beta.2, a stored Cross-Site Scripting (XSS) vulnerability in getgrav/grav allows publisher-level accounts to execute arbitrary...

vulnerabilityCVEhigh-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /HIGH /8.5 /⚑ 3 IOCs

Grav XSS Escalates to RCE via Admin Panel

CVE-2026-42611 — Grav is a file-based Web platform. Prior to 2.0.0-beta.2, a low-privileged (with the ability to create a page) user can cause XSS with...

vulnerabilityCVEhigh-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /HIGH /8.9 /⚑ 4 IOCs

CVE-2026-42610 — Grav is a file-based Web platform. Prior to 2.0.0-beta.2, a

CVE-2026-42610 — Grav is a file-based Web platform. Prior to 2.0.0-beta.2, a low-privileged user (EX: Content Editor with only pages.update permissions) can bypass the existing...

vulnerabilityCVEmedium-severitycwe-863
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs

Grav Admin Panel Vulnerability Allows Account Takeover via Low-Privilege User

CVE-2026-42609 — Grav is a file-based Web platform. Prior to 2.0.0-beta.2, a business logic vulnerability in the Grav Admin Panel allows a low-privileged user (with...

vulnerabilityCVEhigh-severitydenial-of-servicecwe-269cwe-285cwe-639cwe-837
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 3 IOCs

Grav RCE via Malicious Plugin Upload (CVE-2026-42607)

CVE-2026-42607 — Grav is a file-based Web platform. Prior to 2.0.0-beta.2, an authenticated user with administrative privileges can achieve Remote Code Execution (RCE) by uploading...

vulnerabilityCVEcriticalhigh-severityremote-code-executioncwe-94
/SCW Vulnerability Desk /CRITICAL /9.1 /⚑ 5 IOCs /⚙ 3 Sigma

AI-Developed Zero-Day Bypasses 2FA, Google Confirms

Google has confirmed a zero-day exploit, likely developed using artificial intelligence, targeting two-factor authentication (2FA) mechanisms. This marks the first documented instance of AI being...

threat-intelvulnerabilityai-security
/SCW Vulnerability Desk /HIGH /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-8290 — Open5GS Denial of Service

CVE-2026-8290 — A security flaw has been discovered in Open5GS up to 2.7.7. This issue affects the function smf_nsmf_handle_update_data_in_vsmf of the file /src/smf/nsmf-handler.c of the...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-404
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-8289 — Open5GS Denial of Service

CVE-2026-8289 — A vulnerability was identified in Open5GS up to 2.7.7. This vulnerability affects the function smf_nsmf_handle_update_data_in_vsmf of the file /src/smf/nsmf-handler.c of the component SMF....

vulnerabilityCVEmedium-severitydenial-of-servicecwe-404
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 2 Sigma

Cockpit CVE-2026-4802: Remote Command Execution via Unsanitized Logs

CVE-2026-4802 — A flaw was found in Cockpit. This vulnerability allows a remote attacker to achieve arbitrary command execution on the host by exploiting unsanitized...

vulnerabilityCVEhigh-severitycwe-78
/SCW Vulnerability Desk /HIGH /8 /⚑ 3 IOCs /⚙ 3 Sigma

Build Application Firewalls to Stop Supply Chain Attacks

Traditional code scanning is falling short. SecurityWeek reports that Build Application Firewalls (BAFs) are emerging as a critical defense against the next wave of supply...

threat-intelvulnerabilitysecurityweek
/SCW Vulnerability Desk /MEDIUM

CVE-2026-8288 — The Function Gsm_handle_pdu_session_modification_qos_flow_de Denial of Service

CVE-2026-8288 — A vulnerability was determined in Open5GS up to 2.7.7. This affects the function gsm_handle_pdu_session_modification_qos_flow_descriptions of the file src/smf/gsm-handler.c of the component SMF. Executing...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-404
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs

Google Detects First AI-Generated Zero-Day Exploit Bypassing 2FA

SecurityWeek reports that Google has detected the first AI-generated zero-day exploit. This isn't theoretical anymore; it's a real-world attack. The exploit was crafted to specifically...

threat-intelvulnerability
/SCW Vulnerability Desk /MEDIUM /⚙ 3 Sigma

Google: AI Used to Develop Zero-Day Exploit for Web Admin Tool

Researchers at Google Threat Intelligence Group (GTIG) have identified a zero-day exploit for a widely used open-source web administration tool that was likely developed using...

threat-inteldata-breachmalwarevulnerabilitytools
/SCW Vulnerability Desk /HIGH /⚑ 1 IOC /⚙ 3 Sigma

Linux Rootkit, macOS Crypto Stealer, WebSocket Skimmers Emerge

The Hacker News reports a concerning week for defenders, highlighting a Linux rootkit, a macOS crypto stealer, and the persistent threat of WebSocket skimmers. This...

threat-intelvulnerabilitymalwarecloud
/SCW Vulnerability Desk /MEDIUM /⚑ 3 IOCs

CVE-2025-9973 — Privilege Escalation

CVE-2025-9973 — Due to not validating the organization context when executing adaptive authentication flows, the WSO2 Identity Server allows adaptive authentication logic to be triggered...

vulnerabilityCVEmedium-severityprivilege-escalation
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 1 IOC /⚙ 3 Sigma

CVE-2025-10470: Magic Link DoS via Uncontrolled Memory Growth

CVE-2025-10470 — The Magic Link authentication flow accepts multiple invalid authentication requests without adequate rate limiting or resource control, leading to uncontrolled memory usage growth....

vulnerabilityCVEhigh-severitycwe-400
/SCW Vulnerability Desk /HIGH /8.6 /⚑ 3 IOCs /⚙ 2 Sigma

Skoda Data Breach Exposes Online Shop Customer Data

Skoda recently experienced a data breach impacting its online shop customers, as reported by SecurityWeek. A vulnerability within the company's portal allowed unauthorized access to...

threat-intelvulnerabilitydata-breach
/SCW Vulnerability Desk /MEDIUM /⚑ 2 IOCs /⚙ 3 Sigma

Purple Teaming: Not Just Red and Blue in the Same Room

The Hacker News highlights a critical disconnect in many organizations' "purple team" operations: the reality often falls short of the ideal. Instead of seamless collaboration,...

threat-intelvulnerabilitythe-hacker-news
/SCW Vulnerability Desk /MEDIUM /⚑ 1 IOC

SailPoint GitHub Repository Hacked, No Customer Data Impacted

SailPoint recently disclosed a security incident involving unauthorized access to one of its GitHub repositories. The breach, which occurred on April 20, exposed some source...

threat-intelvulnerabilitytools
/SCW Vulnerability Desk /MEDIUM /⚑ 2 IOCs /⚙ 2 Sigma

GROWI Path Traversal (CVE-2026-41951) Allows EJS Template Execution

CVE-2026-41951 — Path traversal vulnerability exists in GROWI v7.5.0 and earlier, which may allow an attacker to execute arbitrary EJS templates on the server when...

vulnerabilityCVEhigh-severitypath-traversalcwe-22
/SCW Vulnerability Desk /HIGH /7.2 /⚑ 3 IOCs /⚙ 6 Sigma

Dell ECS, ObjectScale Hit by Critical Hard-Coded Credential Flaw

CVE-2026-40636 — Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains a use of hard-coded credentials vulnerability. An unauthenticated attacker with...

vulnerabilityCVEcriticalhigh-severitycwe-798
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-35157 — The UI. An Unauthenticated Attacker With Remote Access Vulnerability

CVE-2026-35157 — Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains an improper neutralization of formula elements in a CSV...

vulnerabilityCVEmedium-severitycwe-1236
/SCW Vulnerability Desk /MEDIUM /5.8 /⚑ 2 IOCs /⚙ 2 Sigma

Dell Automation Platform: Missing Authorization Vulnerability (CVE-2026-32658)

CVE-2026-32658 — Dell Automation Platform versions prior to 2.0.0.0, contains a missing authorization vulnerability. A low privileged attacker with remote access could potentially exploit this...

vulnerabilityCVEhigh-severitycwe-862
/SCW Vulnerability Desk /HIGH /8 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-26946 — The OS. A High Privileged Attacker With Local Access Vulnerability

CVE-2026-26946 — Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains an improper privilege management vulnerability in the OS. A high...

vulnerabilityCVEmedium-severitycwe-269
/SCW Vulnerability Desk /MEDIUM /6.7 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2025-8325 — Internal Service APIs, Potentially Exposing Them In WSO2 API Vulnerability

CVE-2025-8325 — The software fails to enforce role-based access controls for certain Gateway API invocations. Users with the 'Internal/Everyone' role can invoke these APIs, bypassing...

vulnerabilityCVEmedium-severitycwe-281
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2025-8154 — In Webhook API invocations, the component accepts

CVE-2025-8154 — In Webhook API invocations, the component accepts user-supplied input for HTTP request headers without sufficient validation or sanitization, allowing these headers to be...

vulnerabilityCVEmedium-severitycwe-74
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 7 Sigma

CVE-2025-43992 — Geo Replication. An Unauthenticated Attacker With Remote Acc Authentication Bypass

CVE-2025-43992 — Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains an authentication bypass by assumed-immutable data vulnerability in Geo...

vulnerabilityCVEmedium-severityauthentication-bypasscwe-302
/SCW Vulnerability Desk /MEDIUM /5.6 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2024-0391 — The check user account lock states feature within the email

CVE-2024-0391 — The check user account lock states feature within the email OTP flow fails to validate user input, allowing an attacker to infer the...

vulnerabilityCVEmedium-severitycwe-204
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 2 Sigma

Checkmarx Jenkins AST Plugin Hit by Supply Chain Attack

A malicious version of the Checkmarx Jenkins AST Plugin was published to the Jenkins Marketplace last week, according to SecurityWeek. This incident represents a direct...

threat-intelvulnerability
/SCW Vulnerability Desk /HIGH /⚑ 2 IOCs /⚙ 3 Sigma

New 'Dirty Frag' Linux Vulnerability Exploited Pre-Patch

A critical Linux vulnerability, dubbed 'Dirty Frag' and also known as 'Copy Fail 2,' has reportedly been exploited in the wild *before* a patch was...

threat-intelvulnerabilitytools
/SCW Vulnerability Desk /MEDIUM /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-1677 — Zephyr sockets created with `IPPROTO_TLS_1_3` can still

CVE-2026-1677 — Zephyr sockets created with `IPPROTO_TLS_1_3` can still negotiate a TLS 1.2 connection when both TLS versions are enabled in Kconfig, because the socket-level...

vulnerabilityCVEmedium-severitycwe-757
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-8274 — Npitre Cramfs-Tools Path Traversal

CVE-2026-8274 — A security vulnerability has been detected in npitre cramfs-tools up to 2.1. Affected is the function do_directory of the file cramfsck.c of the...

vulnerabilityCVEmedium-severitypath-traversalcwe-22
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-8273 — Command Injection

CVE-2026-8273 — A weakness has been identified in D-Link DNS-320 2.06B01. This impacts the function cgi_set_host/cgi_set_ntp/cgi_fan_control/cgi_merge_user of the file /cgi-bin/system_mgr.cgi. This manipulation causes os command...

vulnerabilityCVEmedium-severitycommand-injectioncwe-77cwe-78
/SCW Vulnerability Desk /MEDIUM /4.7 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-8272 — D-Link DNS-320 2.06B01 Command Injection

CVE-2026-8272 — A security flaw has been discovered in D-Link DNS-320 2.06B01. This affects the function delete/rename/copy/move/chmod/chown of the file /cgi-bin/webfile_mgr.cgi. The manipulation results in...

vulnerabilityCVEmedium-severitycommand-injectioncwe-77cwe-78
/SCW Vulnerability Desk /MEDIUM /4.7 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-8271 — D-Link DNS-320 2.06B01 Command Injection

CVE-2026-8271 — A vulnerability was identified in D-Link DNS-320 2.06B01. The impacted element is the function cgi_speed/cgi_dhcpd_lease/cgi_ddns/cgi_set_ip/cgi_upnp_del/cgi_dhcpd/cgi_upnp_add/cgi_upnp_edit of the file /cgi-bin/network_mgr.cgi. The manipulation leads to...

vulnerabilityCVEmedium-severitycommand-injectioncwe-77cwe-78
/SCW Vulnerability Desk /MEDIUM /4.7 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-8270 — Denial of Service

CVE-2026-8270 — A vulnerability was determined in Open5GS up to 2.7.7. The affected element is the function ogs_nas_parse_qos_rules of the component SMF. Executing a manipulation...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-404
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-8269 — Open5GS Denial of Service

CVE-2026-8269 — A vulnerability was found in Open5GS up to 2.7.7. Impacted is the function smf_nsmf_handle_create_sm_context of the component SMF. Performing a manipulation results in...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-404
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 1 Sigma

CVE-2026-8268 — Open5GS Denial of Service

CVE-2026-8268 — A vulnerability has been found in Open5GS up to 2.7.7. This issue affects the function OpenAPI_list_create of the component SMF. Such manipulation leads...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-404
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 1 Sigma

CVE-2026-8267 — Open5GS Denial of Service

CVE-2026-8267 — A flaw has been found in Open5GS up to 2.7.7. This vulnerability affects the function smf_nsmf_handle_created_data_in_vsmf of the component SMF. This manipulation causes...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-404
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 1 Sigma

CVE-2026-8266 — Open5GS Denial of Service

CVE-2026-8266 — A vulnerability was detected in Open5GS up to 2.7.7. This affects the function gsm_build_pdu_session_establishment_accept of the file /src/smf/gsm-build.c of the component SMF. The...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-404
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-8265 — Tenda AC6 Command Injection

CVE-2026-8265 — A security vulnerability has been detected in Tenda AC6 15.03.06.23. Affected by this issue is the function get_log_file of the file /goform/getLogFile of...

vulnerabilityCVEmedium-severitycommand-injectioncwe-77cwe-78
/SCW Vulnerability Desk /MEDIUM /4.7 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-8264 — Command Injection

CVE-2026-8264 — A weakness has been identified in Tenda AC6 15.03.06.23. Affected by this vulnerability is the function formWifiApScan of the file /goform/WifiApScan of the...

vulnerabilityCVEmedium-severitycommand-injectioncwe-77cwe-78
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-8263 — Tenda AC6 15.03.06.49_multi_TDE01 Command Injection

CVE-2026-8263 — A security flaw has been discovered in Tenda AC6 15.03.06.49_multi_TDE01. Affected is the function fromSetWirelessRepeat of the file /goform/WifiExtraSet of the component httpd....

vulnerabilityCVEmedium-severitycommand-injectioncwe-77cwe-78
/SCW Vulnerability Desk /MEDIUM /4.7 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-8261 — The Function SQFunctionProto::Load Of The File Squirrel/Sqob Buffer Overflow

CVE-2026-8261 — A vulnerability was determined in Squirrel up to 3.2. This affects the function SQFunctionProto::Load of the file squirrel/sqobject.cpp. This manipulation causes heap-based buffer...

vulnerabilityCVEmedium-severitybuffer-overflowcwe-119cwe-122
/SCW Vulnerability Desk /MEDIUM /5.9 /⚑ 3 IOCs /⚙ 2 Sigma

D-Link DCS-935L CVE-2026-8260: Remote Buffer Overflow in HNAP Service

CVE-2026-8260 — A vulnerability was found in D-Link DCS-935L up to 1.10.01. The impacted element is the function SetDeviceSettings of the file /web/cgi-bin/hnap/hnap_service of the...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-120
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 4 IOCs /⚙ 5 Sigma

CVE-2026-8259 — Tenda AC6 2.0/15.03.06.23 Command Injection

CVE-2026-8259 — A vulnerability has been found in Tenda AC6 2.0/15.03.06.23. The affected element is an unknown function of the file /goform/telnet of the component...

vulnerabilityCVEmedium-severitycommand-injectioncwe-77cwe-78
/SCW Vulnerability Desk /MEDIUM /4.7 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-8258 — Squirrel Buffer Overflow

CVE-2026-8258 — A flaw has been found in Squirrel up to 3.2. Impacted is the function validate_format in the library sqstdlib/sqstdstring.cpp. Executing a manipulation can...

vulnerabilityCVEmedium-severitybuffer-overflowcwe-119cwe-121
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-8252 — Null Pointer Dereference

CVE-2026-8252 — A vulnerability was determined in Open5GS up to 2.7.7. Affected is the function smf_nsmf_handle_create_data_in_hsmf of the component SMF. Executing a manipulation can lead...

vulnerabilityCVEmedium-severitynull-pointer-dereferencecwe-404cwe-476
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-8251 — Open5GS Denial of Service

CVE-2026-8251 — A vulnerability was found in Open5GS up to 2.7.7. This impacts the function update_authorized_pcc_rule_and_qos of the file /src/smf/npcf-handler.c of the component SMF. Performing...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-404
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-8250 — Open5GS Denial of Service

CVE-2026-8250 — A vulnerability has been found in Open5GS up to 2.7.7. This affects the function smf_n4_build_qos_flow_to_modify_list of the file /src/smf/n4-build.c of the component SMF....

vulnerabilityCVEmedium-severitydenial-of-servicecwe-404
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-8249 — Open5GS Denial of Service

CVE-2026-8249 — A flaw has been found in Open5GS up to 2.7.7. The impacted element is the function update_authorized_pcc_rule_and_qos of the file /src/smf/npcf-handler.c of the...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-404
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-8248 — Open5GS Denial of Service

CVE-2026-8248 — A vulnerability was detected in Open5GS up to 2.7.7. The affected element is the function update_authorized_pcc_rule_and_qos of the file /src/smf/npcf-handler.c of the component...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-404
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 2 Sigma

Aero CMS 0.0.1 Vulnerability Allows Authenticated PHP Code Injection

CVE-2022-50944 — Aero CMS 0.0.1 contains a PHP code injection vulnerability that allows authenticated attackers to execute arbitrary PHP code by uploading malicious files through...

vulnerabilityCVEhigh-severitycwe-94
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 4 IOCs /⚙ 3 Sigma

CyberPanel 2.1 RCE via Symlink Attack (CVE-2021-47949)

CVE-2021-47949 — CyberPanel 2.1 contains a command execution vulnerability that allows authenticated attackers to read arbitrary files and execute remote code by exploiting symlink attacks...

vulnerabilityCVEhigh-severityarbitrary-file-accesscwe-59
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 5 IOCs /⚙ 3 Sigma

TextPattern CMS RCE (CVE-2021-47943) Allows Authenticated Attackers to Execute Commands

CVE-2021-47943 — TextPattern CMS 4.8.7 contains a remote code execution vulnerability that allows authenticated attackers to execute arbitrary commands by uploading malicious PHP files through...

vulnerabilityCVEhigh-severityremote-code-executioncwe-434
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 4 IOCs /⚙ 3 Sigma

WordPress Plugin Survey & Poll SQLi Puts Data at Risk

CVE-2021-47941 — WordPress Plugin Survey & Poll 1.5.7.3 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious...

vulnerabilityCVEhigh-severitysql-injectioncwe-89
/SCW Vulnerability Desk /HIGH /8.2 /⚑ 3 IOCs /⚙ 3 Sigma

WordPress Plugin Download From Files: Critical Unauthenticated File Upload

CVE-2021-47940 — WordPress Plugin Download From Files version 1.48 and earlier contains an arbitrary file upload vulnerability that allows unauthenticated attackers to upload malicious files...

vulnerabilityCVEcriticalhigh-severityarbitrary-file-accesscwe-306
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 5 IOCs /⚙ 3 Sigma

Evolution CMS RCE (CVE-2021-47939) Allows Authenticated Code Execution

CVE-2021-47939 — Evolution CMS 3.1.6 contains a remote code execution vulnerability that allows authenticated users with module creation permissions to execute arbitrary system commands by...

vulnerabilityCVEhigh-severityremote-code-executioncwe-94
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 4 IOCs /⚙ 4 Sigma

ImpressCMS 1.4.2 RCE: Authenticated Attackers Can Execute Arbitrary Code

CVE-2021-47938 — ImpressCMS 1.4.2 contains a remote code execution vulnerability in the autotasks administrative interface that allows authenticated attackers to execute arbitrary PHP code by...

vulnerabilityCVEhigh-severityremote-code-executioncwe-94
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 4 IOCs /⚙ 3 Sigma

e107 CMS RCE (CVE-2021-47937) Allows Authenticated Theme Uploads to Drop Web Shells

CVE-2021-47937 — e107 CMS 2.3.0 contains a remote code execution vulnerability that allows authenticated users with theme installation permissions to execute arbitrary commands by uploading...

vulnerabilityCVEhigh-severityremote-code-executioncwe-434
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 4 IOCs /⚙ 3 Sigma

OpenCATS 0.9.4 Critical RCE via Malicious Resume Uploads

CVE-2021-47936 — OpenCATS 0.9.4 contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary commands by uploading malicious PHP files disguised as...

vulnerabilityCVEcriticalhigh-severityremote-code-executioncwe-306
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 4 IOCs /⚙ 5 Sigma

Sentry 8.2.0 RCE: Authenticated Superusers Can Execute Arbitrary Code

CVE-2021-47935 — Sentry 8.2.0 contains a remote code execution vulnerability that allows authenticated superusers to execute arbitrary commands by injecting malicious pickle-serialized objects through the...

vulnerabilityCVEhigh-severityremote-code-executioncwe-94
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 4 IOCs /⚙ 3 Sigma

WordPress MStore API Critical RCE: Unauthenticated File Upload

CVE-2021-47933 — WordPress MStore API 2.0.6 contains an arbitrary file upload vulnerability that allows unauthenticated attackers to upload malicious files by sending POST requests to...

vulnerabilityCVEcriticalhigh-severityremote-code-executioncwe-306
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 3 IOCs /⚙ 3 Sigma

WordPress TheCartPress Unauthenticated Admin Creation (CVE-2021-47932)

CVE-2021-47932 — WordPress TheCartPress 1.5.3.6 contains an unauthenticated privilege escalation vulnerability that allows attackers to create administrator accounts by submitting crafted requests to the AJAX...

vulnerabilityCVEcriticalhigh-severityprivilege-escalationcwe-862
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 3 IOCs /⚙ 1 Sigma

CVE-2021-47930: Unauthenticated SQLi in Balbooa Joomla Forms Builder

CVE-2021-47930 — Balbooa Joomla Forms Builder 2.0.6 contains an unauthenticated SQL injection vulnerability in the form submission handler that allows remote attackers to execute arbitrary...

vulnerabilityCVEhigh-severitysql-injectioncwe-89
/SCW Vulnerability Desk /HIGH /8.2 /⚑ 3 IOCs /⚙ 2 Sigma

Opencart TMD Vendor System Blind SQLi Exposes User Data

CVE-2021-47928 — Opencart TMD Vendor System 3.x contains a blind SQL injection vulnerability that allows unauthenticated attackers to extract database information by injecting SQL code...

vulnerabilityCVEhigh-severitysql-injectioncwe-89
/SCW Vulnerability Desk /HIGH /8.2 /⚑ 3 IOCs /⚙ 3 Sigma

OpenCart 3.0.3.8 Session Fixation Vulnerability (CVE-2021-47923) Rated Critical

CVE-2021-47923 — OpenCart 3.0.3.8 contains a session fixation vulnerability that allows attackers to hijack user sessions by injecting arbitrary values into the OCSESSID cookie. Attackers...

vulnerabilityCVEcriticalhigh-severitycwe-290
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-8244 — Industrial Application Software IAS Canias ERP Vulnerability

CVE-2026-8244 — A vulnerability was identified in Industrial Application Software IAS Canias ERP 8.03. This impacts an unknown function of the component Login RMI Interface....

vulnerabilityCVEmedium-severitycwe-287
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-8243 — An Unknown Function Of The Component JNLP Deployment Endpoin Vulnerability

CVE-2026-8243 — A vulnerability was determined in Industrial Application Software IAS Canias ERP 8.03. This affects an unknown function of the component JNLP Deployment Endpoint....

vulnerabilityCVEmedium-severitycwe-320cwe-321
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 3 IOCs

CVE-2026-8241 — Industrial Application Software IAS Canias ERP Vulnerability

CVE-2026-8241 — A vulnerability has been found in Industrial Application Software IAS Canias ERP 8.03. The affected element is the function iasGetServerInfoEvent of the component...

vulnerabilityCVEmedium-severitycwe-266cwe-285
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 3 IOCs /⚙ 1 Sigma

CVE-2026-8235 — 8421bit MiniClaw 0.8.0/0.9.0 Command Injection

CVE-2026-8235 — A vulnerability was detected in 8421bit MiniClaw 0.8.0/0.9.0. This issue affects the function resolveSkillScriptPath of the file src/kernel.ts of the component System Command...

vulnerabilityCVEmedium-severitycommand-injectioncwe-77cwe-78
/SCW Vulnerability Desk /MEDIUM /5.5 /⚑ 3 IOCs /⚙ 2 Sigma

EFM ipTIME A8004T Vulnerability: Remote Stack-Based Buffer Overflow Disclosed

CVE-2026-8234 — A security vulnerability has been detected in EFM ipTIME A8004T 14.18.2. This vulnerability affects the function formWifiBasicSet of the file /goform/WifiBasicSet. The manipulation...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-121
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 4 IOCs /⚙ 2 Sigma

CVE-2026-8233 — Improper Access Control

CVE-2026-8233 — A vulnerability was determined in Dotouch XproUPF 2.0.0-release-088aa7c4. Affected is an unknown function of the component UPF. This manipulation causes improper access controls....

vulnerabilityCVEmedium-severityimproper-access-controlcwe-266cwe-284
/SCW Vulnerability Desk /MEDIUM /4.6 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-8231 — CodeAstro Online Catering Ordering System SQL Injection

CVE-2026-8231 — A vulnerability has been found in CodeAstro Online Catering Ordering System 1.0. This affects an unknown function of the file /deleteorder.php. The manipulation...

vulnerabilityCVEmedium-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-8230 — Wavlink NU516U1 Command Injection

CVE-2026-8230 — A flaw has been found in Wavlink NU516U1 240425. The impacted element is the function sys_login1 of the file /cgi-bin/login.cgi. Executing a manipulation...

vulnerabilityCVEmedium-severitycommand-injectioncwe-77cwe-78
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-8229 — Wavlink NU516U1 Command Injection

CVE-2026-8229 — A vulnerability was detected in Wavlink NU516U1 240425. The affected element is the function WifiBasic of the file /cgi-bin/wireless.cgi. Performing a manipulation of...

vulnerabilityCVEmedium-severitycommand-injectioncwe-77cwe-78
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-8228 — Wavlink NU516U1 Command Injection

CVE-2026-8228 — A security vulnerability has been detected in Wavlink NU516U1 240425. Impacted is the function advance of the file /cgi-bin/wireless.cgi. Such manipulation of the...

vulnerabilityCVEmedium-severitycommand-injectioncwe-77cwe-78
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-8227 — The Function WzdapMesh Of The File /Cgi-Bin/Adm.Cgi Command Injection

CVE-2026-8227 — A weakness has been identified in Wavlink NU516U1 240425. This issue affects the function wzdapMesh of the file /cgi-bin/adm.cgi. This manipulation causes os...

vulnerabilityCVEmedium-severitycommand-injectioncwe-77cwe-78
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-8226 — Open5GS Denial of Service

CVE-2026-8226 — A security flaw has been discovered in Open5GS up to 2.7.7. This vulnerability affects the function ogs_pcc_rule_install_flow_from_media in the library /lib/proto/types.c. The manipulation...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-404
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 1 Sigma

CVE-2026-8225 — Open5GS Denial of Service

CVE-2026-8225 — A vulnerability was identified in Open5GS up to 2.7.7. This affects the function pcf_npcf_smpolicycontrol_handle_delete of the file src/pcf/sm-sm.c of the component delete Endpoint....

vulnerabilityCVEmedium-severitydenial-of-servicecwe-404
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-8224 — Denial of Service

CVE-2026-8224 — A vulnerability was determined in Open5GS up to 2.7.7. Affected by this issue is the function pcf_sess_set_ipv6prefix of the file /src/pcf/context.c of the...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-404
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-8223 — Open5GS Denial of Service

CVE-2026-8223 — A vulnerability was found in Open5GS up to 2.7.7. Affected by this vulnerability is the function pcf_sess_sbi_discover_and_send of the component sm-policies Endpoint. Performing...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-404
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 1 Sigma

CVE-2026-8222 — Open5GS Denial of Service

CVE-2026-8222 — A vulnerability has been found in Open5GS up to 2.7.7. Affected is the function pcf_nbsf_management_handle_register of the file src/pcf/nbsf-handler.c of the component sm-policies...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-404
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 1 Sigma

CVE-2026-8217 — Industrial Application Software IAS Canias ERP Command Injection

CVE-2026-8217 — A security flaw has been discovered in Industrial Application Software IAS Canias ERP 8.03. Impacted is the function Runtime.getRuntime.exec of the component RMI...

vulnerabilityCVEmedium-severitycommand-injectioncwe-77cwe-78
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 6 Sigma

CVE-2026-8216: Canias ERP Remote Authentication Bypass Exposes Critical Systems

CVE-2026-8216 — A vulnerability was identified in Industrial Application Software IAS Canias ERP 8.03. This issue affects the function iasServerRemoteInterface.doAction of the component Java RMI...

vulnerabilityCVEhigh-severitycwe-287
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-8215 — The Function IasRequestFileEvent Of The Component RMI Interf Path Traversal

CVE-2026-8215 — A vulnerability was determined in Industrial Application Software IAS Canias ERP 8.03. This vulnerability affects the function iasRequestFileEvent of the component RMI Interface....

vulnerabilityCVEmedium-severitypath-traversalcwe-22
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 4 Sigma

CVE-2026-8214 — Industrial Application Software IAS Canias ERP Vulnerability

CVE-2026-8214 — A vulnerability was found in Industrial Application Software IAS Canias ERP 8.03. This affects the function doAction of the component RMI Interface. The...

vulnerabilityCVEmedium-severitycwe-287
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-8213 — OSGeo Gdal Buffer Overflow

CVE-2026-8213 — A vulnerability has been found in OSGeo gdal up to 3.13.0dev-4. Affected by this issue is the function GDSDfldsrch of the file frmts/hdf4/hdf-eos/GDapi.c...

vulnerabilityCVEmedium-severitybuffer-overflowcwe-119cwe-122
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-8212 — OSGeo Gdal Buffer Overflow

CVE-2026-8212 — A flaw has been found in OSGeo gdal up to 3.13.0dev-4. Affected by this vulnerability is the function SWSDfldsrch of the file frmts/hdf4/hdf-eos/SWapi.c....

vulnerabilityCVEmedium-severitybuffer-overflowcwe-119cwe-122
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-8211 — Codelibs Fess Vulnerability

CVE-2026-8211 — A vulnerability was detected in codelibs Fess up to 15.5.1. Affected by this issue is the function update of the file org/codelibs/fess/app/web/admin/design/AdminDesignAction.java of...

vulnerabilityCVEmedium-severitycwe-74cwe-94
/SCW Vulnerability Desk /MEDIUM /4.7 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-45184 — Kdenlive before 26.04.1 allows dangerous proxy parameters

CVE-2026-45184 — Kdenlive before 26.04.1 allows dangerous proxy parameters when an attacker-controlled project file is used.

vulnerabilityCVEmedium-severitycwe-829
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-45181 — Hex-Rays IDA Pro 9.2 and 9.3 before 9.3sp2 does not block

CVE-2026-45181 — Hex-Rays IDA Pro 9.2 and 9.3 before 9.3sp2 does not block Clang dependency-file generation (via argument injection), which allows attackers to place their...

vulnerabilityCVEmedium-severitycwe-88
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-8210 — Aandrew-Me Tgpt Command Injection

CVE-2026-8210 — A security vulnerability has been detected in aandrew-me tgpt up to 2.11.1 on Linux/macOS. Affected by this vulnerability is the function helper.Update of...

vulnerabilityCVEmedium-severitycommand-injectioncwe-74cwe-77
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-8195 — JeecgBoot Vulnerability

CVE-2026-8195 — A vulnerability was detected in JeecgBoot up to 3.9.1. The affected element is an unknown function of the file jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/CommonController.java of the component...

vulnerabilityCVEmedium-severitycwe-79cwe-94
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-8194 — OsTicket Vulnerability

CVE-2026-8194 — A security vulnerability has been detected in osTicket up to 1.18.3. Impacted is an unknown function of the file include/class.dispatcher.php of the component...

vulnerabilityCVEmedium-severitycwe-352cwe-862
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 3 IOCs /⚙ 3 Sigma

AzuraCast CVE-2026-42606: Unauthenticated Account Takeover Via X-Forwarded-Host Poisoning

CVE-2026-42606 — AzuraCast is a self-hosted, all-in-one web radio management suite. Prior to version 0.23.6, the ApplyXForwarded middleware unconditionally trusts the client-supplied X-Forwarded-Host HTTP header...

vulnerabilityCVEhigh-severitycwe-640
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 3 IOCs /⚙ 3 Sigma

AzuraCast RCE via Path Traversal (CVE-2026-42605)

CVE-2026-42605 — AzuraCast is a self-hosted, all-in-one web radio management suite. Prior to version 0.23.6, the currentDirectory request parameter in the Flow.js media upload endpoint...

vulnerabilityCVEhigh-severityremote-code-executioncwe-22
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-42576 — Any Workflow That Initializes The APK Database And Fetches R Vulnerability

CVE-2026-42576 — apko allows users to build and publish OCI container images built from apk packages. Prior to version 1.2.7, DiscoverKeys in pkg/apk/apk/implementation.go unconditionally type-asserts...

vulnerabilityCVEmedium-severitycwe-704
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-42575: apko Container Builder Silently Accepts Malicious Packages

CVE-2026-42575 — apko allows users to build and publish OCI container images built from apk packages. Prior to version 1.2.7, apko verifies the signature on...

vulnerabilityCVEhigh-severitycwe-345cwe-494
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-42574: apko Symlink Traversal Allows Host Path Writes

CVE-2026-42574 — apko allows users to build and publish OCI container images built from apk packages. From version 0.14.8 to before version 1.2.5, a crafted...

vulnerabilityCVEhigh-severitycwe-22cwe-59
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 3 IOCs /⚙ 3 Sigma

phpVMS Critical Vulnerability (CVE-2026-42569) Allows Unauthenticated Access

CVE-2026-42569 — phpVMS is a PHP application to run and simulate an airline. Prior to version 7.0.6, a critical vulnerability in phpVMS allowed unauthenticated access...

vulnerabilityCVEcriticalhigh-severitycwe-284cwe-306cwe-862
/SCW Vulnerability Desk /CRITICAL /9.4 /⚑ 2 IOCs /⚙ 3 Sigma

Plainpad CVE-2026-42562 Allows Low-Privilege Admin Escalation

CVE-2026-42562 — Plainpad is a self hosted note taking app. Prior to version 1.1.1, Plainpad allows a low-privilege authenticated user to self-escalate to administrator by...

vulnerabilityCVEhigh-severitycwe-269
/SCW Vulnerability Desk /HIGH /8.3 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-8193 — Some Unknown Processing Of The File Config/Dompdf.Php Of The Server-Side Request Forgery

CVE-2026-8193 — A weakness has been identified in Akaunting 3.1.21. This issue affects some unknown processing of the file config/dompdf.php of the component Invoice PDF...

vulnerabilityCVEmedium-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-8192 — Wavlink NU516U1 M16U1_V240425 Command Injection

CVE-2026-8192 — A security flaw has been discovered in Wavlink NU516U1 M16U1_V240425. This vulnerability affects the function wzdap of the file /cgi-bin/adm.cgi. Performing a manipulation...

vulnerabilityCVEmedium-severitycommand-injectioncwe-77cwe-78
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-8191 — Wavlink NU516U1 M16U1_V240425 Command Injection

CVE-2026-8191 — A vulnerability was identified in Wavlink NU516U1 M16U1_V240425. This affects the function wifi_region of the file /cgi-bin/adm.cgi. Such manipulation of the argument skiplist1/skiplist2...

vulnerabilityCVEmedium-severitycommand-injectioncwe-77cwe-78
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-8190 — Command Injection

CVE-2026-8190 — A vulnerability was determined in Wavlink NU516U1 M16U1_V240425. Affected by this issue is the function wan of the file /cgi-bin/adm.cgi. This manipulation of...

vulnerabilityCVEmedium-severitycommand-injectioncwe-77cwe-78
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-8189 — Wavlink NU516U1 M16U1_V240425 Command Injection

CVE-2026-8189 — A vulnerability was found in Wavlink NU516U1 M16U1_V240425. Affected by this vulnerability is the function wzdrepeater of the file /cgi-bin/adm.cgi. The manipulation of...

vulnerabilityCVEmedium-severitycommand-injectioncwe-77cwe-78
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-8188 — Wavlink NU516U1 M16U1_V240425 Command Injection

CVE-2026-8188 — A vulnerability has been found in Wavlink NU516U1 M16U1_V240425. Affected is the function change_wifi_password of the file /cgi-bin/adm.cgi. The manipulation of the argument...

vulnerabilityCVEmedium-severitycommand-injectioncwe-77cwe-78
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-8198 — Authentication Bypass

CVE-2026-8198 — The Activity Logs, User Activity Tracking, Multisite Activity Log from Logtivity plugin for WordPress is vulnerable to Authentication Bypass to Information Disclosure in...

vulnerabilityCVEmedium-severityauthentication-bypasscwe-200
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-8186 — Open5GS Out-of-Bounds $1

CVE-2026-8186 — A vulnerability was detected in Open5GS up to 2.7.7. This affects the function ogs_sbi_client_send_via_scp_or_sepp in the library lib/sbi/client.c of the component NF. Performing...

vulnerabilityCVEmedium-severityout-of-bounds-1cwe-119cwe-125
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-8187 — Open5GS Vulnerability

CVE-2026-8187 — A flaw has been found in Open5GS up to 2.7.7. This impacts the function _gtpv1_u_recv_cb of the file src/upf/gtp-path.c of the component UPF....

vulnerabilityCVEmedium-severitycwe-400cwe-404
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-8185 — UGREEN CM933 Vulnerability

CVE-2026-8185 — A security vulnerability has been detected in UGREEN CM933 1.1.59.4319. The impacted element is an unknown function of the component Administrative Interface. Such...

vulnerabilityCVEmedium-severitycwe-287cwe-306
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 5 Sigma

Hikvision Switches: Authenticated RCE in Discontinued Products

CVE-2026-3828 — Some Hikvision switch products (discontinued since December 2023) are vulnerable to authenticated remote command execution due to insufficient input validation. Attackers with valid...

vulnerabilityCVEhigh-severity
/SCW Vulnerability Desk /HIGH /7.2 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-32683 — Some EZVIZ products utilize older versions of cloud feature

CVE-2026-32683 — Some EZVIZ products utilize older versions of cloud feature modules with legacy API interfaces, which pose a data transmission risk. Attackers can exploit...

vulnerabilityCVEmedium-severity
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 1 IOC /⚙ 3 Sigma

CVE-2026-1749 — Some HikCentral Professional Versions. This Vulnerability

CVE-2026-1749 — There is an Access Control Vulnerability in some HikCentral Professional versions. This could allow an unauthenticated user to obtain the admin permission.

vulnerabilityCVEmedium-severity
/SCW Vulnerability Desk /MEDIUM /6.8 /⚑ 1 IOC /⚙ 2 Sigma

cPanel, WHM Patch Three New Vulnerabilities: Privilege Escalation, RCE Risks

cPanel has rolled out critical updates for cPanel and Web Host Manager (WHM), addressing three distinct vulnerabilities. According to The Hacker News, these flaws could...

threat-intelvulnerabilitytools
/SCW Vulnerability Desk /MEDIUM /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-42560: Critical Patreon OAuth Flaw Merges User Identities

CVE-2026-42560 — auth provides authentication via oauth2, direct and email. From versions 1.18.0 to before 1.25.2 and 2.0.0 to before 2.1.2, the Patreon OAuth provider...

vulnerabilityCVEcriticalhigh-severitycwe-287
/SCW Vulnerability Desk /CRITICAL /9.1 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-42301: Malicious Code Execution Via pyp2spec RPM Generation

CVE-2026-42301 — pyp2spec generates working Fedora RPM spec file for Python projects. Prior to version 0.14.1, pyp2spec was writing PyPI package metadata (e.g. the summary...

vulnerabilityCVEhigh-severitycwe-20cwe-94
/SCW Vulnerability Desk /HIGH /7.8 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-42296: Argo Workflows Bypass Grants Host Network Access

CVE-2026-42296 — Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Prior to versions 3.7.14 and 4.0.5, a user...

vulnerabilityCVEhigh-severitycwe-863
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 4 IOCs /⚙ 3 Sigma

LiquidJS CVE-2026-41311: DoS Vulnerability in Template Engine

CVE-2026-41311 — LiquidJS is a Shopify / GitHub Pages compatible template engine in pure JavaScript. Prior to version 10.25.7, a circular block reference in {...

vulnerabilityCVEhigh-severitydenial-of-servicecwe-674
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-7652 — The LatePoint plugin for WordPress is vulnerable to Account

CVE-2026-7652 — The LatePoint plugin for WordPress is vulnerable to Account Takeover via Weak Password Recovery Mechanism in the unauthenticated guest booking flow in versions...

vulnerabilityCVEmedium-severitycwe-640
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-6667 — PgBouncer before 1.25.2 did not perform an appropriate

CVE-2026-6667 — PgBouncer before 1.25.2 did not perform an appropriate authorization check for the KILL_CLIENT admin command. All users with access to the administration console...

vulnerabilityCVEmedium-severitycwe-862
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-6666 — A possible null pointer reference in PgBouncer before

CVE-2026-6666 — A possible null pointer reference in PgBouncer before 1.25.2 could lead to a crash, if a server sends an error response without SQLSTATE...

vulnerabilityCVEmedium-severitycwe-476
/SCW Vulnerability Desk /MEDIUM /5.9 /⚑ 2 IOCs /⚙ 1 Sigma

PgBouncer SCRAM Vulnerability (CVE-2026-6665) Allows Stack Overflow

CVE-2026-6665 — The SCRAM code in PgBouncer before 1.25.2 did not check the return value of strlcat() correctly when building the contents of the SCRAM...

vulnerabilityCVEhigh-severitycwe-121
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 4 IOCs /⚙ 2 Sigma

PgBouncer Integer Overflow (CVE-2026-6664) Leads to Remote Crash

CVE-2026-6664 — An integer overflow in network packet parsing code in PgBouncer before 1.25.2 bypasses a boundary check and can lead to a crash. An...

vulnerabilityCVEhigh-severityinteger-overflowcwe-190
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-41705: Spring AI MilvusVectorStore Vulnerable to Filter Injection

CVE-2026-41705 — Spring AI's MilvusVectorStore#doDelete(List) implementation is vulnerable to filter-expression injection via unsanitized document IDs. Spring AI 1.0.x: affected from 1.0.0 through latest 1.0.x; upgrade...

vulnerabilityCVEhigh-severitycwe-917
/SCW Vulnerability Desk /HIGH /8.6 /⚑ 3 IOCs /⚙ 2 Sigma

Linkwarden SSRF Vulnerability (CVE-2026-44313) Allows Internal Network Access

CVE-2026-44313 — Linkwarden is a self-hosted, open-source collaborative bookmark manager to collect, organize and archive webpages. Prior to version 2.13.0, a Server-Side Request Forgery (SSRF)...

vulnerabilityCVEcriticalhigh-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /CRITICAL /9.1 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-45130 — Buffer Overflow

CVE-2026-45130 — Vim is an open source, command line text editor. Prior to version 9.2.0450, a heap buffer overflow exists in read_compound() in src/spellfile.c when...

vulnerabilityCVEmedium-severitybuffer-overflowcwe-122cwe-190
/SCW Vulnerability Desk /MEDIUM /6.6 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-42556: Postiz AI Tool Vulnerability Allows Stored XSS

CVE-2026-42556 — Postiz is an AI social media scheduling tool. From version 2.21.6 to before version 2.21.7, any authenticated user who can create a post...

vulnerabilityCVEhigh-severitycwe-79
/SCW Vulnerability Desk /HIGH /8.9 /⚑ 4 IOCs /⚙ 3 Sigma

Termix RCE via Container ID Injection (CVE-2026-42454)

CVE-2026-42454 — Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. Prior to version 2.1.0, all Docker container management...

vulnerabilityCVEcriticalhigh-severityremote-code-executioncwe-78
/SCW Vulnerability Desk /CRITICAL /9.9 /⚑ 5 IOCs /⚙ 3 Sigma

Termix CVE-2026-42452 Bypasses 2FA with Temporary JWT

CVE-2026-42452 — Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. Prior to version 2.1.0, /users/login issues a temporary...

vulnerabilityCVEhigh-severitycwe-304
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 4 IOCs /⚙ 2 Sigma

Sentry SAML SSO Critical Vulnerability Allows Account Takeover (CVE-2026-42354)

CVE-2026-42354 — Sentry is an error tracking and performance monitoring tool. From version 21.12.0 to before version 26.4.1, a critical vulnerability was discovered in the...

vulnerabilityCVEcriticalhigh-severitycwe-290
/SCW Vulnerability Desk /CRITICAL /9.1 /⚑ 3 IOCs /⚙ 2 Sigma

pygeoapi RCE: OGC API Vulnerability Exposes Internal Services

CVE-2026-42352 — pygeoapi is a Python server implementation of the OGC API suite of standards. From version 0.23.0 to before version 0.23.3, OGC API process...

vulnerabilityCVEhigh-severitycwe-918
/SCW Vulnerability Desk /HIGH /8.6 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-42351: pygeoapi Path Traversal Exposes Directories

CVE-2026-42351 — pygeoapi is a Python server implementation of the OGC API suite of standards. From version 0.23.0 to before version 0.23.3, a raw string...

vulnerabilityCVEhigh-severitycwe-22
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 5 IOCs /⚙ 2 Sigma

CVE-2026-42346 — Server-Side Request Forgery

CVE-2026-42346 — Postiz is an AI social media scheduling tool. From version 2.16.6 to before version 2.21.7, all SSRF protections added in v2.21.4–v2.21.6 share a...

vulnerabilityCVEmedium-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 3 Sigma

FastGPT Vulnerability: Cloud Metadata Bypass via URL Encoding (CVE-2026-42345)

CVE-2026-42345 — FastGPT is an AI Agent building platform. In versions 4.14.11 and prior, FastGPT's isInternalAddress() function in packages/service/common/system/utils.ts blocks cloud metadata endpoints using a...

vulnerabilityCVEhigh-severitycwe-918
/SCW Vulnerability Desk /HIGH /7.7 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-42302: FastGPT Agent Sandbox RCE

CVE-2026-42302 — FastGPT is an AI Agent building platform. From version 4.14.10 to before version 4.14.13, the agent-sandbox component of FastGPT is vulnerable to unauthenticated...

vulnerabilityCVEcriticalhigh-severityremote-code-executioncwe-306
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-42298: Critical RCE in Postiz AI Scheduling Tool

CVE-2026-42298 — Postiz is an AI social media scheduling tool. Prior to commit da44801, a "Pwn Request" vulnerability in the Build and Publish PR Docker...

vulnerabilityCVEcriticalhigh-severitycwe-94
/SCW Vulnerability Desk /CRITICAL /10 /⚑ 5 IOCs /⚙ 3 Sigma

CVE-2026-42291 — SysReptor is a fully customizable pentest reporting

CVE-2026-42291 — SysReptor is a fully customizable pentest reporting platform. From version 2026.4 to before version 2026.27, the endpoints for reading and creating sharing links...

vulnerabilityCVEmedium-severitycwe-639
/SCW Vulnerability Desk /MEDIUM /6.8 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-42224: ipl/web XSS Vulnerability Impacts Icinga Web

CVE-2026-42224 — ipl/web is a set of common web components for php projects. Prior to version 0.13.1, the vulnerability allows an attacker to inject malicious...

vulnerabilityCVEhigh-severitycwe-79
/SCW Vulnerability Desk /HIGH /7.6 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-41520: Cilium Bugtool Leaks Sensitive WireGuard Data

CVE-2026-41520 — Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Prior to versions 1.17.15, 1.18.9, and 1.19.3, the output of cilium-bugtool...

vulnerabilityCVEhigh-severitycwe-200cwe-312
/SCW Vulnerability Desk /HIGH /7.9 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-41432: LLM Gateway Stripe Webhook Flaw Allows Quota Forgery

CVE-2026-41432 — New API is a large language mode (LLM) gateway and artificial intelligence (AI) asset management system. Prior to version 0.12.10, a vulnerability exists...

vulnerabilityCVEhigh-severitycwe-345cwe-863cwe-1188
/SCW Vulnerability Desk /HIGH /7.1 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-42209 — Denial of Service

CVE-2026-42209 — FlashMQ is a MQTT broker/server, designed for multi-CPU environments. Prior to version 1.26.1, a remote client with retained publish permission can crash the...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-369
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-42205: Avo Framework Privilege Escalation in Ruby on Rails Admin Panels

CVE-2026-42205 — Avo is a framework to create admin panels for Ruby on Rails apps. Prior to version 3.31.2, a broken access control vulnerability was...

vulnerabilityCVEhigh-severityprivilege-escalationcwe-284cwe-639
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-42202 — nova-toggle-5 enables fliping booleans in the index. Prior

CVE-2026-42202 — nova-toggle-5 enables fliping booleans in the index. Prior to version 1.3.0, the toggle endpoint (POST/nova-vendor/nova-toggle/toggle/{resource}/{resourceId}) was protected only by web + auth: middleware....

vulnerabilityCVEmedium-severitycwe-285
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-42199 — Integer Overflow

CVE-2026-42199 — Grid is a data structure grid for rust. From version 0.17.0 to before version 1.0.1, an integer overflow in Grid::expand_rows() can corrupt the...

vulnerabilityCVEmedium-severityinteger-overflowcwe-190
/SCW Vulnerability Desk /MEDIUM /6.2 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-42193: Plunk Email Platform Critical Unauthenticated Webhook Forgery

CVE-2026-42193 — Plunk is an open-source email platform built on top of AWS SES. Prior to version 0.9.0, the /webhooks/sns endpoint accepts Amazon SNS notification...

vulnerabilityCVEcriticalhigh-severitycwe-347
/SCW Vulnerability Desk /CRITICAL /9.1 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-42192 — Cross-Site Scripting (XSS)

CVE-2026-42192 — Plunk is an open-source email platform built on top of AWS SES. Prior to version 0.9.0, a stored cross-site scripting (XSS) vulnerability exists...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /5.4 /⚑ 2 IOCs /⚙ 3 Sigma

MailEnable WebAdmin Vulnerability Bypasses Authentication (CVE-2026-44400)

CVE-2026-44400 — MailEnable Enterprise Premium 10.55 and earlier contains an improper authorization vulnerability in the WebAdmin mobile portal that allows attackers to bypass authentication checks...

vulnerabilityCVEhigh-severitycwe-639
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 4 IOCs /⚙ 3 Sigma

SmarterTools SmarterMail CVE-2026-7807: Local File Inclusion Exposes Passwords

CVE-2026-7807 — SmarterTools SmarterMail builds prior to 9560 contain a local file inclusion vulnerability in the /api/v1/report/summary/{type} API endpoint that allows authenticated users to read...

vulnerabilityCVEhigh-severitycwe-22
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-42282 — n8n-MCP is an MCP server that provides AI assistants access

CVE-2026-42282 — n8n-MCP is an MCP server that provides AI assistants access to n8n node documentation, properties, and operations. Prior to version 2.47.13, when n8n-mcp...

vulnerabilityCVEmedium-severitycwe-532
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-42190 — RedwoodSDK is a server-first React framework. From version

CVE-2026-42190 — RedwoodSDK is a server-first React framework. From version 1.0.0-beta.50 to before version 1.2.3, server actions in rwsdk apply HTTP method enforcement but no...

vulnerabilityCVEmedium-severitycwe-352
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-42189: Russh SSH Library DoS Vulnerability

CVE-2026-42189 — Russh is a Rust SSH client & server library. Prior to version 0.60.1, a pre-authentication denial-of-service vulnerability exists in the server's keyboard-interactive authentication...

vulnerabilityCVEhigh-severitycwe-770cwe-789
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 3 IOCs /⚙ 5 Sigma

CVE-2026-42185 — People is an application to handle users and teams, and

CVE-2026-42185 — People is an application to handle users and teams, and distribute permissions across La Suite. Prior to version 1.25.0, a user holding the...

vulnerabilityCVEmedium-severitycwe-269
/SCW Vulnerability Desk /MEDIUM /5.5 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-42181 — Lemmy is a link aggregator and forum for the fediverse.

CVE-2026-42181 — Lemmy is a link aggregator and forum for the fediverse. Prior to version 0.19.18, Lemmy fetches metadata for user-supplied post URLs and, under...

vulnerabilityCVEmedium-severitycwe-918
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 7 Sigma

CVE-2026-42180 — Lemmy is a link aggregator and forum for the fediverse.

CVE-2026-42180 — Lemmy is a link aggregator and forum for the fediverse. Prior to version 0.19.18, Lemmy allows an authenticated low-privileged user to create a...

vulnerabilityCVEmedium-severitycwe-918
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-42176 — Scoold is a Q&A and a knowledge sharing platform for teams.

CVE-2026-42176 — Scoold is a Q&A and a knowledge sharing platform for teams. Prior to version 1.67.0, Scoold allows the admins configuration value to be...

vulnerabilityCVEmedium-severitycwe-306
/SCW Vulnerability Desk /MEDIUM /6.7 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-41495 — n8n-MCP is an MCP server that provides AI assistants access

CVE-2026-41495 — n8n-MCP is an MCP server that provides AI assistants access to n8n node documentation, properties, and operations. Prior to version 2.47.11, when n8n-mcp...

vulnerabilityCVEmedium-severitycwe-532
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 3 Sigma

Amazon Redshift JDBC Driver Vulnerability Allows Remote Code Execution

CVE-2026-8178 — An issue exists in Amazon Redshift JDBC Driver versions prior to 2.2.2. Under certain conditions, the driver could load and execute arbitrary classes...

vulnerabilityCVEhigh-severitycwe-470
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-41511 — OpenMcdf is a fully .NET / C# library to manipulate

CVE-2026-41511 — OpenMcdf is a fully .NET / C# library to manipulate Compound File Binary File Format files, also known as Structured Storage. Prior to...

vulnerabilityCVEmedium-severitycwe-835
/SCW Vulnerability Desk /MEDIUM /6.2 /⚑ 2 IOCs /⚙ 2 Sigma

TCLBANKER Banking Trojan Targets 59 Financial Platforms via WhatsApp, Outlook Worms

The Hacker News reports on a newly identified Brazilian banking trojan, TCLBANKER, which is actively targeting 59 distinct banking, fintech, and cryptocurrency platforms. Elastic Security...

threat-intelvulnerabilitymalware
/SCW Vulnerability Desk /MEDIUM /⚑ 5 IOCs

Schumer Demands DHS AI Cyber Plan for State, Local Governments

Senate Minority Leader Chuck Schumer has pressed the Department of Homeland Security (DHS) for an urgent plan to coordinate with state, local, tribal, and territorial...

threat-intelpolicygovernmentvulnerabilitydata-breachai-securitytools
/SCW Vulnerability Desk /HIGH /⚑ 3 IOCs

CVE-2026-42072: Nornicdb Exposes Graph Database via Default Credentials on LAN

CVE-2026-42072 — Nornicdb is a distributed low-latency, Graph+Vector, Temporal MVCC with all sub-ms HNSW search, graph traversal, and writes. Prior to version 1.0.42-hotfix, the --address...

vulnerabilityCVEcriticalhigh-severitycwe-1392
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-42030 — MapServer'S WMS Server Cross-Site Scripting (XSS)

CVE-2026-42030 — MapServer is a system for developing web-based GIS applications. From version 6.0 to before version 8.6.2, a reflected XSS vulnerability in MapServer's WMS...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-80
/SCW Vulnerability Desk /MEDIUM /6.1 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-42028 — NovaGallery Path Traversal

CVE-2026-42028 — novaGallery is a php image gallery. Prior to version 2.1.1, a path traversal vulnerability has been identified in novaGallery. This allows unauthenticated users...

vulnerabilityCVEmedium-severitypath-traversalcwe-22
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-41887 — Server-Side Request Forgery

CVE-2026-41887 — Flarum is open-source forum software. Prior to versions 1.8.16 and 2.0.0-rc.1, Flarum's patch for CVE-2023-27577 restricted the @import and data-uri() LESS features in...

vulnerabilityCVEmedium-severityserver-side-request-forgerycwe-22cwe-918
/SCW Vulnerability Desk /MEDIUM /4.9 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-42353: i18next-http-middleware Path Traversal and SSRF Risk

CVE-2026-42353 — i18next-http-middleware is a middleware to be used with Node.js web frameworks like express or Fastify and also for Deno. Prior to version 3.9.3,...

vulnerabilityCVEhigh-severitypath-traversalcwe-22cwe-918
/SCW Vulnerability Desk /HIGH /8.2 /⚑ 1 IOC /⚙ 3 Sigma

CVE-2026-41886: locize SDK Vulnerability Exposes Apps to Cross-Origin Attacks

CVE-2026-41886 — locize is a localization platform that connects code and i18n setup. Prior to version 4.0.21, the locize client SDK registers a window.addEventListener("message", …)...

vulnerabilityCVEhigh-severitycwe-79cwe-346
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-41885 — i18next-locize-backend is a simple i18next backend for

CVE-2026-41885 — i18next-locize-backend is a simple i18next backend for locize.com which can be used in Node.js, in the browser and for Deno. Prior to version...

vulnerabilityCVEmedium-severitycwe-22cwe-74
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 3 IOCs

OmniFaces RCE: Server-Side EL Injection Poses High Risk

CVE-2026-41883 — OmniFaces is a utility library for Faces. Prior to versions 1.14.2, 2.7.32, 3.14.16, 4.7.5, and 5.2.3, there is a server-side EL injection leading...

vulnerabilityCVEhigh-severityremote-code-executioncwe-917
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 5 IOCs /⚙ 3 Sigma

CVE-2026-41693: i18next-fs-backend Path Traversal Exposes Servers

CVE-2026-41693 — i18next-fs-backend is a backend layer for i18next using in Node.js and for Deno to load translations from the filesystem. Prior to version 2.6.4,...

vulnerabilityCVEhigh-severitycwe-22cwe-73
/SCW Vulnerability Desk /HIGH /8.2 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-41690: 18next-http-middleware Prototype Pollution Hits Node.js/Deno

CVE-2026-41690 — 18next-http-middleware is a middleware to be used with Node.js web frameworks like express or Fastify and also for Deno. Versions prior to 3.9.3...

vulnerabilityCVEhigh-severitydenial-of-servicecwe-22cwe-1321
/SCW Vulnerability Desk /HIGH /8.6 /⚑ 5 IOCs /⚙ 3 Sigma

CVE-2026-41683: i18next-http-middleware Header Injection Risk

CVE-2026-41683 — i18next-http-middleware is a middleware to be used with Node.js web frameworks like express or Fastify and also for Deno. Prior to version 3.9.3,...

vulnerabilityCVEhigh-severitycwe-79cwe-113
/SCW Vulnerability Desk /HIGH /8.6 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-41591 — Cross-Site Scripting (XSS)

CVE-2026-41591 — Marko is a declarative, HTML-based language for building web apps. Prior to marko version 5.38.36 and prior to @marko/runtime-tags 6.0.164, when dynamic text...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs /⚙ 6 Sigma

CVE-2026-41070: openvpn-auth-oauth2 Critical Bypass in Plugin Mode

CVE-2026-41070 — openvpn-auth-oauth2 is a plugin/management interface client for OpenVPN server to handle an OIDC based single sign-on (SSO) auth flows. From version 1.26.3 to...

vulnerabilityCVEcriticalhigh-severitycwe-287
/SCW Vulnerability Desk /CRITICAL /10 /⚑ 3 IOCs

Akamai Guardicore Local Privilege Escalation Hits Linux, macOS Clients

CVE-2026-34354 — Akamai Guardicore Platform Agent (GPA) and Zero Trust Client on Linux and macOS allow TOCTOU-based local privilege escalation. The GPA service creates an...

vulnerabilityCVEhigh-severitycommand-injectioncwe-367
/SCW Vulnerability Desk /HIGH /7.4 /⚑ 5 IOCs /⚙ 3 Sigma

CVE-2026-44500 — Insecure Deserialization

CVE-2026-44500 — ZEBRA is a Zcash node written entirely in Rust. Prior to zebrad version 4.4.0, prior to zebra-chain version 7.0.0, and prior to zebra-network...

vulnerabilityCVEmedium-severityinsecure-deserializationcwe-770
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 3 Sigma

RELATE Courseware Vulnerability: Critical Timing Attack CVE-2026-41588

CVE-2026-41588 — RELATE is a web-based courseware package. Prior to commit 2f68e16, there is a timing attack vulnerability in course/auth.py — check_sign_in_key(). This issue has...

vulnerabilityCVEcriticalhigh-severitycwe-208
/SCW Vulnerability Desk /CRITICAL /9 /⚑ 4 IOCs /⚙ 1 Sigma

Brave CMS Vulnerability: Phishing via Unescaped Contact Form

CVE-2026-41576 — Brave CMS is an open-source CMS. Prior to commit 6c56603, the contact form is publicly accessible (no authentication required). User-supplied message text is...

vulnerabilityCVEhigh-severitycwe-79
/SCW Vulnerability Desk /HIGH /7.1 /⚑ 4 IOCs /⚙ 2 Sigma

CVE-2026-41575 — An IP Reputation Checker Application Cross-Site Scripting (XSS)

CVE-2026-41575 — In th30d4y/IP from version 1.0.1 to before version 2.0.1, a DOM-Based Cross-Site Scripting (XSS) vulnerability was identified in an IP Reputation Checker application....

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79cwe-80
/SCW Vulnerability Desk /MEDIUM /6.1 /⚑ 3 IOCs /⚙ 2 Sigma

PHPUnit Vulnerability Allows RCE via INI Setting Injection

CVE-2026-41570 — PHPUnit is a testing framework for PHP. In versions 12.5.21 and 13.1.5, PHPUnit forwards PHP INI settings to child processes (used for isolated/PHPT...

vulnerabilityCVEhigh-severityremote-code-executioncwe-88cwe-93
/SCW Vulnerability Desk /HIGH /7.8 /⚑ 3 IOCs /⚙ 3 Sigma

Brave CMS XSS Vulnerability: Editor Role Leads to Persistent Code Execution

CVE-2026-41524 — Brave CMS is an open-source CMS. Prior to commit 6c56603, page and article body content entered through the CKEditor rich-text editor is stored...

vulnerabilityCVEhigh-severitycwe-79
/SCW Vulnerability Desk /HIGH /8.7 /⚑ 3 IOCs

CVE-2026-41308 — OSS PasswordPusher Allowed Unauthenticated Creation Of File- Vulnerability

CVE-2026-41308 — Password Pusher is an open source application to communicate sensitive information over the web. Prior to versions 1.69.3 and 2.4.2, a security issue...

vulnerabilityCVEmedium-severitycwe-288
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 6 Sigma

Fake Call History Apps Steal Payments After Millions of Play Store Downloads

The Hacker News reports a significant mobile fraud campaign involving 28 malicious apps on the official Google Play Store. These apps, collectively downloaded over 7.3...

threat-intelvulnerability
/SCW Vulnerability Desk /MEDIUM /⚑ 3 IOCs /⚙ 3 Sigma

PamDOORa Linux Backdoor Emerges Amidst Other Cyber Developments

SecurityWeek reports on the emergence of PamDOORa, a sophisticated Linux backdoor. This malware is designed to grant attackers persistent access to compromised systems, allowing for...

threat-intelvulnerabilitymalwaremicrosoftsecurityweek
/SCW Vulnerability Desk /MEDIUM /⚑ 2 IOCs

PraisonAI Vulnerability Allows Undeclared Tool Invocation (CVE-2026-44339)

CVE-2026-44339 — PraisonAI is a multi-agent teams system. Prior to praisonai version 4.6.37 and praisonaiagents version 1.6.37, praisonaiagents resolves unresolved tool names against module globals...

vulnerabilityCVEhigh-severitycwe-470
/SCW Vulnerability Desk /HIGH /8.6 /⚑ 4 IOCs

CVE-2026-44338: PraisonAI Flask API Lacks Default Authentication

CVE-2026-44338 — PraisonAI is a multi-agent teams system. From version 2.5.6 to before version 4.6.34, PraisonAI ships a legacy Flask API server with authentication disabled...

vulnerabilityCVEhigh-severitycwe-306cwe-668cwe-1188
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 4 IOCs

CVE-2026-44337 — PraisonAI is a multi-agent teams system. From version 2.4.1

CVE-2026-44337 — PraisonAI is a multi-agent teams system. From version 2.4.1 to before version 4.6.34, PraisonAI exposes optional SQL/CQL-backed knowledge-store implementations that build table and...

vulnerabilityCVEmedium-severitycwe-20cwe-89
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-44334: PraisonAI Multi-Agent System Vulnerable to Remote Code Execution

CVE-2026-44334 — PraisonAI is a multi-agent teams system. From version 4.5.139 to before version 4.6.32, CVE-2026-40287's fix gated tools.py auto-import behind PRAISONAI_ALLOW_LOCAL_TOOLS=true in two files...

vulnerabilityCVEhigh-severitycwe-94
/SCW Vulnerability Desk /HIGH /8.4 /⚑ 4 IOCs /⚙ 3 Sigma

ai-scanner RCE: Critical JavaScript Injection in BrowserAutomation

CVE-2026-41512 — ai-scanner is an AI model safety scanner built on NVIDIA garak. From version 1.0.0 to before version 1.4.1, there is a remote code...

vulnerabilityCVEcriticalhigh-severityremote-code-executioncwe-94
/SCW Vulnerability Desk /CRITICAL /9.9 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-41507: math-codegen RCE Exposes Apps to Arbitrary Command Execution

CVE-2026-41507 — math-codegen generates code from mathematical expressions. Prior to version 0.4.3, string literal content passed to cg.parse() is injected verbatim into a new Function()...

vulnerabilityCVEcriticalhigh-severitycwe-94
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-41506 — go-git is an extensible git implementation library written

CVE-2026-41506 — go-git is an extensible git implementation library written in pure Go. Prior to versions 5.18.0 and 6.0.0-alpha.2, go-git may leak HTTP authentication credentials...

vulnerabilityCVEmedium-severitycwe-522
/SCW Vulnerability Desk /MEDIUM /4.7 /⚑ 2 IOCs

CVE-2026-41497: PraisonAI Multi-Agent System Critical RCE

CVE-2026-41497 — PraisonAI is a multi-agent teams system. Prior to version 4.6.9, the fix for PraisonAI's MCP command handling does not add a command allowlist...

vulnerabilityCVEcriticalhigh-severitycode-executioncwe-77cwe-78
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 3 IOCs /⚙ 6 Sigma

CVE-2026-41496: PraisonAI SQL Injection Impacts Multiple Backends

CVE-2026-41496 — PraisonAI is a multi-agent teams system. Prior to praisonai version 4.6.9 and praisonaiagents version 1.6.9, the fix for CVE-2026-40315 added input validation to...

vulnerabilityCVEhigh-severitycwe-89
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 5 IOCs /⚙ 3 Sigma

Dapr CVE-2026-41491: ACL Bypass via Path Traversal

CVE-2026-41491 — Dapr is a portable, event-driven, runtime for building distributed applications across cloud and edge. From versions 1.3.0 to before 1.15.14, 1.16.0-rc.1 to before...

vulnerabilityCVEhigh-severitypath-traversalcwe-22cwe-284
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 4 IOCs /⚙ 2 Sigma

CVE-2025-69233 — Denial of Service

CVE-2025-69233 — Due to multiple time-of-check time-of-use race conditions in the resource count check and increment logic, as well as missing validations, users of the...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-367cwe-770
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2025-66467: MinIO Policy Cleanup Flaw in Apache CloudStack Grants Unauthorized Access

CVE-2025-66467 — Missing MinIO policy cleanup on bucket deletion via Apache CloudStack allows users to retain access to buckets which they previously owned. If another...

vulnerabilityCVEhigh-severitycwe-459
/SCW Vulnerability Desk /HIGH /8 /⚑ 3 IOCs /⚙ 3 Sigma

DrayTek Vigor 2960 RCE: Unauthenticated OS Command Injection

CVE-2022-50994 — DrayTek Vigor 2960 firmware versions prior to 1.5.1.4 contain an OS command injection vulnerability in the CGI login handler that allows unauthenticated remote...

vulnerabilityCVEhigh-severityremote-code-executioncwe-78
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 3 IOCs

Universal Robots PolyScope Critical OS Command Injection (CVE-2026-8153)

CVE-2026-8153 — OS command injection in Dashboard Server interface in Universal Robots PolyScope versions prior to 5.21.1 allows unauthenticated attacker to craft commands that will execute...

vulnerabilityCVEcriticalhigh-severitycommand-injectioncwe-78
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 2 IOCs /⚙ 2 Sigma

Braintrust Data Breach Prompts API Key Rotation After AWS Compromise

AI firm Braintrust recently experienced a data breach, confirming that hackers gained unauthorized access to one of its AWS accounts. According to SecurityWeek, this breach...

threat-intelvulnerabilitydata-breachcloud
/SCW Vulnerability Desk /HIGH /⚑ 2 IOCs /⚙ 3 Sigma

Quasar Linux RAT Targets Developers for Supply Chain Compromise

A previously undocumented Linux implant, codenamed Quasar Linux RAT (QLNX), is actively targeting developer systems. The Hacker News reports that QLNX establishes a persistent foothold...

threat-intelvulnerabilityidentityphishingthe-hacker-news
/SCW Vulnerability Desk /MEDIUM /⚑ 5 IOCs

Enterprise Security Ignores One Threat Per Week: 25 Million Alerts Show

A recent analysis of over 25 million security alerts, including informational and low-severity events, reveals a disturbing trend in enterprise security operations: defenders are systematically...

threat-intelvulnerabilitythe-hacker-news
/SCW Vulnerability Desk /MEDIUM

CVE-2026-7650 — Cross-Site Scripting (XSS)

CVE-2026-7650 — The E2Pdf – Export Pdf Tool for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' attribute of the...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-7475 — Cross-Site Scripting (XSS)

CVE-2026-7475 — The Sky Addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `sky-custom-scripts` custom post type in all versions up to,...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-5341 — Cross-Site Scripting (XSS)

CVE-2026-5341 — The NMR Strava activities plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's `strava_nmr_connect` shortcode in all versions up to,...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-7330: WordPress Auto Affiliate Links Plugin Stored XSS

CVE-2026-7330 — The Auto Affiliate Links plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 6.8.8 This is due...

vulnerabilityCVEhigh-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /HIGH /7.2 /⚑ 4 IOCs

WordPress Plugin Vulnerability: CVE-2026-5127 Allows Code Execution

CVE-2026-5127 — The User Frontend: AI Powered Frontend Posting, User Directory, Profile, Membership & User Registration plugin for WordPress is vulnerable to Deserialization of Untrusted...

vulnerabilityCVEhigh-severityinsecure-deserializationcwe-502
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs

PamDOORa Linux Backdoor Leverages PAM for Persistent SSH Access

The Hacker News reports on a new Linux backdoor named PamDOORa, currently being peddled on the Russian cybercrime forum Rehub for $1,600 by a threat...

threat-intelvulnerabilitymalwareidentitytoolsthe-hacker-news
/SCW Vulnerability Desk /MEDIUM /⚑ 3 IOCs

Linux 'Dirty Frag' Zero-Day Grants Root Privileges Across Major Distros

A critical Linux zero-day vulnerability, dubbed 'Dirty Frag,' enables local attackers to achieve root privileges with a single command across most major Linux distributions. BleepingComputer...

threat-inteldata-breachmalwarevulnerabilitybleepingcomputer
/SCW Vulnerability Desk /MEDIUM /⚑ 2 IOCs

Tenda CX12L Stack Buffer Overflow (CVE-2026-8138) Risks Remote Exploitation

CVE-2026-8138 — A vulnerability was found in Tenda CX12L 16.03.53.12. This issue affects the function formSetPPTPServer of the file /goform/SetPptpServerCfg”. The manipulation results in stack-based...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-121
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 4 IOCs /⚙ 2 Sigma

Totolink X5000R Buffer Overflow (CVE-2026-8137) Exposed

CVE-2026-8137 — A vulnerability has been found in Totolink X5000R 9.1.0u.6369_B20230113. This vulnerability affects the function sub_458E40 of the file /boafrm/formDdns. The manipulation of the...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-120
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-42279 — solidtime is an open-source time-tracking app. In version

CVE-2026-42279 — solidtime is an open-source time-tracking app. In version 0.12.0, the PUT /api/v1/organizations/{organization}/time-entries/{timeEntry} API accepts a route-bound timeEntry from another organization when the caller...

vulnerabilityCVEmedium-severitycwe-639
/SCW Vulnerability Desk /MEDIUM /5.8 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-42277 — Onyx is an open-source AI platform. Prior to versions

CVE-2026-42277 — Onyx is an open-source AI platform. Prior to versions 3.0.9, 3.1.6, and 3.2.6, the GET /chat/file/{file_id} endpoint allows any authenticated user to download...

vulnerabilityCVEmedium-severitycwe-639
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-42276 — Onyx is an open-source AI platform. Prior to versions

CVE-2026-42276 — Onyx is an open-source AI platform. Prior to versions 3.0.9, 3.1.6, and 3.2.6, the POST /chat/stop-chat-session/{chat_session_id} endpoint lets any authenticated user stop any...

vulnerabilityCVEmedium-severitycwe-639
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-8133: zyx0814 FilePress SQL Injection Exploited

CVE-2026-8133 — A security vulnerability has been detected in zyx0814 FilePress up to 2.2.0. Affected by this vulnerability is an unknown functionality of the file...

vulnerabilityCVEhigh-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 4 IOCs /⚙ 3 Sigma

CodeAstro Leave Management System SQLi (CVE-2026-8132)

CVE-2026-8132 — A weakness has been identified in CodeAstro Leave Management System 1.0. Affected is an unknown function of the file /login.php. This manipulation of...

vulnerabilityCVEhigh-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-8131: SourceCodester SUP Online Shopping SQL Injection

CVE-2026-8131 — A security flaw has been discovered in SourceCodester SUP Online Shopping 1.0. This impacts an unknown function of the file /admin/replymsg.php. The manipulation...

vulnerabilityCVEhigh-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 3 Sigma

SourceCodester SUP Online Shopping SQLi: CVE-2026-8130 Exposed

CVE-2026-8130 — A vulnerability was identified in SourceCodester SUP Online Shopping 1.0. This affects an unknown function of the file /admin/message.php. The manipulation of the...

vulnerabilityCVEhigh-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 3 Sigma

SourceCodester SUP Online Shopping SQL Injection (CVE-2026-8129)

CVE-2026-8129 — A vulnerability was determined in SourceCodester SUP Online Shopping 1.0. The impacted element is an unknown function of the file wishlist.php. Executing a...

vulnerabilityCVEhigh-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 3 Sigma

electerm RCE (CVE-2026-43943) via Malicious SFTP Filenames

CVE-2026-43943 — electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client. Prior to version 3.7.9, a code execution (RCE) vulnerability exists in electerm's SFTP open with system editor...

vulnerabilityCVEhigh-severitycode-executioncwe-78cwe-88
/SCW Vulnerability Desk /HIGH /7.8 /⚑ 3 IOCs /⚙ 6 Sigma

Electerm CVE-2026-43941: Critical RCE via Malicious Terminal Links

CVE-2026-43941 — electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client. In versions 3.8.15 and prior, Electerm's terminal hyperlink handler passes any URL clicked in the terminal directly...

vulnerabilityCVEcriticalhigh-severitycode-executioncwe-88cwe-601
/SCW Vulnerability Desk /CRITICAL /9.6 /⚑ 3 IOCs /⚙ 4 Sigma

CVE-2026-43940: electerm Path Traversal Leads to RCE

CVE-2026-43940 — electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client. Prior to version 3.7.16, the runWidget function in src/app/widgets/load-widget.js constructs a file path by directly concatenating user‑supplied...

vulnerabilityCVEhigh-severitycode-executioncwe-22cwe-829
/SCW Vulnerability Desk /HIGH /8.4 /⚑ 4 IOCs /⚙ 3 Sigma

zrok WebDAV Vulnerability (CVE-2026-42275) Allows Remote File Access

CVE-2026-42275 — zrok is software for sharing web services, files, and network resources. Prior to version 2.0.2, the zrok WebDAV drive backend (davServer.Dir) restricts path...

vulnerabilityCVEhigh-severitypath-traversalcwe-22cwe-61
/SCW Vulnerability Desk /HIGH /8.7 /⚑ 4 IOCs /⚙ 3 Sigma

Axios Prototype Pollution: Critical Vulnerability Exposes HTTP Requests

CVE-2026-42264 — Axios is a promise based HTTP client for the browser and Node.js. From version 1.0.0 to before version 1.15.2, fFive config properties (auth,...

vulnerabilityCVEhigh-severitycwe-1321
/SCW Vulnerability Desk /HIGH /7.4 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-42261: PromptHub SSRF Bypass Via IPv6 Mapped Addresses

CVE-2026-42261 — PromptHub is an all-in-one AI toolbox for prompt, skill, and agent management. From version 0.4.9 to before version 0.5.4, apps/web/src/routes/skills.ts exposes an authenticated...

vulnerabilityCVEhigh-severityserver-side-request-forgerycwe-20cwe-693cwe-918
/SCW Vulnerability Desk /HIGH /7.1 /⚑ 4 IOCs /⚙ 6 Sigma

CVE-2026-41900: OpenLearnX RCE Allows Sandbox Escape and Command Execution

CVE-2026-41900 — OpenLearnX is an open-source, decentralized learning and assessment platform. Prior to version 2.0.3, a remote code execution (RCE) vulnerability was identified in the...

vulnerabilityCVEhigh-severityremote-code-executioncwe-78cwe-94cwe-250cwe-284cwe-693
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-41646 — Nuclei'S JavaScript Protocol Runtime Vulnerability

CVE-2026-41646 — Nuclei is a vulnerability scanner built on a simple YAML-based DSL. From version 3.0.0 to before version 3.8.0, a vulnerability in Nuclei's JavaScript...

vulnerabilityCVEmedium-severitycwe-284
/SCW Vulnerability Desk /MEDIUM /5.5 /⚑ 2 IOCs /⚙ 3 Sigma

Electerm Critical Command Injection Flaw Patched (CVE-2026-41501)

CVE-2026-41501 — electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client. Prior to version 3.3.8, a command injection vulnerability exists in github.com/elcterm/electerm/npm/install.js:130. The runLinux() function appends attacker-controlled remote...

vulnerabilityCVEcriticalhigh-severitycommand-injectioncwe-77
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 1 IOC /⚙ 2 Sigma

electerm CVE-2026-41500: Critical Command Injection in Terminal Client

CVE-2026-41500 — electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client. Prior to version 3.3.8, a command injection vulnerability exists in github.com/elcterm/electerm/npm/install.js:150. The runMac() function appends attacker-controlled remote...

vulnerabilityCVEcriticalhigh-severitycommand-injectioncwe-77
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-8128: SourceCodester SUP Online Shopping SQLi Exposed

CVE-2026-8128 — A vulnerability was found in SourceCodester SUP Online Shopping 1.0. The affected element is an unknown function of the file /admin/viewmsg.php. Performing a...

vulnerabilityCVEhigh-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-8127 — Eladmin Improper Access Control

CVE-2026-8127 — A vulnerability has been found in eladmin up to 2.7. Impacted is the function checkLevel of the file /rest/UserController.java of the component Users...

vulnerabilityCVEmedium-severityimproper-access-controlcwe-266cwe-284
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 2 Sigma

SourceCodester Comment System SQLi Vulnerability (CVE-2026-8126)

CVE-2026-8126 — A flaw has been found in SourceCodester Comment System 1.0. This issue affects some unknown processing of the file post_comment.php. This manipulation of...

vulnerabilityCVEhigh-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-8125 — Code-Projects Simple Chat System SQL Injection

CVE-2026-8125 — A vulnerability was detected in code-projects Simple Chat System 1.0. This vulnerability affects unknown code of the file sendMessage.php. The manipulation of the...

vulnerabilityCVEmedium-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-8123 — Denial of Service

CVE-2026-8123 — A vulnerability was determined in Open5GS up to 2.7.7. This impacts the function ogs_sbi_discovery_option_add_snssais in the library /lib/sbi/message.c of the component NSSF. This...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-404
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-8122 — Open5GS Denial of Service

CVE-2026-8122 — A vulnerability was found in Open5GS up to 2.7.7. This affects the function ogs_sbi_discovery_option_add_service_names in the library /lib/sbi/message.c of the component NSSF. The...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-404
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 1 Sigma

CVE-2026-8121 — Open5GS Denial of Service

CVE-2026-8121 — A vulnerability has been found in Open5GS up to 2.7.7. The impacted element is the function ogs_sbi_parse_plmn_list in the library /lib/sbi/conv.c of the...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-404
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs

CVE-2026-8120 — Open5GS Denial of Service

CVE-2026-8120 — A flaw has been found in Open5GS up to 2.7.7. The affected element is the function nssf_nnrf_nsselection_handle_get_from_amf_or_vnssf of the file /src/nssf/nnssf-handler.c of the...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-404
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs

CVE-2026-8117 — SourceCodester Pizzafy Ecommerce System Vulnerability

CVE-2026-8117 — A security vulnerability has been detected in SourceCodester Pizzafy Ecommerce System 1.0. This issue affects some unknown processing of the file /admin/index.php. Such...

vulnerabilityCVEmedium-severitycwe-79cwe-94
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-8116 — Unknown Code Of The File Src/Controllers/DxtController.Ts Path Traversal

CVE-2026-8116 — A weakness has been identified in huangjunsen0406 xiaozhi-mcphub up to 1.0.3. This vulnerability affects unknown code of the file src/controllers/dxtController.ts. This manipulation of...

vulnerabilityCVEmedium-severitypath-traversalcwe-22
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-8115 — Gyoridavid Short-Video-Maker Path Traversal

CVE-2026-8115 — A security flaw has been discovered in gyoridavid short-video-maker up to 1.3.4. This affects an unknown part of the file src/server/routers/rest.ts of the...

vulnerabilityCVEmedium-severitypath-traversalcwe-22
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 2 Sigma

MAXHUB Pivot Client Vulnerability Exposes Tenant Emails, Allows DoS

CVE-2026-6411 — This vulnerability, in the MAXHUB Pivot client application versions prior to v1.36.2, may allow an attacker to obtain encrypted tenant email addresses and...

vulnerabilityCVEhigh-severitycwe-327
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 3 Sigma

Argo CD CVE-2026-42880: Critical Data Exposure from Read-Only Access

CVE-2026-42880 — Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. From versions 3.2.0 to before 3.2.11 and 3.3.0 to before 3.3.9, there...

vulnerabilityCVEcriticalhigh-severitycwe-200cwe-212
/SCW Vulnerability Desk /CRITICAL /9.6 /⚑ 4 IOCs

ShinyHunters Defaces Canvas Login Portals in Mass Extortion Campaign

The ShinyHunters extortion gang has once again breached Instructure, the education technology giant behind Canvas. BleepingComputer reports that the attackers exploited a new vulnerability to...

threat-inteldata-breachmalwarevulnerability
/SCW Vulnerability Desk /MEDIUM /⚑ 2 IOCs

CVE-2026-8112 — 8421bit MiniClaw Command Injection

CVE-2026-8112 — A vulnerability was found in 8421bit MiniClaw up to 223c16a1088e138838dcbd18cd65a37c35ac5a84. Affected is the function executeCognitivePulse of the file src/kernel.ts. Performing a manipulation results...

vulnerabilityCVEmedium-severitycommand-injectioncwe-77cwe-78
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 3 Sigma

Azure DevOps Critical Info Disclosure: CVE-2026-42826

CVE-2026-42826 — Exposure of sensitive information to an unauthorized actor in Azure DevOps allows an unauthorized attacker to disclose information over a network.

vulnerabilityCVEcriticalhigh-severitycwe-200
/SCW Vulnerability Desk /CRITICAL /10 /⚑ 1 IOC /⚙ 2 Sigma

CVE-2026-41105: Azure Notification Service SSRF Allows Privilege Escalation

CVE-2026-41105 — Server-side request forgery (ssrf) in Azure Notification Service allows an authorized attacker to elevate privileges over a network.

vulnerabilityCVEhigh-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-40214 — Denial of Service

CVE-2026-40214 — In OpenStack Cyborg before 16.0.1, the Accelerator Request (ARQ) API does not enforce project ownership at any layer. The project_id column in the...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-282
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 2 IOCs /⚙ 3 Sigma

OpenStack Cyborg Flaw Allows FPGA Reprogramming via Unauthenticated API

CVE-2026-40213 — OpenStack Cyborg before 16.0.1 uses rule:allow (check_str='@') as the default policy for multiple API endpoints. This unconditionally authorizes any request carrying a valid...

vulnerabilityCVEhigh-severitycwe-863
/SCW Vulnerability Desk /HIGH /7.4 /⚑ 3 IOCs /⚙ 3 Sigma

Azure AI Foundry M365 Flaw Allows Network Privilege Escalation

CVE-2026-35435 — Improper access control in Azure AI Foundry M365 published agents allows an unauthorized attacker to elevate privileges over a network.

vulnerabilityCVEhigh-severityimproper-access-controlcwe-284
/SCW Vulnerability Desk /HIGH /8.6 /⚑ 2 IOCs /⚙ 2 Sigma

Azure Cloud Shell Critical Command Injection: CVE-2026-35428 Allows Spoofing

CVE-2026-35428 — Improper neutralization of special elements used in a command ('command injection') in Azure Cloud Shell allows an unauthorized attacker to perform spoofing over...

vulnerabilityCVEcriticalhigh-severitycommand-injectioncwe-77
/SCW Vulnerability Desk /CRITICAL /9.6 /⚑ 2 IOCs /⚙ 3 Sigma

Microsoft Partner Center Vulnerability Allows Spoofing (CVE-2026-34327)

CVE-2026-34327 — Externally controlled reference to a resource in another sphere in Microsoft Partner Center allows an unauthorized attacker to perform spoofing over a network....

vulnerabilityCVEhigh-severitycwe-610
/SCW Vulnerability Desk /HIGH /8.2 /⚑ 2 IOCs /⚙ 2 Sigma

Azure Managed Instance for Apache Cassandra RCE: Critical Input Validation Flaw

CVE-2026-33844 — Improper input validation in Azure Managed Instance for Apache Cassandra allows an authorized attacker to execute code over a network.

vulnerabilityCVEcriticalhigh-severitycwe-20
/SCW Vulnerability Desk /CRITICAL /9 /⚑ 2 IOCs /⚙ 3 Sigma

Microsoft Teams Critical Auth Flaw Exposes Info (CVE-2026-33823)

CVE-2026-33823 — Improper authorization in Microsoft Teams allows an authorized attacker to disclose information over a network.

vulnerabilityCVEcriticalhigh-severitycwe-285
/SCW Vulnerability Desk /CRITICAL /9.6 /⚑ 2 IOCs /⚙ 3 Sigma

Microsoft Copilot Chat Command Injection Vulnerability Discloses Info

CVE-2026-33111 — Improper neutralization of special elements used in a command ('command injection') in Copilot Chat (Microsoft Edge) allows an unauthorized attacker to disclose information...

vulnerabilityCVEhigh-severitycommand-injectioncwe-77
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-33109: Critical RCE in Azure Managed Instance for Apache Cassandra

CVE-2026-33109 — Improper access control in Azure Managed Instance for Apache Cassandra allows an authorized attacker to execute code over a network.

vulnerabilityCVEcriticalhigh-severityimproper-access-controlcwe-284
/SCW Vulnerability Desk /CRITICAL /9.9 /⚑ 2 IOCs /⚙ 3 Sigma

Azure Machine Learning XSS Exposes Data, Allows Spoofing

CVE-2026-32207 — Improper neutralization of input during web page generation ('cross-site scripting') in Azure Machine Learning allows an unauthorized attacker to perform spoofing over a...

vulnerabilityCVEhigh-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 2 IOCs /⚙ 3 Sigma

M365 Copilot Injection Vulnerability CVE-2026-26164 Allows Info Disclosure

CVE-2026-26164 — Improper neutralization of special elements in output used by a downstream component ('injection') in M365 Copilot allows an unauthorized attacker to disclose information...

vulnerabilityCVEhigh-severitycwe-74
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 2 IOCs /⚙ 2 Sigma

M365 Copilot Vulnerability CVE-2026-26129 Exposes Information

CVE-2026-26129 — Improper neutralization of special elements in M365 Copilot allows an unauthorized attacker to disclose information over a network.

vulnerabilityCVEhigh-severitycwe-138
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-8098: SQL Injection in code-projects Feedback System 1.0

CVE-2026-8098 — A security vulnerability has been detected in code-projects Feedback System 1.0. Impacted is an unknown function of the file /admin/checklogin.php. Such manipulation of...

vulnerabilityCVEhigh-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-8097 — CodeAstro Online Classroom SQL Injection

CVE-2026-8097 — A security flaw has been discovered in CodeAstro Online Classroom 1.0. This vulnerability affects unknown code of the file /askquery.php. The manipulation of...

vulnerabilityCVEmedium-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-42449: n8n-MCP SSRF Bypasses IPv6 Checks

CVE-2026-42449 — n8n-MCP is an MCP server that provides AI assistants access to n8n node documentation, properties, and operations. In versions 2.47.4 through 2.47.13, the...

vulnerabilityCVEhigh-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /HIGH /8.5 /⚑ 5 IOCs /⚙ 4 Sigma

CVE-2026-42047: Inngest Exposes Environment Variables via HTTP Handler

CVE-2026-42047 — Inngest is a platform for running event-driven and scheduled background functions with queueing, retries, and step orchestration. Versions 3.22.0 through 3.53.1 contain a...

vulnerabilityCVEhigh-severitycwe-200cwe-497
/SCW Vulnerability Desk /HIGH /8.6 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-41692 — i18nextify is a JavaScript library that adds website

CVE-2026-41692 — i18nextify is a JavaScript library that adds website internationalization via a script tag, without source code changes. Versions prior to 4.0.8 substitute {{key}}...

vulnerabilityCVEmedium-severitycwe-79cwe-94
/SCW Vulnerability Desk /MEDIUM /4.7 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-41691 — Path Traversal

CVE-2026-41691 — Copilot said: i18nextify is a JavaScript library that adds i18nextify is a JavaScript library that adds website internationalization via a script tag, without...

vulnerabilityCVEmedium-severitypath-traversalcwe-22cwe-74
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-8087 — OSGeo Gdal Buffer Overflow

CVE-2026-8087 — A security flaw has been discovered in OSGeo gdal up to 3.13.0dev-4. Impacted is the function GDnentries of the file frmts/hdf4/hdf-eos/GDapi.c. Performing a...

vulnerabilityCVEmedium-severitybuffer-overflowcwe-119cwe-122
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-43510: CISA's manage.get.gov Domain Manager Vulnerability

CVE-2026-43510 — manage.get.gov is the .gov TLD registrar maintained by CISA. manage.get.gov allows an organization administrator to assign domain manager privileges for domains not already...

vulnerabilityCVEhigh-severitycwe-266
/SCW Vulnerability Desk /HIGH /7.6 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-42241 — Applications Using ParquetSharp To Read Untrusted Parquet Fi Vulnerability

CVE-2026-42241 — ParquetSharp is a .NET library for reading and writing Apache Parquet files. From version 18.1.0 to before version 23.0.0.1, DecimalConverter.ReadDecimal makes a stackalloc...

vulnerabilityCVEmedium-severitycwe-789
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 2 Sigma

Budibase Low-Code Platform Vulnerability Allows Full Account Takeover via XSS

CVE-2026-42239 — Budibase is an open-source low-code platform. Prior to version 3.35.10, the budibase:auth cookie containing the JWT session token is set with httpOnly: false...

vulnerabilityCVEhigh-severitycross-site-scripting-xsscwe-1004
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 1 IOC /⚙ 3 Sigma

CVE-2026-8086 — OSGeo Gdal Buffer Overflow

CVE-2026-8086 — A vulnerability was identified in OSGeo gdal up to 3.13.0dev-4. This issue affects the function SWnentries of the file frmts/hdf4/hdf-eos/SWapi.c. Such manipulation of...

vulnerabilityCVEmedium-severitybuffer-overflowcwe-119cwe-122
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 3 IOCs /⚙ 4 Sigma

CVE-2026-8083: SQL Injection in SourceCodester Pharmacy System

CVE-2026-8083 — A vulnerability was found in SourceCodester Pharmacy Sales and Inventory System 1.0. This affects an unknown part of the file /ajax.php?action=save_user. The manipulation...

vulnerabilityCVEhigh-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-44742: Postorius HTML Injection Exploited In The Wild

CVE-2026-44742 — Postorius through 1.3.13 does not escape HTML in the message subject when rendering it in the Held messages pop-up, as exploited in the...

vulnerabilityCVEhigh-severitycwe-79
/SCW Vulnerability Desk /HIGH /7.2 /⚑ 3 IOCs /⚙ 2 Sigma

GitPython CVE-2026-44244 Allows Remote Code Execution via HooksPath Injection

CVE-2026-44244 — GitPython is a python library used to interact with Git repositories. Prior to version 3.1.49, GitConfigParser.set_value() passes values to Python's configparser without validating...

vulnerabilityCVEhigh-severitycwe-94
/SCW Vulnerability Desk /HIGH /7.8 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-42284: GitPython Vulnerability Allows Remote Code Execution Via Malicious Clones

CVE-2026-42284 — GitPython is a python library used to interact with Git repositories. Prior to version 3.1.47, _clone() validates multi_options as the original list, then...

vulnerabilityCVEhigh-severitycwe-88
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 1 IOC /⚙ 2 Sigma

CVE-2026-42215: GitPython Arbitrary Command Execution Vulnerability

CVE-2026-42215 — GitPython is a python library used to interact with Git repositories. From version 3.1.30 to before version 3.1.47, GitPython blocks dangerous Git options...

vulnerabilityCVEhigh-severitycwe-78
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 5 IOCs /⚙ 2 Sigma

NotepadNext CVE-2026-42214: Arbitrary Command Execution via Malicious Extensions

CVE-2026-42214 — Notepad Next is a cross-platform, reimplementation of Notepad++. Prior to version 0.14, NotepadNext's detectLanguageFromExtension() function interpolates a file's extension directly into a Lua...

vulnerabilityCVEhigh-severitycwe-94
/SCW Vulnerability Desk /HIGH /7.8 /⚑ 1 IOC

FreeScout CVE-2026-41906: Agent Can Expose Hidden Customer Data

CVE-2026-41906 — FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to version 1.8.214, the Change Customer modal correctly...

vulnerabilityCVEhigh-severitycwe-639
/SCW Vulnerability Desk /HIGH /7.1 /⚑ 3 IOCs /⚙ 2 Sigma

FreeScout CVE-2026-41905: Server-Side Request Forgery via Redirect Logic

CVE-2026-41905 — FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to version 1.8.217, Helper::sanitizeRemoteUrl() in app/Misc/Helper.php follows HTTP...

vulnerabilityCVEhigh-severitycwe-918
/SCW Vulnerability Desk /HIGH /7.7 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-41904: FreeScout XSS Delivers Payloads via Auto-Reply

CVE-2026-41904 — FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to version 1.8.217, a user with updateAutoReply permission...

vulnerabilityCVEhigh-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /HIGH /7.6 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-41903 — FreeScout is a free help desk and shared inbox built with

CVE-2026-41903 — FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to version 1.8.217, a user holding the PERM_EDIT_USERS...

vulnerabilityCVEmedium-severitycwe-863
/SCW Vulnerability Desk /MEDIUM /5.4 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-41902: FreeScout Invite Hash Vulnerability Allows Permanent Account Takeover

CVE-2026-41902 — FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to version 1.8.217, the /user-setup/{hash} endpoint accepts a...

vulnerabilityCVEcriticalhigh-severitycwe-613
/SCW Vulnerability Desk /CRITICAL /9.1 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-8081 — Router-For-Me CLIProxyAPI Server-Side Request Forgery

CVE-2026-8081 — A vulnerability has been found in router-for-me CLIProxyAPI 6.9.29. Affected by this issue is some unknown functionality of the file internal/api/handlers/management/api_tools.go of the...

vulnerabilityCVEmedium-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 2 IOCs /⚙ 3 Sigma

Snipe-IT CVE-2026-37709: Critical RCE via Insecure Permissions

CVE-2026-37709 — Insecure Permissions vulnerability in grokability snipe-it v.8.4.0 and before and fixed after 2026-03-10 commit 676a9958 allows a remote attacker to execute arbitrary code...

vulnerabilityCVEcriticalhigh-severitycwe-284
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 3 IOCs /⚙ 3 Sigma

PCPJack Credential Stealer Exploits 5 CVEs for Cloud Worm-Like Spread

The Hacker News reports on PCPJack, a new credential theft framework actively targeting exposed cloud infrastructure. This sophisticated toolset is designed to not only harvest...

threat-intelvulnerabilitymalwaredata-breachcloudidentitytoolsthe-hacker-news
/SCW Vulnerability Desk /MEDIUM /⚑ 3 IOCs

CVE-2026-7415: Yarbo Robot Firmware Exposes Sensitive Data via Anonymous MQTT

CVE-2026-7415 — The MQTT broker embedded in Yarbo firmware v2.3.9 is configured to allow anonymous connections with no topic-level read or write ACLs. Any host...

vulnerabilityCVEcriticalhigh-severitycwe-306
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 3 IOCs /⚙ 3 Sigma

Yarbo Firmware v2.3.9 Critical Hardcoded Credential Vulnerability

CVE-2026-7414 — Yarbo firmware v2.3.9 contains hardcoded administrative credentials embedded in the firmware image. These credentials are identical across all devices running this firmware and...

vulnerabilityCVEcriticalhigh-severitycwe-798
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 2 IOCs

CVE-2026-7413: Hidden Backdoor Found in Yarbo Firmware

CVE-2026-7413 — A hidden, persistent backdoor was found in Yarbo firmware v2.3.9 that provides remote, unauthenticated (or weakly authenticated) access to privileged functionality. The backdoor...

vulnerabilityCVEhigh-severitycwe-912
/SCW Vulnerability Desk /HIGH /7.2 /⚑ 3 IOCs /⚙ 3 Sigma

Palo Alto Networks Zero-Day Exploited by Suspected Chinese State Actor

SecurityWeek reports that a Palo Alto Networks zero-day vulnerability is being actively exploited in a campaign exhibiting hallmarks of Chinese state-sponsored hacking. While direct attribution...

threat-intelvulnerability
/SCW Vulnerability Desk /MEDIUM /⚑ 1 IOC /⚙ 3 Sigma

Ivanti EPMM RCE Vulnerability Exploited in Zero-Day Attacks

Ivanti has issued a critical warning regarding a zero-day vulnerability in its Endpoint Manager Mobile (EPMM) software. BleepingComputer reports that this flaw allows for remote...

threat-inteldata-breachmalwarevulnerability
/SCW Vulnerability Desk /HIGH /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-44264 — Weblate is a web based localization tool. Prior to version

CVE-2026-44264 — Weblate is a web based localization tool. Prior to version 5.17.1, the Markdown renderer used in user comments and other user-provided content didn't...

vulnerabilityCVEmedium-severitycwe-80
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs

CVE-2026-44263 — Weblate is a web based localization tool. Prior to version

CVE-2026-44263 — Weblate is a web based localization tool. Prior to version 5.17.1, the screenshots, tasks, and component link API allowed for the enumeration of...

vulnerabilityCVEmedium-severitycwe-203
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 6 Sigma

gnutls CVE-2026-42011: Certificate Validation Bypass Poses MITM Risk

CVE-2026-42011 — A flaw was found in gnutls. This vulnerability occurs because permitted name constraints were incorrectly ignored when previous Certificate Authorities (CAs) only had...

vulnerabilityCVEhigh-severitycwe-295
/SCW Vulnerability Desk /HIGH /7.4 /⚑ 2 IOCs

CVE-2026-41689 — Wallos is an open-source, self-hostable personal

CVE-2026-41689 — Wallos is an open-source, self-hostable personal subscription tracker. In versions 4.8.4 and prior, the webhook notification feature reuses an administrator-configured local-target allowlist for...

vulnerabilityCVEmedium-severitycwe-863cwe-918
/SCW Vulnerability Desk /MEDIUM /6 /⚑ 3 IOCs

CVE-2026-41688: Wallos SSRF Bypass via DNS Rebinding

CVE-2026-41688 — Wallos is an open-source, self-hostable personal subscription tracker. In versions 4.8.4 and prior, the incomplete SSRF fix in Wallos validates webhook URLs via...

vulnerabilityCVEhigh-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /HIGH /7.7 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-41687 — Server-Side Request Forgery

CVE-2026-41687 — Wallos is an open-source, self-hostable personal subscription tracker. Prior to version 4.8.1, the SSRF protection in endpoints/subscription/add.php (line 42) and endpoints/payments/add.php (line 40)...

vulnerabilityCVEmedium-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs

CVE-2026-41650 — Cross-Site Scripting (XSS)

CVE-2026-41650 — fast-xml-parser allows users to process XML from JS object without C/C++ based libraries or callbacks. Prior to version 5.7.0, XMLBuilder does not escape...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-91
/SCW Vulnerability Desk /MEDIUM /6.1 /⚑ 2 IOCs

CVE-2026-41519 — Weblate is a web based localization tool. Prior to version

CVE-2026-41519 — Weblate is a web based localization tool. Prior to version 5.17.1, when a user changes their password, browser sessions are correctly invalidated via...

vulnerabilityCVEmedium-severitycwe-613
/SCW Vulnerability Desk /MEDIUM /4.2 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-41505: RELATE Courseware Package Suffers Predictable Token Generation Flaw

CVE-2026-41505 — RELATE is a web-based courseware package. Prior to commit 2f68e16, RELATE is vulnerable to predictable token generation in auth.py's make_sign_in_key() function and exam.py's...

vulnerabilityCVEhigh-severitycwe-330cwe-338
/SCW Vulnerability Desk /HIGH /8.7 /⚑ 3 IOCs /⚙ 4 Sigma

Daptin Headless CMS SQLi Puts Data at High Risk

CVE-2026-41422 — Daptin is a GraphQL/JSON-API headless CMS. Prior to version 0.11.4, the /aggregate/:typename endpoint accepted column and group query parameters that were passed verbatim...

vulnerabilityCVEhigh-severitycwe-89
/SCW Vulnerability Desk /HIGH /8.3 /⚑ 3 IOCs

Claude Code OAuth Tokens Vulnerable to Stealthy MCP Hijacking

Mitiga researchers have uncovered a critical vulnerability allowing attackers to silently hijack Claude Code's Managed Code Platform (MCP) traffic. According to SecurityWeek, this attack vector...

threat-intelvulnerabilityidentity
/SCW Vulnerability Desk /MEDIUM /⚙ 3 Sigma

DivvyDrive Open Redirect Vulnerability CVE-2026-6795 Rated Critical

CVE-2026-6795 — URL redirection to untrusted site ('open redirect') vulnerability in DivvyDrive Information Technologies Inc. DivvyDrive allows Parameter Injection. This issue affects DivvyDrive: from 4.8.2.9...

vulnerabilityCVEcriticalhigh-severityopen-redirectcwe-601
/SCW Vulnerability Desk /CRITICAL /9.6 /⚑ 3 IOCs

CVE-2026-41685 — Incus is a system container and virtual machine manager.

CVE-2026-41685 — Incus is a system container and virtual machine manager. Prior to version 7.0.0, uploads of large amount of data by authenticated users can...

vulnerabilityCVEmedium-severitycwe-770
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-41684 — Incus is a system container and virtual machine manager.

CVE-2026-41684 — Incus is a system container and virtual machine manager. Prior to version 7.0.0, backup.GetInfo() trusts the inline backup/index.yaml config when present and only...

vulnerabilityCVEmedium-severitycwe-476
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-41647 — Incus is a system container and virtual machine manager.

CVE-2026-41647 — Incus is a system container and virtual machine manager. Prior to version 7.0.0, a missing error handling could lead an authenticated Incus user...

vulnerabilityCVEmedium-severitycwe-476
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-41589: Critical Path Traversal in Wish SSH Server SCP Middleware

CVE-2026-41589 — Wish is an SSH server with defaults and a collection of middlewares. From version 2.0.0 to before version 2.0.1, the SCP middleware in...

vulnerabilityCVEcriticalhigh-severitypath-traversalcwe-22
/SCW Vulnerability Desk /CRITICAL /9.6 /⚑ 1 IOC /⚙ 3 Sigma

Bricks Builder Flaw: CVE-2026-41554 Exposes Websites to Reflected XSS

CVE-2026-41554 — Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bricks Builder allows Reflected XSS. This issue affects Bricks Builder: from...

vulnerabilityCVEhigh-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /HIGH /7.1 /⚑ 1 IOC /⚙ 3 Sigma

Dagster Orchestration Platform Vulnerable to SQL Injection via Dynamic Partitions

CVE-2026-41490 — Dagster is an orchestration platform for the development, production, and observation of data assets. Prior to Dagster Core version 1.13.1 and prior to...

vulnerabilityCVEhigh-severitycwe-89
/SCW Vulnerability Desk /HIGH /8.3 /⚑ 5 IOCs /⚙ 3 Sigma

CVE-2025-14341: DivvyDrive Vulnerability Allows Excessive Allocation, Flooding

CVE-2025-14341 — Improperly controlled modification of Dynamically-Determined object attributes, Allocation of resources without limits or throttling vulnerability in DivvyDrive Information Technologies Inc. DivvyDrive allows Excessive...

vulnerabilityCVEhigh-severitycwe-770cwe-915
/SCW Vulnerability Desk /HIGH /8.3 /⚑ 4 IOCs

AI-Powered Phishing: The 'Patient Zero' Threat to Enterprise Security

The Hacker News reports that in 2026, threat actors are leveraging AI to craft highly sophisticated phishing attacks, making the initial 'Patient Zero' compromise nearly...

threat-intelvulnerabilitydata-breachthe-hacker-news
/SCW Vulnerability Desk /MEDIUM /⚑ 2 IOCs

Cisco Researchers Expose Pixel-Level Attacks on AI Vision Models

Cisco’s AI security researchers have uncovered critical vulnerabilities in vision-language models (VLMs), revealing that attackers can manipulate these models through imperceptible, pixel-level changes in images....

threat-intelvulnerabilityai-security
/SCW Vulnerability Desk /MEDIUM /⚑ 2 IOCs

DivvyDrive XSS Vulnerability (CVE-2026-6002) Poses High Risk

CVE-2026-6002 — Improper neutralization of Script-Related HTML tags in a web page (basic XSS) vulnerability in DivvyDrive Information Technologies Inc. DivvyDrive allows Cross-Site Scripting (XSS)....

vulnerabilityCVEhigh-severitycross-site-scripting-xsscwe-80
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 2 Sigma

DivvyDrive Critical CSRF Vulnerability: CVE-2026-5791 Poses Remote Attack Risk

CVE-2026-5791 — Cross-Site request forgery (CSRF) vulnerability in DivvyDrive Information Technologies Inc. DivvyDrive allows Cross Site Request Forgery. This issue affects DivvyDrive: from 4.8.2.9 before...

vulnerabilityCVEcriticalhigh-severitycwe-352
/SCW Vulnerability Desk /CRITICAL /9.6 /⚑ 2 IOCs

DivvyDrive Stored XSS Vulnerability (CVE-2026-5784) Poses High Risk

CVE-2026-5784 — Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in DivvyDrive Information Technologies Inc. DivvyDrive allows Stored XSS. This issue affects...

vulnerabilityCVEhigh-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 4 IOCs

AI Coding Agents Fuel Next Supply Chain Crisis with 'TrustFall' Attacks

SecurityWeek reports a novel attack vector, dubbed "TrustFall," demonstrating how AI coding agents can be manipulated to initiate stealthy supply chain compromises. This isn't theoretical;...

threat-intelvulnerabilitysecurityweek
/SCW Vulnerability Desk /MEDIUM /⚑ 2 IOCs

CVE-2026-6508: Liderahenk Origin Validation Error Allows Critical Access

CVE-2026-6508 — Origin Validation Error vulnerability in TUBITAK BILGEM Software Technologies Research Institute Liderahenk allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects...

vulnerabilityCVEcriticalhigh-severitycwe-346
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-42285: Critical GoBGP Flaw Allows Remote Crash via Malformed UPDATE

CVE-2026-42285 — GoBGP is an open source Border Gateway Protocol (BGP) implementation in the Go Programming Language. In version 4.4.0, an unauthenticated remote BGP peer...

vulnerabilityCVEhigh-severitycwe-476
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 3 IOCs /⚙ 1 Sigma

CVE-2026-42010: GnuTLS RSA-PSK NUL Byte Authentication Bypass

CVE-2026-42010 — A flaw was found in gnutls. Servers configured with RSA-PSK (Rivest–Shamir–Adleman – Pre-Shared Key) wrongfully matched usernames containing a NUL character with truncated...

vulnerabilityCVEhigh-severityauthentication-bypass
/SCW Vulnerability Desk /HIGH /7.1 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-41643: GoBGP Remote DoS Vulnerability Exposes Network Infrastructure

CVE-2026-41643 — GoBGP is an open source Border Gateway Protocol (BGP) implementation in the Go Programming Language. Prior to version 4.3.0, a remote Denial of...

vulnerabilityCVEhigh-severitydenial-of-servicecwe-129
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 2 IOCs /⚙ 2 Sigma

GoBGP DoS Vulnerability (CVE-2026-41642) Patched in Version 4.4.0

CVE-2026-41642 — GoBGP is an open source Border Gateway Protocol (BGP) implementation in the Go Programming Language. In version 4.3.0, a remote Denial of Service...

vulnerabilityCVEhigh-severitydenial-of-servicecwe-476
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-3953: Gosoft Proticaret E-Commerce XSS Vulnerability

CVE-2026-3953 — Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Gosoft Software Industry and Trade Ltd. Co. Proticaret E-Commerce allows Cross-Site...

vulnerabilityCVEhigh-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 5 Sigma

CVE-2026-6973 — Ivanti Endpoint Manager Mobile (EPMM): Ivanti Endpoint Manager Mobile (EPMM) Improper Input Validation Vulnerability

CVE-2026-6973 — Ivanti Endpoint Manager Mobile (EPMM) contains an improper input validation vulnerability that allows a remotely authenticated user with administrative access to achieve remote...

vulnerabilityCVEcisa-kevactively-exploited
/SCW Vulnerability Desk /HIGH /⚑ 3 IOCs

Old-School Attacks Still Win: Credential Dumps and Weak Defenses Plague 2026

The Hacker News highlights a concerning trend: despite advancements in cybersecurity, many organizations are still falling victim to basic, low-effort attacks. These often involve compromised...

threat-intelvulnerabilitythe-hacker-news
/SCW Vulnerability Desk /MEDIUM /⚑ 5 IOCs

CVE-2026-27415 — PluginUs.Net BEAR Vulnerability

CVE-2026-27415 — Cross-Site Request Forgery (CSRF) vulnerability in PluginUs.Net BEAR allows Cross Site Request Forgery. This issue affects BEAR: from n/a through 1.1.5.

vulnerabilityCVEmedium-severitycwe-352
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 3 Sigma

Incident Response Retainers Aren't Readiness: The Operational Gap

Having an incident response (IR) retainer is often mistaken for true operational readiness. As The Hacker News points out, a retainer simply guarantees a vendor...

threat-intelvulnerabilitythe-hacker-news
/SCW Vulnerability Desk /MEDIUM

Gemini CLI Vulnerability: Prompt Injection Leads to Code Execution

A critical vulnerability in the Gemini CLI, identified by SecurityWeek, could have enabled attackers to achieve code execution and launch supply chain attacks. The flaw...

threat-intelvulnerabilityai-securitytoolssecurityweek
/SCW Vulnerability Desk /HIGH /⚑ 3 IOCs

PyPI Packages Deliver ZiChatBot Malware to Windows and Linux

Three malicious packages identified on the Python Package Index (PyPI) repository are actively deploying a new malware family, ZiChatBot, targeting both Windows and Linux systems....

threat-intelvulnerabilitymalwaremicrosoft
/SCW Vulnerability Desk /MEDIUM /⚑ 5 IOCs /⚙ 3 Sigma

CVE-2026-44407 — Denial of Service

CVE-2026-44407 — A remote denial-of-service vulnerability exists in the ZTE Cloud PC client uSmartview, which may lead to memory corruption and remote denial of service....

vulnerabilityCVEmedium-severitydenial-of-servicecwe-134
/SCW Vulnerability Desk /MEDIUM /4.7 /⚑ 2 IOCs /⚙ 1 Sigma

CVE-2026-27421 — WProyal Royal Elementor Addons Cross-Site Scripting (XSS)

CVE-2026-27421 — Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WProyal Royal Elementor Addons allows Stored XSS. This issue affects Royal...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-27416 — BPlugins PDF Poster Vulnerability

CVE-2026-27416 — Missing Authorization vulnerability in bPlugins PDF Poster allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects PDF Poster: from n/a through...

vulnerabilityCVEmedium-severitycwe-862
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-27329 — YITH YITH WooCommerce Wishlist Vulnerability

CVE-2026-27329 — Authorization Bypass Through User-Controlled Key vulnerability in YITH YITH WooCommerce Wishlist allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects YITH...

vulnerabilityCVEmedium-severitycwe-639
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-25468 — WeDevs Happy Addons For Elementor Vulnerability

CVE-2026-25468 — Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in weDevs Happy Addons for Elementor allows Retrieve Embedded Sensitive Data. This...

vulnerabilityCVEmedium-severitycwe-497
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-25436 — WProyal Royal Elementor Addons Vulnerability

CVE-2026-25436 — Missing Authorization vulnerability in WProyal Royal Elementor Addons allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Royal Elementor Addons: from...

vulnerabilityCVEmedium-severitycwe-862
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2025-68604 — WPGraphQL Vulnerability

CVE-2025-68604 — Cross-Site Request Forgery (CSRF) vulnerability in WPGraphQL allows Cross Site Request Forgery. This issue affects WPGraphQL: from n/a through 2.5.3.

vulnerabilityCVEmedium-severitycwe-352
/SCW Vulnerability Desk /MEDIUM /5.4 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2025-68060: High-Severity SQL Injection in WPMart Team Member Plugin

CVE-2025-68060 — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WPMart Team Member allows Blind SQL Injection. This issue...

vulnerabilityCVEhigh-severitysql-injectioncwe-89
/SCW Vulnerability Desk /HIGH /7.6 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2025-66105 — Magepeople Inc. Bus Ticket Booking With Seat Reservation Vulnerability

CVE-2025-66105 — Missing Authorization vulnerability in Magepeople inc. Bus Ticket Booking with Seat Reservation allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects...

vulnerabilityCVEmedium-severitycwe-862
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2025-62127 — WEN Themes WEN Logo Slider Cross-Site Scripting (XSS)

CVE-2025-62127 — Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WEN Themes WEN Logo Slider allows DOM-Based XSS. This issue affects...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /5.9 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2025-2514 — Hitachi Virtual Storage Platform G130, G150, G350, G370, G70 Vulnerability

CVE-2025-2514 — Improper restriction of excessive authentication attempts vulnerability in Hitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900, F350, F370, F700, F900, Hitachi...

vulnerabilityCVEmedium-severitycwe-307
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 1 Sigma

CVE-2025-1978: Hitachi Storage RCE Vulnerability Exposes Enterprise Data

CVE-2025-1978 — Remote Code Execution Vulnerability in Hitachi Storage Navigator and the maintenance console in Hitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900,...

vulnerabilityCVEhigh-severityremote-code-executioncwe-94
/SCW Vulnerability Desk /HIGH /8.3 /⚑ 5 IOCs /⚙ 3 Sigma

CVE-2024-43384: Root Password Exposure via Improper Information Removal

CVE-2024-43384 — A low privileged remote attacker can gain the root password due to improper removal of sensitive information before storage or transfer.

vulnerabilityCVEhigh-severitycwe-212
/SCW Vulnerability Desk /HIGH /8 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-44406 — Code Execution

CVE-2026-44406 — ZTE Cloud PC client uSmartView contains a DLL hijacking vulnerability; since uSmartViewServiceAgent.exe runs with SYSTEM privileges, successful hijacking enables local arbitrary code execution, privilege...

vulnerabilityCVEmedium-severitycode-executioncwe-427
/SCW Vulnerability Desk /MEDIUM /5.7 /⚑ 2 IOCs /⚙ 3 Sigma

Hitachi VSP One Block OS Command Injection (CVE-2025-9661) CVSS 8.1

CVE-2025-9661 — OS command injection vulneravility in the management gui (maintenance utility) of Hitachi Virtual Storage Platform One Block 23, 24, 26 and 28. This...

vulnerabilityCVEhigh-severitycommand-injectioncwe-78
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-8063 — Null Pointer Dereference

CVE-2026-8063 — An authenticated user can crash mongod when running $rankFusion or $scoreFusion with an empty pipeline on a view. When resolving a view, the...

vulnerabilityCVEmedium-severitynull-pointer-dereferencecwe-476
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 1 Sigma

WP-Optimize Plugin Flaw Allows Arbitrary File Deletion, RCE via wp-config.php

CVE-2026-7252 — The WP-Optimize – Cache, Compress images, Minify & Clean database to boost page speed & performance plugin for WordPress is vulnerable to arbitrary...

vulnerabilityCVEhigh-severityremote-code-executioncwe-22
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 5 IOCs /⚙ 3 Sigma

CVE-2026-6692: WordPress Slider Revolution RCE Vulnerability

CVE-2026-6692 — The Slider Revolution plugin for WordPress is vulnerable to Arbitrary File Upload in versions 7.0.0 to 7.0.10 via the '_get_media_url' and '_check_file_path' function....

vulnerabilityCVEhigh-severityremote-code-executioncwe-434
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-4348: Unauthenticated SQLi in BetterDocs Pro WordPress Plugin

CVE-2026-4348 — The BetterDocs Pro plugin for WordPress is vulnerable to SQL Injection via the `get_current_letter_docs` and `docs_sort_by_letter` AJAX actions in all versions up to,...

vulnerabilityCVEhigh-severitysql-injectioncwe-89
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 5 IOCs /⚙ 3 Sigma

NocoBase SQL Injection Bypass (CVE-2026-41641) Exposes Data

CVE-2026-41641 — NocoBase is an AI-powered no-code/low-code platform for building business applications and enterprise solutions. Prior to version 2.0.39, the checkSQL() validation function that blocks...

vulnerabilityCVEhigh-severitycwe-89cwe-284
/SCW Vulnerability Desk /HIGH /7.2 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-41413 — Istio is an open platform to connect, manage, and secure

CVE-2026-41413 — Istio is an open platform to connect, manage, and secure microservices. Prior to versions 1.28.6 and 1.29.2, when a RequestAuthentication resource is created...

vulnerabilityCVEmedium-severitycwe-918
/SCW Vulnerability Desk /MEDIUM /5 /⚑ 2 IOCs /⚙ 3 Sigma

YesWiki SQL Injection (CVE-2026-41143) Risks Data Exposure

CVE-2026-41143 — YesWiki is a wiki system written in PHP. Prior to version 4.6.1, YesWiki bazar module contains a SQL injection vulnerability in tools/bazar/services/EntryManager.php at...

vulnerabilityCVEhigh-severitysql-injectioncwe-89
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 3 Sigma

Math.js Arbitrary Code Execution via Expression Parser (CVE-2026-41139)

CVE-2026-41139 — Math.js is an extensive math library for JavaScript and Node.js. From version 13.1.0 to before version 15.2.0, arbitrary JavaScript can be executed via...

vulnerabilityCVEhigh-severitycwe-915
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-6214 — The Forminator Forms plugin for WordPress is vulnerable to

CVE-2026-6214 — The Forminator Forms plugin for WordPress is vulnerable to Missing Authorization in versions up to and including 1.53.0. This is due to the...

vulnerabilityCVEmedium-severitycwe-862
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-42194 — Server-Side Request Forgery

CVE-2026-42194 — Admidio is an open-source user management solution. Prior to version 5.0.9, the incomplete SSRF fix in Admidio's fetch_metadata.php validates the resolved IP address...

vulnerabilityCVEmedium-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /MEDIUM /6.8 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-41671 — Authentication Bypass

CVE-2026-41671 — Admidio is an open-source user management solution. Prior to version 5.0.9, the OIDC token introspection endpoint (/modules/sso/index.php/oidc/introspect) always returns {"active": true} for every...

vulnerabilityCVEmedium-severityauthentication-bypasscwe-287
/SCW Vulnerability Desk /MEDIUM /6.8 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-41670: Admidio SAML IdP Bypass Exposes User Data

CVE-2026-41670 — Admidio is an open-source user management solution. Prior to version 5.0.9, the SAML IdP implementation in Admidio's SSO module uses the AssertionConsumerServiceURL value...

vulnerabilityCVEhigh-severitycwe-20cwe-601
/SCW Vulnerability Desk /HIGH /8.2 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-41669: Admidio SAML Signature Bypass Puts User Management at Risk

CVE-2026-41669 — Admidio is an open-source user management solution. Prior to version 5.0.9, the Admidio SAML Identity Provider implementation discards the return value of its...

vulnerabilityCVEhigh-severitycwe-347
/SCW Vulnerability Desk /HIGH /8.2 /⚑ 5 IOCs /⚙ 2 Sigma

CVE-2026-41661 — Cross-Site Scripting (XSS)

CVE-2026-41661 — Admidio is an open-source user management solution. Prior to version 5.0.9, an unauthenticated attacker can execute arbitrary JavaScript in any Admidio user's browser...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.1 /⚑ 2 IOCs /⚙ 3 Sigma

Admidio CVE-2026-41660: Logic Error Allows 2FA Bypass for Admin Accounts

CVE-2026-41660 — Admidio is an open-source user management solution. Prior to version 5.0.9, a logic error in Admidio's two-factor authentication reset inverts the authorization check....

vulnerabilityCVEhigh-severitycwe-863
/SCW Vulnerability Desk /HIGH /7.1 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-41658 — Admidio is an open-source user management solution. Prior

CVE-2026-41658 — Admidio is an open-source user management solution. Prior to version 5.0.9, the Admidio inventory module enforces authorization for destructive operations (delete, retire, reinstate)...

vulnerabilityCVEmedium-severitycwe-862
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-41655 — Path Traversal

CVE-2026-41655 — Admidio is an open-source user management solution. Prior to version 5.0.9, the ecard_preview.php endpoint does not validate that the ecard_template POST parameter is...

vulnerabilityCVEmedium-severitypath-traversalcwe-22
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-41640: NocoBase No-Code Platform SQL Injection

CVE-2026-41640 — NocoBase is an AI-powered no-code/low-code platform for building business applications and enterprise solutions. Prior to version 2.0.39, the queryParentSQL() function in the core...

vulnerabilityCVEhigh-severitycwe-89
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 3 IOCs /⚙ 7 Sigma

CVE-2026-41201: Critical CI4MS Account Takeover Via Stored XSS

CVE-2026-41201 — CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. In version 0.31.4.0, an...

vulnerabilityCVEcriticalhigh-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /CRITICAL /9.1 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-41142: OpenEXR Integer Overflow Leads to Heap OOB Write

CVE-2026-41142 — OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From versions...

vulnerabilityCVEhigh-severityinteger-overflowcwe-190
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 4 IOCs /⚙ 3 Sigma

Spring Cloud Config Server Vulnerable to TOCTOU Attacks (CVE-2026-41002)

CVE-2026-41002 — The base directory (`spring.cloud.config.server.git.basedir`) used by the Spring Cloud Config Server to clone Git repositories to is susceptible to time-of-check-time-of-use (TOCTOU) attacks. Spring...

vulnerabilityCVEhigh-severitycwe-367
/SCW Vulnerability Desk /HIGH /7.2 /⚑ 5 IOCs /⚙ 3 Sigma

Spring Cloud Config Vulnerability CVE-2026-40982 Allows Directory Traversal

CVE-2026-40982 — Spring Cloud Config allows applications to serve arbitrary text and binary files through the spring-cloud-config-server module. A malicious user, or attacker, can send...

vulnerabilityCVEcriticalhigh-severitypath-traversalcwe-22
/SCW Vulnerability Desk /CRITICAL /9.1 /⚑ 5 IOCs /⚙ 2 Sigma

CVE-2026-40981: Spring Cloud Config Exposes GCP Secrets

CVE-2026-40981 — When using Google Secrets Manager as a backend for the Spring Cloud Config server a client can craft a request to the config...

vulnerabilityCVEhigh-severitycwe-639
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 5 IOCs /⚙ 3 Sigma

CVE-2026-4807 — The Appointment Booking Calendar plugin for WordPress is

CVE-2026-4807 — The Appointment Booking Calendar plugin for WordPress is vulnerable to Missing Authorization in versions up to and including 1.6.10.6. This is due to...

vulnerabilityCVEmedium-severitycwe-862
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-6222 — The Forminator Forms plugin for WordPress is vulnerable to

CVE-2026-6222 — The Forminator Forms plugin for WordPress is vulnerable to Missing Authorization in versions up to and including 1.51.1. This is due to the...

vulnerabilityCVEmedium-severitycwe-862
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-40003 — Code Execution

CVE-2026-40003 — ZTE ZX297520V3 BootROM contains a vulnerability that allows arbitrary memory writes via USB. Attackers can exploit the lack of target address validation in...

vulnerabilityCVEmedium-severitycode-executioncwe-787
/SCW Vulnerability Desk /MEDIUM /5.1 /⚑ 2 IOCs /⚙ 5 Sigma

CVE-2026-41484 — OpenTelemetry.Exporter.OneCollector is a .NET exporter that

CVE-2026-41484 — OpenTelemetry.Exporter.OneCollector is a .NET exporter that sends telemetry to a OneCollector back-end over HTTP. In versions 1.15.0 and earlier, when a request to...

vulnerabilityCVEmedium-severitycwe-770
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-41483 — OpenTelemetry.Resources.Azure is the .NET resource detector

CVE-2026-41483 — OpenTelemetry.Resources.Azure is the .NET resource detector for Azure environments. In versions 1.15.0-beta.1 and earlier, the AzureVmMetaDataRequestor class makes HTTP requests to the Azure...

vulnerabilityCVEmedium-severitycwe-770
/SCW Vulnerability Desk /MEDIUM /5.9 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-41417 — Netty allows request-line validation to be bypassed when a

CVE-2026-41417 — Netty allows request-line validation to be bypassed when a `DefaultHttpRequest` or `DefaultFullHttpRequest` is created first and its URI is later changed via `setUri()`....

vulnerabilityCVEmedium-severitycwe-93cwe-444
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-41310 — OpenTelemetry.Exporter.Zipkin is the .NET Zipkin exporter

CVE-2026-41310 — OpenTelemetry.Exporter.Zipkin is the .NET Zipkin exporter for OpenTelemetry. In versions 1.15.2 and earlier, the Zipkin exporter remote endpoint cache accepts unbounded key growth...

vulnerabilityCVEmedium-severitycwe-400cwe-770
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-40296 — Cross-Site Scripting (XSS)

CVE-2026-40296 — PhpSpreadsheet is a pure PHP library for reading and writing spreadsheet files. The HTML writer skips htmlspecialchars escaping when a cell's formatted value...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /5.4 /⚑ 2 IOCs /⚙ 3 Sigma

Gotenberg PDF API Vulnerability CVE-2026-40281 Allows Arbitrary File Overwrite

CVE-2026-40281 — Gotenberg is a Docker-powered stateless API for PDF files. In versions 8.30.1 and earlier, the metadata write endpoint validates metadata keys for control...

vulnerabilityCVEcriticalhigh-severityarbitrary-file-accesscwe-88
/SCW Vulnerability Desk /CRITICAL /10 /⚑ 1 IOC /⚙ 3 Sigma

Mirai-Based xlabs_v1 Botnet Exploits ADB to Hijack IoT Devices

A new Mirai-derived botnet, self-identifying as xlabs_v1, is actively exploiting internet-exposed devices running Android Debug Bridge (ADB), according to The Hacker News. This botnet aims...

threat-intelvulnerabilitymalwaredata-breachthe-hacker-news
/SCW Vulnerability Desk /MEDIUM /⚑ 1 IOC

PicoTronica e-Clinic Healthcare System Hard-Coded Credential Vulnerability (CVE-2026-8032)

CVE-2026-8032 — A flaw has been found in PicoTronica e-Clinic Healthcare System ECHS 5.7. The impacted element is an unknown function of the file /cdemos/echs/priv/echs.js....

vulnerabilityCVEhigh-severitycwe-259cwe-798
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 4 IOCs /⚙ 3 Sigma

OpenClaw CVE-2026-44118: Loopback Owner Context Spoofing Vulnerability

CVE-2026-44118 — OpenClaw before 2026.4.22 derives loopback MCP owner context from spoofable server-issued bearer tokens in request headers. Non-owner loopback clients can present themselves as...

vulnerabilityCVEhigh-severitycwe-290
/SCW Vulnerability Desk /HIGH /7.8 /⚑ 3 IOCs /⚙ 2 Sigma

OpenClaw Zalo Plugin SSRF Vulnerability (CVE-2026-44116) Poses High Risk

CVE-2026-44116 — OpenClaw before 2026.4.22 contains a server-side request forgery vulnerability in the Zalo plugin's sendPhoto function that fails to validate outbound photo URLs through...

vulnerabilityCVEhigh-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /HIGH /8.6 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-44115: OpenClaw Vulnerability Allows Shell Expansion Bypass

CVE-2026-44115 — OpenClaw before 2026.4.22 contains an exec allowlist analysis vulnerability allowing shell expansion hiding in unquoted heredoc bodies. Attackers can bypass allowlist validation by...

vulnerabilityCVEhigh-severitycwe-184
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 2 Sigma

OpenClaw Vulnerability: Environment Namespace Override Poses Supply Chain Risk

CVE-2026-44114 — OpenClaw before 2026.4.20 fails to properly reserve the OPENCLAW_ runtime-control environment namespace in workspace dotenv files, allowing attackers to override critical runtime variables....

vulnerabilityCVEhigh-severitycwe-184
/SCW Vulnerability Desk /HIGH /7.8 /⚑ 4 IOCs /⚙ 3 Sigma

OpenClaw Authorization Bypass (CVE-2026-44110) Exposes Room Control

CVE-2026-44110 — OpenClaw before 2026.4.15 contains an authorization bypass vulnerability in Matrix room control-command authorization that trusts DM pairing-store entries. Attackers with DM-paired sender IDs...

vulnerabilityCVEhigh-severitycwe-863
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 3 Sigma

OpenClaw Authentication Bypass: Critical Vulnerability in Feishu Webhook

CVE-2026-44109 — OpenClaw before 2026.4.15 contains an authentication bypass vulnerability in Feishu webhook and card-action validation that allows unauthenticated requests to reach command dispatch. Missing...

vulnerabilityCVEcriticalhigh-severityauthentication-bypasscwe-1188
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 5 IOCs /⚙ 3 Sigma

OpenClaw Vulnerability Allows Revoked Bearer Tokens to Remain Valid

CVE-2026-43585 — OpenClaw before 2026.4.15 captures resolved bearer-auth configuration at startup, allowing revoked tokens to remain valid after SecretRef rotation. Gateway HTTP and WebSocket handlers...

vulnerabilityCVEhigh-severitycwe-672
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-43584: OpenClaw Environment Variable Vulnerability Allows Execution Hijack

CVE-2026-43584 — OpenClaw before 2026.4.10 contains an insufficient environment variable denylist vulnerability in its exec environment policy that allows operator-supplied overrides of high-risk interpreter startup...

vulnerabilityCVEhigh-severitycwe-184
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-43581: Critical OpenClaw Sandbox Vulnerability Exposes DevTools

CVE-2026-43581 — OpenClaw before 2026.4.10 contains an improper network binding vulnerability in the sandbox browser CDP relay that exposes Chrome DevTools Protocol on 0.0.0.0. Attackers...

vulnerabilityCVEcriticalhigh-severitycwe-1188
/SCW Vulnerability Desk /CRITICAL /9.6 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-43580: OpenClaw Vulnerability Bypasses SSRF Protections

CVE-2026-43580 — OpenClaw before 2026.4.10 contains an incomplete navigation guard vulnerability that allows attackers to trigger navigation without complete SSRF policy enforcement. Browser press/type style...

vulnerabilityCVEhigh-severityserver-side-request-forgerycwe-862
/SCW Vulnerability Desk /HIGH /7.7 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-43578: OpenClaw Privilege Escalation Hits Critical Severity

CVE-2026-43578 — OpenClaw versions 2026.3.31 before 2026.4.10 contain a privilege escalation vulnerability where heartbeat owner downgrade detection misses local background async exec completion events. Attackers...

vulnerabilityCVEcriticalhigh-severityprivilege-escalationcwe-184
/SCW Vulnerability Desk /CRITICAL /9.1 /⚑ 1 IOC /⚙ 3 Sigma

CVE-2026-43577 — OpenClaw before 2026.4.9 contains a file read vulnerability

CVE-2026-43577 — OpenClaw before 2026.4.9 contains a file read vulnerability allowing attackers to bypass navigation guards through browser act/evaluate interactions. Attackers can pivot into the...

vulnerabilityCVEmedium-severitycwe-862
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs

OpenClaw SSRF Vulnerability (CVE-2026-43576) Allows Untrusted Pivoting

CVE-2026-43576 — OpenClaw before 2026.4.5 contains a server-side request forgery vulnerability in the CDP /json/version WebSocket endpoint that allows attackers to pivot to untrusted second-hop...

vulnerabilityCVEhigh-severityserver-side-request-forgerycwe-601cwe-918
/SCW Vulnerability Desk /HIGH /7.7 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-43575: OpenClaw Critical Auth Bypass Exposes Browser Sessions

CVE-2026-43575 — OpenClaw versions 2026.2.21 before 2026.4.10 contain an authentication bypass vulnerability in the sandbox noVNC helper route that exposes interactive browser session credentials. Attackers...

vulnerabilityCVEcriticalhigh-severityauthentication-bypasscwe-862
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-8031 — PicoTronica E-Clinic Healthcare System ECHS Vulnerability

CVE-2026-8031 — A vulnerability was detected in PicoTronica e-Clinic Healthcare System ECHS 5.7. The affected element is an unknown function of the file /cdemos/echs/api/v2/patient-records of...

vulnerabilityCVEmedium-severitycwe-287cwe-306
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-41938: Vvveb Unrestricted File Upload Leads to RCE

CVE-2026-41938 — Vvveb before version 1.0.8.2 contains an unrestricted file upload vulnerability in the media upload handler that allows authenticated users with media-upload permissions to...

vulnerabilityCVEhigh-severityremote-code-executioncwe-434
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 4 Sigma

CVE-2026-41936: Vvveb XXE Allows File Disclosure, Privilege Escalation

CVE-2026-41936 — Vvveb before version 1.0.8.2 contains an XML external entity (XXE) injection vulnerability in the admin Tools/Import feature that allows authenticated site_admin users to...

vulnerabilityCVEhigh-severityprivilege-escalationcwe-611
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 5 IOCs /⚙ 3 Sigma

Vvveb RCE: Authenticated Users Can Achieve Unauthenticated Code Execution

CVE-2026-41934 — Vvveb before version 1.0.8.2 contains an authenticated remote code execution vulnerability in the admin code editor that allows low-privilege authenticated users to execute...

vulnerabilityCVEhigh-severityremote-code-executioncwe-184
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-41931 — Information Disclosure

CVE-2026-41931 — Vvveb before version 1.0.8.2 contains an information disclosure vulnerability that allows unauthenticated attackers to obtain sensitive server information by triggering unhandled exceptions in...

vulnerabilityCVEmedium-severityinformation-disclosurecwe-209cwe-1188
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-41930: Vvveb Docker Hard-Coded Credentials Lead to Critical Database Access

CVE-2026-41930 — Vvveb before version 1.0.8.2 contains a hard-coded credentials vulnerability in its docker-compose-apache.yaml configuration that allows unauthenticated attackers to access the bundled phpMyAdmin container...

vulnerabilityCVEcriticalhigh-severitycwe-306
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 5 IOCs /⚙ 3 Sigma

CVE-2025-31960 — HCL BigFix Service Management (SM) is vulnerable to

CVE-2025-31960 — HCL BigFix Service Management (SM) is vulnerable to information exposure due to improper error handling within its reporting module. It was observed that...

vulnerabilityCVEmedium-severitycwe-209
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 1 Sigma

HCL BigFix Service Management Privilege Escalation (CVE-2024-30151)

CVE-2024-30151 — HCL BigFix Service Management (SX) is affected by a Broken Access Control vulnerability leading to privilege escalation. This could allow unauthorized users to...

vulnerabilityCVEhigh-severityprivilege-escalationcwe-532
/SCW Vulnerability Desk /HIGH /8.3 /⚑ 3 IOCs /⚙ 3 Sigma

vm2 Sandbox Bug: Critical RCE Allows Host System Takeover

A critical vulnerability identified in the popular Node.js sandboxing library vm2 allows attackers to escape the sandbox and execute arbitrary code on the host system....

threat-inteldata-breachmalwarevulnerabilitybleepingcomputer
/SCW Vulnerability Desk /MEDIUM /⚑ 2 IOCs

Cisco DoS Flaw Hits Network Controllers, Requires Manual Reboot

Cisco has addressed a critical denial-of-service vulnerability impacting its Crosswork Network Controller and Network Services Orchestrator platforms. BleepingComputer reports that exploitation of this flaw can...

threat-inteldata-breachmalwarevulnerability
/SCW Vulnerability Desk /MEDIUM /⚑ 2 IOCs /⚙ 3 Sigma

NanoClaw Container Vulnerability Allows Arbitrary File Access, Recursive Deletion

CVE-2026-7875 — NanoClaw contains a host/container filesystem boundary vulnerability in outbound attachment handling and outbox cleanup that allows a compromised or prompt-injected container to read...

vulnerabilityCVEhigh-severityarbitrary-file-accesscwe-22
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 5 IOCs

CVE-2026-42503: gopls Vulnerability Exposes Dev Environments to RCE

CVE-2026-42503 — gopls by default communicates via pipe. However, -port and -listen flags are supported as means of debugging. If -listen is given a value...

vulnerabilityCVEhigh-severitycwe-1327
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs

CVE-2026-23870: High-Severity DoS Flaw in React Server Components

CVE-2026-23870 — A denial of service vulnerability could be triggered by sending specially crafted HTTP requests to server function endpoints, this could lead to server...

vulnerabilityCVEhigh-severitydenial-of-service
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 4 IOCs

CVE-2026-20219 — The REST API Of Cisco Slido Vulnerability

CVE-2026-20219 — A vulnerability in the REST API of Cisco Slido could have allowed an authenticated, remote attacker to access the social profile data of...

vulnerabilityCVEmedium-severitycwe-639
/SCW Vulnerability Desk /MEDIUM /5.4 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-20195 — An Identity Management API Endpoint Of Cisco ISE Vulnerability

CVE-2026-20195 — A vulnerability in an identity management API endpoint of Cisco ISE could allow an unauthenticated, remote attacker to enumerate valid user accounts on...

vulnerabilityCVEmedium-severitycwe-204
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-20193 — The RADIUS Policy API Endpoints Of Cisco ISE Vulnerability

CVE-2026-20193 — A vulnerability in the RADIUS Policy API endpoints of Cisco ISE could allow an authenticated, remote attacker with read-only Administrator privileges to gain unauthorized...

vulnerabilityCVEmedium-severitycwe-862
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-20189 — The Log File Download Functionality Of Cisco Prime Infrastru Vulnerability

CVE-2026-20189 — A vulnerability in the log file download functionality of Cisco Prime Infrastructure could allow an authenticated, remote attacker to download arbitrary log files from...

vulnerabilityCVEmedium-severitycwe-862
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 3 Sigma

Cisco Crosswork, NSO DoS Vulnerability (CVE-2026-20188)

CVE-2026-20188 — A vulnerability in the connection-handling mechanism of Cisco Crosswork Network Controller (CNC) and Cisco Network Services Orchestrator (NSO) could allow an unauthenticated, remote...

vulnerabilityCVEhigh-severitydenial-of-servicecwe-400
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-20185: Cisco SG350/SG350X SNMP DoS Vulnerability

CVE-2026-20185 — A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco 350 Series Managed Switches (SG350) and Cisco 350X Series Stackable Managed Switches...

vulnerabilityCVEhigh-severitydenial-of-servicecwe-122
/SCW Vulnerability Desk /HIGH /7.7 /⚑ 4 IOCs /⚙ 2 Sigma

CVE-2026-20172 — The Lite Agent Feature Of Cisco Enterprise Chat And Email (E Vulnerability

CVE-2026-20172 — A vulnerability in the Lite Agent feature of Cisco Enterprise Chat and Email (ECE) could allow an authenticated, remote attacker to conduct browser-based...

vulnerabilityCVEmedium-severitycwe-646
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-20169 — The Web-Based Management Interface Of Cisco IoT Field Networ Vulnerability

CVE-2026-20169 — A vulnerability in the web-based management interface of Cisco IoT Field Network Director could allow an authenticated, remote attacker with low privileges to...

vulnerabilityCVEmedium-severitycwe-77
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs

CVE-2026-20168 — The Web-Based Management Interface Of Cisco IoT Field Networ Vulnerability

CVE-2026-20168 — A vulnerability in the web-based management interface of Cisco IoT Field Network Director could allow an authenticated, remote attacker with low privileges to...

vulnerabilityCVEmedium-severitycwe-388
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 2 Sigma

Cisco IoT FND DoS Vulnerability (CVE-2026-20167) Allows Remote Router Reloads

CVE-2026-20167 — A vulnerability in the web-based management interface of Cisco IoT Field Network Director could allow an authenticated, remote attacker with low privileges to...

vulnerabilityCVEhigh-severitydenial-of-servicecwe-284
/SCW Vulnerability Desk /HIGH /7.7 /⚑ 3 IOCs /⚙ 5 Sigma

Cisco Unity Connection Web Inbox SSRF Vulnerability (CVE-2026-20035)

CVE-2026-20035 — A vulnerability in the web UI of Cisco Unity Connection Web Inbox could allow an unauthenticated, remote attacker to conduct SSRF attacks through...

vulnerabilityCVEhigh-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /HIGH /7.2 /⚑ 2 IOCs

Cisco Unity Connection: Authenticated RCE Via Web Management Interface

CVE-2026-20034 — A vulnerability in the web-based management interface of Cisco Unity Connection could allow an authenticated, remote attacker to execute arbitrary code on an...

vulnerabilityCVEhigh-severitycwe-35
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-6863 — Velociraptor versions prior to 0.76.4 contain a cross

CVE-2026-6863 — Velociraptor versions prior to 0.76.4 contain a cross organization authorization bypass in the HTTP API. A user with only the reader role in...

vulnerabilityCVEmedium-severitycwe-863
/SCW Vulnerability Desk /MEDIUM /6.8 /⚑ 2 IOCs

CVE-2026-6691: MongoDB C Driver Heap Overflow via GSSAPI Username

CVE-2026-6691 — The MongoDB C Driver's Cyrus SASL integration performs unsafe string copying during username canonicalization, enabling a heap buffer overflow before any authentication or...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-120
/SCW Vulnerability Desk /HIGH /7.8 /⚑ 1 IOC /⚙ 5 Sigma

CVE-2026-8027 — A weakness has been identified in FlowiseAI Flowise up to

CVE-2026-8027 — A weakness has been identified in FlowiseAI Flowise up to 3.0.12. Affected by this vulnerability is an unknown functionality of the component User...

vulnerabilityCVEmedium-severitycwe-285cwe-639
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 3 IOCs /⚙ 5 Sigma

CVE-2025-52613 — HCL BigFix Service Management (SM) is affected by use of a

CVE-2025-52613 — HCL BigFix Service Management (SM) is affected by use of a vulnerable WSGI Server was identified. Deploying an outdated or insecure WSGI server...

vulnerabilityCVEmedium-severitycwe-200
/SCW Vulnerability Desk /MEDIUM /4.6 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2025-31978 — HCL BigFix Service Management (SM) does not adequately

CVE-2025-31978 — HCL BigFix Service Management (SM) does not adequately sanitize or safely render spreadsheet files (CSV, XLS, XLSX) before processing or distributing them. An...

vulnerabilityCVEmedium-severitycwe-201
/SCW Vulnerability Desk /MEDIUM /4.6 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2025-31976 — HCL BigFix Service Management (SM) is vulnerable to

CVE-2025-31976 — HCL BigFix Service Management (SM) is vulnerable to insufficiently protected credentials for a short duration while communicating with a backend, internal application which...

vulnerabilityCVEmedium-severitycwe-200
/SCW Vulnerability Desk /MEDIUM /4.8 /⚑ 2 IOCs /⚙ 3 Sigma

HCL BigFix RunBookAI Vulnerability Allows Command Smuggling

CVE-2025-31951 — HCL BigFix RunBookAI is affected by a Unvalidated Command Input / Potential Command Smuggling vulnerability. A flaw in a component's input handling was...

vulnerabilityCVEhigh-severitycwe-77cwe-351cwe-451
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 2 IOCs /⚙ 2 Sigma

The Hacker News Launches 'Cybersecurity Stars Awards 2026'

The Hacker News has announced the launch of its 'Cybersecurity Stars Awards 2026', aiming to recognize significant contributions within the cybersecurity industry. For nearly two...

threat-intelvulnerability
/SCW Vulnerability Desk /MEDIUM

CVE-2026-6420 — Keylime Vulnerability

CVE-2026-6420 — A flaw was found in Keylime. An attacker with root access on an enrolled monitored machine, where the Keylime agent runs, can exploit...

vulnerabilityCVEmedium-severitycwe-1241
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2025-31970 — Cross-Site Scripting (XSS)

CVE-2025-31970 — HCL DFXAnalytics is affected by an Insecure Security Header configuration vulnerability where the Content-Security-Policy does not define strict directives for object-src and base-uri,...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-358
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs

AI Agents Proliferating Faster Than Enterprise Governance

The Hacker News reports that AI agents are being deployed within enterprises at a pace that is outstripping existing governance capabilities. This aligns with a...

threat-intelvulnerabilityidentityai-security
/SCW Vulnerability Desk /MEDIUM /⚑ 2 IOCs

CVE-2026-40001 — Code Execution

CVE-2026-40001 — There is a local privilege escalation vulnerability in the ZTE PROCESS Guard service of the cloud computer client, which may allow local arbitrary...

vulnerabilityCVEmedium-severitycode-executioncwe-269
/SCW Vulnerability Desk /MEDIUM /5.2 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-35255 — The Oracle Cloud Native Environment Command Line Interface P Vulnerability

CVE-2026-35255 — Vulnerability in the Oracle Cloud Native Environment Command Line Interface product of Oracle Open Source Projects. The supported versions that is affected is v2.3.2. Easily...

vulnerabilityCVEmedium-severity
/SCW Vulnerability Desk /MEDIUM /6.6 /⚑ 1 IOC /⚙ 2 Sigma

WordPress Gravity Bookings Plugin Vulnerable to SQL Injection (CVE-2026-1719)

CVE-2026-1719 — The Gravity Bookings Premium plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 2.5.9 due to insufficient...

vulnerabilityCVEhigh-severitysql-injectioncwe-89
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 2 IOCs /⚙ 7 Sigma

CISA Mandates Isolation, Recovery for Critical Infrastructure Against Foreign Cyber Threats

The Cybersecurity and Infrastructure Security Agency (CISA) has released new guidance for critical infrastructure operators, emphasizing the need to master isolation and recovery strategies. This...

threat-intelvulnerability
/SCW Vulnerability Desk /MEDIUM

Google Expands Android Binary Transparency to Counter Supply Chain Attacks

Google has significantly expanded its Binary Transparency initiative for Android, a critical move to fortify the ecosystem against supply chain attacks. According to The Hacker...

threat-intelvulnerability
/SCW Vulnerability Desk /MEDIUM /⚑ 2 IOCs /⚙ 3 Sigma

CloudZ RAT and Pheno Plugin Target Windows Phone Link for Credential Theft

The Hacker News reports on a new threat leveraging the CloudZ remote access tool (RAT) alongside an undocumented plugin named Pheno. This combination is designed...

threat-intelvulnerabilitycloudmicrosoftidentitytools
/SCW Vulnerability Desk /MEDIUM /⚙ 3 Sigma

GeoVision GV-ASWeb RCE: High-Severity Flaw Affects Notification Settings

CVE-2026-7841 — A remote code execution vulnerability exists in Notification Settings on GeoVision GV-ASWeb 6.2.0. An authenticated user with System Setting permissions can execute arbitrary...

vulnerabilityCVEhigh-severityremote-code-executioncwe-94
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-7457 — Cross-Site Scripting (XSS)

CVE-2026-7457 — The LatePoint plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to and including 5.5.0. This is due to...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-7448: WordPress LatePoint Plugin Open to Unauthenticated Stored XSS

CVE-2026-7448 — The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'first_name' parameter...

vulnerabilityCVEhigh-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /HIGH /7.2 /⚑ 4 IOCs /⚙ 2 Sigma

CVE-2026-7332: WordPress LatePoint Plugin XSS Flaw Exposes Unauthenticated Attackers

CVE-2026-7332 — The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'booking_form_page_url' parameter...

vulnerabilityCVEhigh-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /HIGH /7.2 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-6672 — Cross-Site Scripting (XSS)

CVE-2026-6672 — The Affiliate Program Suite — SliceWP Affiliates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcode attributes in all versions up...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs /⚙ 7 Sigma

CVE-2026-6344 — Arbitrary File Access

CVE-2026-6344 — The Fluent Forms plugin for WordPress is vulnerable to Arbitrary File Read in versions up to and including 6.2.1. This is due to...

vulnerabilityCVEmedium-severityarbitrary-file-accesscwe-22
/SCW Vulnerability Desk /MEDIUM /4.9 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-35254 — The Oracle OCI CLI Product Of Oracle Open Source Projects. T Vulnerability

CVE-2026-35254 — Vulnerability in the Oracle OCI CLI product of Oracle Open Source Projects. The supported versions that is affected is 3.77. Easily exploitable vulnerability...

vulnerabilityCVEmedium-severity
/SCW Vulnerability Desk /MEDIUM /6.1 /⚑ 1 IOC /⚙ 2 Sigma

CVE-2026-35253 — The Oracle Macoron Tool Product Of Oracle Open Source Projec Vulnerability

CVE-2026-35253 — Vulnerability in the Oracle Macoron Tool product of Oracle Open Source Projects. The supported versions that is affected is v0.22.0. Easily exploitable vulnerability...

vulnerabilityCVEmedium-severity
/SCW Vulnerability Desk /MEDIUM /4.7 /⚑ 1 IOC /⚙ 2 Sigma

Oracle to Issue Monthly Critical Security Patch Updates

Oracle is shifting its patch cadence to deliver monthly critical security updates, according to SecurityWeek. This move is a direct response to the escalating threat...

threat-intelvulnerability
/SCW Vulnerability Desk /MEDIUM /⚑ 1 IOC

CVE-2026-2306 — The Ninja Tables – Easy Data Table Builder plugin for

CVE-2026-2306 — The Ninja Tables – Easy Data Table Builder plugin for WordPress is vulnerable to unauthorized database table creation due to missing authorization checks...

vulnerabilityCVEmedium-severitycwe-862
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 2 Sigma

Palo Alto Networks Zero-Day Exploited to Hack Firewalls

Palo Alto Networks is set to patch a critical zero-day vulnerability, CVE-2026-0300, which SecurityWeek reports is actively being exploited in the wild. This flaw specifically...

threat-intelvulnerability
/SCW Vulnerability Desk /HIGH /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-5753 — The All-in-One WP Migration Unlimited Extension plugin for

CVE-2026-5753 — The All-in-One WP Migration Unlimited Extension plugin for WordPress is vulnerable to Missing Authorization in versions up to, and including, 2.83. This is...

vulnerabilityCVEmedium-severitycwe-862
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 7 Sigma

CVE-2026-3208 — The Mercado Pago payments for WooCommerce plugin for

CVE-2026-3208 — The Mercado Pago payments for WooCommerce plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on...

vulnerabilityCVEmedium-severitycwe-862
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-7573 — An authorization bypass (CWE-639) in the GetUserRoles gRPC

CVE-2026-7573 — An authorization bypass (CWE-639) in the GetUserRoles gRPC API endpoint in Velocidex Velociraptor below version 0.76.5 allows any authenticated low-privilege user to retrieve...

vulnerabilityCVEmedium-severitycwe-639
/SCW Vulnerability Desk /MEDIUM /5 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-7572 — Denial of Service

CVE-2026-7572 — An off-by-one error (CWE-193) in the ConsumeUnit16Array and ConsumeUnit64Array functions in Velocidex Velociraptor before version 0.76.5 on Windows and Linux allows a local...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-193
/SCW Vulnerability Desk /MEDIUM /4.4 /⚑ 2 IOCs

CVE-2025-71256: nr Modem DoS Vulnerability Poses High Risk

CVE-2025-71256 — In nr modem, there is a possible improper input validation. This could lead to remote denial of service with no additional execution privileges...

vulnerabilityCVEhigh-severitydenial-of-service
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2025-71255: Modem IMS Vulnerability Exposes Devices to Remote DoS

CVE-2025-71255 — In Modem IMS, there is a possible improper input validation. This could lead to remote denial of service with no additional execution privileges...

vulnerabilityCVEhigh-severitydenial-of-service
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 2 IOCs /⚙ 1 Sigma

Modem IMS DoS Vulnerability (CVE-2025-71254) Poses Remote Threat

CVE-2025-71254 — In Modem IMS, there is a possible improper input validation. This could lead to remote denial of service with no additional execution privileges...

vulnerabilityCVEhigh-severitydenial-of-service
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 2 IOCs /⚙ 3 Sigma

Modem IMS Vulnerability (CVE-2025-71253) Allows Remote DoS

CVE-2025-71253 — In Modem IMS, there is a possible improper input validation. This could lead to remote denial of service with no additional execution privileges...

vulnerabilityCVEhigh-severitydenial-of-service
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2025-71252: Modem IMS Vulnerability Exposes Remote DoS Risk

CVE-2025-71252 — In Modem IMS, there is a possible improper input validation. This could lead to remote denial of service with no additional execution privileges...

vulnerabilityCVEhigh-severitydenial-of-service
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2025-71251: IMS DoS Vulnerability Poses High Risk

CVE-2025-71251 — In IMS, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no...

vulnerabilityCVEhigh-severitydenial-of-service
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-41950 — Arbitrary File Access

CVE-2026-41950 — Dify before version 1.14.0 contains an authorization bypass vulnerability that allows authenticated users to read the full contents of files uploaded by other...

vulnerabilityCVEmedium-severityarbitrary-file-accesscwe-639
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 3 Sigma

D-Link DI-8100 Router Vulnerable to Remote Buffer Overflow (CVE-2026-7857)

CVE-2026-7857 — A vulnerability has been found in D-Link DI-8100 16.07.26A1. This vulnerability affects the function sprintf of the file /user_group.asp of the component CGI...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-120
/SCW Vulnerability Desk /HIGH /7.2 /⚑ 1 IOC /⚙ 5 Sigma

D-Link DI-8100 Buffer Overflow (CVE-2026-7856) Exposes Web Management

CVE-2026-7856 — A flaw has been found in D-Link DI-8100 16.07.26A1. This affects an unknown part of the file /url_member.asp of the component Web Management...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-120
/SCW Vulnerability Desk /HIGH /7.2 /⚑ 4 IOCs /⚙ 1 Sigma

ProFTPD SQL Injection (CVE-2026-44331) Exposes Servers to Remote Attacks

CVE-2026-44331 — In ProFTPD through 1.3.9a before 7666224, a SQL injection vulnerability in sqltab_fetch_clients_cb() in contrib/mod_wrap2_sql.c allows a remote attacker to inject arbitrary SQL commands...

vulnerabilityCVEhigh-severitysql-injectioncwe-89
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 3 IOCs /⚙ 3 Sigma

D-Link DI-8100 Buffer Overflow - CVE-2026-7855 Public Exploit Available

CVE-2026-7855 — A vulnerability was detected in D-Link DI-8100 16.07.26A1. Affected by this issue is the function tggl_asp of the file /tggl.asp of the component...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-120
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 1 IOC /⚙ 5 Sigma

D-Link DI-8100 Critical Buffer Overflow (CVE-2026-7854)

CVE-2026-7854 — A security vulnerability has been detected in D-Link DI-8100 16.07.26A1. Affected by this vulnerability is the function url_rule_asp of the file /url_rule.asp of...

vulnerabilityCVEcriticalhigh-severitybuffer-overflowcwe-119cwe-120
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 3 IOCs /⚙ 5 Sigma

OpenStack Ironic Vulnerability CVE-2026-42997 Exposes Keystone Tokens

CVE-2026-42997 — An issue was discovered in idrac in OpenStack Ironic before 35.0.1. During import, a user invoking molds can request authorization to be sent...

vulnerabilityCVEhigh-severitycwe-669
/SCW Vulnerability Desk /HIGH /7.7 /⚑ 5 IOCs /⚙ 2 Sigma

OpenCTI Critical Auth Bypass: Unauthenticated API Access Threatens CTI Platforms

CVE-2026-27960 — OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. In versions 6.6.0 through 6.9.12, there is a privilege...

vulnerabilityCVEcriticalhigh-severityprivilege-escalationcwe-287
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 1 IOC /⚙ 3 Sigma

D-Link DI-8100 Critical Buffer Overflow (CVE-2026-7853) Publicly Exploitable

CVE-2026-7853 — A weakness has been identified in D-Link DI-8100 16.07.26A1. Affected is the function sprintf of the file /auto_reboot.asp of the component HTTP Handler....

vulnerabilityCVEcriticalhigh-severitybuffer-overflowcwe-119cwe-120
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 4 IOCs /⚙ 1 Sigma

D-Link DI-8100 Router Vulnerability: Remote Stack Buffer Overflow

CVE-2026-7851 — A vulnerability was identified in D-Link DI-8100 16.07.26A1. This affects the function sprintf of the file yyxz.asp. The manipulation of the argument ID...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-121
/SCW Vulnerability Desk /HIGH /7.2 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-43002 — OpenStack Horizon 25.6 And Vulnerability

CVE-2026-43002 — An issue was discovered in OpenStack Horizon 25.6 and 25.7 before 25.7.3. There is a write operation to the session storage backend before...

vulnerabilityCVEmedium-severitycwe-696
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 2 Sigma

Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS, Potential RCE

The Apache Software Foundation (ASF) has rolled out critical security updates for its HTTP Server, addressing multiple vulnerabilities. Among them is a severe flaw, tracked...

threat-intelvulnerabilitytools
/SCW Vulnerability Desk /HIGH /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7844 — Chatchat-Space Langchain-Chatchat Vulnerability

CVE-2026-7844 — A vulnerability was detected in chatchat-space Langchain-Chatchat up to 0.3.1.3. This vulnerability affects the function files/list_files/retrieve_file/retrieve_file_content/delete_file of the file libs/chatchat-server/chatchat/server/api_server/openai_routes.py of the component...

vulnerabilityCVEmedium-severitycwe-287cwe-306
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 3 Sigma

Eclipse BaSyx Server SDK Vulnerability Bypasses Network Segmentation

CVE-2026-7412 — In Eclipse BaSyx Java Server SDK versions prior to 2.0.0-milestone-10, the Operation Delegation feature fails to validate the destination URI of delegated requests....

vulnerabilityCVEhigh-severitycwe-918
/SCW Vulnerability Desk /HIGH /8.6 /⚑ 4 IOCs /⚙ 6 Sigma

Eclipse BaSyx RCE: Critical Path Traversal in Server SDK

CVE-2026-7411 — In Eclipse BaSyx Java Server SDK versions prior to 2.0.0-milestone-10, inadequate path normalization in the Submodel HTTP API allows an unauthenticated remote attacker...

vulnerabilityCVEcriticalhigh-severityremote-code-executioncwe-22
/SCW Vulnerability Desk /CRITICAL /10 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-6907 — An issue was discovered in 6.0 before 6.0.5 and 5.2 before

CVE-2026-6907 — An issue was discovered in 6.0 before 6.0.5 and 5.2 before 5.2.14. `django.middleware.cache.UpdateCacheMiddleware` erroneously caches requests where the `Vary` header contained an asterisk...

vulnerabilityCVEmedium-severitycwe-524
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 1 Sigma

CVE-2026-5766 — An issue was discovered in 6.0 before 6.0.5 and 5.2 before

CVE-2026-5766 — An issue was discovered in 6.0 before 6.0.5 and 5.2 before 5.2.14. ASGI requests with a missing or understated `Content-Length` header can bypass...

vulnerabilityCVEmedium-severitycwe-130
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-34956 — Open VSwitch Denial of Service

CVE-2026-34956 — A flaw was found in Open vSwitch. When Open vSwitch is configured with a conntrack flow using FTP helpers over the userspace datapath,...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-120
/SCW Vulnerability Desk /MEDIUM /5.9 /⚑ 2 IOCs /⚙ 1 Sigma

CVE-2026-34002 — The X.Org X Server Denial of Service

CVE-2026-34002 — A flaw was found in the X.Org X server. This vulnerability, an out-of-bounds read, affects the XKB (X Keyboard Extension) modifier map handling....

vulnerabilityCVEmedium-severitydenial-of-servicecwe-805
/SCW Vulnerability Desk /MEDIUM /6.1 /⚑ 2 IOCs

CVE-2026-34000 — The X.Org X Server Denial of Service

CVE-2026-34000 — A flaw was found in the X.Org X server. This out-of-bounds read vulnerability in the XKB geometry processing, specifically within the `CheckSetGeom()` and...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-125
/SCW Vulnerability Desk /MEDIUM /6.1 /⚑ 2 IOCs

DAEMON Tools Supply Chain Attack Compromises Official Installers

A new supply chain attack is compromising official DAEMON Tools installers with malicious payloads, according to The Hacker News, citing findings from Kaspersky. These compromised...

threat-intelvulnerabilitymalwaretools
/SCW Vulnerability Desk /HIGH /⚑ 3 IOCs /⚙ 3 Sigma

Microsoft Warns of Sophisticated AitM Phishing Campaign Targeting US Organizations

Microsoft has issued a warning regarding a sophisticated phishing campaign actively targeting organizations in the United States. According to SecurityWeek, the attack vector involves malicious...

threat-intelvulnerabilitymicrosoftphishing
/SCW Vulnerability Desk /MEDIUM /⚑ 2 IOCs

China-Linked UAT-8302 APT Targets Governments in South America and Europe

A China-nexus advanced persistent threat (APT) group, tracked by Cisco Talos as UAT-8302, is actively targeting government entities. The Hacker News reports that attacks have...

threat-intelvulnerabilitymalwarethe-hacker-news
/SCW Vulnerability Desk /MEDIUM /⚑ 4 IOCs

CVE-2026-7834: Critical Stack-Based Buffer Overflow in EFM ipTIME NAS1dual

CVE-2026-7834 — A security vulnerability has been detected in EFM ipTIME NAS1dual 1.5.24. This issue affects the function get_csrf_whites of the file /cgi/advanced/misc_main.cgi. Such manipulation...

vulnerabilityCVEcriticalhigh-severitybuffer-overflowcwe-119cwe-121
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 2 IOCs /⚙ 1 Sigma

CVE-2026-7778 — An issue that could allow a dashboard configuration to be

CVE-2026-7778 — An issue that could allow a dashboard configuration to be viewed from outside of the authorized organization scope has been resolved. This is...

vulnerabilityCVEmedium-severitycwe-269
/SCW Vulnerability Desk /MEDIUM /5 /⚑ 2 IOCs /⚙ 5 Sigma

WeePie Cookie Allow Plugin SQLi Risks Unauthenticated Database Access

CVE-2026-4304 — The WeePie Cookie Allow plugin for WordPress is vulnerable to SQL Injection via the 'consent' parameter in all versions up to, and including,...

vulnerabilityCVEhigh-severitysql-injectioncwe-89
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 4 IOCs /⚙ 3 Sigma

EOL Software Creates CVE Blind Spots in SCA Tools

BleepingComputer reports that critical vulnerabilities often lurk in open-source software, particularly those that have reached End-of-Life (EOL) status. This EOL software frequently falls outside the...

threat-inteldata-breachmalwarevulnerabilitytools
/SCW Vulnerability Desk /HIGH /⚑ 2 IOCs /⚙ 3 Sigma

EFM ipTIME C200 Vulnerability: Remote Command Injection Exposed

CVE-2026-7833 — A weakness has been identified in EFM ipTIME C200 up to 1.092. This vulnerability affects the function sub_408F90 of the file /cgi/iux_set.cgi of...

vulnerabilityCVEhigh-severitycommand-injectioncwe-74cwe-77
/SCW Vulnerability Desk /HIGH /7.2 /⚑ 2 IOCs /⚙ 3 Sigma

IObit Advanced SystemCare 19: High-Severity Symlink Following Vulnerability (CVE-2026-7832)

CVE-2026-7832 — A security flaw has been discovered in IObit Advanced SystemCare 19. This affects an unknown part of the file ASC.exe of the component...

vulnerabilityCVEhigh-severitycwe-59cwe-61
/SCW Vulnerability Desk /HIGH /7 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-30246 — Fiber is a web framework for Go. In

CVE-2026-30246 — Fiber is a web framework for Go. In github.com/gofiber/fiber/v3 versions through 3.1.0, the default key generator in the cache middleware uses only the...

vulnerabilityCVEmedium-severitycwe-436
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 1 Sigma

CVE-2026-28510 — eLabFTW is an open source electronic lab notebook. In

CVE-2026-28510 — eLabFTW is an open source electronic lab notebook. In elabftw versions through 5.4.1, the login flow did not reliably preserve the multi-factor authentication...

vulnerabilityCVEmedium-severitycwe-302
/SCW Vulnerability Desk /MEDIUM /5.9 /⚑ 2 IOCs /⚙ 4 Sigma

CVE-2026-27694 — Traccar is an open source GPS tracking system. In

CVE-2026-27694 — Traccar is an open source GPS tracking system. In org.traccar:traccar versions starting at 6.11.1 before 6.13.0, the email notification templates insert user-controlled device,...

vulnerabilityCVEmedium-severitycwe-79
/SCW Vulnerability Desk /MEDIUM /5.4 /⚑ 2 IOCs /⚙ 5 Sigma

CVE-2026-27693 — Traccar is an open source GPS tracking system. In

CVE-2026-27693 — Traccar is an open source GPS tracking system. In org.traccar:traccar versions starting at 6.11.1 before 6.13.0, the KML and GPX export functionality writes...

vulnerabilityCVEmedium-severitycwe-91
/SCW Vulnerability Desk /MEDIUM /5.4 /⚑ 2 IOCs

CVE-2026-27644 — Traccar is an open source GPS tracking system. In versions

CVE-2026-27644 — Traccar is an open source GPS tracking system. In versions between 6.11.1 and 6.13.0, the CSV export functionality writes position data, including user-controlled...

vulnerabilityCVEmedium-severitycwe-1236
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 3 Sigma

Betheme WordPress Arbitrary File Upload RCE (CVE-2026-6261)

CVE-2026-6261 — The Betheme theme for WordPress is vulnerable to Arbitrary File Upload in versions up to, and including, 28.4. This is due to the...

vulnerabilityCVEhigh-severityremote-code-executioncwe-434
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs

CVE-2026-43571: OpenClaw Plugin Trust Bypass Opens Attack Vectors

CVE-2026-43571 — OpenClaw before 2026.4.10 contains a plugin trust bypass vulnerability that allows channel setup catalog lookups to resolve workspace plugin shadows before bundled channel...

vulnerabilityCVEhigh-severitycwe-829
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 2 IOCs

OpenClaw Authentication Bypass (CVE-2026-43569) Poses High Risk

CVE-2026-43569 — OpenClaw before 2026.4.9 contains an authentication bypass vulnerability allowing untrusted workspace plugins to be auto-enabled during non-interactive onboarding when provider auth choices are...

vulnerabilityCVEhigh-severityauthentication-bypasscwe-829
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs

CVE-2026-43566: OpenClaw Privilege Escalation via Untrusted Webhook Events

CVE-2026-43566 — OpenClaw versions 2026.4.7 before 2026.4.14 contain a privilege escalation vulnerability where heartbeat owner downgrade logic skips webhook wake events carrying untrusted content. Attackers...

vulnerabilityCVEcriticalhigh-severityprivilege-escalationcwe-184
/SCW Vulnerability Desk /CRITICAL /9.1 /⚑ 3 IOCs

OpenClaw Input Validation Flaw (CVE-2026-43534) Rated Critical

CVE-2026-43534 — OpenClaw before 2026.4.10 contains an input validation vulnerability that allows external hook metadata to be enqueued as trusted system events. Attackers can supply...

vulnerabilityCVEcriticalhigh-severitycwe-345
/SCW Vulnerability Desk /CRITICAL /9.1 /⚑ 1 IOC

CVE-2026-43533: OpenClaw QQBot Arbitrary File Read Vulnerability Uncovered

CVE-2026-43533 — OpenClaw before 2026.4.10 contains an arbitrary file read vulnerability in QQBot media tags that allows attackers to reference host-local paths outside the intended...

vulnerabilityCVEhigh-severityarbitrary-file-accesscwe-23
/SCW Vulnerability Desk /HIGH /8.6 /⚑ 3 IOCs /⚙ 3 Sigma

OpenClaw Vulnerability CVE-2026-43530 Undermines Exec Approval

CVE-2026-43530 — OpenClaw versions 2026.2.23 before 2026.4.12 contain a weakened exec approval binding vulnerability in busybox and toybox applet execution that allows attackers to obscure...

vulnerabilityCVEhigh-severitycwe-863
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-43526: OpenClaw QQBot SSRF Flaw Exposes Content Fetching

CVE-2026-43526 — OpenClaw before 2026.4.12 contains a server-side request forgery vulnerability in QQBot reply media URL handling that allows attackers to fetch arbitrary content. Attackers...

vulnerabilityCVEhigh-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /HIGH /8.2 /⚑ 1 IOC

OpenClaw Server-Side Request Forgery Policy Bypass (CVE-2026-42439)

CVE-2026-42439 — OpenClaw before 2026.4.10 contains a server-side request forgery policy bypass vulnerability in the browser tabs action select and close routes. Attackers can bypass...

vulnerabilityCVEhigh-severityserver-side-request-forgerycwe-862
/SCW Vulnerability Desk /HIGH /8.5 /⚑ 3 IOCs /⚙ 3 Sigma

OpenClaw CVE-2026-42435: Shell Wrapper Vulnerability Allows Environment Variable Injection

CVE-2026-42435 — OpenClaw versions from 2026.2.22 before 2026.4.12 contain an insufficient shell-wrapper detection vulnerability allowing attackers to inject environment variable assignments at the argv level....

vulnerabilityCVEhigh-severitycwe-184
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 4 IOCs

OpenClaw Sandbox Escape (CVE-2026-42434) Allows Remote Execution

CVE-2026-42434 — OpenClaw versions 2026.4.5 before 2026.4.10 contain a sandbox escape vulnerability allowing sandboxed agents to override exec routing by specifying host=node. Attackers can bypass...

vulnerabilityCVEhigh-severitycwe-863
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 3 Sigma

ERPGo SaaS 3.9 CSV Injection Allows RCE via Vendor Fields

CVE-2023-54348 — ERPGo SaaS 3.9 contains a CSV injection vulnerability that allows authenticated attackers to execute arbitrary code by injecting formula payloads into vendor name...

vulnerabilityCVEhigh-severitycwe-1236
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 3 Sigma

Frappe Framework ERPNext Sandbox Escape Allows RCE via CVE-2023-54345

CVE-2023-54345 — Frappe Framework ERPNext 13.4.0 contains a sandbox escape vulnerability in RestrictedPython that allows authenticated users with System Manager role to execute arbitrary code...

vulnerabilityCVEhigh-severitycwe-94
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 5 IOCs /⚙ 3 Sigma

Eclipse Equinox OSGi RCE: Critical Vulnerability Exposes Consoles to Unauthenticated Attackers

CVE-2023-54344 — Eclipse Equinox OSGi 3.7.2 and earlier contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary commands by sending payloads...

vulnerabilityCVEcriticalhigh-severityremote-code-executioncwe-306
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 3 IOCs

Eclipse Equinox OSGi RCE: Critical Vulnerability Allows Unauthenticated Code Execution

CVE-2023-54342 — Eclipse Equinox OSGi versions 3.8 through 3.18 contain a remote code execution vulnerability in the console interface that allows unauthenticated attackers to execute...

vulnerabilityCVEcriticalhigh-severityremote-code-executioncwe-306
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 3 IOCs /⚙ 3 Sigma

Android Critical RCE Vulnerability Patched in System Component

SecurityWeek reports a critical remote code execution (RCE) vulnerability, CVE-2026-0073, has been patched in Android’s System component. This is a severe flaw because it can...

threat-intelvulnerability
/SCW Vulnerability Desk /HIGH /⚑ 1 IOC /⚙ 3 Sigma

OAuth Tokens: The Persistent Backdoor Most Teams Miss

The Hacker News highlights a critical oversight in modern identity management: persistent OAuth tokens. Every AI tool, workflow automation, and productivity app employees connect to...

threat-intelvulnerabilitymicrosoftidentitytools
/SCW Vulnerability Desk /MEDIUM /⚑ 3 IOCs /⚙ 1 Sigma

MetInfo CMS CVE-2026-29014 Exploited for RCE Attacks

Threat actors are actively exploiting a critical vulnerability, CVE-2026-29014 (CVSS 9.8), impacting the open-source content management system (CMS) MetInfo. According to findings from The Hacker...

threat-intelvulnerability
/SCW Vulnerability Desk /HIGH /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-6322: fast-uri Vulnerability Enables URI Authority Hijacking

CVE-2026-6322 — fast-uri normalize() decoded percent-encoded authority delimiters inside the host component and then re-emitted them as raw delimiters during serialization. A host that combined...

vulnerabilityCVEhigh-severitycwe-436
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2025-42611 — RouterOS provides various services that rely on correct

CVE-2025-42611 — RouterOS provides various services that rely on correct verification of client and server certificates to secure confidentiality and integrity of communications. This includes...

vulnerabilityCVEmedium-severitycwe-295
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 3 Sigma

Trellix Source Code Access Confirmed by Security Vendor

LΣҒΔ𝕽ΩLL 🇮🇱 reports that Trellix, a major cybersecurity firm, has confirmed unauthorized access to a portion of its source code. The company has engaged forensic...

vulnerabilitythreat-intel
/SCW Vulnerability Desk /HIGH /⚑ 3 IOCs /⚙ 3 Sigma

Exposed AI Services: 1 Million LLM Deployments Found Insecure

The Hacker News reports a critical lapse in AI security, revealing that over one million self-hosted AI services are exposed and vulnerable. This finding underscores...

threat-intelvulnerabilitydata-breachai-securitythe-hacker-news
/SCW Vulnerability Desk /MEDIUM /⚑ 2 IOCs

CVE-2026-3601 — The User Registration & Membership plugin for WordPress is

CVE-2026-3601 — The User Registration & Membership plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the...

vulnerabilityCVEmedium-severitycwe-862
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-3359: WordPress Form Maker Plugin SQLi Exposes Data

CVE-2026-3359 — The Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder plugin for WordPress is vulnerable to SQL Injection via the...

vulnerabilityCVEhigh-severitysql-injectioncwe-89
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 4 IOCs /⚙ 2 Sigma

ScarCruft Hacks Gaming Platform, Deploys BirdCall Malware on Android & Windows

The North Korea-aligned state-sponsored hacking group ScarCruft has executed a supply chain espionage attack, compromising a video game platform. According to The Hacker News, the...

threat-intelvulnerabilitymalwaremicrosoftthe-hacker-news
/SCW Vulnerability Desk /HIGH /⚑ 4 IOCs

WhatsApp Patches File Spoofing and URL Scheme Vulnerabilities

SecurityWeek reports that WhatsApp has addressed critical vulnerabilities related to file spoofing and arbitrary URL schemes. These issues were responsibly disclosed to Meta via their...

threat-intelvulnerabilitytools
/SCW Vulnerability Desk /MEDIUM /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-5192: Forminator WordPress Plugin Path Traversal Exposes Server Files

CVE-2026-5192 — The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to Path Traversal in versions up...

vulnerabilityCVEhigh-severitypath-traversalcwe-22
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 3 IOCs /⚙ 3 Sigma

WebinarIgnition: Critical Blind SQL Injection CVE-2026-40797

CVE-2026-40797 — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Saleswonder LLC WebinarIgnition allows Blind SQL Injection. This issue...

vulnerabilityCVEcriticalhigh-severitysql-injectioncwe-89
/SCW Vulnerability Desk /CRITICAL /9.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-3454 — The GenerateBlocks plugin for WordPress is vulnerable to

CVE-2026-3454 — The GenerateBlocks plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.2.0. This is due...

vulnerabilityCVEmedium-severitycwe-639
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-2729 — The Forminator plugin for WordPress is vulnerable to

CVE-2026-2729 — The Forminator plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.52.0. This is due to the...

vulnerabilityCVEmedium-severitycwe-639
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 2 Sigma

Microsoft Details Phishing Campaign Targeting 35,000 Users in 26 Countries

Microsoft has revealed details of a substantial credential theft operation, observed between April 14 and 16, 2026. This multi-stage campaign, as reported by The Hacker...

threat-intelvulnerabilitymicrosoftidentityphishing
/SCW Vulnerability Desk /MEDIUM /⚑ 5 IOCs

CVE-2026-7823: Critical Command Injection in Totolink A8000RU Routers

CVE-2026-7823 — A security flaw has been discovered in Totolink A8000RU 7.1cu.643_b20200521. Affected is the function setAppFilterCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the...

vulnerabilityCVEcriticalhigh-severitycommand-injectioncwe-77cwe-78
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-7822 — Itsourcecode Courier Management System SQL Injection

CVE-2026-7822 — A vulnerability was identified in itsourcecode Courier Management System 1.0. This impacts an unknown function of the file /print_pdets.php. The manipulation of the...

vulnerabilityCVEmedium-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7812: Remote Command Injection in 54yyyu code-mcp MCP Tool

CVE-2026-7812 — A vulnerability was found in 54yyyu code-mcp up to 4cfc4643541a110c906d93635b391bf7e357f4a8. The impacted element is the function git_operation of the file src/code_mcp/server.py of the...

vulnerabilityCVEhigh-severitycommand-injectioncwe-74cwe-77
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 4 IOCs /⚙ 5 Sigma

CVE-2026-7811: High-Severity Path Traversal in 54yyyu code-mcp

CVE-2026-7811 — A vulnerability has been found in 54yyyu code-mcp up to 4cfc4643541a110c906d93635b391bf7e357f4a8. The affected element is the function is_safe_path of the file src/code_mcp/server.py of...

vulnerabilityCVEhigh-severitypath-traversalcwe-22
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-4362 — The ElementsKit Elementor Addons plugin for WordPress is

CVE-2026-4362 — The ElementsKit Elementor Addons plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the `Live_Action::reset()`...

vulnerabilityCVEmedium-severitycwe-862
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-7810: Python Notebook Path Traversal Exposes Servers

CVE-2026-7810 — A flaw has been found in UsamaK98 python-notebook-mcp up to a05a232815809a7e425b5fa7be26e0d4369894c2. Impacted is the function create_notebook/read_notebook/edit_cell/add_cell of the file server.py. This manipulation causes...

vulnerabilityCVEhigh-severitypath-traversalcwe-22
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 2 IOCs /⚙ 4 Sigma

CVE-2026-5957 — Path Traversal

CVE-2026-5957 — The EmailKit plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to and including 1.6.5. This is due to...

vulnerabilityCVEmedium-severitypath-traversalcwe-22
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-5294: Critical RCE in Geeky Bot WordPress Plugin

CVE-2026-5294 — The Geeky Bot plugin for WordPress is vulnerable to Missing Authorization in versions up to, and including, 1.2.2. This is due to a...

vulnerabilityCVEcriticalhigh-severityremote-code-executioncwe-862
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 4 IOCs

CVE-2026-5159 — Cross-Site Scripting (XSS)

CVE-2026-5159 — The Royal Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Instagram Feed widget's 'instagram_follow_text' setting in all...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs /⚙ 2 Sigma

Royal Elementor Addons XSS Vulnerability (CVE-2026-4803) Exposes WordPress Sites

CVE-2026-4803 — The Royal Elementor Addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'status' parameter in the wpr_update_form_action_meta AJAX action in...

vulnerabilityCVEhigh-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /HIGH /7.2 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-4665 — Cross-Site Scripting (XSS)

CVE-2026-4665 — The WP Carousel Free plugin for WordPress is vulnerable to Stored Cross-Site Scripting via crafted fancybox `data-caption` attributes in all versions up to,...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs /⚙ 2 Sigma

Oracle MCP Server Helper Tool Vulnerability Allows Malicious SQL Execution

CVE-2026-35228 — Vulnerability in the Oracle MCP Server Helper Tool product of Oracle Open Source Projects (component: helper tool). The supported versions that is affected...

vulnerabilityCVEhigh-severity
/SCW Vulnerability Desk /HIGH /8.7 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-3456: WordPress GeekyBot Plugin SQL Injection

CVE-2026-3456 — The GeekyBot — Generate AI Content Without Prompt, Chatbot and Lead Generation plugin for WordPress is vulnerable to SQL Injection via the 'attributekey'...

vulnerabilityCVEhigh-severitysql-injectioncwe-89
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-2948 — Server-Side Request Forgery

CVE-2026-2948 — The Gutenverse – Ultimate WordPress FSE Blocks Addons & Ecosystem plugin for WordPress is vulnerable to Server-Side Request Forgery in versions up to,...

vulnerabilityCVEmedium-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-6704 — Cross-Site Scripting (XSS)

CVE-2026-6704 — The Blog Settings plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'page' parameter in all versions up to, and including,...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.1 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-6702 — The Publish 2 Ping.fm plugin for WordPress is vulnerable to

CVE-2026-6702 — The Publish 2 Ping.fm plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1. This is...

vulnerabilityCVEmedium-severitycwe-352
/SCW Vulnerability Desk /MEDIUM /6.1 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-6701 — The addfreespace plugin for WordPress is vulnerable to

CVE-2026-6701 — The addfreespace plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.1.3. This is due to...

vulnerabilityCVEmedium-severitycwe-352
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-6700 — The DX Sources plugin for WordPress is vulnerable to

CVE-2026-6700 — The DX Sources plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.1. This is due...

vulnerabilityCVEmedium-severitycwe-352
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-6696 — Cross-Site Scripting (XSS)

CVE-2026-6696 — The Zingaya Click-to-Call plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'email', 'first_name', 'last_name', and 'phone' parameters on the plugin's...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.1 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-6255 — Cross-Site Scripting (XSS)

CVE-2026-6255 — The Simple Owl Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'num' attribute of the 'owls_wrapper' shortcode in all...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-5505 — Cross-Site Scripting (XSS)

CVE-2026-5505 — The WP-Clippy plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's `clippy` shortcode in all versions up to, and including,...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-5247 — Cross-Site Scripting (XSS)

CVE-2026-5247 — The Schedule Post Changes With PublishPress Future plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'wrapper' attribute of the [futureaction]...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /5.5 /⚑ 2 IOCs /⚙ 2 Sigma

AWP Classifieds Plugin SQLi Exposes WordPress Sites

CVE-2026-5100 — The AWP Classifieds plugin for WordPress is vulnerable to SQL Injection via the 'regions' parameter array keys in versions up to, and including,...

vulnerabilityCVEhigh-severitysql-injectioncwe-89
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-4730 — Cross-Site Scripting (XSS)

CVE-2026-4730 — The Charts Ninja: Create Beautiful Graphs & Charts and Easily Add Them to Your Website plugin for WordPress is vulnerable to Stored Cross-Site...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-4409 — The Subscribe To Comments Reloaded plugin for WordPress is

CVE-2026-4409 — The Subscribe To Comments Reloaded plugin for WordPress is vulnerable to unauthorized modification of data due to a leaked secret key and usage...

vulnerabilityCVEmedium-severitycwe-200
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-2868 — Cross-Site Scripting (XSS)

CVE-2026-2868 — The Gutenverse – Ultimate WordPress FSE Blocks Addons & Ecosystem plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'separatorIconSVG' parameter...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-1921 — Path Traversal

CVE-2026-1921 — The Loco Translate plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 2.8.2 via the `fsReference` AJAX...

vulnerabilityCVEmedium-severitypath-traversalcwe-22
/SCW Vulnerability Desk /MEDIUM /4.9 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2025-13618: WordPress Mentoring Plugin Allows Admin Account Registration

CVE-2025-13618 — The Mentoring plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.2.8. This is due to the...

vulnerabilityCVEcriticalhigh-severityprivilege-escalationcwe-269
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 3 IOCs /⚙ 3 Sigma

MoreConvert Pro WordPress Plugin Critical Authentication Bypass (CVE-2026-5722)

CVE-2026-5722 — The MoreConvert Pro plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1.9.14. This is due to...

vulnerabilityCVEcriticalhigh-severityauthentication-bypasscwe-287
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-44029 — Path Traversal

CVE-2026-44029 — An issue was discovered in Nix before 2.34.7. Writing to arbitrary files can occur via "nix-prefetch-url --unpack" or "nix store prefetch-file --unpack" directory...

vulnerabilityCVEmedium-severitypath-traversalcwe-36
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-44028: Nix/Lix Unbounded Recursion Leads to RCE as Root

CVE-2026-44028 — An issue was discovered in Nix before 2.34.7 and Lix before 2.95.2. Unbounded recursion in the NAR (Nix Archive) parser could lead to...

vulnerabilityCVEhigh-severitycode-executioncwe-674
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 4 IOCs /⚙ 3 Sigma

Axle-Bucamp MCP-Docusaurus Path Traversal (CVE-2026-7788) Public Exploit

CVE-2026-7788 — A security flaw has been discovered in Axle-Bucamp MCP-Docusaurus up to 404bc028e15ec304c9a045528560f4b5f27a17e0. The affected element is the function update_document/continue_document/delete_document/get_content of the file app/routes/document.py....

vulnerabilityCVEhigh-severitypath-traversalcwe-22
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-7785: Wireshark-MCP OS Command Injection Hits High Severity

CVE-2026-7785 — A security flaw has been discovered in A-G-U-P-T-A wireshark-mcp edaf604416fbc94a201b4043092d4a1b09a12275/400c3da70074f22f3cce7ccb65304cafc7089c89. This affects the function quick_capture of the file pyshark_mcp.py. The manipulation results in...

vulnerabilityCVEhigh-severitycommand-injectioncwe-77cwe-78
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7784: NagaAgent Path Traversal Exposes Servers

CVE-2026-7784 — A vulnerability has been found in RTGS2017 NagaAgent up to 5.1.0. This issue affects some unknown processing of the file apiserver/routes/extensions.py of the...

vulnerabilityCVEhigh-severitypath-traversalcwe-22
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-7783 — CodeCanyon Perfex CRM SQL Injection

CVE-2026-7783 — A flaw has been found in CodeCanyon Perfex CRM up to 3.4.1. This vulnerability affects the function AbstractKanban::applySortQuery of the file application/services/AbstractKanban.php of...

vulnerabilityCVEmedium-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7782 — CodeCanyon Perfex CRM Vulnerability

CVE-2026-7782 — A vulnerability was detected in CodeCanyon Perfex CRM up to 3.4.1. This affects the function Clients::project of the file application/controllers/Clients.php of the component...

vulnerabilityCVEmedium-severitycwe-285cwe-639
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-7781 — Open5GS Denial of Service

CVE-2026-7781 — A security vulnerability has been detected in Open5GS up to 2.7.7. Affected by this issue is the function udm_nudm_uecm_handle_amf_registration_update of the file /src/udm/nudm-handler.c...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-404
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 2 Sigma

Amazon WorkSpaces Escalation: Local User to SYSTEM via Log Rotation

CVE-2026-7791 — Improper privilege management in the log rotation mechanism of the Skylight Workspace Config Service in Amazon WorkSpaces for Windows before 2.6.2034.0 allows a...

vulnerabilityCVEhigh-severityprivilege-escalationcwe-367
/SCW Vulnerability Desk /HIGH /7.8 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7780 — Denial of Service

CVE-2026-7780 — A weakness has been identified in Open5GS up to 2.7.7. Affected by this vulnerability is the function udm_state_operational of the file /src/udm/udm-sm.c of...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-404
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 1 Sigma

CVE-2026-7776: Boundary Workers Vulnerable to DoS During TLS Handshakes

CVE-2026-7776 — Boundary Community Edition and Boundary Enterprise (“Boundary”) workers are vulnerable to a denial-of-service condition during node enrollment TLS handshakes. An attacker with network...

vulnerabilityCVEhigh-severitycwe-770
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 3 IOCs /⚙ 2 Sigma

Weaver E-cology Critical Bug Exploited in Attacks Since March

BleepingComputer reports that a critical vulnerability, CVE-2026-22679, in Weaver E-cology office automation software has been under active exploitation since mid-March. Attackers are leveraging this flaw...

threat-inteldata-breachmalwarevulnerabilitymicrosoft
/SCW Vulnerability Desk /HIGH /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-7779 — Open5GS Denial of Service

CVE-2026-7779 — A security flaw has been discovered in Open5GS up to 2.7.7. Affected is the function udm_nudr_dr_handle_subscription_authentication of the file /src/udm/nudr-handler.c of the component...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-404
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-42223 — Nginx UI is a web user interface for the Nginx web server.

CVE-2026-42223 — Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.8, the GetSettings API handler (api/settings/settings.go:24-65) serializes all...

vulnerabilityCVEmedium-severitycwe-200
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 3 Sigma

Nginx UI Vulnerability: Unauthenticated Bootstrap Takeover (CVE-2026-42222)

CVE-2026-42222 — Nginx UI is a web user interface for the Nginx web server. In version 2.3.5, an unauthenticated bootstrap takeover exists in nginx-ui during...

vulnerabilityCVEhigh-severitycwe-284cwe-306
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-42221: Nginx UI Admin Takeover Vulnerability

CVE-2026-42221 — Nginx UI is a web user interface for the Nginx web server. From version 2.0.0 to before version 2.3.8, an unauthenticated network attacker...

vulnerabilityCVEhigh-severitycwe-306
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-42220 — Nginx UI is a web user interface for the Nginx web server.

CVE-2026-42220 — Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.8, an authenticated user can call GET /api/settings...

vulnerabilityCVEmedium-severitycwe-200cwe-863
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7768: Fastify Accepts-Serializer DoS Vulnerability

CVE-2026-7768 — @fastify/accepts-serializer cached serializer-selection results keyed by the request Accept header without a size limit or eviction policy. A remote unauthenticated client could send...

vulnerabilityCVEhigh-severitycwe-770
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-6321: fast-uri Path Normalization Bypass

CVE-2026-6321 — fast-uri decoded percent-encoded path separators and dot segments before applying dot-segment removal in its normalize() and equal() functions. Encoded path data was treated...

vulnerabilityCVEhigh-severitycwe-22
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 3 IOCs /⚙ 2 Sigma

Prometheus CVE-2026-42154: Unauthenticated Memory Exhaustion Vulnerability

CVE-2026-42154 — Prometheus is an open-source monitoring system and time series database. Prior to versions 3.5.3 and 3.11.3, the remote read endpoint (/api/v1/read) does not...

vulnerabilityCVEhigh-severitycwe-400cwe-789
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 4 IOCs /⚙ 2 Sigma

Prometheus Azure AD OAuth Secret Exposed via Plaintext Config

CVE-2026-42151 — Prometheus is an open-source monitoring system and time series database. Prior to versions 3.5.3 and 3.11.3, the client_secret field in the Azure AD...

vulnerabilityCVEhigh-severitycwe-200cwe-312
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 1 IOC /⚙ 3 Sigma

CVE-2026-25863: WordPress Plugin DoS Vulnerability Hits Contact Form 7

CVE-2026-25863 — Conditional Fields for Contact Form 7 WordPress plugin through version 2.6.7 contains an uncontrolled resource consumption vulnerability in the Wpcf7cfMailParser class where the...

vulnerabilityCVEhigh-severitycwe-1284
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 5 IOCs

cPanel Authentication Bypass Vulnerability Exploited in the Wild

A critical authentication-bypass vulnerability in cPanel has sparked a "cyber-frenzy," according to Dark Reading. The flaw, which allows attackers to bypass authentication, saw multiple proof-of-concept...

threat-inteltoolsvulnerabilityidentity
/SCW Vulnerability Desk /HIGH /⚑ 2 IOCs /⚙ 3 Sigma

Cisco Acquires Astrix Security to Secure Non-Human Identities

Cisco has announced its intent to acquire Astrix Security, a startup specializing in the security of non-human identities (NHIs). These include critical elements like API...

threat-intelvulnerabilityidentityai-security
/SCW Vulnerability Desk /MEDIUM

Detect-It-Easy Path Traversal Allows Arbitrary File Writes, Code Execution

CVE-2026-43616 — Detect-It-Easy prior to 3.21 contains a path traversal vulnerability that allows attackers to write arbitrary files to the filesystem by crafting malicious archive...

vulnerabilityCVEhigh-severitycode-executioncwe-23
/SCW Vulnerability Desk /HIGH /7.1 /⚑ 3 IOCs /⚙ 3 Sigma

Arelle RCE: Unauthenticated Remote Code Execution in REST Endpoint

CVE-2026-42796 — Arelle before 2.39.10 contains an unauthenticated remote code execution vulnerability in the /rest/configure REST endpoint that accepts a plugins query parameter and forwards...

vulnerabilityCVEcriticalhigh-severityremote-code-executioncwe-306
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 5 IOCs /⚙ 3 Sigma

CVE-2026-42146 — CImg Library is a C++ library for image processing. Prior

CVE-2026-42146 — CImg Library is a C++ library for image processing. Prior to commit c3aacf5, the nb_colors field read from the BMP file header is...

vulnerabilityCVEmedium-severitycwe-789
/SCW Vulnerability Desk /MEDIUM /5.5 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-42144 — Buffer Overflow

CVE-2026-42144 — CImg Library is a C++ library for image processing. Prior to commit 4ca26bc, there is an integer overflow vulnerability in the W*H*D size...

vulnerabilityCVEmedium-severitybuffer-overflowcwe-190
/SCW Vulnerability Desk /MEDIUM /6.1 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-42092 — titra is an open source time tracking project. In version

CVE-2026-42092 — titra is an open source time tracking project. In version 0.99.52, the globalsettings Meteor publication returns all global settings without any admin or...

vulnerabilityCVEmedium-severitycwe-200
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-42091 — Arbitrary File Access

CVE-2026-42091 — goshs is a SimpleHTTPServer written in Go. Prior to version 2.0.2, the PUT upload handler (httpserver/updown.go) lacks the CSRF token validation that was...

vulnerabilityCVEmedium-severityarbitrary-file-accesscwe-352
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 2 Sigma

OpenC3 COSMOS Critical Script Runner Bypass (CVE-2026-42088)

CVE-2026-42088 — OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. Prior to version 7.0.0-rc3,...

vulnerabilityCVEcriticalhigh-severitycwe-250
/SCW Vulnerability Desk /CRITICAL /9.6 /⚑ 5 IOCs /⚙ 4 Sigma

OpenC3 COSMOS TSDB SQL Injection Flaw Exposes Critical Systems

CVE-2026-42087 — OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. From version 6.7.0 to...

vulnerabilityCVEcriticalhigh-severitysql-injectioncwe-89
/SCW Vulnerability Desk /CRITICAL /9.6 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-42086 — Cross-Site Scripting (XSS)

CVE-2026-42086 — OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. Prior to version 7.0.0,...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /4.6 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-42084: OpenC3 COSMOS Allows Password Change Without Old Password

CVE-2026-42084 — OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. Prior to versions 6.10.5...

vulnerabilityCVEhigh-severitycwe-620
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-41572 — Note Mark is an open-source note-taking application. Prior

CVE-2026-41572 — Note Mark is an open-source note-taking application. Prior to version 0.19.3, after a note-mark owner soft-deletes a public book, its notes and uploaded...

vulnerabilityCVEmedium-severitycwe-285
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-41571: Note Mark Critical Auth Bypass

CVE-2026-41571 — Note Mark is an open-source note-taking application. In version 0.19.2, IsPasswordMatch in backend/db/models.go falls back to a hard-coded bcrypt("null") placeholder whenever a user...

vulnerabilityCVEcriticalhigh-severitycwe-287
/SCW Vulnerability Desk /CRITICAL /9.4 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-41471: PayPal Events WordPress Plugin Exposes All Customer Orders

CVE-2026-41471 — Easy PayPal Events & Tickets plugin for WordPress versions 1.3 and earlier contain an information disclosure vulnerability in the QR code scanning endpoint...

vulnerabilityCVEhigh-severityinformation-disclosurecwe-639
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-32834: WordPress Easy PayPal Plugin Authentication Bypass

CVE-2026-32834 — Easy PayPal Events & Tickets plugin for WordPress version 1.3 and earlier contain a hardcoded authentication bypass vulnerability in the QR code scanning...

vulnerabilityCVEhigh-severityauthentication-bypasscwe-798
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 5 IOCs /⚙ 2 Sigma

BusyBox udhcpc6 Heap Overflow (CVE-2026-29004) Exposes Embedded Systems

CVE-2026-29004 — BusyBox before commit 42202bf contains a heap buffer overflow vulnerability in the DHCPv6 client (udhcpc6) DNS_SERVERS option handler in networking/udhcp/d6_dhcpc.c that allows network-adjacent...

vulnerabilityCVEhigh-severitycode-executioncwe-122
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 5 IOCs /⚙ 3 Sigma

Phishing Campaign Leverages SimpleHelp, ScreenConnect RMM to Hit 80+ Orgs

An active phishing campaign, codenamed VENOMOUS#HELPER, has been observed since at least April 2025, according to The Hacker News. This operation targets organizations by leveraging...

threat-intelvulnerabilityphishingtoolsthe-hacker-news
/SCW Vulnerability Desk /MEDIUM /⚑ 3 IOCs

Apache Iceberg CVE-2026-42812 Bypasses Metadata Location Validation

CVE-2026-42812 — In Apache Iceberg, the table's metadata files are control files: they tell readers which data files belong to the table and which table...

vulnerabilityCVEcriticalhigh-severitycwe-20cwe-284cwe-732cwe-863
/SCW Vulnerability Desk /CRITICAL /9.9 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-42811: Apache Polaris Credential Bypass Exposes Cloud Storage

CVE-2026-42811 — In plain terms, Apache Polaris is supposed to issue short-lived GCS credentials that only work for one table's files, but a crafted namespace...

vulnerabilityCVEcriticalhigh-severitycwe-20cwe-917
/SCW Vulnerability Desk /CRITICAL /9.9 /⚑ 1 IOC /⚙ 3 Sigma

CVE-2026-42810: Apache Polaris S3 Wildcard Vulnerability Creates Critical Data Risk

CVE-2026-42810 — Apache Polaris accepts literal `*` characters in namespace and table names. When it later builds temporary S3 access policies for delegated table access,...

vulnerabilityCVEcriticalhigh-severitycwe-20cwe-116
/SCW Vulnerability Desk /CRITICAL /9.9 /⚑ 1 IOC /⚙ 3 Sigma

CVE-2026-42809: Apache Polaris Critical Credential Vulnerability

CVE-2026-42809 — Apache Polaris can issue broad temporary ("vended") storage credentials during staged table creation before the effective table location has been validated or durably...

vulnerabilityCVEcriticalhigh-severitycwe-20cwe-862
/SCW Vulnerability Desk /CRITICAL /9.9 /⚑ 3 IOCs /⚙ 4 Sigma

CVE-2026-42376: D-Link DIR-456U EOL Router Exposes Critical Backdoor

CVE-2026-42376 — D-Link DIR-456U Hardware Revision A1 (End-of-Life, EOL) contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /etc/init0.d/S80telnetd.sh with...

vulnerabilityCVEcriticalhigh-severitycwe-798
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 5 IOCs /⚙ 4 Sigma

D-Link DIR-600L EOL Router Exposes Critical Telnet Backdoor

CVE-2026-42375 — D-Link DIR-600L Hardware Revision A1 (End-of-Life) contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /bin/telnetd.sh with the...

vulnerabilityCVEcriticalhigh-severitycwe-798
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 5 IOCs /⚙ 3 Sigma

D-Link DIR-600L EOL Router Has Hardcoded Telnet Backdoor

CVE-2026-42374 — D-Link DIR-600L Hardware Revision B1 (End-of-Life) contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /bin/telnetd.sh with the...

vulnerabilityCVEcriticalhigh-severitycwe-798
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 4 IOCs /⚙ 3 Sigma

D-Link DIR-605L EOL Router Hit by Critical Telnet Backdoor

CVE-2026-42373 — D-Link DIR-605L Hardware Revision B2 (End-of-Life, EOL) contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /bin/telnetd.sh with...

vulnerabilityCVEcriticalhigh-severitycwe-798
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 4 IOCs /⚙ 4 Sigma

CVE-2026-42076: Evolver Engine RCE Puts AI Agents at Risk

CVE-2026-42076 — Evolver is a GEP-powered self-evolving engine for AI agents. Prior to version 1.69.3, a command injection vulnerability in the _extractLLM() function allows attackers...

vulnerabilityCVEcriticalhigh-severityremote-code-executioncwe-78
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 4 IOCs /⚙ 3 Sigma

vm2 Sandbox Escape Vulnerability (CVE-2026-26956) Allows Critical Code Execution

CVE-2026-26956 — vm2 is an open source vm/sandbox for Node.js. In version 3.10.4, vm2 is vulnerable to full sandbox escape with arbitrary code execution. Attacker...

vulnerabilityCVEcriticalhigh-severitycode-executioncwe-693
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 3 IOCs /⚙ 3 Sigma

vm2 Sandbox Escape (CVE-2026-26332) Exposes Node.js Apps to RCE

CVE-2026-26332 — vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.0, SuppressedError allows attackers to escape the sandbox and run arbitrary code....

vulnerabilityCVEcriticalhigh-severitycwe-94cwe-693
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-25293: Critical PLC Buffer Overflow Puts Industrial Control Systems at Risk

CVE-2026-25293 — Buffer overflow due to incorrect authorization in PLC FW

vulnerabilityCVEcriticalhigh-severitybuffer-overflowcwe-863
/SCW Vulnerability Desk /CRITICAL /9.6 /⚑ 2 IOCs /⚙ 4 Sigma

VM2 Sandbox Escape Vulnerability (CVE-2026-24781) Exposes Node.js Applications

CVE-2026-24781 — vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.0, VM2 suffers from a sandbox breakout vulnerability through the inspect function....

vulnerabilityCVEcriticalhigh-severitycwe-94cwe-693
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 2 IOCs /⚙ 5 Sigma

CVE-2026-24120: vm2 Sandbox Escape Allows Host Command Execution

CVE-2026-24120 — vm2 is an open source vm/sandbox for Node.js. Prior to version 3.10.5, the fix for CVE-2023-37466 is insufficient and can be circumvented allowing...

vulnerabilityCVEcriticalhigh-severitycwe-94cwe-693
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 3 IOCs /⚙ 3 Sigma

VM2 Sandbox Breakout Vulnerability: Critical Flaw Exposes Node.js Applications

CVE-2026-24118 — vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.0, VM2 suffers from a sandbox breakout vulnerability. This allows attackers to...

vulnerabilityCVEcriticalhigh-severitycwe-94cwe-693
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 1 IOC /⚙ 3 Sigma

AI Phishing, Android Spyware, Linux Exploit, GitHub RCE Headline Weekly Threats

This week's cybersecurity landscape highlights a critical shift from mere breaches to persistent occupation, according to The Hacker News. Attackers are leveraging advanced techniques, turning...

threat-intelvulnerabilitydata-breachphishingtools
/SCW Vulnerability Desk /HIGH /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-6266: AAP Gateway Email Auto-Link Flaw Allows Account Hijack

CVE-2026-6266 — A flaw was found in the AAP gateway. The user auto-link strategy, introduced in AAP 2.6, automatically links an external Identity Provider (IDP)...

vulnerabilityCVEhigh-severitycwe-305
/SCW Vulnerability Desk /HIGH /8.3 /⚑ 3 IOCs

CVE-2026-34032 — Apache HTTP Server: Out-of-Bounds $1

CVE-2026-34032 — Improper Null Termination, Out-of-bounds Read vulnerability in Apache HTTP Server. This issue affects Apache HTTP Server: through 2.4.66. Users are recommended to upgrade...

vulnerabilityCVEmedium-severityout-of-bounds-1cwe-125cwe-170
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 3 IOCs /⚙ 1 Sigma

CVE-2026-33857 — Apache HTTP Server: Out-of-Bounds $1

CVE-2026-33857 — Out-of-bounds Read vulnerability in mod_proxy_ajp of Apache HTTP Server. This issue affects Apache HTTP Server: through 2.4.66. Users are recommended to upgrade to...

vulnerabilityCVEmedium-severityout-of-bounds-1cwe-125
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-31205 — Pluck CMS Before V.4.7.21dev Vulnerability

CVE-2026-31205 — Cross Site Scripting vulnerability in Pluck CMS before v.4.7.21dev allows a remote attacker to escalate privileges via the editpage.php and the sanitizePageContent function...

vulnerabilityCVEmedium-severity
/SCW Vulnerability Desk /MEDIUM /5.7 /⚑ 1 IOC /⚙ 3 Sigma

Norton Secure VPN Privilege Escalation via Microsoft Store (CVE-2025-58074)

CVE-2025-58074 — A privilege escalation vulnerability exists during the installation of Norton Secure VPN via the Microsoft Store. A low-privilege user can replace files during...

vulnerabilityCVEhigh-severityprivilege-escalationcwe-1386
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7482: Critical Ollama Heap Out-of-Bounds Read Exposes Sensitive AI Data

CVE-2026-7482 — Ollama before 0.17.1 contains a heap out-of-bounds read vulnerability in the GGUF model loader. The /api/create endpoint accepts an attacker-supplied GGUF file in...

vulnerabilityCVEcriticalhigh-severityout-of-bounds-1cwe-125
/SCW Vulnerability Desk /CRITICAL /9.1 /⚑ 5 IOCs /⚙ 3 Sigma

MOVEit Automation Critical Auth Bypass Flaw Requires Immediate Patch

Progress Software has issued an urgent warning regarding a critical authentication bypass vulnerability in its MOVEit Automation managed file transfer (MFT) application. BleepingComputer reports that...

threat-inteldata-breachmalwarevulnerabilityidentity
/SCW Vulnerability Desk /MEDIUM /⚑ 2 IOCs /⚙ 1 Sigma

SambaBox CVE-2026-3120: High-Severity OS Command Injection

CVE-2026-3120 — Improper Control of Generation of Code ('Code Injection') vulnerability in Profelis Information and Consulting Trade and Industry Limited Company SambaBox allows OS Command...

vulnerabilityCVEhigh-severitycommand-injectioncwe-94
/SCW Vulnerability Desk /HIGH /7.2 /⚑ 3 IOCs

Kaikatsu Club Breach: 17-Year-Old Exposes 7 Million Users for Pokémon Cards

A 17-year-old in Osaka was arrested on December 4, 2025, under Japan's Unauthorized Access Prohibition Act for extracting personal data from over 7 million users...

threat-intelvulnerability
/SCW Vulnerability Desk /MEDIUM /⚑ 2 IOCs /⚙ 3 Sigma

Silver Fox Deploys ABCDoor Malware via Tax Phishing in India and Russia

The China-based cybercrime group Silver Fox has launched a new campaign deploying ABCDoor malware, primarily targeting organizations in India and Russia. The Hacker News reports...

threat-intelvulnerabilitymalwarephishing
/SCW Vulnerability Desk /MEDIUM /⚑ 5 IOCs

CISA Warns: 'Copy Fail' Linux Root Vulnerability Actively Exploited

CISA has issued an urgent warning: the 'Copy Fail' Linux security vulnerability (CVE-2024-XXXX) is now being actively exploited in the wild. This critical flaw, disclosed...

threat-inteldata-breachmalwarevulnerability
/SCW Vulnerability Desk /HIGH /⚑ 2 IOCs /⚙ 3 Sigma

Totolink N300RH RCE: CVE-2026-7750 Buffer Overflow Affects Remote Management

CVE-2026-7750 — A vulnerability was detected in Totolink N300RH 3.2.4-B20220812. This vulnerability affects the function setMacFilterRules of the file /cgi-bin/cstecgi.cgi of the component POST Request...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-120
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 1 Sigma

Totolink N300RH Router Hit by High-Severity Buffer Overflow Vulnerability (CVE-2026-7749)

CVE-2026-7749 — A security vulnerability has been detected in Totolink N300RH 3.2.4-B20220812. This affects the function setWanConfig of the file /cgi-bin/cstecgi.cgi of the component POST...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-120
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 5 Sigma

Totolink N300RH Buffer Overflow (CVE-2026-7748) Remotely Exploitable

CVE-2026-7748 — A weakness has been identified in Totolink N300RH 3.2.4-B20220812. Affected by this issue is the function setUpgradeFW of the file /cgi-bin/cstecgi.cgi of the...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-120
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 4 IOCs /⚙ 2 Sigma

GnuTLS DTLS Heap Overflow (CVE-2026-33846) Poses Remote Threat

CVE-2026-33846 — A heap buffer overflow vulnerability exists in the DTLS handshake fragment reassembly logic of GnuTLS. The issue arises in merge_handshake_packet() where incoming handshake...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-130
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 3 IOCs /⚙ 2 Sigma

cPanel Vulnerability Weaponized Against Gov, Military, and MSPs

A previously unknown threat actor is actively exploiting a recently disclosed cPanel vulnerability, according to The Hacker News. The campaign specifically targets government and military...

threat-intelvulnerability
/SCW Vulnerability Desk /MEDIUM /⚑ 3 IOCs /⚙ 3 Sigma

Totolink N300RH Critical Buffer Overflow: Public Exploit Available

CVE-2026-7747 — A security flaw has been discovered in Totolink N300RH 3.2.4-B20220812. Affected by this vulnerability is the function loginauth of the file /cgi-bin/cstecgi.cgi of...

vulnerabilityCVEcriticalhigh-severitybuffer-overflowcwe-119cwe-120
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 3 IOCs /⚙ 5 Sigma

CVE-2026-7746 — SourceCodester Web-Based Pharmacy Product Management System SQL Injection

CVE-2026-7746 — A vulnerability was identified in SourceCodester Web-based Pharmacy Product Management System 1.0. Affected is an unknown function of the file /product_expiry/edit-admin.php. Such manipulation...

vulnerabilityCVEmedium-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7745 — SQL Injection

CVE-2026-7745 — A vulnerability was determined in CodeAstro Online Classroom 1.0. This impacts an unknown function of the file /OnlineClassroom/facultydetails. This manipulation of the argument...

vulnerabilityCVEmedium-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2025-14320: Critical XSS in Tegsoft Online Support Application

CVE-2025-14320 — Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Tegsoft Management and Information Services Trade Limited Company Online Support Application...

vulnerabilityCVEcriticalhigh-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7744 — CodeAstro Online Classroom SQL Injection

CVE-2026-7744 — A vulnerability was found in CodeAstro Online Classroom 1.0. This affects an unknown function of the file /OnlineClassroom/addnewstudent. The manipulation of the argument...

vulnerabilityCVEmedium-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7743 — CodeAstro Online Classroom SQL Injection

CVE-2026-7743 — A vulnerability has been found in CodeAstro Online Classroom 1.0. The impacted element is an unknown function of the file /OnlineClassroom/studentdetails. The manipulation...

vulnerabilityCVEmedium-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7742 — CodeAstro Online Classroom SQL Injection

CVE-2026-7742 — A flaw has been found in CodeAstro Online Classroom 1.0. The affected element is an unknown function of the file /OnlineClassroom/facultylogin. Executing a...

vulnerabilityCVEmedium-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7741 — CodeAstro Online Classroom SQL Injection

CVE-2026-7741 — A vulnerability was detected in CodeAstro Online Classroom 1.0. Impacted is an unknown function of the file /OnlineClassroom/studentlogin. Performing a manipulation of the...

vulnerabilityCVEmedium-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7738 — Puchunjie Doc-Tools-Mcp Path Traversal

CVE-2026-7738 — A security flaw has been discovered in puchunjie doc-tools-mcp 1.0.18. This affects the function create_document/open_document of the file src/mcp-server.ts of the component MCP...

vulnerabilityCVEmedium-severitypath-traversalcwe-22
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-7737 — Osrg GoBGP Out-of-Bounds $1

CVE-2026-7737 — A vulnerability was identified in osrg GoBGP up to 4.3.0. Affected by this issue is the function BMPPeerUpNotification.ParseBody/BMPStatisticsReport.ParseBody of the file pkg/packet/bmp/bmp.go of...

vulnerabilityCVEmedium-severityout-of-bounds-1cwe-119cwe-125
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-7736: GoBGP Integer Underflow Threatens BGP Routing

CVE-2026-7736 — A vulnerability was determined in osrg GoBGP up to 4.3.0. Affected by this vulnerability is the function parseRibEntry of the file pkg/packet/mrt/mrt.go. Executing...

vulnerabilityCVEhigh-severitycwe-189cwe-191
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 1 Sigma

Instructure Data Breach: Student Data Stolen, Services Disrupted

Edtech firm Instructure, known for its Canvas learning management system, has disclosed a data breach following threats of a leak from hackers. SecurityWeek reports that...

threat-intelvulnerabilitydata-breach
/SCW Vulnerability Desk /MEDIUM /⚑ 5 IOCs /⚙ 3 Sigma

cPanel Bug Exposes Millions of Websites to Takeover

A critical cPanel vulnerability is under active exploitation, exposing millions of websites to potential takeover, according to Malwarebytes Blog. This flaw presents a significant risk,...

malwarethreat-intelransomwarevulnerabilitymicrosoft
/SCW Vulnerability Desk /HIGH /⚑ 5 IOCs /⚙ 3 Sigma

osrg GoBGP Buffer Overflow (CVE-2026-7735) Poses Remote Threat

CVE-2026-7735 — A vulnerability was found in osrg GoBGP up to 4.3.0. Affected is the function PathAttributeAigp.DecodeFromBytes of the file pkg/packet/bgp/bgp.go of the component AIGP...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-120
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 4 IOCs /⚙ 5 Sigma

CVE-2026-7734 — Osrg GoBGP Denial of Service

CVE-2026-7734 — A vulnerability has been found in osrg GoBGP up to 4.3.0. This impacts the function SRv6L3ServiceAttribute.DecodeFromBytes of the file pkg/packet/bgp/prefix_sid.go of the component...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-404
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-7733: funadmin Unrestricted File Upload Exposes Systems

CVE-2026-7733 — A flaw has been found in funadmin up to 7.1.0-rc6. This affects the function UploadService::chunkUpload of the file app/common/service/UploadService.php of the component Frontend...

vulnerabilityCVEhigh-severityunrestricted-file-uploadcwe-284cwe-434
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-7732 — Code-Projects BloodBank Managing System Unrestricted File Upload

CVE-2026-7732 — A vulnerability was detected in code-projects BloodBank Managing System 1.0. The impacted element is an unknown function of the file request_blood.php. The manipulation...

vulnerabilityCVEmedium-severityunrestricted-file-uploadcwe-284cwe-434
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7731 — Code-Projects BloodBank Managing System SQL Injection

CVE-2026-7731 — A security vulnerability has been detected in code-projects BloodBank Managing System 1.0. The affected element is an unknown function of the file get_state.php....

vulnerabilityCVEmedium-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 3 Sigma

Global Law Enforcement Cracks Down on Crypto Scam Centers, Arrests 276

A significant international law enforcement operation has dismantled nine cryptocurrency investment fraud centers, leading to 276 arrests. The Hacker News reports that this crackdown, spearheaded...

threat-intelvulnerability
/SCW Vulnerability Desk /MEDIUM /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-7730 — Command Injection

CVE-2026-7730 — A weakness has been identified in privsim mcp-test-runner 0.2.0. Impacted is the function child_process.spawn of the file src/index.ts of the component MCP Interface....

vulnerabilityCVEmedium-severitycommand-injectioncwe-77cwe-78
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7729 — Pixelsock Directus-Mcp Server-Side Request Forgery

CVE-2026-7729 — A security flaw has been discovered in pixelsock directus-mcp 1.0.0. This issue affects the function validateUrl of the file index.ts of the component...

vulnerabilityCVEmedium-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-7728 — Ryanjoachim Mcp-Rtfm Path Traversal

CVE-2026-7728 — A vulnerability was identified in ryanjoachim mcp-rtfm 0.1.0. This vulnerability affects the function get_doc_content/read_doc/update_doc of the component MCP Interface. Such manipulation of the...

vulnerabilityCVEmedium-severitypath-traversalcwe-22
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 2 IOCs /⚙ 5 Sigma

CVE-2026-7727: Shandong Hoteam Software PDM SQL Injection

CVE-2026-7727 — A vulnerability was determined in Shandong Hoteam Software PDM Product Data Management System up to 8.3.9. This affects the function GetQueryMachineGridOnePageData of the...

vulnerabilityCVEhigh-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7725 — PrefectHQ Prefect Vulnerability

CVE-2026-7725 — A vulnerability was found in PrefectHQ prefect up to 3.6.25.dev6. Affected by this issue is some unknown functionality of the file src/prefect/runner/storage.py of...

vulnerabilityCVEmedium-severitycwe-74cwe-88
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 3 Sigma

Reborn Gaming Breach: cPanel/WHM Vulnerability Exposes User Data

The gaming community Reborn Gaming experienced a data breach in April 2026, stemming from a vulnerability within cPanel and WebHost Manager (WHM). Have I Been...

data-breachvulnerability
/SCW Vulnerability Desk /HIGH /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7724 — PrefectHQ Prefect Vulnerability

CVE-2026-7724 — A vulnerability has been found in PrefectHQ prefect up to 3.6.28.dev1. Affected by this vulnerability is the function validate_restricted_url of the component Webhook/Notification....

vulnerabilityCVEmedium-severitycwe-362cwe-367
/SCW Vulnerability Desk /MEDIUM /5 /⚑ 3 IOCs /⚙ 1 Sigma

CVE-2026-7723: PrefectHQ Prefect WebSocket Lacks Authentication

CVE-2026-7723 — A flaw has been found in PrefectHQ prefect up to 3.6.13. Affected is an unknown function of the file /api/events/in of the component...

vulnerabilityCVEhigh-severitycwe-287cwe-306
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-7722 — PrefectHQ Prefect Vulnerability

CVE-2026-7722 — A vulnerability was detected in PrefectHQ prefect up to 3.6.21. This impacts the function endswith of the file /api/health of the component Health...

vulnerabilityCVEmedium-severitycwe-287
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-7721 — Totolink WA300 5.2cu.7112_B20190227 Command Injection

CVE-2026-7721 — A security vulnerability has been detected in Totolink WA300 5.2cu.7112_B20190227. This affects the function NTPSyncWithHost of the file /cgi-bin/cstecgi.cgi. Such manipulation of the...

vulnerabilityCVEmedium-severitycommand-injectioncwe-74cwe-77
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-7720 — Command Injection

CVE-2026-7720 — A weakness has been identified in Totolink WA300 5.2cu.7112_B20190227. The impacted element is the function setLanguageCfg of the file /cgi-bin/cstecgi.cgi of the component...

vulnerabilityCVEmedium-severitycommand-injectioncwe-74cwe-77
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 2 Sigma

Totolink WA300 Critical Buffer Overflow (CVE-2026-7719) Exploited

CVE-2026-7719 — A security flaw has been discovered in Totolink WA300 5.2cu.7112_B20190227. The affected element is the function loginauth of the file /cgi-bin/cstecgi.cgi of the...

vulnerabilityCVEcriticalhigh-severitybuffer-overflowcwe-119cwe-120
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 4 IOCs /⚙ 1 Sigma

CVE-2026-7718 — Totolink WA300 5.2cu.7112_B20190227 Command Injection

CVE-2026-7718 — A vulnerability was identified in Totolink WA300 5.2cu.7112_B20190227. Impacted is the function setWebWlanIdx of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler....

vulnerabilityCVEmedium-severitycommand-injectioncwe-74cwe-77
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-7713 — Crocodilestick Calibre-Web-Automated Vulnerability

CVE-2026-7713 — A vulnerability was detected in crocodilestick Calibre-Web-Automated up to 4.0.6. Affected by this vulnerability is the function generate_auth_token of the file cps/kobo_auth.py of...

vulnerabilityCVEmedium-severitycwe-266cwe-285
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-7712 — MindsDB Insecure Deserialization

CVE-2026-7712 — A security vulnerability has been detected in MindsDB up to 26.01. Affected is the function pickle.loads of the component Pickle Handler. The manipulation...

vulnerabilityCVEmedium-severityinsecure-deserializationcwe-20cwe-502
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 3 Sigma

MindsDB Unrestricted File Upload (CVE-2026-7711) Poses Remote Threat

CVE-2026-7711 — A weakness has been identified in MindsDB up to 26.01. This impacts the function exec of the file mindsdb/integrations/handlers/byom_handler/proc_wrapper.py of the component Engine...

vulnerabilityCVEhigh-severityunrestricted-file-uploadcwe-284cwe-434
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-7710: YunaiV yudao-cloud Improper Authentication Flaw

CVE-2026-7710 — A security flaw has been discovered in YunaiV yudao-cloud up to 3.8.0. This affects the function doFilterInternal of the file JwtAuthenticationTokenFilter.java of the...

vulnerabilityCVEhigh-severitycwe-287
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 4 IOCs /⚙ 2 Sigma

CVE-2026-6948 — Velociraptor versions prior to 0.76.4 contain a resource

CVE-2026-6948 — Velociraptor versions prior to 0.76.4 contain a resource exhaustion vulnerability in the server's agent control channel. This allows a compromised or rogue Velociraptor...

vulnerabilityCVEmedium-severitycwe-770
/SCW Vulnerability Desk /MEDIUM /4.9 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-7709 — Janeczku Calibre-Web Vulnerability

CVE-2026-7709 — A vulnerability was identified in janeczku Calibre-Web up to 0.6.26. The impacted element is the function generate_auth_token of the file cps/kobo_auth.py of the...

vulnerabilityCVEmedium-severitycwe-266cwe-285
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-7708 — Denial of Service

CVE-2026-7708 — A vulnerability was determined in Open5GS up to 2.7.7. The affected element is the function ogs_dbi_subscription_data in the library /lib/dbi/subscription.c of the component...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-404
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 1 Sigma

CVE-2026-7707 — Open5GS Denial of Service

CVE-2026-7707 — A vulnerability was found in Open5GS up to 2.7.7. Impacted is the function udr_nudr_dr_handle_subscription_context of the file /src/udr/nudr-handler.c of the component UDR. The...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-404
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 1 Sigma

CVE-2026-7706 — Open5GS Denial of Service

CVE-2026-7706 — A vulnerability has been found in Open5GS up to 2.7.7. This issue affects the function gmm_handle_service_request of the file /src/amf/gmm-handler.c of the component...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-404
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-7705 — JD Cloud JDCOS 4.5.1.R4518 Command Injection

CVE-2026-7705 — A flaw has been found in JD Cloud JDCOS 4.5.1.r4518. This vulnerability affects the function set_iptv_info of the file /jdcap of the component...

vulnerabilityCVEmedium-severitycommand-injectioncwe-74cwe-77
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-7704 — AV Stumpfl Pixera Two Media Server Path Traversal

CVE-2026-7704 — A vulnerability has been found in AV Stumpfl Pixera Two Media Server up to 25.1 R2. The affected element is an unknown function...

vulnerabilityCVEmedium-severitypath-traversalcwe-22
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 2 Sigma

AV Stumpfl Pixera Two Media Server Websocket API Code Injection

CVE-2026-7703 — A flaw has been found in AV Stumpfl Pixera Two Media Server up to 25.2 R2. Impacted is an unknown function of the...

vulnerabilityCVEhigh-severitycwe-74cwe-94
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 2 Sigma

US Military Taps Google, Microsoft, AWS for Classified AI

The US military has engaged seven major tech companies—Google, Microsoft, Amazon Web Services, Nvidia, OpenAI, Reflection, and SpaceX—to integrate their AI capabilities into classified systems....

threat-intelvulnerabilitymicrosoft
/SCW Vulnerability Desk /MEDIUM

CVE-2026-7702 — Toeverything AFFiNE Vulnerability

CVE-2026-7702 — A vulnerability was detected in toeverything AFFiNE up to 0.26.3. This issue affects the function allowDocPreview of the file /workspace/:workspaceId/:docId of the component...

vulnerabilityCVEmedium-severitycwe-285cwe-639
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-7701 — Telegram Desktop Null Pointer Dereference

CVE-2026-7701 — A security vulnerability has been detected in Telegram Desktop up to 6.7.5. This vulnerability affects the function RequestButton of the file Telegram/SourceFiles/boxes/url_auth_box.cpp of...

vulnerabilityCVEmedium-severitynull-pointer-dereferencecwe-404cwe-476
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-7700 — The Function Eval Of The File Src/Lfx/Src/Lfx/Components/Llm Vulnerability

CVE-2026-7700 — A weakness has been identified in langflow-ai langflow up to 1.8.4. This affects the function eval of the file src/lfx/src/lfx/components/llm_operations/lambda_filter.p of the component...

vulnerabilityCVEmedium-severitycwe-74cwe-94
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7699 — Dromara MaxKey SQL Injection

CVE-2026-7699 — A security flaw has been discovered in Dromara MaxKey up to 3.5.13. Affected by this issue is the function StrUtils.checkSqlInjection of the file...

vulnerabilityCVEmedium-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 3 Sigma

Tiandy Easy7 RCE: Unauthenticated OS Command Injection via updateDbBackupInfo

CVE-2026-7698 — A vulnerability was identified in Tiandy Easy7 Integrated Management Platform 7.17.0. Affected by this vulnerability is an unknown functionality of the file /Easy7/rest/systemInfo/updateDbBackupInfo....

vulnerabilityCVEhigh-severitycommand-injectioncwe-77cwe-78
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-7697 — SQL Injection

CVE-2026-7697 — A vulnerability was determined in AMTT Hotel Broadband Operation System 1.0. Affected is an unknown function of the file /manager/card/cardhand_submit.php. This manipulation of...

vulnerabilityCVEmedium-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /MEDIUM /4.7 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7696 — Acrel Electrical EEMS Enterprise Power Operation And Mainten Unrestricted File Upload

CVE-2026-7696 — A vulnerability was found in Acrel Electrical EEMS Enterprise Power Operation and Maintenance Cloud Platform 1.3.0. This impacts an unknown function of the...

vulnerabilityCVEmedium-severityunrestricted-file-uploadcwe-284cwe-434
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 3 Sigma

Acrel Electrical EEMS Platform Hit by High-Severity SQL Injection

CVE-2026-7695 — A vulnerability has been found in Acrel Electrical EEMS Enterprise Power Operation and Maintenance Cloud Platform 1.3.0. This affects an unknown function of...

vulnerabilityCVEhigh-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 3 Sigma

Acrel Electrical ECEMS SQLi (CVE-2026-7694) Exposes Microgrid Systems

CVE-2026-7694 — A flaw has been found in Acrel Electrical ECEMS Enterprise Microgrid Energy Efficiency Management System 1.3.0. The impacted element is an unknown function...

vulnerabilityCVEhigh-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 3 Sigma

Targeted Phishing Campaign Active in Israel Exploits Compromised Email Accounts

Shimi's Cyber World has learned of a targeted phishing campaign currently active in Israel, as reported by the Israel National Cyber Directorate (INCD). The campaign...

INCDisraeladvisoryalert
/MEDIUM /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7692 — Wavlink WL-WN570HA1 R70HA1 V1410_221110 Command Injection

CVE-2026-7692 — A vulnerability was detected in Wavlink WL-WN570HA1 R70HA1 V1410_221110. The affected element is the function ping_ddns of the file /cgi-bin/adm.cgi. Performing a manipulation...

vulnerabilityCVEmedium-severitycommand-injectioncwe-74cwe-77
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 5 Sigma

CVE-2026-7691 — Wavlink WL-WN570HA1 R70HA1 V1410_221110 Command Injection

CVE-2026-7691 — A security vulnerability has been detected in Wavlink WL-WN570HA1 R70HA1 V1410_221110. Impacted is the function set_sys_cmd of the file /cgi-bin/adm.cgi. Such manipulation of...

vulnerabilityCVEmedium-severitycommand-injectioncwe-74cwe-77
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7690 — The Function Set_sys_adm Of The File /Cgi-Bin/Adm.Cgi Command Injection

CVE-2026-7690 — A weakness has been identified in Wavlink WL-WN570HA1 R70HA1 V1410_221110. This issue affects the function set_sys_adm of the file /cgi-bin/adm.cgi. This manipulation of...

vulnerabilityCVEmedium-severitycommand-injectioncwe-74cwe-77
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-7688 — Dolibarr ERP CRM SQL Injection

CVE-2026-7688 — A vulnerability was identified in Dolibarr ERP CRM up to 23.0.2. This affects the function _checkValForAPI of the file htdocs/expedition/class/expedition.class.php of the component...

vulnerabilityCVEmedium-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /MEDIUM /5 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7686 — Eyeo Adblock Plus Improper Access Control

CVE-2026-7686 — A vulnerability was found in eyeo Adblock Plus up to 4.36.2 on Chrome. Affected by this vulnerability is the function postMessage of the...

vulnerabilityCVEmedium-severityimproper-access-controlcwe-266cwe-284
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 3 IOCs

Edimax BR-6208AC Buffer Overflow: Remote Exploit Public (CVE-2026-7685)

CVE-2026-7685 — A vulnerability was detected in Edimax BR-6208AC up to 1.02. Affected is an unknown function of the file /goform/setWAN. Performing a manipulation of...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-120
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 1 Sigma

Edimax BR-6428nC Buffer Overflow (CVE-2026-7684) Exposed, High Severity

CVE-2026-7684 — A security vulnerability has been detected in Edimax BR-6428nC up to 1.16. This impacts an unknown function of the file /goform/setWAN. Such manipulation...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-120
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 1 Sigma

CVE-2026-7683 — An Unknown Function Of The File /Goform/SetWAN Of The Compon Command Injection

CVE-2026-7683 — A weakness has been identified in Edimax BR-6428nC up to 1.16. This affects an unknown function of the file /goform/setWAN of the component...

vulnerabilityCVEmedium-severitycommand-injectioncwe-74cwe-77
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7682 — Edimax BR-6208AC Command Injection

CVE-2026-7682 — A security flaw has been discovered in Edimax BR-6208AC 1.02. The impacted element is the function setWAN of the file /goform/setWAN of the...

vulnerabilityCVEmedium-severitycommand-injectioncwe-74cwe-77
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-7681 — Jsbroks COCO Annotator Vulnerability

CVE-2026-7681 — A security vulnerability has been detected in jsbroks COCO Annotator up to 0.11.1. Affected by this vulnerability is an unknown functionality of the...

vulnerabilityCVEmedium-severitycwe-285cwe-639
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-7680 — Path Traversal

CVE-2026-7680 — A weakness has been identified in jsbroks COCO Annotator up to 0.11.1. Affected is an unknown function of the file backend/webserver/api/datasets.py of the...

vulnerabilityCVEmedium-severitypath-traversalcwe-22
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-5063: NEX-Forms WordPress Plugin Stored XSS

CVE-2026-5063 — The NEX-Forms – Ultimate Forms Plugin for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via POST parameter key names in...

vulnerabilityCVEhigh-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /HIGH /7.2 /⚑ 3 IOCs /⚙ 3 Sigma

YunaiV yudao-cloud Authentication Bypass (CVE-2026-7679) Publicly Exploited

CVE-2026-7679 — A security flaw has been discovered in YunaiV yudao-cloud up to 2026.01. This impacts the function getAccessToken of the file yudao-module-system-biz/src/main/java/io/github/ruoyi/common/oauth2/service/impl/OAuth2TokenServiceImpl.java. Performing a...

vulnerabilityCVEhigh-severitycwe-287
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-7678 — YunaiV Yudao-Cloud SQL Injection

CVE-2026-7678 — A vulnerability was identified in YunaiV yudao-cloud up to 2026.01. This affects the function getDataBySQL of the file yudao-module-report-biz/src/main/java/io/github/ruoyi/report/service/impl/GoViewDataServiceImpl.java. Such manipulation leads to...

vulnerabilityCVEmedium-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7676 — Kerwincui FastBee Path Traversal

CVE-2026-7676 — A vulnerability was found in kerwincui FastBee up to 1.2.1. The affected element is the function ToolController.download of the file springboot/fastbee-open-api/src/main/java/com/fastbee/data/controller/ToolController.java of the...

vulnerabilityCVEmedium-severitypath-traversalcwe-22
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-7675: Shenzhen Libituo LBT-T300-HW1 Buffer Overflow Exposed

CVE-2026-7675 — A vulnerability has been found in Shenzhen Libituo Technology LBT-T300-HW1 up to 1.2.8. Impacted is the function start_lan of the file /apply.cgi. The...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-120
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-7674: Libituo LBT-T300-HW1 Buffer Overflow Poses Remote Risk

CVE-2026-7674 — A flaw has been found in Shenzhen Libituo Technology LBT-T300-HW1 up to 1.2.8. This issue affects the function start_single_service of the component Web...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-120
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 5 Sigma

CVE-2026-7673 — Crmeb_java Unrestricted File Upload

CVE-2026-7673 — A vulnerability was detected in crmeb_java up to 1.3.4. This vulnerability affects unknown code of the file crmeb/crmeb-service/src/main/java/com/zbkj/service/service/impl/UploadServiceImpl.java of the component Admin Upload....

vulnerabilityCVEmedium-severityunrestricted-file-uploadcwe-284cwe-434
/SCW Vulnerability Desk /MEDIUM /4.7 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7672 — Youlaitech Youlai-Boot SQL Injection

CVE-2026-7672 — A security vulnerability has been detected in youlaitech youlai-boot up to 2.21.1. This affects the function getUserList of the file src/main/java/com/youlai/boot/system/controller/UserController.java of the...

vulnerabilityCVEmedium-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 3 Sigma

Jinher OA 1.0 SQL Injection (CVE-2026-7670) Exposes Data Remotely

CVE-2026-7670 — A flaw has been found in Jinher OA 1.0. The affected element is an unknown function of the file /C6/JHSoft.Web.PlanSummarize/UserSel.aspx. This manipulation of...

vulnerabilityCVEhigh-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7669 — Sgl-Project SGLang Insecure Deserialization

CVE-2026-7669 — A vulnerability was detected in sgl-project SGLang up to 0.5.9. Impacted is the function get_tokenizer of the file python/sglang/srt/utils/hf_transformers_utils.py of the component HuggingFace...

vulnerabilityCVEmedium-severityinsecure-deserializationcwe-20cwe-502
/SCW Vulnerability Desk /MEDIUM /5.6 /⚑ 3 IOCs /⚙ 2 Sigma

MikroTik RouterOS 6.49.8 SCEP Endpoint Vulnerability (CVE-2026-7668)

CVE-2026-7668 — A vulnerability was identified in MikroTik RouterOS 6.49.8. This vulnerability affects the function ASN1_STRING_data in the library nova/lib/www/scep.p of the component SCEP Endpoint....

vulnerabilityCVEhigh-severityout-of-bounds-1cwe-119cwe-125
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 1 Sigma

Lapsus$ Claims Checkmarx Breach, Google Adjusts Bug Bounty, Blackwater Hits Hospitals

Cyber Updates - Asher Tamam reports that the Lapsus$ group claims a 96GB data leak from Checkmarx, allegedly leveraging credentials stolen via a Trivy tool....

israelvulnerabilitydata-breachcloud
/SCW Vulnerability Desk /MEDIUM /⚑ 5 IOCs /⚙ 3 Sigma

ChatGPTNextWeb NextChat Improper Authorization Vulnerability (CVE-2026-7644)

CVE-2026-7644 — A vulnerability has been found in ChatGPTNextWeb NextChat up to 2.16.1. Affected is the function addMcpServer of the file app/mcp/actions.ts. The manipulation leads...

vulnerabilityCVEhigh-severitycwe-266cwe-285
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-7643 — ChatGPTNextWeb NextChat Vulnerability

CVE-2026-7643 — A flaw has been found in ChatGPTNextWeb NextChat up to 2.16.1. This impacts an unknown function of the file Next.js of the component...

vulnerabilityCVEmedium-severitycwe-346cwe-942
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7642 — Pskill9 Website-Downloader Command Injection

CVE-2026-7642 — A vulnerability was detected in pskill9 website-downloader up to 0.1.0. This affects the function download_website of the file src/index.ts of the component MCP...

vulnerabilityCVEmedium-severitycommand-injectioncwe-77cwe-78
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7633 — Totolink N300RH 6.1c.1353_B20190305 Vulnerability

CVE-2026-7633 — A vulnerability was identified in Totolink N300RH 6.1c.1353_B20190305. This impacts the function setUploadSetting of the file /cgi-bin/cstecgi.cgi. Such manipulation of the argument FileName...

vulnerabilityCVEmedium-severitycwe-73
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-7632: SQL Injection in Online Hospital Management System

CVE-2026-7632 — A vulnerability was determined in code-projects Online Hospital Management System 1.0. This affects an unknown function of the file /viewappointment.php. This manipulation of...

vulnerabilityCVEhigh-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7631 — Code-Projects Online Hospital Management System Vulnerability

CVE-2026-7631 — A vulnerability was found in code-projects Online Hospital Management System 1.0. The impacted element is an unknown function of the component Registration Handler....

vulnerabilityCVEmedium-severitycwe-266cwe-285
/SCW Vulnerability Desk /MEDIUM /5.4 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-7630: InnoShop Improper Authentication Exposes Installation Endpoint

CVE-2026-7630 — A vulnerability has been found in innocommerce InnoShop up to 0.7.8. The affected element is the function InstallServiceProvider::boot of the file innopacks/install/src/InstallServiceProvider.php of...

vulnerabilityCVEhigh-severitycwe-287
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-7629 — Kleneway Awesome-Cursor-Mpc-Server Command Injection

CVE-2026-7629 — A flaw has been found in kleneway awesome-cursor-mpc-server up to 2.0.1. Impacted is the function runCodeReviewTool of the file src/tools/codeReview.ts of the component...

vulnerabilityCVEmedium-severitycommand-injectioncwe-74cwe-77
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-3504 — The Dokan: AI Powered WooCommerce Multivendor Marketplace

CVE-2026-3504 — The Dokan: AI Powered WooCommerce Multivendor Marketplace Solution plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and...

vulnerabilityCVEmedium-severitycwe-200
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 2 Sigma

WCFM Frontend Manager: Critical IDOR Allows Admin Deletion

CVE-2026-2554 — The WCFM – Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible plugin for WordPress is vulnerable to Insecure Direct Object Reference...

vulnerabilityCVEhigh-severitycwe-639
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-0703 — Cross-Site Scripting (XSS)

CVE-2026-0703 — The NextMove Lite – Thank You Page for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'xlwcty_current_date' shortcode...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-7628 — CrazyrabbitLTC Mcp-Code-Review-Server Command Injection

CVE-2026-7628 — A vulnerability was detected in crazyrabbitLTC mcp-code-review-server up to 0.1.0. This issue affects the function executeRepomix of the file src/repomix.ts of the component...

vulnerabilityCVEmedium-severitycommand-injectioncwe-74cwe-77
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-6817 — Cross-Site Scripting (XSS)

CVE-2026-6817 — The Quiz Maker by AYS plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'rate_reason' parameter in all versions up to,...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /5.8 /⚑ 2 IOCs /⚙ 2 Sigma

WordPress Salon Booking Plugin: Arbitrary File Read via Email Attachments

CVE-2026-6320 — The Salon Booking System – Free Version plugin for WordPress is vulnerable to Arbitrary File Read in versions up to, and including, 10.30.25....

vulnerabilityCVEhigh-severityarbitrary-file-accesscwe-22
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-4790 — Cross-Site Scripting (XSS)

CVE-2026-4790 — The Premium Addons for Elementor – Powerful Elementor Templates & Widgets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'custom_svg'...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /5.4 /⚑ 2 IOCs /⚙ 3 Sigma

Paid Memberships Pro Plugin: Stripe Webhook Vulnerability CVE-2026-4100

CVE-2026-4100 — The Paid Memberships Pro plugin for WordPress is vulnerable to unauthorized modification and disruption of Stripe webhook configuration in all versions up to,...

vulnerabilityCVEhigh-severitycwe-862
/SCW Vulnerability Desk /HIGH /7.1 /⚑ 3 IOCs /⚙ 4 Sigma

WordPress Geo Mashup Plugin: Unauthenticated SQL Injection via 'object_ids'

CVE-2026-4062 — The Geo Mashup plugin for WordPress is vulnerable to Time-Based SQL Injection via the 'object_ids' and 'exclude_object_ids' parameters in all versions up to,...

vulnerabilityCVEhigh-severitysql-injectioncwe-89
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-4061: Geo Mashup WordPress Plugin SQL Injection

CVE-2026-4061 — The Geo Mashup plugin for WordPress is vulnerable to Time-Based SQL Injection via the 'map_post_type' parameter in all versions up to, and including,...

vulnerabilityCVEhigh-severitysql-injectioncwe-89
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 4 IOCs /⚙ 3 Sigma

WordPress Geo Mashup Plugin SQLi via 'sort' Parameter (CVE-2026-4060)

CVE-2026-4060 — The Geo Mashup plugin for WordPress is vulnerable to Time-Based SQL Injection via the 'sort' parameter in all versions up to, and including,...

vulnerabilityCVEhigh-severitysql-injectioncwe-89
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 5 IOCs /⚙ 3 Sigma

CVE-2026-7627 — 8nite Metatrader-4-Mcp Path Traversal

CVE-2026-7627 — A security vulnerability has been detected in 8nite metatrader-4-mcp 1.0.0. This vulnerability affects the function CallToolRequestSchema of the file src/index.ts of the component...

vulnerabilityCVEmedium-severitypath-traversalcwe-22
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-7612 — SQL Injection

CVE-2026-7612 — A vulnerability was determined in itsourcecode Courier Management System 1.0. Affected is an unknown function of the file /edit_user.php. Executing a manipulation of...

vulnerabilityCVEmedium-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /MEDIUM /4.7 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-7609 — TRENDnet TEW-821DAP Command Injection

CVE-2026-7609 — A flaw has been found in TRENDnet TEW-821DAP up to 1.12B01. The impacted element is the function tools_diagnostic of the file /tmp/diagnostic of...

vulnerabilityCVEmedium-severitycommand-injectioncwe-77cwe-78
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 2 Sigma

Zyosoft School App IOD Vulnerability Exposes Student Data

CVE-2026-7491 — School App developed by Zyosoft has an Insecure Direct Object Reference vulnerability, allowing authenticated remote attackers to modify a specific parameter to read...

vulnerabilityCVEhigh-severitycwe-639
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 2 IOCs /⚙ 3 Sigma

Sunnet CTMS/CPAS Arbitrary File Upload Allows RCE

CVE-2026-7490 — CTMS and CPAS developed by Sunnet has an Arbitrary File Upload vulnerability, allowing privileged remote attackers to upload and execute web shell backdoors,...

vulnerabilityCVEhigh-severitycode-executioncwe-434
/SCW Vulnerability Desk /HIGH /7.2 /⚑ 2 IOCs /⚙ 3 Sigma

Sunnet CTMS SQL Injection (CVE-2026-7489) Exposes Databases

CVE-2026-7489 — CTMS developed by Sunnet has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete...

vulnerabilityCVEhigh-severitysql-injectioncwe-89
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-5077 — Cross-Site Scripting (XSS)

CVE-2026-5077 — The Total theme for WordPress is vulnerable to Stored Cross-Site Scripting via post titles in versions up to, and including, 2.2.1 due to...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /5.4 /⚑ 2 IOCs

CVE-2026-7608 — TRENDnet TEW-821DAP Command Injection

CVE-2026-7608 — A vulnerability was detected in TRENDnet TEW-821DAP up to 1.12B01. The affected element is the function tools_diagnostic. The manipulation results in os command...

vulnerabilityCVEmedium-severitycommand-injectioncwe-77cwe-78
/SCW Vulnerability Desk /MEDIUM /5.5 /⚑ 3 IOCs /⚙ 2 Sigma

Brizy WordPress Plugin CVE-2026-5324: Unauthenticated Stored XSS

CVE-2026-5324 — The Brizy – Page Builder plugin for WordPress is vulnerable to Unauthenticated Stored Cross-Site Scripting in all versions up to, and including, 2.8.11...

vulnerabilityCVEhigh-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /HIGH /7.2 /⚑ 5 IOCs /⚙ 2 Sigma

CVE-2026-4024 — The Royal Addons for Elementor plugin for WordPress is

CVE-2026-4024 — The Royal Addons for Elementor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the...

vulnerabilityCVEmedium-severitycwe-862
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 3 Sigma

ARMember WordPress Plugin Vulnerable to SQL Injection

CVE-2026-7649 — The ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup plugin for WordPress is vulnerable to time-based blind SQL...

vulnerabilityCVEhigh-severitysql-injectioncwe-89
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 4 IOCs /⚙ 3 Sigma

TRENDnet TEW-821DAP Buffer Overflow (CVE-2026-7607) Poses Risk to EOL Devices

CVE-2026-7607 — A security vulnerability has been detected in TRENDnet TEW-821DAP 1.12B01. Impacted is the function auto_update_firmware of the component Firmware Udpate. The manipulation of...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-120
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-6457 — SQL Injection

CVE-2026-6457 — The Geo Mashup plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'geo_mashup_null_fields' parameter in all versions up to, and...

vulnerabilityCVEmedium-severitysql-injectioncwe-89
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-6449 — The Booking for Appointments and Events Calendar – Amelia

CVE-2026-6449 — The Booking for Appointments and Events Calendar – Amelia plugin for WordPress is vulnerable to Improper Authorization in all versions up to, and...

vulnerabilityCVEmedium-severitycwe-285
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-6229: Royal Elementor Addons Plugin Vulnerable to SSRF

CVE-2026-6229 — The Royal Elementor Addons plugin for WordPress is vulnerable to Server-Side Request Forgery in versions up to, and including, 1.7.1057. This is due...

vulnerabilityCVEhigh-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /HIGH /7.2 /⚑ 5 IOCs /⚙ 3 Sigma

CVE-2026-4650 — The FundPress – WordPress Donation Plugin for WordPress is

CVE-2026-4650 — The FundPress – WordPress Donation Plugin for WordPress is vulnerable to authorization bypass in versions up to and including 2.0.8. This is due...

vulnerabilityCVEmedium-severitycwe-862
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-2052: WordPress Plugin RCE Exposes Sites to Contributors

CVE-2026-2052 — The Widget Options – Advanced Conditional Visibility for Gutenberg Blocks & Classic Widgets plugin for WordPress is vulnerable to Remote Code Execution in...

vulnerabilityCVEhigh-severityremote-code-executioncwe-94
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 5 IOCs /⚙ 3 Sigma

CVE-2026-7605 — JeecgBoot Server-Side Request Forgery

CVE-2026-7605 — A security flaw has been discovered in JeecgBoot up to 3.9.1. This vulnerability affects the function CommonController.uploadImgByHttp/HttpFileToMultipartFileUtil.httpFileToMultipartFile/HttpFileToMultipartFileUtil.downloadImageData of the file CommonController.java of the...

vulnerabilityCVEmedium-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 2 IOCs /⚙ 3 Sigma

Trellix Confirms Source Code Breach After Unauthorized Repository Access

Cybersecurity vendor Trellix has confirmed a breach involving unauthorized access to a portion of its source code. The Hacker News reports that Trellix "recently identified"...

threat-intelvulnerabilitydata-breach
/SCW Vulnerability Desk /HIGH /⚑ 2 IOCs /⚙ 3 Sigma

WordPress Profile Builder Pro: Unauthenticated PHP Object Injection Risks Site Takeover

CVE-2026-7647 — The Profile Builder Pro plugin for WordPress is vulnerable to PHP Object Injection in all versions up to and including 3.14.5. This is...

vulnerabilityCVEhigh-severityinsecure-deserializationcwe-502
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 3 IOCs /⚙ 6 Sigma

PixelYourSite Pro Plugin SSRF Vulnerability (CVE-2026-7049)

CVE-2026-7049 — The PixelYourSite Pro – Your smart PIXEL (TAG) Manager plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to,...

vulnerabilityCVEhigh-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /HIGH /7.2 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-6916 — Cross-Site Scripting (XSS)

CVE-2026-6916 — The Jeg Kit for Elementor – Powerful Addons for Elementor, Widgets & Templates for WordPress plugin for WordPress is vulnerable to Stored Cross-Site...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-6812 — Server-Side Request Forgery

CVE-2026-6812 — The Ona theme for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.26 via the ona_activate_child_theme. This...

vulnerabilityCVEmedium-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /MEDIUM /4.4 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-6447 — Cross-Site Scripting (XSS)

CVE-2026-6447 — The Call for Price for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to,...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /4.4 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-5113: Gravity Forms XSS via Flawed Consent Field Validation

CVE-2026-5113 — The Gravity Forms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Consent field hidden inputs in versions up to and including...

vulnerabilityCVEhigh-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /HIGH /7.2 /⚑ 5 IOCs /⚙ 3 Sigma

Gravity Forms Plugin: Unauthenticated Stored XSS Puts WordPress Admins at Risk

CVE-2026-5112 — The Gravity Forms plugin for WordPress is vulnerable to Unauthenticated Stored Cross-Site Scripting in versions up to and including 2.10.0. This is due...

vulnerabilityCVEhigh-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /HIGH /7.2 /⚑ 5 IOCs /⚙ 2 Sigma

CVE-2026-5111: Gravity Forms Plugin Hit by Stored XSS

CVE-2026-5111 — The Gravity Forms plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to and including 2.10.0. This is due to...

vulnerabilityCVEhigh-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /HIGH /7.2 /⚑ 3 IOCs /⚙ 2 Sigma

Gravity Forms Plugin: Unauthenticated Stored XSS in WordPress

CVE-2026-5110 — The Gravity Forms plugin for WordPress is vulnerable to Unauthenticated Stored Cross-Site Scripting in versions up to and including 2.10.0. This is due...

vulnerabilityCVEhigh-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /HIGH /7.2 /⚑ 5 IOCs /⚙ 3 Sigma

Gravity Forms Plugin Stored XSS: Unauthenticated Attackers Inject Scripts

CVE-2026-5109 — The Gravity Forms plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to and including 2.10.0. This is due to...

vulnerabilityCVEhigh-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /HIGH /7.2 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-7641: WordPress Multisite Privilege Escalation Via Plugin

CVE-2026-7641 — The Import and export users and customers plugin for WordPress is vulnerable to Privilege Escalation in all versions up to and including 2.0.8...

vulnerabilityCVEhigh-severityprivilege-escalationcwe-269
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-7604 — JeecgBoot Server-Side Request Forgery

CVE-2026-7604 — A vulnerability was identified in JeecgBoot up to 3.9.1. This affects the function OpenApiController.add/OpenApiController.call of the file OpenApiController.java of the component OpenApi Service....

vulnerabilityCVEmedium-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-7603 — Server-Side Request Forgery

CVE-2026-7603 — A vulnerability was determined in JeecgBoot up to 3.9.1. Affected by this issue is the function checkPathTraversalBatch of the file FileDownloadUtils.jav of the...

vulnerabilityCVEmedium-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-7458: WordPress Plugin Auth Bypass Exposes Admins

CVE-2026-7458 — The User Verification by PickPlugins plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 2.0.46. This is...

vulnerabilityCVEcriticalhigh-severityauthentication-bypasscwe-288
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 4 IOCs /⚙ 2 Sigma

CVE-2026-6963: WordPress WP Mail Gateway Plugin Allows Privilege Escalation

CVE-2026-6963 — The WP Mail Gateway plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the wmg_save_provider_config AJAX action...

vulnerabilityCVEhigh-severityprivilege-escalationcwe-862
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-6446 — The My Social Feeds – Social Feeds Embedder plugin for

CVE-2026-6446 — The My Social Feeds – Social Feeds Embedder plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to and...

vulnerabilityCVEmedium-severitycwe-522
/SCW Vulnerability Desk /MEDIUM /5.4 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-4882: WordPress Plugin Arbitrary File Upload Critical Flaw

CVE-2026-4882 — The User Registration Advanced Fields plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'URAF_AJAX::method_upload'...

vulnerabilityCVEcriticalhigh-severityremote-code-executioncwe-434
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-4658 — Cross-Site Scripting (XSS)

CVE-2026-4658 — The Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the className,...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2025-14726 — The Widgets for Social Photo Feed plugin for WordPress is

CVE-2025-14726 — The Widgets for Social Photo Feed plugin for WordPress is vulnerable to unauthorized access of data and modification of data due to a...

vulnerabilityCVEmedium-severitycwe-200
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-7638 — The App Builder – Create Native Android & iOS Apps On The

CVE-2026-7638 — The App Builder – Create Native Android & iOS Apps On The Flight plugin for WordPress is vulnerable to Insecure Direct Object Reference...

vulnerabilityCVEmedium-severitycwe-639
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-7602 — JeecgBoot Vulnerability

CVE-2026-7602 — A vulnerability was found in JeecgBoot up to 3.9.1. Affected by this vulnerability is an unknown functionality of the file /sys/fillRule/edit of the...

vulnerabilityCVEmedium-severitycwe-266cwe-285
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-7209 — Cross-Site Scripting (XSS)

CVE-2026-7209 — The Simple Link Directory plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's `qcopd-directory` shortcode in all versions up to,...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-6378 — Cross-Site Scripting (XSS)

CVE-2026-6378 — The Maxi Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `/wp-json/maxi-blocks/v1.0/style-card` REST API endpoint in all versions up to,...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-7601 — Open5GS Denial of Service

CVE-2026-7601 — A vulnerability has been found in Open5GS up to 2.7.6. Affected is an unknown function of the file src/amf/gmm-handler.c of the component AMF....

vulnerabilityCVEmedium-severitydenial-of-servicecwe-404
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 1 Sigma

Argo CD CVE-2026-43824: Critical Kubernetes Secret Disclosure

CVE-2026-43824 — In Argo CD 3.2.0 before 3.2.11 and 3.3.0 before 3.3.9, ServerSideDiff allows reading cleartext Kubernetes Secret data.

vulnerabilityCVEhigh-severitycwe-212
/SCW Vulnerability Desk /HIGH /7.7 /⚑ 4 IOCs /⚙ 2 Sigma

CVE-2026-7600 — ArtMin96 Yii2-Mcp-Server Command Injection

CVE-2026-7600 — A flaw has been found in ArtMin96 yii2-mcp-server 1.0.2. This impacts the function yii_command_help/yii_execute_command of the file src/index.ts of the component MCP Interface....

vulnerabilityCVEmedium-severitycommand-injectioncwe-77cwe-78
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7599 — Dayoooun Hwpx-Mcp Path Traversal

CVE-2026-7599 — A vulnerability was detected in Dayoooun hwpx-mcp 0.2.0. This affects the function save_document/export_to_text/export_to_html of the file mcp-server/src/index.ts of the component MCP Interface. Performing...

vulnerabilityCVEmedium-severitypath-traversalcwe-22
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 2 IOCs /⚙ 3 Sigma

libssh2 Integer Overflow (CVE-2026-7598) Exposes Remote Attack Vector

CVE-2026-7598 — A security vulnerability has been detected in libssh2 up to 1.11.1. The impacted element is the function userauth_password of the file src/userauth.c. Such...

vulnerabilityCVEhigh-severityinteger-overflowcwe-189cwe-190
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 4 IOCs /⚙ 1 Sigma

CVE-2026-7597 — Mem0ai Mem0 Insecure Deserialization

CVE-2026-7597 — A vulnerability was found in mem0ai mem0 up to 1.0.11. This affects the function pickle.load/pickle.dump of the file mem0/vector_stores/faiss.py. Performing a manipulation results...

vulnerabilityCVEmedium-severityinsecure-deserializationcwe-20cwe-502
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7596 — Nextlevelbuilder Ui-Ux-Pro-Max-Skill Vulnerability

CVE-2026-7596 — A vulnerability has been found in nextlevelbuilder ui-ux-pro-max-skill up to 2.5.0. Affected by this issue is the function data.get of the file .claude/skills/design-system/scripts/generate-slide.py...

vulnerabilityCVEmedium-severitycwe-79cwe-94
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7595 — Nextlevelbuilder Ui-Ux-Pro-Max-Skill Vulnerability

CVE-2026-7595 — A flaw has been found in nextlevelbuilder ui-ux-pro-max-skill up to 2.5.0. Affected by this vulnerability is the function _format_plugins of the file .claude/skills/ui-styling/scripts/tailwind_config_gen.py...

vulnerabilityCVEmedium-severitycwe-74cwe-94
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 7 Sigma

CVE-2026-7594: Flux159 mcp-game-asset-gen Path Traversal Exploitable Remotely

CVE-2026-7594 — A vulnerability was detected in Flux159 mcp-game-asset-gen 0.1.0. Affected is the function image_to_3d_async of the file src/index.ts of the component MCP Interface. The...

vulnerabilityCVEhigh-severitypath-traversalcwe-22
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 1 IOC /⚙ 3 Sigma

CVE-2026-7593: Sunwood-ai-labs Command-Executor OS Command Injection

CVE-2026-7593 — A security vulnerability has been detected in Sunwood-ai-labs command-executor-mcp-server up to 0.1.0. This impacts the function execute_command of the file src/index.ts of the...

vulnerabilityCVEhigh-severitycommand-injectioncwe-77cwe-78
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 5 Sigma

itsourcecode Courier Management System SQLi (CVE-2026-7592) Publicly Exploitable

CVE-2026-7592 — A weakness has been identified in itsourcecode Courier Management System 1.0. This affects an unknown function of the file /edit_staff.php. Executing a manipulation...

vulnerabilityCVEhigh-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7591 — TimBroddin Astro-Mcp-Server SQL Injection

CVE-2026-7591 — A security flaw has been discovered in TimBroddin astro-mcp-server up to 1.1.1. The impacted element is an unknown function of the file src/index.ts...

vulnerabilityCVEmedium-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-7590: OS Command Injection in eyal-gor p_69_branch_monkey_mcp

CVE-2026-7590 — A vulnerability was identified in eyal-gor p_69_branch_monkey_mcp up to 69bc71874ce40050ef45fde5a435855f18af3373. The affected element is an unknown function of the file branch_monkey_mcp/bridge_and_local_actions/routes/advanced.py of the...

vulnerabilityCVEhigh-severitycommand-injectioncwe-77cwe-78
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-7589 — Path Traversal

CVE-2026-7589 — A vulnerability was determined in ghantakiran splunk-mcp-integration up to 0b86b09d5e5adf0433acd43c975951224613a1a6. Impacted is the function create_csv_export of the file services/csv-export-service/app/api/v1/endpoints/csv_export.py of the component CSV...

vulnerabilityCVEmedium-severitypath-traversalcwe-22
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2025-52347: PassMark Drivers Expose Kernel to Privilege Escalation

CVE-2025-52347 — An issue in the component DirectIo64.sys of PassMark BurnInTest v11.0 Build 1011, OSForensics v11.1 Build 1007, and PerformanceTest v11.1 Build 1004 allows attackers...

vulnerabilityCVEhigh-severitycwe-20cwe-269
/SCW Vulnerability Desk /HIGH /7.8 /⚑ 5 IOCs /⚙ 2 Sigma

CVE-2026-7588 — Ggerve Coding-Standards-Mcp Path Traversal

CVE-2026-7588 — A vulnerability was found in ggerve coding-standards-mcp. This issue affects the function get_style_guide/get_best_practices of the file server.py. The manipulation of the argument Language...

vulnerabilityCVEmedium-severitypath-traversalcwe-22
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-35233 — Denial of Service

CVE-2026-35233 — An unprivileged attacker can craft a user-space process with a malicious ELF binary containing an out-of-range sh_link field. When root-level dtrace attaches to...

vulnerabilityCVEmedium-severitydenial-of-service
/SCW Vulnerability Desk /MEDIUM /4.4 /⚑ 1 IOC /⚙ 3 Sigma

Facebook Accounts Hacked via Google AppSheet Phishing Campaign

A Vietnamese-linked operation, dubbed "AccountDumpling" by Guardio, has compromised approximately 30,000 Facebook accounts. The Hacker News reports that attackers are leveraging Google AppSheet as a...

threat-intelvulnerabilityphishing
/SCW Vulnerability Desk /MEDIUM /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7587 — Open5GS Denial of Service

CVE-2026-7587 — A vulnerability has been found in Open5GS up to 2.7.7. This vulnerability affects the function amf_nsmf_pdusession_handle_update_sm_context of the file /src/amf/nsmf-handler.c of the component...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-404
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs

OVMS3 CVE-2026-37541: Critical Buffer Overflow Exposes EV Systems

CVE-2026-37541 — Buffer overflow vulnerability in Open Vehicle Monitoring System 3 (OVMS3) 3.3.005. In canformat_gvret.cpp, the length field in GVRET binary data is not properly...

vulnerabilityCVEcriticalhigh-severitybuffer-overflow
/SCW Vulnerability Desk /CRITICAL /10 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-37540: OpenAMP ELF Loader Integer Overflow Exposes Embedded Systems

CVE-2026-37540 — OpenAMP v2025.10.0 ELF loader contains an integer overflow vulnerability in firmware image parsing. In elf_loader.c, it performs multiplication of two attacker-controlled 16-bit values...

vulnerabilityCVEhigh-severityinteger-overflow
/SCW Vulnerability Desk /HIGH /8.4 /⚑ 4 IOCs /⚙ 2 Sigma

CVE-2026-37539: Critical Buffer Overflow in Cannelloni CAN FD Parsing

CVE-2026-37539 — Buffer overflow vulnerability in cannelloni v2.0.0 in CAN frame parsing in parser.cpp in function parseCANFrame, and decoder.cpp in function decodeFrame allowing remote attackers...

vulnerabilityCVEcriticalhigh-severitybuffer-overflow
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-37537: Integer Underflow in Open-SAE-J1939 Leads to Out-of-Bounds Write

CVE-2026-37537 — collin80/Open-SAE-J1939 thru commit 744024d4306bc387857dfce439558336806acb06 (2023-03-08) contains an integer underflow leading to out-of-bounds write in Transport Protocol Data Transfer handling. At line 23: uint8_t...

vulnerabilityCVEhigh-severityout-of-bounds-1
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-37536: Stack Buffer Overflow in miaofng/uds-c

CVE-2026-37536 — miaofng/uds-c commit e506334e270d77b20c0bc259ac6c7d8c9b702b7a (2016-10-05) contains a stack buffer overflow in send_diagnostic_request. A 6-byte stack buffer (MAX_DIAGNOSTIC_PAYLOAD_SIZE=6) receives memcpy at offset 1+pid_length with payload_length...

vulnerabilityCVEhigh-severitybuffer-overflow
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 2 Sigma

openxc/isotp-c Out-of-Bounds Read: DoS and Info Leak via Malicious CAN Frame

CVE-2026-37535 — openxc/isotp-c thru commit 5a5d19245f65189202719321facd49ce6f5d46ac (2021-08-09) contains an out-of-bounds read in the ISO-TP Single Frame receive handler, where the 4-bit payload length nibble is...

vulnerabilityCVEhigh-severitydenial-of-service
/SCW Vulnerability Desk /HIGH /7.1 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-37532: Heap Over-Read in AGL agl-service-can-low-level

CVE-2026-37532 — AGL agl-service-can-low-level thru 17.1.12 contains a heap buffer over-read in the isotp-c library. In isotp_continue_receive (receive.c:87-89), the payload_length for a Single Frame is...

vulnerabilityCVEhigh-severity
/SCW Vulnerability Desk /HIGH /7.1 /⚑ 3 IOCs /⚙ 2 Sigma

AGL app-framework-main Critical Zip Slip + TOCTOU Vulnerability (CVE-2026-37531)

CVE-2026-37531 — AGL app-framework-main thru 17.1.12 contains a Zip Slip path traversal vulnerability (CWE-22) combined with a TOCTOU race condition (CWE-367) in the widget installation...

vulnerabilityCVEcriticalhigh-severitypath-traversal
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 3 IOCs /⚙ 3 Sigma

AGL app-framework-binder CVE-2026-37526 Allows Local Privilege Escalation

CVE-2026-37526 — AGL app-framework-binder (afb-daemon) through v19.90.0 allows any local process to execute privileged supervision commands (Exit, Do, Sclose, Config, Trace, Debug, Token, slist) without...

vulnerabilityCVEhigh-severitydenial-of-service
/SCW Vulnerability Desk /HIGH /7.8 /⚑ 5 IOCs /⚙ 3 Sigma

AGL app-framework-binder Privilege Escalation (CVE-2026-37525)

CVE-2026-37525 — AGL app-framework-binder (afb-daemon) through v19.90.0 contains a privilege escalation vulnerability in the supervision Do command. The on_supervision_call function in src/afb-supervision.c explicitly nullifies the...

vulnerabilityCVEhigh-severityprivilege-escalation
/SCW Vulnerability Desk /HIGH /7.8 /⚑ 4 IOCs /⚙ 2 Sigma

CVE-2026-7586 — Denial of Service

CVE-2026-7586 — A weakness has been identified in Open5GS up to 2.7.7. Affected is the function ogs_id_get_value of the file /src/amf/nudm-handler.c of the component AMF....

vulnerabilityCVEmedium-severitydenial-of-servicecwe-404
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs

CVE-2026-7585 — Denial of Service

CVE-2026-7585 — A vulnerability was determined in Open5GS up to 2.7.7. The impacted element is the function amf_nudm_sdm_handle_provisioned of the file /src/amf/nudm-handler.c of the component...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-404
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 2 Sigma

Vanetza V2X Vulnerability: CVE-2026-37554 Allows Remote DoS

CVE-2026-37554 — An issue was discovered in Vanetza V2X v26.02 allowing remote unauthorized attackers to cause a denial of service. The vulnerability exists in the...

vulnerabilityCVEhigh-severitydenial-of-service
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 5 IOCs /⚙ 3 Sigma

CVE-2026-37552: MixPHP Framework Unsafe Deserialization Exposes Servers to RCE

CVE-2026-37552 — Unsafe deserialization vulnerability in MixPHP Framework 2.x thru 2.2.17. The sync-invoke TCP server (Server.php:87) receives data from a TCP socket, passes it directly...

vulnerabilityCVEhigh-severitycode-execution
/SCW Vulnerability Desk /HIGH /8.4 /⚑ 3 IOCs

CVE-2026-37505 — SQL Injection

CVE-2026-37505 — SQL Injection via ORDER BY clause in V2Board thru 1.7.4. In app/Http/Controllers/Admin/UserController.php, the sort parameter from user input is passed directly to User::orderBy($sort,...

vulnerabilityCVEmedium-severitysql-injection
/SCW Vulnerability Desk /MEDIUM /4.9 /⚑ 1 IOC /⚙ 2 Sigma

CVE-2026-37504 — Sensitive server_token exposed via GET parameter in V2Board

CVE-2026-37504 — Sensitive server_token exposed via GET parameter in V2Board thru 1.7.4. In app/Http/Controllers/Server/UniProxyController.php, the server authentication token is accepted via GET parameter transmission. The...

vulnerabilityCVEmedium-severity
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 1 IOC /⚙ 3 Sigma

CVE-2026-37503 — Cross-Site Scripting (XSS)

CVE-2026-37503 — Cross-Site Scripting (XSS) in V2Board thru 1.7.4. The custom_html field in theme configuration is rendered using Blade unescaped output in public/theme/v2board/dashboard.blade.php. An admin...

vulnerabilityCVEmedium-severitycross-site-scripting-xss
/SCW Vulnerability Desk /MEDIUM /6.9 /⚑ 1 IOC /⚙ 3 Sigma

CVE-2026-7583 — Open5GS Denial of Service

CVE-2026-7583 — A flaw has been found in Open5GS up to 2.7.7. This issue affects the function bsf_sess_find_by_ipv6prefix of the file /src/bsf/context.c of the component...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-404
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-43507 — Prosody Denial of Service

CVE-2026-43507 — An issue was discovered in Prosody before 0.12.6 and 1.0.0 through 13.0.0 before 13.0.5. A Denial of Service can occur via memory exhaustion...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-770
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 1 Sigma

CVE-2026-43506 — Prosody Denial of Service

CVE-2026-43506 — An issue was discovered in Prosody before 0.12.6 and 1.0.0 through 13.0.0 before 13.0.5. A Denial of Service can occur via memory exhaustion...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-401
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-43505 — Prosody Vulnerability

CVE-2026-43505 — An issue was discovered in Prosody before 0.12.6 and 1.0.0 through 13.0.0 before 13.0.5, when mod_proxy65 is enabled. Because mod_proxy65 mishandles access control...

vulnerabilityCVEmedium-severitycwe-420
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-43504 — Prosody Vulnerability

CVE-2026-43504 — An issue was discovered in Prosody before 0.12.6 and 1.0.0 through 13.0.0 before 13.0.5, when mod_proxy65 is enabled. Because mod_proxy65 mishandles access control...

vulnerabilityCVEmedium-severitycwe-863
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 2 Sigma

Scattered Spider Arrest, OFAC Hits Iran Crypto, NSA Tool Vulnerability

SecurityWeek reports several critical developments that defenders should track. The arrest of a Scattered Spider hacker is a significant win, but this group remains a...

threat-intelvulnerabilitydata-breachmicrosofttools
/SCW Vulnerability Desk /HIGH /⚑ 1 IOC

cPanel Critical Vulnerability CVE-2026-41940 Demands Immediate Patching

Cyber News - Erez Dasa reports a critical vulnerability, CVE-2026-41940, impacting cPanel web hosting management systems. Rated with a CVSS score of 9.8, this flaw...

israelvulnerability
/SCW Vulnerability Desk /MEDIUM /⚑ 1 IOC /⚙ 3 Sigma

Cordial Spider, Snarky Spider Leverage Vishing and SSO Abuse in SaaS Extortion

Cybersecurity researchers are sounding the alarm on two cybercrime groups, Cordial Spider (also known as BlackFile, CL-CRI-1116, O-UNC-045, and UNC6671) and Snarky Spider (O-UNC-025 and...

threat-intelvulnerabilityidentitythe-hacker-news
/SCW Vulnerability Desk /MEDIUM /⚑ 3 IOCs

CVE-2026-7582 — AcademySoftwareFoundation OpenImageIO Out-of-Bounds $1

CVE-2026-7582 — A vulnerability was detected in AcademySoftwareFoundation OpenImageIO up to 3.2.0.1-dev. This vulnerability affects unknown code of the file src/dds.imageio/ddsinput.cpp of the component DDS...

vulnerabilityCVEmedium-severityout-of-bounds-1cwe-119cwe-787
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-3143 — The Total Upkeep – WordPress Backup Plugin plus Restore &

CVE-2026-3143 — The Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid plugin for WordPress is vulnerable to unauthorized modification of data...

vulnerabilityCVEmedium-severitycwe-862
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 2 Sigma

China-Linked SHADOW-EARTH-053 Targets Asian Governments, NATO State

The Hacker News reports a new China-aligned espionage campaign, attributed by Trend Micro to a group it tracks as SHADOW-EARTH-053. This campaign specifically targets government...

threat-intelvulnerability
/SCW Vulnerability Desk /MEDIUM /⚑ 5 IOCs /⚙ 3 Sigma

UK Cyber Agency Warns of AI-Accelerated 'Patch Wave' Threat

The UK's National Cyber Security Centre (NCSC) is sounding the alarm on a looming 'patch wave,' according to The Record by Recorded Future. They predict...

threat-inteldata-breachgovernmentvulnerabilitycloudai-security
/SCW Vulnerability Desk /HIGH /⚑ 1 IOC

CVE-2026-7581 — Alexta69 MeTube Vulnerability

CVE-2026-7581 — A security vulnerability has been detected in alexta69 MeTube up to 2026.04.09. This affects the function on_prepare of the file app/main.py of the...

vulnerabilityCVEmedium-severitycwe-346cwe-942
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-7580 — Exiftool Vulnerability

CVE-2026-7580 — A vulnerability was detected in Exiftool up to 13.53. Impacted is the function Process_mrld of the file lib/Image/ExifTool/GM.pm of the component JPEG/QuickTime/MOV/MP4. The...

vulnerabilityCVEmedium-severitycwe-74cwe-94
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7579: AstrBotDevs AstrBot Hard-Coded Credential Vulnerability

CVE-2026-7579 — A security vulnerability has been detected in AstrBotDevs AstrBot up to 4.16.0. This issue affects some unknown processing of the file astrbot/dashboard/routes/auth.py of...

vulnerabilityCVEhigh-severitycwe-259cwe-798
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs

CVE-2026-3772: WP Editor Plugin CSRF Allows Remote Code Execution

CVE-2026-3772 — The WP Editor plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2.9.2. This is due...

vulnerabilityCVEhigh-severitycwe-352
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-3140 — The Ultimate Dashboard plugin for WordPress is vulnerable

CVE-2026-3140 — The Ultimate Dashboard plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.8.14. This is due...

vulnerabilityCVEmedium-severitycwe-352
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-7578 — The Function Install Of The File /Admi.Php/Admin/Addon/Add.H Unrestricted File Upload

CVE-2026-7578 — A weakness has been identified in MacCMS Pro up to 2022.1.3. This vulnerability affects the function install of the file /admi.php/admin/addon/add.html of the...

vulnerabilityCVEmedium-severityunrestricted-file-uploadcwe-284cwe-434
/SCW Vulnerability Desk /MEDIUM /4.7 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-42779: Apache MINA Deserialization Flaw Allows Remote Code Execution

CVE-2026-42779 — The fix for CVE-2026-41635 was not applied to the 2.1.X and 2.2.X branches. Here was the original issue description: Apache MINA's AbstractIoBuffer.resolveClass() contains...

vulnerabilityCVEcriticalhigh-severitycwe-502
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 4 IOCs /⚙ 4 Sigma

Apache MINA Deserialization Vulnerability (CVE-2026-42778) Hits Critical

CVE-2026-42778 — The fix for CVE-2026-41409 was not applied to the 2.1.X and 2.2.X branches. Here was the original issue description: The fix for CVE-2024-52046...

vulnerabilityCVEcriticalhigh-severitycwe-502
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 4 IOCs /⚙ 6 Sigma

CVE-2026-42404 — Apache Neethi does not impose any restrictions on URIs when

CVE-2026-42404 — Apache Neethi does not impose any restrictions on URIs when manually fetching remote policy references through the PolicyReference API. When an application explicitly...

vulnerabilityCVEmedium-severitycwe-918
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 3 Sigma

MSPs Struggle to Convert Cybersecurity Expertise into Revenue

The managed security services market is poised for significant growth, with projections from The Hacker News indicating a jump from $38.31 billion in 2025 to...

threat-intelvulnerabilitythe-hacker-news
/SCW Vulnerability Desk /MEDIUM

Cisco Releases Open Source AI Model Provenance Tool

Cisco has released an open-source tool designed to address critical risks in artificial intelligence (AI) models, according to SecurityWeek. This new kit focuses on establishing...

threat-intelvulnerabilityai-securitytools
/SCW Vulnerability Desk /HIGH

CVE-2026-7567: WordPress Temporary Login Plugin Critical Auth Bypass

CVE-2026-7567 — The Temporary Login plugin for WordPress is vulnerable to Authentication Bypass in versions up to and including 1.0.0. This is due to improper...

vulnerabilityCVEcriticalhigh-severityauthentication-bypasscwe-288
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 4 IOCs /⚙ 3 Sigma

Poisoned Ruby Gems and Go Modules Hijack CI/CD Pipelines for Credential Theft

A new software supply chain attack campaign is actively leveraging 'sleeper packages' to compromise CI/CD pipelines. The Hacker News reports that these packages serve as...

threat-intelvulnerabilityidentitytools
/SCW Vulnerability Desk /MEDIUM /⚑ 5 IOCs /⚙ 4 Sigma

OpenStack Ironic Python Agent Vulnerability CVE-2026-43003 Allows Code Execution

CVE-2026-43003 — An issue was discovered in OpenStack ironic-python-agent 1.0.0 through 11.5.0. Ironic Python Agent (IPA) sometimes executes grub-install from within a chroot of the...

vulnerabilityCVEhigh-severitycode-executioncwe-829
/SCW Vulnerability Desk /HIGH /8 /⚑ 3 IOCs /⚙ 2 Sigma

OpenStack Keystone CVE-2026-43001 Allows Cross-Project Lateral Movement

CVE-2026-43001 — An issue was discovered in OpenStack Keystone 13 through 29. POST /v3/credentials did not validate that the caller-supplied project_id for an EC2-type credential...

vulnerabilityCVEhigh-severitycwe-863
/SCW Vulnerability Desk /HIGH /7.9 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-42403: Apache Neethi DoS Vulnerability via Circular References

CVE-2026-42403 — Apache Neethi does not properly detect circular references in policy definitions. When a WS-Policy document contains circular policy references (where Policy A references...

vulnerabilityCVEhigh-severitydenial-of-servicecwe-400
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 1 IOC /⚙ 2 Sigma

CVE-2026-42402: Apache Neethi DoS via Policy Normalization

CVE-2026-42402 — Apache Neethi is vulnerable to a Denial of Service attack through algorithmic complexity in policy normalization. Specially crafted WS-Policy documents can trigger an...

vulnerabilityCVEhigh-severitydenial-of-servicecwe-400
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 5 IOCs /⚙ 2 Sigma

CVE-2026-40201 — Cross-Site Scripting (XSS)

CVE-2026-40201 — @diplodoc/search-extension 1.0.0 through 3.x before 3.0.3 allows stored XSS via the title in a .md file.

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /5.4 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-7584: LabOne Q Deserialization Leads to Arbitrary Code Execution

CVE-2026-7584 — The LabOne Q serialization framework uses a class-loading mechanism (import_cls) to dynamically import and instantiate Python classes during deserialization. Prior to the fix,...

vulnerabilityCVEhigh-severitycode-executioncwe-502
/SCW Vulnerability Desk /HIGH /7.8 /⚑ 3 IOCs /⚙ 3 Sigma

Supply Chain Attack Hits SAP, Lightning, Intercom Users

A recent supply chain attack, dubbed "Mini Shai-Hulud" by SecurityWeek, has impacted approximately 1,800 organizations. The attack leveraged compromised versions of the popular Lightning and...

threat-intelvulnerability
/SCW Vulnerability Desk /MEDIUM /⚑ 3 IOCs /⚙ 3 Sigma

itsourcecode Electronic Judging System 1.0 SQL Injection (CVE-2026-7555)

CVE-2026-7555 — A vulnerability was identified in itsourcecode Electronic Judging System 1.0. This affects an unknown part of the file /intrams/login.php. Such manipulation of the...

vulnerabilityCVEhigh-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-7554 — A vulnerability was determined in D-Link M60 up to 1.20B02.

CVE-2026-7554 — A vulnerability was determined in D-Link M60 up to 1.20B02. Affected by this issue is some unknown functionality of the file /usr/bin/httpd. This...

vulnerabilityCVEmedium-severitycwe-640
/SCW Vulnerability Desk /MEDIUM /5.6 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-6127 — Cross-Site Scripting (XSS)

CVE-2026-6127 — The Elementor Website Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the _elementor_data meta field in versions up to, and...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2024-13362 — Cross-Site Scripting (XSS)

CVE-2024-13362 — Multiple plugins and/or themes for WordPress are vulnerable to Reflected Cross-Site Scripting via the url parameter in various versions due to insufficient input...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.1 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-7553 — Code-Projects Gym Management System SQL Injection

CVE-2026-7553 — A vulnerability was found in code-projects Gym Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/edit_exercises.php. The...

vulnerabilityCVEmedium-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /MEDIUM /4.7 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-7550: Remote SQLi Hits Pharmacy Sales and Inventory System

CVE-2026-7550 — A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected is an unknown function of the file /ajax.php?action=save_customer. The...

vulnerabilityCVEhigh-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7549: SourceCodester Pharmacy System SQLi Vulnerability

CVE-2026-7549 — A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. This impacts an unknown function of the file /ajax.php?action=delete_customer. Executing...

vulnerabilityCVEhigh-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 3 Sigma

Totolink NR1800X Command Injection (CVE-2026-7548) Publicly Exploitable

CVE-2026-7548 — A vulnerability was detected in Totolink NR1800X 9.1.0u.6279_B20210910. This affects the function sub_41A68C of the file /cgi-bin/cstecgi.cgi. Performing a manipulation of the argument...

vulnerabilityCVEhigh-severitycommand-injectioncwe-74cwe-77
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-7546: Critical Stack Buffer Overflow in Totolink NR1800X

CVE-2026-7546 — A security vulnerability has been detected in Totolink NR1800X 9.1.0u.6279_B20210910. The impacted element is the function find_host_ip of the component lighttpd. Such manipulation...

vulnerabilityCVEcriticalhigh-severitybuffer-overflowcwe-119cwe-121
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 5 IOCs /⚙ 2 Sigma

CVE-2026-7545: SourceCodester School Management SQLi Exposes Data

CVE-2026-7545 — A weakness has been identified in SourceCodester Advanced School Management System 1.0. The affected element is an unknown function of the file commonController.php...

vulnerabilityCVEhigh-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 2 Sigma

Totolink A8000RU Critical OS Command Injection (CVE-2026-7538)

CVE-2026-7538 — A vulnerability was identified in Totolink A8000RU 7.1cu.643_b20200521. This issue affects the function Vulnerability of the file /cgi-bin/cstecgi.cgi of the component CGI Handler....

vulnerabilityCVEcriticalhigh-severitycommand-injectioncwe-77cwe-78
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 4 IOCs /⚙ 5 Sigma

CVE-2026-7536 — The Function Bsf_sess_add_by_ip_address Of The File /Nbsf-Ma Denial of Service

CVE-2026-7536 — A vulnerability was determined in Open5GS up to 2.7.7. This vulnerability affects the function bsf_sess_add_by_ip_address of the file /nbsf-management/v1/pcfBindings of the component BSF....

vulnerabilityCVEmedium-severitydenial-of-servicecwe-404
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 1 Sigma

CVE-2026-7535 — Open5GS Denial of Service

CVE-2026-7535 — A vulnerability was found in Open5GS up to 2.7.7. This affects the function amf_namf_comm_handle_registration_status_update_request in the library /lib/app/ogs-init.c of the file /namf-comm/v1/ue-contexts/{ueContextId}/transfer-update. Performing...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-404
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 3 Sigma

Fujian Apex LiveBOS Path Traversal (CVE-2026-7519) Exposes Systems Remotely

CVE-2026-7519 — A vulnerability has been found in Fujian Apex LiveBOS up to 2.0. Impacted is an unknown function of the file /feed/UploadImage.do of the...

vulnerabilityCVEhigh-severitypath-traversalcwe-22
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-7518 — Open5GS Denial of Service

CVE-2026-7518 — A flaw has been found in Open5GS up to 2.7.7. This issue affects the function amf_namf_callback_handle_sdm_data_change_notify of the file /namf-callback/v1/{id}/sdmsubscription-notify of the component...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-404
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 1 Sigma

UTT HiPER 1200GW Buffer Overflow (CVE-2026-7513) Exposes Remote Control

CVE-2026-7513 — A vulnerability has been found in UTT HiPER 1200GW up to 2.5.3-170306. The impacted element is the function strcpy of the file /goform/formRemoteControl....

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-120
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 2 IOCs /⚙ 1 Sigma

UTT HiPER 1200GW Buffer Overflow (CVE-2026-7512) Poses Remote Risk

CVE-2026-7512 — A flaw has been found in UTT HiPER 1200GW up to 2.5.3-1703. The affected element is the function strcpy of the file /goform/formUser....

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-120
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 2 IOCs /⚙ 2 Sigma

Wireshark Path Traversal (CVE-2026-5656) Allows RCE

CVE-2026-5656 — Profile import path traversal in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service and possible code execution

vulnerabilityCVEhigh-severitycode-executioncwe-22
/SCW Vulnerability Desk /HIGH /7 /⚑ 4 IOCs /⚙ 3 Sigma

Wireshark RDP Dissector Crash (CVE-2026-5405) Allows DoS, Potential RCE

CVE-2026-5405 — RDP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service and possible code execution

vulnerabilityCVEhigh-severitycode-executioncwe-122
/SCW Vulnerability Desk /HIGH /7.8 /⚑ 4 IOCs /⚙ 2 Sigma

Wireshark CVE-2026-5403: SBC Codec Crash Allows DoS and RCE

CVE-2026-5403 — SBC codec crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service and possible code execution

vulnerabilityCVEhigh-severitycode-executioncwe-122
/SCW Vulnerability Desk /HIGH /7.8 /⚑ 5 IOCs /⚙ 2 Sigma

CVE-2026-22726 — Route Services can be leveraged to send app traffic to

CVE-2026-22726 — Route Services can be leveraged to send app traffic to network destinations outside of an app's configured egress rules. As a result, a...

vulnerabilityCVEmedium-severitycwe-923
/SCW Vulnerability Desk /MEDIUM /5 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-7510 — A vulnerability was determined in OWAP DefectDojo up to

CVE-2026-7510 — A vulnerability was determined in OWAP DefectDojo up to 2.55.4. Affected by this vulnerability is an unknown functionality of the component Benchmark/Engagement/Product/Survey. Executing...

vulnerabilityCVEmedium-severitycwe-285cwe-639
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7508 — Bootstrap CMS 0.9.0-Alpha Vulnerability

CVE-2026-7508 — A vulnerability was found in Bootstrap CMS 0.9.0-alpha. Affected is an unknown function of the file resources/views/pages/show.blade.php of the component Page Creation Handler....

vulnerabilityCVEmedium-severitycwe-74cwe-94
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 2 Sigma

SourceCodester Hotel Management System SQLi (CVE-2026-7506) Publicly Disclosed

CVE-2026-7506 — A vulnerability has been found in SourceCodester Hotel Management System 1.0. This impacts an unknown function of the file /index.php/reservation/check. Such manipulation of...

vulnerabilityCVEhigh-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 1 IOC /⚙ 3 Sigma

nextlevelbuilder GoClaw RPC Handler Flaw Allows Remote Improper Authorization

CVE-2026-7505 — A flaw has been found in nextlevelbuilder GoClaw and GoClaw Lite up to 3.8.5. This affects an unknown function of the component RPC...

vulnerabilityCVEhigh-severitycwe-266cwe-285
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-7551: HKUDS OpenHarness RCE Flaw Exposes Sensitive Data

CVE-2026-7551 — HKUDS OpenHarness contains a remote code execution vulnerability in the /bridge slash command that allows remote senders accepted by configuration to execute arbitrary...

vulnerabilityCVEhigh-severityremote-code-executioncwe-78
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7503: Remote Buffer Overflow in code-projects Plugin

CVE-2026-7503 — A vulnerability was detected in code-projects for Plugin 4.1.2cu.5137. The impacted element is the function setWiFiMultipleConfig in the library /lib/cste_modules/wireless.so of the file...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-120
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-7502 — LinkStackOrg LinkStack Vulnerability

CVE-2026-7502 — A security vulnerability has been detected in LinkStackOrg LinkStack up to 4.8.6. The affected element is the function saveLink of the file app/Http/Controllers/UserController.php...

vulnerabilityCVEmedium-severitycwe-285cwe-639
/SCW Vulnerability Desk /MEDIUM /5.4 /⚑ 3 IOCs /⚙ 2 Sigma

IBM Langflow Desktop RCE (CVE-2026-6543) Allows Arbitrary Command Execution

CVE-2026-6543 — IBM Langflow Desktop 1.0.0 through 1.8.4 Langflow allows an attacker to execute arbitrary commands with the privileges of the process running Langflow. This...

vulnerabilityCVEhigh-severitycwe-94
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-6542 — IBM Langflow OSS 1.0.0 through 1.8.4 could allow any user

CVE-2026-6542 — IBM Langflow OSS 1.0.0 through 1.8.4 could allow any user to supply a flow_id to read transaction logs and vertex build data belonging...

vulnerabilityCVEmedium-severitycwe-639
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 3 Sigma

IBM Turbonomic Agent CVE-2026-6389: Cluster-Wide Secret Exposure

CVE-2026-6389 — IBM Turbonomic prometurbo agent 8.16.0 through 8.17.6 IBM Turbonomic Application Resource Management grants excessive cluster‑wide permissions, including unrestricted read access to all secrets....

vulnerabilityCVEhigh-severitycwe-269
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-40685 — In Exim before 4.99.2, when JSON lookup is enabled, an

CVE-2026-40685 — In Exim before 4.99.2, when JSON lookup is enabled, an out-of-bounds heap write can occur when a JSON operator encounters malformed JSON in...

vulnerabilityCVEmedium-severitycwe-684
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 1 Sigma

CVE-2026-40684 — In Exim before 4.99.2, on systems using musl libc (not

CVE-2026-40684 — In Exim before 4.99.2, on systems using musl libc (not glibc), an attacker can crash the connection instance when malformed DNS data is...

vulnerabilityCVEmedium-severitycwe-684
/SCW Vulnerability Desk /MEDIUM /5.9 /⚑ 2 IOCs /⚙ 1 Sigma

CVE-2026-3345 — Arbitrary File Access

CVE-2026-3345 — IBM Langflow Desktop <=1.8.4 Langflow could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted...

vulnerabilityCVEmedium-severityarbitrary-file-accesscwe-22
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-2311 — Privilege Escalation

CVE-2026-2311 — IBM i 7.6, 7.5, 7.4, 7.3, and 7.2 s vulnerable to privilege escalation caused by an invalid IBM i Web Administration GUI authorization...

vulnerabilityCVEmedium-severityprivilege-escalationcwe-284
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-1577 — Denial of Service

CVE-2026-1577 — IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 for Linux, UNIX and Windows (includes Db2 Connect Server) could allow an authenticated user to...

vulnerabilityCVEmedium-severitydenial-of-service
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 1 IOC /⚙ 3 Sigma

CVE-2025-36122 — Denial of Service

CVE-2025-36122 — IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UNIX and Windows (includes DB2 Connect Server) could allow an authenticated user...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-770
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2025-14688 — Denial of Service

CVE-2025-14688 — IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.3 for Linux, UNIX and Windows (includes Db2 Connect Server) could allow an authenticated user...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-1284
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 2 Sigma

SSCMS v7.4.0 SQLi: High-Severity Database Compromise Risk

CVE-2026-7435 — SSCMS v7.4.0 contains a SQL injection vulnerability in the stl:sqlContent tag where the queryString attribute is passed directly to database execution without parameterization...

vulnerabilityCVEhigh-severitysql-injectioncwe-89
/SCW Vulnerability Desk /HIGH /7.2 /⚑ 1 IOC /⚙ 3 Sigma

CVE-2026-6539 — The Find Results Panel Handler That Denial of Service

CVE-2026-6539 — Notepad++ 8.9.3 contains a format string injection vulnerability in the Find Results panel handler that allows attackers to cause denial of service and...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-134
/SCW Vulnerability Desk /MEDIUM /4.4 /⚑ 2 IOCs /⚙ 5 Sigma

CVE-2026-4503: IBM Langflow Desktop Exposes User Images via IOR

CVE-2026-4503 — IBM Langflow Desktop 1.0.0 through 1.8.4 Langflow could allow an unauthenticated user to view other users' images due to an indirect object reference...

vulnerabilityCVEhigh-severitycwe-639
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-4502 — Arbitrary File Access

CVE-2026-4502 — IBM Langflow Desktop 1.2.0 through 1.8.4 Langflow could allow an authenticated attacker to traverse directories on the system. An attacker could send a specially...

vulnerabilityCVEmedium-severityarbitrary-file-accesscwe-22
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-3346 — Cross-Site Scripting (XSS)

CVE-2026-3346 — IBM Langflow Desktop 1.6.0 through 1.8.4 Lanflow is vulnerable to stored cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-89
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-3340 — Server-Side Request Forgery

CVE-2026-3340 — IBM Langflow Desktop 1.0.0 through 1.8.4 IBM Langflow is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send...

vulnerabilityCVEmedium-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-28532 — Integer Overflow

CVE-2026-28532 — FRRouting before 10.5.3 contains an integer overflow vulnerability in seven OSPF Traffic Engineering and Segment Routing TLV parser functions where a uint16_t accumulator...

vulnerabilityCVEmedium-severityinteger-overflowcwe-125cwe-190
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 3 IOCs /⚙ 3 Sigma

Hackers Hijack Cargo Worth Millions Through System Compromises

Cyber actors have spent the last two years compromising the systems of freight brokers and carriers, according to the FBI. This allows them to impersonate...

threat-inteldata-breachgovernmentvulnerability
/SCW Vulnerability Desk /HIGH /⚑ 3 IOCs

CVE-2026-7429 — The STL Processing Endpoint That Cross-Site Scripting (XSS)

CVE-2026-7429 — SSCMS v7.4.0 contains a reflected cross-site scripting vulnerability in the STL processing endpoint that allows attackers to execute arbitrary JavaScript by crafting malicious...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /4.6 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-7461: Amazon ECS Agent Vulnerability Allows SYSTEM Privilege Escalation

CVE-2026-7461 — Improper neutralization of inputs used in an OS command in the FSx Windows File Server volume mounting component in Amazon ECS Agent on...

vulnerabilityCVEhigh-severitycwe-78
/SCW Vulnerability Desk /HIGH /7.2 /⚑ 4 IOCs /⚙ 3 Sigma

Chartbrew CVE-2026-40904 Exposes Cross-Project Data in v4.9.0

CVE-2026-40904 — Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create charts. In version...

vulnerabilityCVEhigh-severitycwe-284
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-40603 — Chartbrew is an open-source web application that can

CVE-2026-40603 — Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create charts. In version...

vulnerabilityCVEmedium-severitycwe-284
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 3 Sigma

Chartbrew CVE-2026-40601: Unauthenticated Data Exposure

CVE-2026-40601 — Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create charts. In version...

vulnerabilityCVEhigh-severitycwe-862
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 3 IOCs /⚙ 2 Sigma

Chartbrew CVE-2026-40600: Cross-Project SharePolicy Manipulation

CVE-2026-40600 — Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create charts. In version...

vulnerabilityCVEhigh-severitycwe-639
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 3 IOCs /⚙ 2 Sigma

Chartbrew CVE-2026-40595: Unauthenticated Data Exposure for Hidden Charts

CVE-2026-40595 — Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create charts. In version...

vulnerabilityCVEhigh-severitycwe-284
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-35514 — Chartbrew is an open-source web application that can

CVE-2026-35514 — Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create charts. In version...

vulnerabilityCVEmedium-severitycwe-306
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 6 Sigma

CVE-2026-3833 — Gnutls Information Disclosure

CVE-2026-3833 — A flaw was found in gnutls. This vulnerability occurs because gnutls performs case-sensitive comparisons of `nameConstraints` labels, specifically for `dNSName` (DNS) or `rfc822Name`...

vulnerabilityCVEmedium-severityinformation-disclosurecwe-178
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-36763 — The /Api/Blade-Desk/Notice/Submit Endpoint Of SpringBlade Cross-Site Scripting (XSS)

CVE-2026-36763 — A stored cross-site scripting (XSS) vulnerability in the /api/blade-desk/notice/submit endpoint of SpringBlade v4.8.0 allows attackers to execute arbitrary web scripts or HTML via...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.1 /⚑ 2 IOCs /⚙ 5 Sigma

CVE-2026-36761 — The /Msg/MsgInner/Save Endpoint Of JeeSite Cross-Site Scripting (XSS)

CVE-2026-36761 — A stored cross-site scripting (XSS) vulnerability in the /msg/msgInner/save endpoint of JeeSite v5.15.1 allows attackers to execute arbitrary web scripts or HTML via...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.1 /⚑ 2 IOCs /⚙ 3 Sigma

GnuTLS Vulnerability CVE-2026-33845: Underflow Leads to Remote Exploitation

CVE-2026-33845 — A flaw in GnuTLS DTLS handshake parsing allows malformed fragments with zero length and non-zero offset, leading to an integer underflow during reassembly...

vulnerabilityCVEhigh-severitydenial-of-servicecwe-191
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2025-71284: Critical RCE in Synway SMG Gateway Management Software

CVE-2025-71284 — Synway SMG Gateway Management Software contains an OS command injection vulnerability in the RADIUS configuration endpoint at /en/9-2radius.php where the radius_address POST parameter...

vulnerabilityCVEcriticalhigh-severityremote-code-executioncwe-78
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 4 IOCs

CVE-2025-51846: CryptPad Instance Denial-of-Service via WebSocket Flood

CVE-2025-51846 — CryptPad 2025.3.1 allows unbounded WebSocket frame flood. A remote, unauthenticated attacker can significantly degrade or deny service for all users of a CryptPad...

vulnerabilityCVEhigh-severitycwe-770
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 1 IOC /⚙ 1 Sigma

Weaver E-office RCE: Unauthenticated File Upload Exploit Active

CVE-2022-50993 — Weaver (Fanwei) E-office versions prior to 10.0_20221201 contain an unauthenticated arbitrary file upload vulnerability in the OfficeServer.php endpoint that allows remote attackers to...

vulnerabilityCVEcriticalhigh-severityremote-code-executioncwe-434
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 4 IOCs /⚙ 3 Sigma

Weaver E-cology Arbitrary File Read via XML-RPC (CVE-2022-50992)

CVE-2022-50992 — Weaver (Fanwei) E-cology 9.5 versions prior to 10.52 contain an arbitrary file read vulnerability in the XmlRpcServlet interface at the XML-RPC endpoint that...

vulnerabilityCVEhigh-severityarbitrary-file-accesscwe-22
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 4 IOCs /⚙ 3 Sigma

PyTorch Lightning Compromised in PyPI Supply Chain Attack

Threat actors have compromised the popular Python package Lightning, pushing two malicious versions, 2.6.2 and 2.6.3, to the PyPI repository on April 30, 2026. This...

threat-intelvulnerabilityidentity
/SCW Vulnerability Desk /HIGH /⚑ 3 IOCs /⚙ 3 Sigma

MOVEit Automation Privilege Escalation (CVE-2026-5174)

CVE-2026-5174 — Improper input validation vulnerability in Progress Software MOVEit Automation allows Privilege Escalation. This issue affects MOVEit Automation: from 2025.1.0 before 2025.1.5, from 2025.0.0...

vulnerabilityCVEhigh-severityprivilege-escalationcwe-20
/SCW Vulnerability Desk /HIGH /7.7 /⚑ 5 IOCs /⚙ 3 Sigma

MOVEit Automation Critical Authentication Bypass (CVE-2026-4670)

CVE-2026-4670 — Authentication bypass by primary weakness vulnerability in Progress Software MOVEit Automation allows Authentication Bypass. This issue affects MOVEit Automation: from 2025.0.0 before 2025.0.9,...

vulnerabilityCVEcriticalhigh-severityauthentication-bypasscwe-305
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-7500 — When Keycloak is started with

CVE-2026-7500 — When Keycloak is started with `--features-disabled=account,account-api`, the Account REST API is only partially disabled. Five endpoints under the versioned path `/account/v1alpha1` remain fully...

vulnerabilityCVEmedium-severitycwe-425
/SCW Vulnerability Desk /MEDIUM /5.4 /⚑ 2 IOCs /⚙ 3 Sigma

Pallets Click CVE-2026-7246: Command Injection from Unprivileged Accounts

CVE-2026-7246 — Pallets Click, versions 8.3.2 and below, contain a command injection vulnerability in the click.edit() function, allowing attackers to pass arbitrary OS commands from...

vulnerabilityCVEhigh-severitycommand-injectioncwe-77
/SCW Vulnerability Desk /HIGH /7.2 /⚑ 2 IOCs

CVE-2026-7163 — The Assisted-Service REST API, An Optional Assisted Installe Vulnerability

CVE-2026-7163 — A vulnerability in the assisted-service REST API, an optional Assisted Installer (assisted-service) component in the Multicluster Engine (MCE), allows an authenticated user with...

vulnerabilityCVEmedium-severitycwe-312
/SCW Vulnerability Desk /MEDIUM /6.1 /⚑ 2 IOCs /⚙ 3 Sigma

Otter Blocks WordPress Plugin Vulnerable to Purchase Bypass (CVE-2026-2892)

CVE-2026-2892 — The Otter Blocks plugin for WordPress is vulnerable to Purchase Verification Bypass in all versions up to, and including, 3.1.4. This is due...

vulnerabilityCVEhigh-severitycwe-285
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 5 IOCs /⚙ 2 Sigma

Fake Cell Towers and Sneaky Installers: New Threats Emerge

The cybersecurity landscape is constantly shifting, with threat actors employing novel tactics. The Hacker News reports on the use of fake cell towers to disseminate...

threat-intelvulnerabilitycloudtoolsthe-hacker-news
/SCW Vulnerability Desk /MEDIUM /⚑ 4 IOCs

MeWare PDKS Flooding Vulnerability: CVE-2026-7402 Impacts Time & Attendance Systems

CVE-2026-7402 — Improper Control of Interaction Frequency vulnerability in MeWare Software Development Inc. PDKS allows Flooding. This issue affects PDKS: from V16.20200313 before VMYR_3.5.2025117.

vulnerabilityCVEhigh-severitycwe-799
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 3 IOCs

MeWare PDKS Authorization Bypass (CVE-2026-7399) Exposes High-Risk Privilege Abuse

CVE-2026-7399 — Authorization bypass through User-Controlled key vulnerability in MeWare Software Development Inc. PDKS allows Privilege Abuse. This issue affects PDKS: from V16.20200313 before VMYR_3.5.2025117....

vulnerabilityCVEhigh-severitycwe-639
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 1 IOC /⚙ 2 Sigma

CVE-2026-7382 — MeWare Software Development Inc. PDKS Vulnerability

CVE-2026-7382 — Exposure of Sensitive Information to an Unauthorized Actor, Exposure of private personal information to an unauthorized actor vulnerability in MeWare Software Development Inc....

vulnerabilityCVEmedium-severitycwe-200cwe-359
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 3 IOCs /⚙ 3 Sigma

DEEP#DOOR Python Backdoor Disables Security Controls for Credential Theft

The Hacker News reports on DEEP#DOOR, a new Python-based backdoor framework that can disable Windows security features to gain persistent access and steal sensitive data....

threat-intelvulnerabilitymalwarecloudmicrosoftidentitytools
/SCW Vulnerability Desk /HIGH /⚑ 5 IOCs

JetBrains IntelliJ IDEA Vulnerability Allows Arbitrary File Reading

CVE-2026-41882 — In JetBrains IntelliJ IDEA before 2024.3.7.1, 2025.1.7.1, 2025.2.6.2, 2025.3.4.1, 2026.1.1 reading arbitrary local files was possible via built-in web server

vulnerabilityCVEhigh-severitycwe-59
/SCW Vulnerability Desk /HIGH /7.4 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-41940 — WebPros cPanel & WHM and WP2 (WordPress Squared): WebPros cPanel & WHM and WP2 (WordPress Squared) Missing Authentication for Critical Function Vulnerability

CVE-2026-41940 — WebPros cPanel & WHM (WebHost Manager) and WP2 (WordPress Squared) contain an authentication bypass vulnerability in the login flow that allows unauthenticated remote...

vulnerabilityCVEcisa-kevactively-exploited
/SCW Vulnerability Desk /HIGH /⚑ 3 IOCs

EnOcean SmartServer Vulnerabilities Enable Building System Hacking

Claroty researchers have identified two critical vulnerabilities in EnOcean's SmartServer, a device used to manage building automation systems. Exploitation could allow attackers to bypass security...

threat-intelvulnerabilitycloud
/SCW Vulnerability Desk /MEDIUM /⚑ 1 IOC /⚙ 3 Sigma

EtherRAT Campaign Spoofs Admin Tools via GitHub Facades

A new, highly resilient EtherRAT distribution campaign, identified by Atos Threat Research Center (TRC) in March 2026, is actively targeting high-privilege accounts. This operation specifically...

threat-intelvulnerabilitytools
/SCW Vulnerability Desk /MEDIUM /⚑ 3 IOCs /⚙ 3 Sigma

cPanel & WHM Zero-Day Exploited for Months, Granting Admin Access

A critical authentication bypass vulnerability in cPanel & WHM has been actively exploited as a zero-day for months, according to SecurityWeek. This flaw allows attackers...

threat-intelvulnerabilityidentity
/SCW Vulnerability Desk /MEDIUM /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-6498 — The Five Star Restaurant Reservations plugin for WordPress

CVE-2026-6498 — The Five Star Restaurant Reservations plugin for WordPress is vulnerable to a payment bypass via PHP type juggling in versions up to, and...

vulnerabilityCVEmedium-severitycwe-345
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-42800: High-Severity Null Pointer Dereference in ASR Lapwing_Linux

CVE-2026-42800 — NULL pointer dereference vulnerability in ASR1903 in ASR Lapwing_Linux on Linux (ims_client modules) allows Pointer Manipulation. This vulnerability is associated with program files...

vulnerabilityCVEhigh-severitynull-pointer-dereferencecwe-476
/SCW Vulnerability Desk /HIGH /7.4 /⚑ 1 IOC /⚙ 3 Sigma

Linux 'Copy Fail' Vulnerability Grants Root Access

A critical Linux local privilege escalation (LPE) flaw, dubbed 'Copy Fail' and tracked as CVE-2026-31431 (CVSS: 7.8), has been disclosed by Xint.io and Theori, as...

threat-intelvulnerability
/SCW Vulnerability Desk /MEDIUM /⚑ 1 IOC /⚙ 3 Sigma

CVE-2026-42799: ASR Kestrel Out-of-Bounds Read Flaw Exposes Systems

CVE-2026-42799 — Out-of-bounds read vulnerability in ASR Kestrel (nr_fw modules) allows Overflow Buffers. This vulnerability is associated with program files Code/Nr/nr_fw/RA/src/NrPwrCtrl.C. This issue affects Kestrel:...

vulnerabilityCVEhigh-severityout-of-bounds-1cwe-125
/SCW Vulnerability Desk /HIGH /7.4 /⚑ 1 IOC /⚙ 3 Sigma

ColorOS Assistant CVE-2026-22070: Unauthenticated Path Traversal Risk

CVE-2026-22070 — ColorOS Assistant has an unauthenticated start-download channel, leading to file path traversal.

vulnerabilityCVEhigh-severitypath-traversalcwe-23
/SCW Vulnerability Desk /HIGH /7.1 /⚑ 2 IOCs /⚙ 3 Sigma

Sandhills Medical Discloses Inc Ransomware Breach Affecting 170,000 Patients

Sandhills Medical has publicly disclosed a significant ransomware attack by the Inc Ransom group that impacted approximately 170,000 individuals. The healthcare organization waited nearly a...

threat-intelvulnerabilitymalwareransomwaredata-breach
/SCW Vulnerability Desk /MEDIUM /⚑ 1 IOC /⚙ 4 Sigma

Wireshark TLS Dissector Heap Overflow (CVE-2026-5402) Enables DoS, RCE

CVE-2026-5402 — TLS protocol dissector heap overflow in Wireshark 4.6.0 to 4.6.4 allows denial of service and possible code execution

vulnerabilityCVEhigh-severitycode-executioncwe-122
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-41226 — Open Redirect

CVE-2026-41226 — Open redirect vulnerability exists in Multiple laser printers and MFPs which implement Ricoh Web Image Monitor. When accessing a specially crafted URL, the...

vulnerabilityCVEmedium-severityopen-redirectcwe-601
/SCW Vulnerability Desk /MEDIUM /6.1 /⚑ 2 IOCs /⚙ 2 Sigma

Google Gemini CLI RCE: CVSS 10 Flaw Exposes CI/CD to Attack

Google has patched a critical remote code execution (RCE) vulnerability in its Gemini CLI, specifically impacting the `@google/gemini-cli` npm package and the `google-github-actions/run-gemini-cli` GitHub Actions...

threat-intelvulnerabilitycloudtools
/SCW Vulnerability Desk /HIGH /⚑ 3 IOCs /⚙ 1 Sigma

CVE-2025-13030: django-mdeditor Vulnerable to Code Execution via Image Upload

CVE-2025-13030 — All versions of the package django-mdeditor are vulnerable to Missing Authentication for Critical Function in the image upload endpoint. An attacker can upload...

vulnerabilityCVEhigh-severitycode-executioncwe-306
/SCW Vulnerability Desk /HIGH /7.1 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7470: Tenda 4G300 Router Vulnerable to Remote Stack Overflow

CVE-2026-7470 — A flaw has been found in Tenda 4G300 US_4G300V1.0Mt_V1.01.42_CN_TDC01. Affected is the function sub_427C3C of the file /goform/SafeMacFilter. This manipulation of the argument...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-121
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 5 Sigma

CVE-2026-7469 — Tenda 4G300 US_4G300V1.0Mt_V1.01.42_CN_TDC01 Command Injection

CVE-2026-7469 — A vulnerability was detected in Tenda 4G300 US_4G300V1.0Mt_V1.01.42_CN_TDC01. This impacts the function sub_425A28 of the file /goform/DelFil. The manipulation of the argument delflag...

vulnerabilityCVEmedium-severitycommand-injectioncwe-74cwe-77
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-7468: Improper Access Control Flaw in 1024-lab smart-admin

CVE-2026-7468 — A security vulnerability has been detected in 1024-lab smart-admin up to 3.30.0. This affects an unknown function of the file /smart-admin-api/druid/index.html of the...

vulnerabilityCVEhigh-severityimproper-access-controlcwe-266cwe-284
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-7447 — SourceCodester Pet Grooming Management Software SQL Injection

CVE-2026-7447 — A flaw has been found in SourceCodester Pet Grooming Management Software 1.0. This vulnerability affects unknown code of the file /admin/update_customer.php. This manipulation...

vulnerabilityCVEmedium-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7446: VetCoders mcp-server-semgrep OS Command Injection

CVE-2026-7446 — A vulnerability was detected in VetCoders mcp-server-semgrep 1.0.0. This affects the function analyze_results/filter_results/export_results/compare_results/scan_directory/create_rule of the file src/index.ts of the component MCP Interface. The...

vulnerabilityCVEhigh-severitycommand-injectioncwe-77cwe-78
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 4 IOCs /⚙ 2 Sigma

CVE-2026-7445 — ZachHandley ZMCPTools Path Traversal

CVE-2026-7445 — A security vulnerability has been detected in ZachHandley ZMCPTools up to 0.2.2. Affected by this issue is some unknown functionality of the file...

vulnerabilityCVEmedium-severitypath-traversalcwe-22
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-7443: BurtTheCoder mcp-dnstwist OS Command Injection

CVE-2026-7443 — A weakness has been identified in BurtTheCoder mcp-dnstwist up to 1.0.4. Affected by this vulnerability is the function fuzz_domain of the file src/index.ts...

vulnerabilityCVEhigh-severitycommand-injectioncwe-77cwe-78
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 4 IOCs

CVE-2026-7420: UTT HiPER 1250GW Buffer Overflow Exploitable Remotely

CVE-2026-7420 — A security flaw has been discovered in UTT HiPER 1250GW up to 3.2.7-210907-180535. Impacted is the function strcpy of the file route/goform/ConfigAdvideo. The...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-120
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 5 Sigma

UTT HiPER 1250GW CVE-2026-7419: Remote Buffer Overflow Exploitable

CVE-2026-7419 — A vulnerability was identified in UTT HiPER 1250GW up to 3.2.7-210907-180535. This issue affects the function strcpy of the file route/goform/formTaskEdit_ap. The manipulation...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-120
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 5 Sigma

UTT HiPER 1250GW: High-Severity Buffer Overflow (CVE-2026-7418)

CVE-2026-7418 — A vulnerability was determined in UTT HiPER 1250GW up to 3.2.7-210907-180535. This vulnerability affects the function strcpy of the file route/goform/NTP. Executing a...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-120
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 2 Sigma

Algovate xhs-mcp SSRF Vulnerability (CVE-2026-7417) Publicly Disclosed

CVE-2026-7417 — A vulnerability was found in Algovate xhs-mcp 0.8.11. This affects the function xhs_publish_content of the file src/server/mcp.server.ts of the component MCP Interface. Performing...

vulnerabilityCVEhigh-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 4 IOCs /⚙ 3 Sigma

PolarVista xcode-mcp-server Suffers High-Severity OS Command Injection

CVE-2026-7416 — A vulnerability was found in PolarVista xcode-mcp-server 1.0.0. This issue affects the function build_project/run_tests of the file src/index.ts of the component MCP Interface....

vulnerabilityCVEhigh-severitycommand-injectioncwe-77cwe-78
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-7410 — SourceCodester Pizzafy Ecommerce System SQL Injection

CVE-2026-7410 — A vulnerability has been found in SourceCodester Pizzafy Ecommerce System 1.0. This vulnerability affects unknown code of the file /admin/ajax.php?action=add_to_cart. The manipulation of...

vulnerabilityCVEmedium-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7409 — SourceCodester Pizzafy Ecommerce System SQL Injection

CVE-2026-7409 — A flaw has been found in SourceCodester Pizzafy Ecommerce System 1.0. This affects the function save_user of the file /admin/ajax.php?action=save_user. Executing a manipulation...

vulnerabilityCVEmedium-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /MEDIUM /4.7 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7408 — SourceCodester Pizzafy Ecommerce System SQL Injection

CVE-2026-7408 — A vulnerability was detected in SourceCodester Pizzafy Ecommerce System 1.0. Affected by this issue is the function save_menu of the file /admin/ajax.php?action=save_menu. Performing...

vulnerabilityCVEmedium-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /MEDIUM /4.7 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7407 — SourceCodester Pizzafy Ecommerce System SQL Injection

CVE-2026-7407 — A security vulnerability has been detected in SourceCodester Pizzafy Ecommerce System 1.0. Affected by this vulnerability is the function save_settings of the file...

vulnerabilityCVEmedium-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /MEDIUM /4.7 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7404: mcpo-simple-server Vulnerability Exposes Data via Path Traversal

CVE-2026-7404 — A weakness has been identified in getsimpletool mcpo-simple-server up to 0.2.0. Affected is the function delete_shared_prompt of the file src/mcpo_simple_server/services/prompt_manager/base_manager.py. This manipulation of...

vulnerabilityCVEhigh-severitypath-traversalcwe-22cwe-23
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7403 — Geldata Gel-Mcp Path Traversal

CVE-2026-7403 — A security flaw has been discovered in geldata gel-mcp 0.1.0. This impacts the function list_rules/fetch_rule of the file src/gel_mcp/server.py. The manipulation of the...

vulnerabilityCVEmedium-severitypath-traversalcwe-22
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-1858 — wget2 accepts a server certificate with incorrect Key Usage

CVE-2026-1858 — wget2 accepts a server certificate with incorrect Key Usage (KU) or Extended Key Usage (EKU). If the attackers compromise a certificate (with the...

vulnerabilityCVEmedium-severitycwe-20
/SCW Vulnerability Desk /MEDIUM /4.8 /⚑ 2 IOCs /⚙ 2 Sigma

Qinglong Task Scheduler Exploited for Cryptomining via RCE Flaws

BleepingComputer reports that attackers are actively exploiting two authentication bypass vulnerabilities in Qinglong, an open-source task scheduling tool. These flaws, if left unaddressed, allow threat...

threat-inteldata-breachmalwarevulnerabilitycloudidentitytoolsbleepingcomputer
/SCW Vulnerability Desk /MEDIUM /⚑ 2 IOCs

CVE-2026-7426: FreeRTOS-Plus-TCP IPv6 RA Heap Overflow

CVE-2026-7426 — Insufficient validation of the prefix length field in IPv6 Router Advertisement processing in FreeRTOS-Plus-TCP before V4.2.6 and V4.4.1 allows an adjacent network actor...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-787
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 3 IOCs /⚙ 1 Sigma

CVE-2026-34965: Cockpit CMS RCE via PHP Code Injection

CVE-2026-34965 — Cockpit CMS contains an authenticated remote code execution vulnerability in the /cockpit/collections/save_collection endpoint that allows authenticated attackers with collection management privileges to inject...

vulnerabilityCVEhigh-severityremote-code-executioncwe-94
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2018-25318: Tenda Router Vulnerability Allows DNS Hijacking

CVE-2018-25318 — Tenda FH303/A300 firmware V5.07.68_EN contains a session weakness vulnerability that allows unauthenticated attackers to modify DNS settings by exploiting insufficient cookie validation. Attackers...

vulnerabilityCVEcriticalhigh-severitycwe-290
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 3 IOCs /⚙ 2 Sigma

Tenda Routers: CVE-2018-25317 Allows Unauthenticated DNS Hijacking

CVE-2018-25317 — Tenda W3002R/A302/W309R wireless routers version V5.07.64_en contain a cookie session weakness vulnerability that allows unauthenticated attackers to modify DNS settings by exploiting insufficient...

vulnerabilityCVEcriticalhigh-severitycwe-290
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 1 IOC /⚙ 2 Sigma

CVE-2018-25316: Tenda Router Flaw Exposes DNS Hijacking Risk

CVE-2018-25316 — Tenda W308R v2 V5.07.48 contains a cookie session weakness vulnerability that allows unauthenticated attackers to modify DNS settings by exploiting insufficient session validation....

vulnerabilityCVEcriticalhigh-severitycwe-290
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2018-25315: Alloksoft Video Joiner Buffer Overflow Allows Code Execution

CVE-2018-25315 — Alloksoft Video joiner 4.6.1217 contains a buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious string in...

vulnerabilityCVEhigh-severitycode-executioncwe-120
/SCW Vulnerability Desk /HIGH /8.4 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2018-25314: Alloksoft WMV Converter Buffer Overflow Allows Local Code Execution

CVE-2018-25314 — Allok soft WMV to AVI MPEG DVD WMV Converter 4.6.1217 contains a buffer overflow vulnerability that allows local attackers to execute arbitrary code...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-120
/SCW Vulnerability Desk /HIGH /8.4 /⚑ 3 IOCs /⚙ 2 Sigma

BuddyPress RCE: Authenticated Users Can Delete Arbitrary Files

CVE-2018-25308 — BuddyPress Xprofile Custom Fields Type 2.6.3 contains a remote code execution vulnerability that allows authenticated users to delete arbitrary files by manipulating unescaped...

vulnerabilityCVEhigh-severityremote-code-executioncwe-22
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 1 IOC /⚙ 2 Sigma

SysGauge Pro 4.6.12 Vulnerability Allows Local Code Execution

CVE-2018-25307 — SysGauge Pro 4.6.12 contains a local buffer overflow vulnerability in the Register function that allows local attackers to overwrite the structured exception handler...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-120
/SCW Vulnerability Desk /HIGH /8.4 /⚑ 3 IOCs /⚙ 3 Sigma

Free Download Manager CVE-2018-25304: Local Buffer Overflow Allows Code Execution

CVE-2018-25304 — Free Download Manager 2.0 Built 417 contains a local buffer overflow vulnerability in the URL import functionality that allows attackers to trigger a...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-120
/SCW Vulnerability Desk /HIGH /8.4 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2018-25303: Allok Video to DVD Burner Stack Overflow

CVE-2018-25303 — Allok Video to DVD Burner 2.6.1217 contains a stack-based buffer overflow vulnerability in the License Name field that allows local attackers to execute...

vulnerabilityCVEhigh-severitycode-executioncwe-121
/SCW Vulnerability Desk /HIGH /8.4 /⚑ 3 IOCs /⚙ 4 Sigma

CVE-2018-25302: Allok AVI to DVD Converter Buffer Overflow

CVE-2018-25302 — Allok AVI to DVD SVCD VCD Converter 4.0.1217 contains a structured exception handling (SEH) based buffer overflow vulnerability that allows local attackers to...

vulnerabilityCVEhigh-severitycode-executioncwe-120
/SCW Vulnerability Desk /HIGH /7.8 /⚑ 3 IOCs /⚙ 7 Sigma

CVE-2018-25301: Easy MPEG to DVD Burner Local Buffer Overflow

CVE-2018-25301 — Easy MPEG to DVD Burner 1.7.11 contains a structured exception handling (SEH) local buffer overflow vulnerability that allows local attackers to execute arbitrary...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-120
/SCW Vulnerability Desk /HIGH /8.4 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2018-25300: XATABoost CMS SQL Injection Allows Unauthenticated Data Extraction

CVE-2018-25300 — XATABoost CMS 1.0.0 contains a union-based SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the...

vulnerabilityCVEhigh-severitysql-injectioncwe-89
/SCW Vulnerability Desk /HIGH /8.2 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2018-25299: Prime95 Local Buffer Overflow Allows Arbitrary Code Execution

CVE-2018-25299 — Prime95 29.4b8 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by exploiting structured exception handling (SEH) mechanisms. Attackers...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-120
/SCW Vulnerability Desk /HIGH /8.4 /⚑ 3 IOCs /⚙ 2 Sigma

AI Reverse Engineering Unearths High-Severity GitHub Bug

AI-powered reverse engineering is proving its worth in vulnerability research, with Dark Reading reporting that Wiz leveraged such a tool to uncover a high-severity GitHub...

threat-inteltoolsvulnerability
/SCW Vulnerability Desk /MEDIUM /⚑ 1 IOC /⚙ 3 Sigma

AgentFlow RCE Vulnerability (CVE-2026-7466) Allows Local Code Execution

CVE-2026-7466 — AgentFlow contains an arbitrary code execution vulnerability that allows attackers to execute local Python pipeline files by supplying a user-controlled pipeline_path parameter to...

vulnerabilityCVEhigh-severitycode-executioncwe-94
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 5 IOCs /⚙ 3 Sigma

CVE-2026-7439 — AgentFlow's local web API accepts non-JSON content types on

CVE-2026-7439 — AgentFlow's local web API accepts non-JSON content types on POST /api/runs and POST /api/runs/validate endpoints without enforcing application/json validation, allowing attackers to bypass...

vulnerabilityCVEmedium-severitycwe-346
/SCW Vulnerability Desk /MEDIUM /4.4 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-7424: FreeRTOS-Plus-TCP DHCPv6 Vulnerability Leads to DoS

CVE-2026-7424 — Integer underflow in the DHCPv6 sub-option parser in FreeRTOS-Plus-TCP before V4.4.1 and V4.2.6 allows an adjacent network actor to corrupt the device's IPv6...

vulnerabilityCVEhigh-severitydenial-of-servicecwe-191
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 4 IOCs /⚙ 2 Sigma

CVE-2026-7423 — Denial of Service

CVE-2026-7423 — Integer underflow in the ICMP and ICMPv6 echo reply handlers in FreeRTOS-Plus-TCP before V4.4.1 and V4.2.6 allows an adjacent network user to cause...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-191
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 1 Sigma

CVE-2026-7422 — Insufficient packet validation in FreeRTOS-Plus-TCP before

CVE-2026-7422 — Insufficient packet validation in FreeRTOS-Plus-TCP before V4.2.6 and V4.4.1 allows an adjacent network actor to bypass all checksum and minimum-size validation by spoofing...

vulnerabilityCVEmedium-severitycwe-290
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-7398: Path Traversal in BioinfoMCP Upload Endpoint

CVE-2026-7398 — A weakness has been identified in florensiawidjaja BioinfoMCP up to 7ada7918b9e515604d3c0ae264d3a9af10bf6e54. This vulnerability affects the function Upload of the file bioinfo_mcp_platform/app.py of the...

vulnerabilityCVEhigh-severitypath-traversalcwe-22
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7397 — NousResearch Hermes-Agent Vulnerability

CVE-2026-7397 — A security flaw has been discovered in NousResearch hermes-agent 0.8.0. This affects the function _check_sensitive_path of the file tools/file_tools.py. The manipulation results in...

vulnerabilityCVEmedium-severitycwe-59cwe-61
/SCW Vulnerability Desk /MEDIUM /4.4 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-41499 — Out-of-Bounds $1

CVE-2026-41499 — Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 4.0.0 to before version 4.14.4, multiple...

vulnerabilityCVEmedium-severityout-of-bounds-1cwe-124cwe-191
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 3 IOCs /⚙ 5 Sigma

Wazuh CVE-2026-30893: Critical Path Traversal to RCE

CVE-2026-30893 — Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 4.4.0 to before version 4.14.4, a...

vulnerabilityCVEcriticalhigh-severitycode-executioncwe-22cwe-73
/SCW Vulnerability Desk /CRITICAL /9 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-28221 — Buffer Overflow

CVE-2026-28221 — Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 4.8.0 to before version 4.14.4, a...

vulnerabilityCVEmedium-severitybuffer-overflowcwe-121cwe-400
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 3 IOCs

CVE-2026-27105 — Arbitrary File Access

CVE-2026-27105 — Dell/Alienware Purchased Apps, versions prior to 1.1.31.0, contain an Improper Link Resolution Before File Access ('Link Following') vulnerability. A low privileged attacker with...

vulnerabilityCVEmedium-severityarbitrary-file-accesscwe-59
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-26206 — Wazuh is a free and open source platform used for threat

CVE-2026-26206 — Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 4.0.0 to before version 4.14.4, Wazuh's...

vulnerabilityCVEmedium-severitycwe-307cwe-362cwe-367
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-7396 — NousResearch Hermes-Agent Path Traversal

CVE-2026-7396 — A vulnerability was identified in NousResearch hermes-agent 0.8.0. Affected by this issue is some unknown functionality of the file gateway/platforms/wecom.py of the component...

vulnerabilityCVEmedium-severitypath-traversalcwe-22
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-7394 — SQL Injection

CVE-2026-7394 — A vulnerability was determined in SourceCodester Pizzafy Ecommerce System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/view_order.php of...

vulnerabilityCVEmedium-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /MEDIUM /4.7 /⚑ 3 IOCs /⚙ 3 Sigma

IdentityIQ CVE-2026-5712: Authenticated Users Can Edit Roles

CVE-2026-5712 — This vulnerability impacts all versions of IdentityIQ and allows an authenticated identity that is the requestor or assignee of a work item to...

vulnerabilityCVEhigh-severitycwe-863
/SCW Vulnerability Desk /HIGH /8 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-26204 — Denial of Service

CVE-2026-26204 — Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 1.0.0 to before version 4.14.4, a...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-124cwe-191
/SCW Vulnerability Desk /MEDIUM /4.4 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-7393 — SourceCodester Pizzafy Ecommerce System Unrestricted File Upload

CVE-2026-7393 — A vulnerability was found in SourceCodester Pizzafy Ecommerce System 1.0. Affected is the function save_menu of the file /admin/admin_class_novo.php of the component File...

vulnerabilityCVEmedium-severityunrestricted-file-uploadcwe-284cwe-434
/SCW Vulnerability Desk /MEDIUM /4.7 /⚑ 3 IOCs

CVE-2026-7392 — SourceCodester Pharmacy Sales And Inventory System SQL Injection

CVE-2026-7392 — A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. This impacts the function delete_supplier of the file /ajax.php?action=delete_supplier. Such...

vulnerabilityCVEmedium-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7391 — SourceCodester Pharmacy Sales And Inventory System SQL Injection

CVE-2026-7391 — A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. This affects the function save_supplier of the file /ajax.php?action=save_supplier. This...

vulnerabilityCVEmedium-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-6915 — An authorization flaw in the user management command could

CVE-2026-6915 — An authorization flaw in the user management command could allow an authenticated user to make limited changes to authentication-related data associated with another...

vulnerabilityCVEmedium-severitycwe-1284
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-6914 — Computing the MD5 checksum of a malformed BSON object under

CVE-2026-6914 — Computing the MD5 checksum of a malformed BSON object under specific conditions may cause loss of availability in MongoDB server. This issue affects...

vulnerabilityCVEmedium-severitycwe-191
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 1 Sigma

SonicOS Access Control Bypass (CVE-2026-0204) Rated High Severity

CVE-2026-0204 — A vulnerability in the access control mechanism of SonicOS may allow certain management interface functions to be accessible under specific conditions.

vulnerabilityCVEhigh-severitycwe-306cwe-1390
/SCW Vulnerability Desk /HIGH /8 /⚑ 2 IOCs

SAP npm Packages Compromised by "Mini Shai-Hulud" Credential Stealing Malware

A new supply chain attack campaign, dubbed "mini Shai-Hulud," is actively targeting SAP-related npm packages with credential-stealing malware. The Hacker News reports that this campaign...

threat-intelvulnerabilitymalwarecloudidentity
/SCW Vulnerability Desk /HIGH /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7389: EyouCMS SQL Injection Vulnerability Exposed

CVE-2026-7389 — A security vulnerability has been detected in EyouCMS up to 1.7.9. The affected element is the function GetSortData of the file application/common.php. The...

vulnerabilityCVEhigh-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs

CVE-2026-7388 — A weakness has been identified in EyouCMS up to 1.7.9.

CVE-2026-7388 — A weakness has been identified in EyouCMS up to 1.7.9. Impacted is the function editFile of the file application/admin/logic/FilemanagerLogic.php of the component Template...

vulnerabilityCVEmedium-severitycwe-74cwe-94
/SCW Vulnerability Desk /MEDIUM /4.7 /⚑ 3 IOCs

CVE-2026-7386: fatbobman mail-mcp-bridge Path Traversal Vulnerability

CVE-2026-7386 — A flaw has been found in fatbobman mail-mcp-bridge up to 1.3.3. Affected is an unknown function of the file src/mail_mcp_server.py. Executing a manipulation...

vulnerabilityCVEhigh-severitypath-traversalcwe-22
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 4 IOCs /⚙ 5 Sigma

Pardus OS My Computer Vulnerability Allows OS Command Injection

CVE-2026-6849 — Improper neutralization of special elements used in an OS command ('OS command injection') vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus OS...

vulnerabilityCVEhigh-severitycommand-injectioncwe-78
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 1 IOC

CVE-2026-5166: Critical Path Traversal in TUBITAK Pardus Software Center

CVE-2026-5166 — Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus Software Center allows...

vulnerabilityCVEcriticalhigh-severitypath-traversalcwe-22
/SCW Vulnerability Desk /CRITICAL /9.6 /⚑ 3 IOCs /⚙ 3 Sigma

pgjdbc Client-Side DoS: Malicious Servers Can Exhaust CPU via SCRAM-SHA-256

CVE-2026-42198 — pgjdbc is an open source postgresql JDBC Driver. From version 42.2.0 to before version 42.7.11, pgjdbc is vulnerable to a client-side denial of...

vulnerabilityCVEhigh-severitydenial-of-servicecwe-770
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 4 IOCs /⚙ 2 Sigma

cPanel & WHM Critical Authentication Bypass (CVE-2026-41940)

CVE-2026-41940 — cPanel and WHM versions prior to 11.110.0.97, 11.118.0.63, 11.126.0.54, 11.132.0.29, 11.134.0.20, and 11.136.0.5 contain an authentication bypass vulnerability in the login flow that...

vulnerabilityCVEcriticalhigh-severityauthentication-bypasscwe-306
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 5 IOCs /⚙ 2 Sigma

cPanel, WHM Emergency Patch Fixes Critical Auth Bypass

BleepingComputer reports an urgent vulnerability in cPanel and WebHost Manager (WHM) that could allow unauthenticated access. This isn't just a bug; it's a critical authentication...

threat-inteldata-breachmalwarevulnerabilityidentity
/SCW Vulnerability Desk /HIGH /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-7384 — Ezequiroga Mcp-Bases 357ca19c7a49a9b9cb2ef639b366f03aba8bea3 Path Traversal

CVE-2026-7384 — A vulnerability was detected in ezequiroga mcp-bases 357ca19c7a49a9b9cb2ef639b366f03aba8bea39/c630b8ab0f970614d42da8e566e9c0d15a16414c. This impacts the function search_papers of the file research_server.py. Performing a manipulation of the argument...

vulnerabilityCVEhigh-severitypath-traversalcwe-22
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 6 Sigma

CVE-2026-5161: Pardus About Suffers High-Severity Symlink Vulnerability

CVE-2026-5161 — Improper link resolution before file access ('link following') vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus About allows Symlink Attack. This issue...

vulnerabilityCVEhigh-severitycwe-59
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 1 IOC /⚙ 2 Sigma

CVE-2026-5141: Pardus Software Center Vulnerability Allows Privileged Process Hijacking

CVE-2026-5141 — Improper Privilege Management, Improper Access Control, Incorrect privilege assignment vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus Software Center allows Hijacking a...

vulnerabilityCVEhigh-severityimproper-access-controlcwe-266cwe-269cwe-284
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 1 IOC /⚙ 2 Sigma

Acronis DLP and Cyber Protect Agent Vulnerable to Privilege Escalation (CVE-2026-41952)

CVE-2026-41952 — Local privilege escalation due to improper input validation. The following products are affected: Acronis DeviceLock DLP (Windows) before build 9.0.93212, Acronis Cyber Protect...

vulnerabilityCVEhigh-severityprivilege-escalationcwe-123
/SCW Vulnerability Desk /HIGH /7.8 /⚑ 1 IOC /⚙ 3 Sigma

Acronis DLP, Cyber Protect Agent Vulnerable to Local Privilege Escalation (CVE-2026-41220)

CVE-2026-41220 — Local privilege escalation due to improper input validation. The following products are affected: Acronis DeviceLock DLP (Windows) before build 9.0.93212, Acronis Cyber Protect...

vulnerabilityCVEhigh-severityprivilege-escalationcwe-787
/SCW Vulnerability Desk /HIGH /7.8 /⚑ 1 IOC /⚙ 3 Sigma

DPRK Uses AI-Inserted npm Malware, Targeting Developers

North Korean threat actors are leveraging AI, specifically Anthropic's Claude Opus LLM, to inject malware into the software supply chain. The Hacker News reports that...

threat-intelvulnerabilitymalwareai-security
/SCW Vulnerability Desk /MEDIUM /⚑ 3 IOCs /⚙ 3 Sigma

GitHub RCE Flaw Could Have Exposed Millions of Private Repositories

BleepingComputer reports that GitHub recently patched a critical remote code execution (RCE) vulnerability, identified as CVE-2026-3854. This flaw, if exploited, could have provided attackers with...

threat-inteldata-breachmalwarevulnerabilitytools
/SCW Vulnerability Desk /HIGH /⚑ 2 IOCs /⚙ 3 Sigma

AI Automates Attacks: Autonomous Agents Target Active Directory in Minutes

The Hacker News reports a significant shift in threat actor tactics, with custom AI setups now automating attacks directly into the kill chain. This isn't...

threat-intelvulnerabilitymicrosoftidentityphishing
/SCW Vulnerability Desk /MEDIUM /⚑ 2 IOCs

Unidentified RMM Tool Exploited in Active Attacks Against Israeli Organizations

Shimi's Cyber World has learned of an active cybersecurity campaign targeting Israeli organizations, leveraging an previously unidentified Remote Monitoring and Management (RMM) tool. The Israel...

INCDisraeladvisoryalert
/MEDIUM /⚑ 2 IOCs

Exposure Management Platforms Fall Short: Context is Key, Not Just Counts

Many security teams face a disconnect between vulnerability remediation metrics and actual security posture. The Hacker News highlights that while dashboards may show hundreds of...

threat-intelvulnerability
/SCW Vulnerability Desk /MEDIUM /⚑ 1 IOC

CISA Mandates Urgent Patching for Windows Zero-Day Exploited in Attacks

CISA has issued a directive to federal agencies, compelling them to patch a critical Windows vulnerability actively exploited as a zero-day. BleepingComputer reports this flaw...

threat-inteldata-breachmalwarevulnerabilitymicrosoft
/SCW Vulnerability Desk /HIGH /⚑ 1 IOC /⚙ 3 Sigma

Critical cPanel Authentication Flaw Exposes Servers

The Hacker News reports that cPanel has issued urgent security updates to patch a critical authentication vulnerability affecting all currently supported versions of its control...

threat-intelvulnerabilityidentitytools
/SCW Vulnerability Desk /MEDIUM /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-4019 — The Complianz – GDPR/CCPA Cookie Consent plugin for

CVE-2026-4019 — The Complianz – GDPR/CCPA Cookie Consent plugin for WordPress is vulnerable to unauthorized data access in all versions up to, and including, 7.4.5...

vulnerabilityCVEmedium-severitycwe-862
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs

CVE-2026-42412 — WeDevs WP User Frontend Vulnerability

CVE-2026-42412 — Missing Authorization vulnerability in weDevs WP User Frontend allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP User Frontend: from...

vulnerabilityCVEmedium-severitycwe-862
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2025-10503 — Cross-Site Scripting (XSS)

CVE-2025-10503 — The authentication endpoint accepts user-supplied input without enforcing expected validation constraints, leading to a lack of proper output encoding. This allows for the...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.1 /⚑ 2 IOCs /⚙ 3 Sigma

SureForms Pro Vulnerability CVE-2026-42377 Exposes Access Control Flaws

CVE-2026-42377 — Missing Authorization vulnerability in Brainstorm Force SureForms Pro allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects SureForms Pro: from n/a...

vulnerabilityCVEhigh-severitycwe-862
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 2 IOCs /⚙ 2 Sigma

Dell iDRAC10 Vulnerability: Low-Privilege Race Condition Grants High Access

CVE-2026-35155 — Dell iDRAC10, versions 1.20.70.50 and 1.30.05.10, contains an Insufficiently Protected Credentials vulnerability. A race condition vulnerability exists that could allow an authenticated low‑privileged...

vulnerabilityCVEhigh-severityrace-conditioncwe-522
/SCW Vulnerability Desk /HIGH /7.1 /⚑ 2 IOCs /⚙ 3 Sigma

GCHQ CyberChef XSS Vulnerability (CVE-2026-42615) Identified

CVE-2026-42615 — GCHQ CyberChef before 11.0.0 allows XSS via Show Base64 offsets, as demonstrated by the /#recipe=Show_Base64_offsets('%3Cscript substring.

vulnerabilityCVEhigh-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /HIGH /7.2 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-23773 — Server-Side Request Forgery

CVE-2026-23773 — Dell Disk Library for Mainframe, version(s) DLm 8700/2700 contain(s) a Server-Side Request Forgery (SSRF) vulnerability. A low privileged attacker with remote access could...

vulnerabilityCVEmedium-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-42167: ProFTPD mod_sql RCE Via Log Expansion

CVE-2026-42167 — mod_sql in ProFTPD before 1.3.10rc1 allows remote attackers to execute arbitrary code via a username, in scenarios where there is logging of USER...

vulnerabilityCVEhigh-severitycwe-89
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-7319: Path Traversal in elinsky execution-system-mcp Poses Remote Risk

CVE-2026-7319 — A flaw has been found in elinsky execution-system-mcp 0.1.0. The impacted element is the function _get_context_file_path of the file src/execution_system_mcp/server.py of the component...

vulnerabilityCVEhigh-severitypath-traversalcwe-22
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7318 — Elie Mcp-Project Path Traversal

CVE-2026-7318 — A vulnerability was detected in elie mcp-project 0.1.0. The affected element is the function search_papers of the file research_server.py. The manipulation of the...

vulnerabilityCVEmedium-severitypath-traversalcwe-22
/SCW Vulnerability Desk /MEDIUM /5.9 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-7317 — Grav CMS Insecure Deserialization

CVE-2026-7317 — A vulnerability was found in Grav CMS up to 1.7.49.5/2.0.0-beta.1. Affected by this vulnerability is the function FileCache::doGet of the file system/src/Grav/Framework/Cache/Adapter/FileCache.php of...

vulnerabilityCVEmedium-severityinsecure-deserializationcwe-20cwe-502
/SCW Vulnerability Desk /MEDIUM /5 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-7316: Aider-mcp Command Injection Exposes AI Dev Workflows

CVE-2026-7316 — A vulnerability has been found in eiliyaabedini aider-mcp up to 667b914301aada695aab0e46d1fb3a7d5e32c8af. Affected is an unknown function of the file aider_mcp.py of the component...

vulnerabilityCVEhigh-severitycommand-injectioncwe-74cwe-77
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7315: eiceblue spire-pdf-mcp-server Path Traversal Vulnerability

CVE-2026-7315 — A flaw has been found in eiceblue spire-pdf-mcp-server 0.1.1. This impacts the function get_pdf_path of the file src/spire_pdf_mcp/server.py of the component PDF File...

vulnerabilityCVEhigh-severitypath-traversalcwe-22
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7314: eiceblue spire-doc-mcp-server Path Traversal Publicly Exploited

CVE-2026-7314 — A vulnerability was detected in eiceblue spire-doc-mcp-server 1.0.0. This affects the function get_doc_path of the file src/spire_doc_mcp/api/base.py. Performing a manipulation of the argument...

vulnerabilityCVEhigh-severitypath-traversalcwe-22
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 1 IOC /⚙ 3 Sigma

CVE-2026-7306 — Xuxueli Xxl-Job Vulnerability

CVE-2026-7306 — A security vulnerability has been detected in Xuxueli xxl-job up to 3.3.2. The impacted element is an unknown function of the file xxl-job-admin/src/main/java/com/xxl/job/admin/scheduler/openapi/OpenApiController.java...

vulnerabilityCVEmedium-severitycwe-320cwe-321
/SCW Vulnerability Desk /MEDIUM /5.6 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7305 — Server-Side Request Forgery

CVE-2026-7305 — A weakness has been identified in Xuxueli xxl-job up to 3.3.2. The affected element is the function triggerJob of the file xxl-job-admin/src/main/java/com/xxl/job/admin/service/impl/XxlJobServiceImpl.java of...

vulnerabilityCVEmedium-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 2 IOCs /⚙ 3 Sigma

Outline Insecure Direct Object Reference (CVE-2026-41649) Exposes Documents

CVE-2026-41649 — Outline is a service that allows for collaborative documentation. The `shares.create` API endpoint starting in version 0.86.0 and prior to version 1.7.0 has...

vulnerabilityCVEhigh-severitycwe-639
/SCW Vulnerability Desk /HIGH /7.7 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-33467 — Improper Verification of Cryptographic Signature (CWE-347)

CVE-2026-33467 — Improper Verification of Cryptographic Signature (CWE-347) in Elastic Package Registry could allow an attacker positioned to intercept network traffic, or to otherwise influence...

vulnerabilityCVEmedium-severitycwe-347
/SCW Vulnerability Desk /MEDIUM /5.9 /⚑ 2 IOCs /⚙ 2 Sigma

LiteLLM Pre-Auth SQLi Actively Exploited: CVE-2026-42208

Hackers are actively exploiting a critical pre-authentication SQL injection vulnerability, CVE-2026-42208, in the LiteLLM open-source large language model (LLM) gateway. BleepingComputer reports that attackers are...

threat-inteldata-breachmalwarevulnerabilityai-security
/SCW Vulnerability Desk /HIGH /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-42431: OpenClaw Vulnerability Allows Persistent Browser Profile Mutation

CVE-2026-42431 — OpenClaw before 2026.4.8 contains a security bypass vulnerability in node.invoke(browser.proxy) that allows mutation of persistent browser profiles. Attackers can exploit this path to...

vulnerabilityCVEhigh-severitycwe-863
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 3 IOCs /⚙ 2 Sigma

OpenClaw CVE-2026-42426: Improper Authorization Allows Node Pairing Bypass

CVE-2026-42426 — OpenClaw before 2026.4.8 contains an improper authorization vulnerability where the node.pair.approve method accepts operator.write scope instead of the narrower operator.pairing scope, allowing unprivileged...

vulnerabilityCVEhigh-severitycwe-863
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 1 IOC /⚙ 2 Sigma

OpenClaw CVE-2026-42422: Role Bypass Allows Unapproved Token Minting

CVE-2026-42422 — OpenClaw before 2026.4.8 contains a role bypass vulnerability in the device.token.rotate function that allows minting tokens for unapproved roles. Attackers can bypass device...

vulnerabilityCVEhigh-severitycwe-863
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 2 IOCs /⚙ 3 Sigma

OpenClaw QQ Bot SSRF Vulnerability Bypasses Protections (CVE-2026-41914)

CVE-2026-41914 — OpenClaw before 2026.4.8 contains a server-side request forgery vulnerability in QQ Bot media download paths that bypass SSRF protection. Attackers can exploit unprotected...

vulnerabilityCVEhigh-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /HIGH /8.5 /⚑ 3 IOCs /⚙ 3 Sigma

OpenClaw Privilege Escalation via Incomplete Scope Clearing (CVE-2026-41404)

CVE-2026-41404 — OpenClaw before 2026.3.31 contains an incomplete scope-clearing vulnerability in trusted-proxy authentication mode that allows operator.admin privilege escalation. Attackers can exploit this by declaring...

vulnerabilityCVEhigh-severityprivilege-escalationcwe-863
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 2 Sigma

OpenClaw CVE-2026-41394: Authentication Bypass Grants Operator Write Scopes

CVE-2026-41394 — OpenClaw before 2026.3.31 contains an authentication bypass vulnerability where unauthenticated plugin-auth HTTP routes receive operator runtime write scopes. Attackers can access these routes...

vulnerabilityCVEhigh-severityauthentication-bypasscwe-862
/SCW Vulnerability Desk /HIGH /8.2 /⚑ 3 IOCs /⚙ 2 Sigma

OpenClaw Incomplete Host Environment Sanitization Allows Package Overrides

CVE-2026-41387 — OpenClaw before 2026.3.22 contains an incomplete host environment variable sanitization vulnerability in host-env-security-policy.json and host-env-security.ts that allows package-manager environment overrides. Attackers can exploit...

vulnerabilityCVEhigh-severitycwe-183
/SCW Vulnerability Desk /HIGH /7.8 /⚑ 3 IOCs /⚙ 3 Sigma

OpenClaw Privilege Escalation: Critical Flaw in Device Pairing

CVE-2026-41386 — OpenClaw before 2026.3.22 contains a privilege escalation vulnerability where bootstrap setup codes are not bound to intended device roles and scopes during pairing....

vulnerabilityCVEcriticalhigh-severityprivilege-escalationcwe-648
/SCW Vulnerability Desk /CRITICAL /9.1 /⚑ 3 IOCs /⚙ 3 Sigma

OpenClaw CLI Vulnerability Allows Code Execution via Environment Variable Injection

CVE-2026-41384 — OpenClaw before 2026.3.24 contains an environment variable injection vulnerability in the CLI backend runner that allows attackers to inject malicious environment variables through...

vulnerabilityCVEhigh-severitycode-executioncwe-15
/SCW Vulnerability Desk /HIGH /7.8 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-41383: OpenClaw Arbitrary Directory Deletion Flaw Exposes Remote Data

CVE-2026-41383 — OpenClaw before 2026.4.2 contains an arbitrary directory deletion vulnerability in mirror mode that allows attackers to delete remote directories by influencing remoteWorkspaceDir and...

vulnerabilityCVEhigh-severitycwe-22
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 2 IOCs /⚙ 3 Sigma

OpenClaw Privilege Escalation (CVE-2026-41378) Allows RCE via Paired Nodes

CVE-2026-41378 — OpenClaw before 2026.3.31 contains a privilege escalation vulnerability allowing paired nodes with role=node to dispatch node.event agent requests with unrestricted gateway-side tool access....

vulnerabilityCVEhigh-severityremote-code-executioncwe-862
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-3893: Carlson VASCO-B GNSS Receiver Lacks Authentication

CVE-2026-3893 — The Carlson VASCO-B GNSS Receiver lacks an authentication mechanism, allowing an attacker with network access to directly access and modify its configuration and...

vulnerabilityCVEcriticalhigh-severitycwe-306
/SCW Vulnerability Desk /CRITICAL /9.4 /⚑ 2 IOCs /⚙ 3 Sigma

NVIDIA NeMoClaw Vulnerability Exposes Host Environment Variables

CVE-2026-24222 — NVIDIA NeMoClaw contains a vulnerability in the sandbox environment initialization component, where a remote attacker could cause improper access control by sending prompt-injected...

vulnerabilityCVEhigh-severityinformation-disclosurecwe-497
/SCW Vulnerability Desk /HIGH /8.6 /⚑ 2 IOCs /⚙ 3 Sigma

NVIDIA FLARE SDK Vulnerability: Untrusted Deserialization Leads to RCE

CVE-2026-24186 — NVIDIA FLARE SDK contains a vulnerability in FOBS, where an attacker may cause deserialization of untrusted data by sending a malicious FOBS- encoded...

vulnerabilityCVEhigh-severitycode-executioncwe-502
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 3 Sigma

NVIDIA NVFlare Dashboard: Critical Auth Bypass Puts Systems at Risk

CVE-2026-24178 — NVIDIA NVFlare Dashboard contains a vulnerability in the user management and authentication system where an unauthenticated attacker may cause authorization bypass through user-controlled...

vulnerabilityCVEcriticalhigh-severitycode-executioncwe-639
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 5 IOCs /⚙ 3 Sigma

LofyGang Resurfaces, Targets Minecraft Players with LofyStealer Malware

The Brazilian cybercrime group LofyGang has re-emerged after a three-year hiatus, launching a new campaign aimed at Minecraft players. According to The Hacker News, the...

threat-intelvulnerabilitymalware
/SCW Vulnerability Desk /MEDIUM /⚑ 3 IOCs

CVE-2025-60887 — Cista Insecure Deserialization

CVE-2025-60887 — An issue was discovered in Cista v0.15 and below. Insecure deserialization of untrusted input under certain conditions may lead to leaking of stack/heap...

vulnerabilityCVEmedium-severityinsecure-deserialization
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 1 IOC /⚙ 3 Sigma

Firefox ESR Sandbox Escape: Critical CVE-2026-7321 Demands Immediate Attention

CVE-2026-7321 — Sandbox escape due to incorrect boundary conditions in the WebRTC: Networking component. This vulnerability was fixed in Firefox ESR 140.10.1.

vulnerabilityCVEcriticalhigh-severitycwe-120
/SCW Vulnerability Desk /CRITICAL /9.6 /⚑ 2 IOCs /⚙ 4 Sigma

D-Link DIR-825M Buffer Overflow (CVE-2026-7289) Exposes Routers

CVE-2026-7289 — A vulnerability was found in D-Link DIR-825M 1.1.12. This issue affects the function sub_414BA8 of the file /boafrm/formWanConfigSetup. The manipulation of the argument...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-120
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 2 Sigma

D-Link DIR-825M Buffer Overflow (CVE-2026-7288) Publicly Disclosed

CVE-2026-7288 — A vulnerability has been found in D-Link DIR-825M 1.1.12. This vulnerability affects the function sub_4151FC of the file /boafrm/formVpnConfigSetup. The manipulation of the...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-120
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 1 IOC

CVE-2026-7283 — SourceCodester Pharmacy Sales And Inventory System SQL Injection

CVE-2026-7283 — A security flaw has been discovered in SourceCodester Pharmacy Sales and Inventory System 1.0. This impacts the function save_expired of the file /ajax.php?action=save_expired....

vulnerabilityCVEmedium-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /MEDIUM /4.7 /⚑ 3 IOCs /⚙ 7 Sigma

CVE-2026-7282 — SourceCodester Pharmacy Sales And Inventory System SQL Injection

CVE-2026-7282 — A vulnerability was identified in SourceCodester Pharmacy Sales and Inventory System 1.0. This affects the function delete_expired of the file /ajax.php?action=delete_expired. The manipulation...

vulnerabilityCVEmedium-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /MEDIUM /4.7 /⚑ 3 IOCs

CVE-2026-40968 — When an authenticated user is denied access to a gRPC

CVE-2026-40968 — When an authenticated user is denied access to a gRPC method, their authenticated identity remains bound to the gRPC worker thread and can...

vulnerabilityCVEmedium-severitycwe-653
/SCW Vulnerability Desk /MEDIUM /4.2 /⚑ 2 IOCs /⚙ 2 Sigma

OpenCATS Installer Vulnerability Allows Unauthenticated PHP Code Injection

CVE-2026-27760 — OpenCATS prior to commit 3002a29 contains a PHP code injection vulnerability in the installer AJAX endpoint that allows unauthenticated attackers to execute arbitrary...

vulnerabilityCVEhigh-severitycwe-94
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-7272: WilliamCloudQi matlab-mcp-server Path Traversal Vulnerability

CVE-2026-7272 — A flaw has been found in WilliamCloudQi matlab-mcp-server up to ab88f6b9bf5f36f725e8628029f7f6dd0d9913ca. The affected element is the function generate_matlab_code/execute_matlab_code of the file src/index.ts of...

vulnerabilityCVEhigh-severitypath-traversalcwe-22
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 4 IOCs

CVE-2026-5944: Cisco Intersight Connector Exposes Nutanix Prism Central API

CVE-2026-5944 — An improper access control vulnerability exists in the Cisco Intersight Device Connector for Nutanix Prism Central. The service exposes an API passthrough endpoint...

vulnerabilityCVEhigh-severityimproper-access-controlcwe-306cwe-862
/SCW Vulnerability Desk /HIGH /8.2 /⚑ 3 IOCs /⚙ 3 Sigma

VECT 2.0 Ransomware: Wiper-Like Flaw Irreversibly Destroys Files

The cybercriminal operation VECT 2.0 is deploying ransomware that functions more like a wiper, according to threat hunters cited by The Hacker News. A critical...

threat-intelvulnerabilitymalwareransomwaremicrosoft
/SCW Vulnerability Desk /MEDIUM

CVE-2026-7309 — The OpenShift Container Platform Build System Information Disclosure

CVE-2026-7309 — A flaw was found in the OpenShift Container Platform build system. A user with the `edit` ClusterRole can inject arbitrary environment variables, such...

vulnerabilityCVEmedium-severityinformation-disclosurecwe-426
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-7271 — DV0x Creative-Ad-Agent Path Traversal

CVE-2026-7271 — A vulnerability was detected in DV0x creative-ad-agent up to 751b9e5146604dc65049bd0f62dcbdad6212f8a3. Impacted is an unknown function of the file server/sdk-server.ts of the component creative-ad-agent-server....

vulnerabilityCVEmedium-severitypath-traversalcwe-22
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 5 Sigma

CVE-2026-7268 — SourceCodester Pizzafy Ecommerce System SQL Injection

CVE-2026-7268 — A vulnerability has been found in SourceCodester Pizzafy Ecommerce System 1.0. This impacts the function save_category of the file /admin/ajax.php?action=save_category. Such manipulation of...

vulnerabilityCVEmedium-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7267 — SourceCodester Pizzafy Ecommerce System SQL Injection

CVE-2026-7267 — A flaw has been found in SourceCodester Pizzafy Ecommerce System 1.0. This affects an unknown function of the file /view_prod.php. This manipulation of...

vulnerabilityCVEmedium-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7266 — SourceCodester Pizzafy Ecommerce System SQL Injection

CVE-2026-7266 — A vulnerability was detected in SourceCodester Pizzafy Ecommerce System 1.0. The impacted element is the function save_order of the file /admin/ajax.php?action=save_order. The manipulation...

vulnerabilityCVEmedium-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2024-1708 — ConnectWise ScreenConnect: ConnectWise ScreenConnect Path Traversal Vulnerability

CVE-2024-1708 — ConnectWise ScreenConnect contains a path traversal vulnerability which could allow an attacker to execute remote code or directly impact confidential data and critical...

vulnerabilityCVEcisa-kevactively-exploited
/SCW Vulnerability Desk /HIGH /⚑ 3 IOCs

Secure Data Movement is Zero Trust's Unseen Bottleneck

Many security programs operate under the flawed assumption that system connectivity automatically solves data security. Simply opening a ticket, standing up a gateway, and pushing...

threat-intelvulnerability
/SCW Vulnerability Desk /MEDIUM

Hugging Face LeRobot RCE: Unauthenticated Deserialization Flaw

The Hacker News reports a critical, unpatched vulnerability, CVE-2026-25874 (CVSS 9.3), affecting Hugging Face's LeRobot platform. This flaw is an untrusted data deserialization issue, allowing...

threat-intelvulnerabilitytools
/SCW Vulnerability Desk /HIGH /⚑ 2 IOCs /⚙ 3 Sigma

AI Accelerates Exploit Windows, Demanding Faster Defense

The time between a vulnerability being disclosed and it being actively exploited is shrinking rapidly, a trend accelerated by advancements in AI. The Hacker News...

threat-intelvulnerability
/SCW Vulnerability Desk /MEDIUM /⚑ 1 IOC

CVE-2026-7280 — Code Execution

CVE-2026-7280 — AVACAST developed by eMPIA Technology has a Unquoted Service Path vulnerability, allowing privileged local attackers to place a malicious executable file in a...

vulnerabilityCVEmedium-severitycode-executioncwe-428
/SCW Vulnerability Desk /MEDIUM /6.7 /⚑ 2 IOCs /⚙ 3 Sigma

AVACAST DLL Hijacking (CVE-2026-7279) Allows System Code Execution

CVE-2026-7279 — AVACAST developed by eMPIA Technology, has a DLL Hijacking vulnerability, allowing authenticated local attackers to place a malicious DLL in a specific directory,...

vulnerabilityCVEhigh-severitycode-executioncwe-427
/SCW Vulnerability Desk /HIGH /7.8 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7264 — SQL Injection

CVE-2026-7264 — A weakness has been identified in SourceCodester Pizzafy Ecommerce System 1.0. Impacted is the function get_cart_items of the file /admin/ajax.php?action=get_cart_items. Executing a manipulation...

vulnerabilityCVEmedium-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 3 Sigma

D-Link DI-8100 Critical Buffer Overflow Vulnerability (CVE-2026-7248)

CVE-2026-7248 — A vulnerability was found in D-Link DI-8100 16.07.26A1. This affects the function tgfile_htm of the file tgfile.htm of the component CGI Endpoint. The...

vulnerabilityCVEcriticalhigh-severitybuffer-overflowcwe-119cwe-120
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 1 IOC /⚙ 2 Sigma

D-Link DI-8100 Buffer Overflow: CVE-2026-7247 Exposes Remote Exploitation Risk

CVE-2026-7247 — A vulnerability has been found in D-Link DI-8100 16.07.26A1. Affected by this issue is the function file_exten_asp of the file file_exten.asp of the...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-120
/SCW Vulnerability Desk /HIGH /7.2 /⚑ 1 IOC /⚙ 2 Sigma

CVE-2026-7244: Critical Command Injection Flaw in Totolink Router

CVE-2026-7244 — A security flaw has been discovered in Totolink A8000RU 7.1cu.643_b20200521. The impacted element is the function setWiFiEasyGuestCfg of the file /cgi-bin/cstecgi.cgi of the...

vulnerabilityCVEcriticalhigh-severitycommand-injectioncwe-77cwe-78
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 5 IOCs /⚙ 2 Sigma

Totolink RCE: CVE-2026-7243 Exposes Routers to Critical Command Injection

CVE-2026-7243 — A vulnerability was identified in Totolink A8000RU 7.1cu.643_b20200521. The affected element is the function setRadvdCfg of the file /cgi-bin/cstecgi.cgi of the component CGI...

vulnerabilityCVEcriticalhigh-severitycommand-injectioncwe-77cwe-78
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 1 IOC /⚙ 3 Sigma

CVE-2026-7242: Critical Command Injection in Totolink A8000RU

CVE-2026-7242 — A vulnerability was determined in Totolink A8000RU 7.1cu.643_b20200521. Impacted is the function setOpenVpnClientCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing...

vulnerabilityCVEcriticalhigh-severitycommand-injectioncwe-77cwe-78
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 3 IOCs /⚙ 3 Sigma

Totolink A8000RU Critical OS Command Injection (CVE-2026-7241)

CVE-2026-7241 — A vulnerability was found in Totolink A8000RU 7.1cu.643_b20200521. This issue affects the function setWiFiBasicCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler....

vulnerabilityCVEcriticalhigh-severitycommand-injectioncwe-77cwe-78
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 5 IOCs /⚙ 3 Sigma

CVE-2026-40980 — In Spring AI, a malicious PDF file can be crafted that

CVE-2026-40980 — In Spring AI, a malicious PDF file can be crafted that triggers the allocation of unreasonable amounts of memory when handled by `ForkPDFLayoutTextStripper`....

vulnerabilityCVEmedium-severitycwe-400
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-40979 — In Spring AI, having access to a shared environment can

CVE-2026-40979 — In Spring AI, having access to a shared environment can expose the ONNX model used by the application. Affected versions: Spring AI: 1.0.0...

vulnerabilityCVEmedium-severitycwe-377
/SCW Vulnerability Desk /MEDIUM /6.1 /⚑ 2 IOCs /⚙ 2 Sigma

Spring AI CosmosDBVectorStore Vulnerable to SQL Injection (CVE-2026-40978)

CVE-2026-40978 — SQL injection vulnerability in Spring AI's `CosmosDBVectorStore` allows attackers to execute arbitrary SQL queries via crafted document IDs. Affected versions: Spring AI: 1.0.0...

vulnerabilityCVEhigh-severitysql-injectioncwe-89
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 4 IOCs /⚙ 3 Sigma

Totolink A8000RU Critical OS Command Injection (CVE-2026-7240)

CVE-2026-7240 — A vulnerability has been found in Totolink A8000RU 7.1cu.643_b20200521. This vulnerability affects the function setVpnAccountCfg of the file /cgi-bin/cstecgi.cgi of the component CGI...

vulnerabilityCVEcriticalhigh-severitycommand-injectioncwe-77cwe-78
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 5 IOCs /⚙ 3 Sigma

CVE-2026-7238 — Code-Projects Online Music Site Unrestricted File Upload

CVE-2026-7238 — A flaw has been found in code-projects Online Music Site 1.0. This affects an unknown part of the file /Administrator/PHP/AdminUpdateAlbum.php. This manipulation of...

vulnerabilityCVEmedium-severityunrestricted-file-uploadcwe-284cwe-434
/SCW Vulnerability Desk /MEDIUM /4.7 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-7237: AgiFlow Path Traversal Puts Files at Risk

CVE-2026-7237 — A vulnerability was detected in AgiFlow scaffold-mcp up to 1.0.27. Affected by this issue is some unknown functionality of the file packages/scaffold-mcp/src/server/index.ts of...

vulnerabilityCVEhigh-severitypath-traversalcwe-22
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-7235 — ErlichLiu Claude-Agent-Sdk-Master Path Traversal

CVE-2026-7235 — A security vulnerability has been detected in ErlichLiu claude-agent-sdk-master up to b185aa7ff0d864581257008077b4010fca1747bf. Affected by this vulnerability is an unknown functionality of the file...

vulnerabilityCVEmedium-severitypath-traversalcwe-22
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-4911 — The Booking Package plugin for WordPress is vulnerable to

CVE-2026-4911 — The Booking Package plugin for WordPress is vulnerable to Price Manipulation in versions up to, and including, 1.7.06 This is due to the...

vulnerabilityCVEmedium-severitycwe-472
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-4805 — Cross-Site Scripting (XSS)

CVE-2026-4805 — The Woostify plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 2.5.0 This is due to insufficient...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-41526 — In KDE KCoreAddons before 6.25, KShell::quoteArgs is

CVE-2026-41526 — In KDE KCoreAddons before 6.25, KShell::quoteArgs is intended to safely quote arguments so that they can be passed to a shell command. This...

vulnerabilityCVEmedium-severitycwe-150
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-41525 — KDE Dolphin before 25.12.3 allows applications in a Flatpak

CVE-2026-41525 — KDE Dolphin before 25.12.3 allows applications in a Flatpak (or with AppArmor confinement) to open folders outside of the application sandbox without additional...

vulnerabilityCVEmedium-severitycwe-669
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-40966 — In Spring AI, an attacker can bypass conversation isolation

CVE-2026-40966 — In Spring AI, an attacker can bypass conversation isolation and exfiltrate sensitive memory from other users’ chat histories, including secrets and credentials, by...

vulnerabilityCVEmedium-severitycwe-284
/SCW Vulnerability Desk /MEDIUM /5.9 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-7234: Path Traversal Flaw in BrowserOperator Core Exposes Users

CVE-2026-7234 — A weakness has been identified in BrowserOperator browser-operator-core up to 0.6.0. Affected is the function startsWith of the file scripts/component_server/server.js. Executing a manipulation...

vulnerabilityCVEhigh-severitypath-traversalcwe-22
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7230 — SourceCodester Safety Anger Pad Vulnerability

CVE-2026-7230 — A vulnerability was found in SourceCodester Safety Anger Pad 1.0. The affected element is an unknown function. The manipulation of the argument angerDisplay...

vulnerabilityCVEmedium-severitycwe-79cwe-94
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7229 — Code-Projects Coaching Management System SQL Injection

CVE-2026-7229 — A vulnerability was found in code-projects Coaching Management System 1.0. This affects an unknown function of the file /cims/modules/admin/reply.php of the component POST...

vulnerabilityCVEmedium-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 3 Sigma

Spring AI Vulnerability (CVE-2026-40967) Allows Query Alteration

CVE-2026-40967 — In Spring AI, various FilterExpressionConverter implementations accept a filter expression object and translate them to specific vector store query languages. In several cases,...

vulnerabilityCVEhigh-severitycwe-94
/SCW Vulnerability Desk /HIGH /8.6 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-40356 — Out-of-Bounds $1

CVE-2026-40356 — In MIT Kerberos 5 (aka krb5) before 1.22.3, there is an integer underflow and resultant out-of-bounds read if an application calls gss_accept_sec_context() on...

vulnerabilityCVEmedium-severityout-of-bounds-1cwe-191
/SCW Vulnerability Desk /MEDIUM /5.9 /⚑ 2 IOCs /⚙ 2 Sigma

Microsoft Entra ID Agent Role Flaw Enabled Service Principal Takeover

The Hacker News reports that a critical vulnerability existed in Microsoft Entra ID's 'Agent ID Administrator' role. This built-in role, intended for managing AI agents,...

threat-intelvulnerabilitymicrosoftidentityai-security
/SCW Vulnerability Desk /MEDIUM /⚑ 4 IOCs /⚙ 3 Sigma

Medtronic Confirms Breach After ShinyHunters Data Leak Threat

Medtronic has confirmed a data breach following threats from the ShinyHunters cybercrime group. SecurityWeek reported that ShinyHunters claimed to have exfiltrated 9 million records containing...

threat-intelvulnerabilitydata-breach
/SCW Vulnerability Desk /MEDIUM /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-7228: SourceCodester Pizzafy SQL Injection

CVE-2026-7228 — A flaw has been found in SourceCodester Pizzafy Ecommerce System 1.0. The affected element is the function get_cart_count of the file /admin/ajax.php?action=get_cart_count. This...

vulnerabilityCVEhigh-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-7227: SourceCodester Pizzafy Ecommerce System SQL Injection

CVE-2026-7227 — A vulnerability was detected in SourceCodester Pizzafy Ecommerce System 1.0. Impacted is the function Login of the file /admin/ajax.php?action=login. The manipulation of the...

vulnerabilityCVEhigh-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7226: SQL Injection in SourceCodester Pizzafy Ecommerce System

CVE-2026-7226 — A security vulnerability has been detected in SourceCodester Pizzafy Ecommerce System 1.0. This issue affects the function login2 of the file /admin/ajax.php?action=login2. The...

vulnerabilityCVEhigh-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 4 IOCs /⚙ 2 Sigma

CVE-2026-7225: SourceCodester Pizzafy SQL Injection Vulnerability

CVE-2026-7225 — A weakness has been identified in SourceCodester Pizzafy Ecommerce System 1.0. This vulnerability affects the function delete_menu of the file /admin/ajax.php?action=delete_menu. Executing a...

vulnerabilityCVEhigh-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-7224: SQL Injection in SourceCodester Pizzafy Ecommerce System

CVE-2026-7224 — A security flaw has been discovered in SourceCodester Pizzafy Ecommerce System 1.0. This affects the function delete_cart of the file /admin/ajax.php?action=delete_cart. Performing a...

vulnerabilityCVEhigh-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 5 IOCs /⚙ 3 Sigma

CVE-2026-6809 — Cross-Site Scripting (XSS)

CVE-2026-6809 — The Social Post Embed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Threads embed handler in all versions up to,...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-6725 — Cross-Site Scripting (XSS)

CVE-2026-6725 — The WPC Smart Messages for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'text' attribute of the `wpcsm_text_rotator` shortcode...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-6551 — Cross-Site Scripting (XSS)

CVE-2026-6551 — The Timeline Blocks for Gutenberg plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'titleTag' attribute of the timeline-blocks/tb-timeline-blocks block in...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-40355 — Null Pointer Dereference

CVE-2026-40355 — In MIT Kerberos 5 (aka krb5) before 1.22.3, there is a NULL pointer dereference if an application calls gss_accept_sec_context() on a system with...

vulnerabilityCVEmedium-severitynull-pointer-dereferencecwe-476
/SCW Vulnerability Desk /MEDIUM /5.9 /⚑ 2 IOCs /⚙ 3 Sigma

Microsoft Confirms Active Exploitation of Windows Shell CVE-2026-32202

Microsoft has updated its advisory for a critical Windows Shell vulnerability, CVE-2026-32202, confirming it is being actively exploited. The flaw, a spoofing vulnerability with a...

threat-intelvulnerabilitymicrosoft
/SCW Vulnerability Desk /HIGH /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-7223: BigSweetPotatoStudio HyperChat SSRF Vulnerability

CVE-2026-7223 — A vulnerability was identified in BigSweetPotatoStudio HyperChat up to 2.0.0-alpha.63. Affected by this issue is the function fetch of the file packages/core/src/http/aiProxyMiddleware.mts of...

vulnerabilityCVEhigh-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 4 IOCs /⚙ 3 Sigma

TencentCloudBase CloudBase-MCP SSRF Vulnerability (CVE-2026-7221)

CVE-2026-7221 — A vulnerability was found in TencentCloudBase CloudBase-MCP up to 2.17.0. Affected is the function openUrl of the file mcp/src/interactive-server.ts of the component open-url...

vulnerabilityCVEhigh-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-7220: FastlyMCP Command Injection Exposes Infrastructure

CVE-2026-7220 — A vulnerability has been found in jackwrichards FastlyMCP up to 6f3d0b0e654fc51076badc7fa16c03c461f95620. This impacts an unknown function of the file fastly-mcp.mjs of the component...

vulnerabilityCVEhigh-severitycommand-injectioncwe-77cwe-78
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 4 IOCs /⚙ 3 Sigma

Totolink N300RT: High-Severity Buffer Overflow Vulnerability (CVE-2026-7219)

CVE-2026-7219 — A flaw has been found in Totolink N300RT 3.4.0-B20250430. This affects an unknown function of the file /boafrm/formIpQoS. Executing a manipulation of the...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-120
/SCW Vulnerability Desk /HIGH /7.2 /⚑ 3 IOCs /⚙ 5 Sigma

CVE-2026-7218: Totolink N300RT Buffer Overflow Exploited Remotely

CVE-2026-7218 — A vulnerability was detected in Totolink N300RT 3.4.0-B20250430. The impacted element is the function is_cmd_string_valid of the file /boafrm/formWsc of the component libapmib.so....

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-120
/SCW Vulnerability Desk /HIGH /7.2 /⚑ 3 IOCs /⚙ 5 Sigma

CVE-2026-7217 — Deepractice PromptX Path Traversal

CVE-2026-7217 — A security vulnerability has been detected in Deepractice PromptX up to 2.4.0. The affected element is the function read_docx/read_xlsx/read_pptx/list_xlsx_sheets/read_pdf of the file packages/mcp-office/src/index.ts...

vulnerabilityCVEmedium-severitypath-traversalcwe-22cwe-36
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7216: donchelo processing-claude-mcp-bridge Path Traversal

CVE-2026-7216 — A weakness has been identified in donchelo processing-claude-mcp-bridge up to e017b20a4b592a45531a6392f494007f04e661bd. Impacted is an unknown function of the file processing_server.py of the component...

vulnerabilityCVEhigh-severitypath-traversalcwe-22
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 4 IOCs /⚙ 3 Sigma

egtai gmx-vmd-mcp Vulnerability: Remote Command Injection (CVE-2026-7215)

CVE-2026-7215 — A security flaw has been discovered in egtai gmx-vmd-mcp up to 0.1.0. This issue affects the function launch_vmd_gui_tool of the file mcp_server.py of...

vulnerabilityCVEhigh-severitycommand-injectioncwe-74cwe-77
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 4 IOCs /⚙ 2 Sigma

CVE-2026-1460: Zyxel Routers Vulnerable to Admin Command Injection

CVE-2026-1460 — A post-authentication command injection vulnerability in the “DomainName” parameter of the DHCP configuration file in Zyxel DX3301-T0 and EX3301-T0 firmware versions through 5.50(ABVY.7.1)C0...

vulnerabilityCVEhigh-severitycommand-injectioncwe-78
/SCW Vulnerability Desk /HIGH /7.2 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-0711 — The EasyMesh-Related APIs Of Zyxel DX3300-T0 Firmware Versio Command Injection

CVE-2026-0711 — A post-authentication command injection vulnerability in the EasyMesh-related APIs of Zyxel DX3300-T0 firmware versions through 5.50(ABVY.7.1)C0 could allow an authenticated, adjacent attacker with...

vulnerabilityCVEmedium-severitycommand-injectioncwe-78
/SCW Vulnerability Desk /MEDIUM /6.8 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-7214: eghuzefa engineer-your-data Path Traversal Vulnerability (High Severity)

CVE-2026-7214 — A vulnerability was identified in eghuzefa engineer-your-data up to 0.1.3. This vulnerability affects the function read_file/write_file/list_files/file_inf of the file src/server.py. The manipulation of...

vulnerabilityCVEhigh-severitypath-traversalcwe-22
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 6 Sigma

ef10007 MLOps_MCP Path Traversal (CVE-2026-7213) Publicly Exploitable

CVE-2026-7213 — A vulnerability was detected in ef10007 MLOps_MCP 1.0.0. This impacts an unknown function of the file fastmcp_server.py of the component save_file Tool. The...

vulnerabilityCVEhigh-severitypath-traversalcwe-22
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-7212: edvardlindelof notes-mcp Path Traversal Vulnerability

CVE-2026-7212 — A security vulnerability has been detected in edvardlindelof notes-mcp up to 0.1.4. This affects an unknown function of the file notes_mcp.py. The manipulation...

vulnerabilityCVEhigh-severitypath-traversalcwe-22
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7211: dvladimirov MCP Command Injection Vulnerability

CVE-2026-7211 — A weakness has been identified in dvladimirov MCP up to 0.1.0. The impacted element is the function GitSearchRequest of the file mcp_server.py of...

vulnerabilityCVEhigh-severitycommand-injectioncwe-74cwe-77
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-7206: sqlite-mcp SQL Injection Vulnerability Exposed

CVE-2026-7206 — A security flaw has been discovered in dubydu sqlite-mcp up to 0.1.0. The affected element is the function extract_to_json of the file src/entry.py....

vulnerabilityCVEhigh-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-7205: High-Severity Path Traversal in duartium papers-mcp-server

CVE-2026-7205 — A vulnerability was identified in duartium papers-mcp-server 9ceb3812a6458ba7922ca24a7406f8807bc55598. Impacted is the function search_papers of the file src/main.py. Such manipulation of the argument topic...

vulnerabilityCVEhigh-severitypath-traversalcwe-22
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 2 Sigma

Totolink A8000RU Critical Command Injection (CVE-2026-7204)

CVE-2026-7204 — A vulnerability was determined in Totolink A8000RU 7.1cu.643_b20200521. This issue affects the function setPptpServerCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler....

vulnerabilityCVEcriticalhigh-severitycommand-injectioncwe-77cwe-78
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 5 IOCs /⚙ 3 Sigma

Totolink A8000RU Critical OS Command Injection (CVE-2026-7203)

CVE-2026-7203 — A vulnerability was found in Totolink A8000RU 7.1cu.643_b20200521. This vulnerability affects the function setUrlFilterRules of the file /cgi-bin/cstecgi.cgi of the component CGI Handler....

vulnerabilityCVEcriticalhigh-severitycommand-injectioncwe-77cwe-78
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 5 IOCs /⚙ 2 Sigma

Totolink A8000RU Critical OS Command Injection (CVE-2026-7202)

CVE-2026-7202 — A vulnerability has been found in Totolink A8000RU 7.1cu.643_b20200521. This affects the function setWiFiWpsStart of the file /cgi-bin/cstecgi.cgi of the component CGI Handler....

vulnerabilityCVEcriticalhigh-severitycommand-injectioncwe-77cwe-78
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 5 IOCs /⚙ 2 Sigma

Milesight AIOT Cameras Critical Vulnerability: Default SSL Keys Exposed

CVE-2026-32644 — Specific firmware versions of Milesight AIOT cameras use SSL certificates with default private keys.

vulnerabilityCVEcriticalhigh-severitycwe-321
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 3 IOCs /⚙ 3 Sigma

Milesight AIOT Cameras Vulnerable to Out-of-Bounds Memory Access (CVE-2026-20766)

CVE-2026-20766 — An out-of-bounds memory access vulnerability exists in specific firmware versions of Milesight AIOT cameras.

vulnerabilityCVEhigh-severitycwe-122
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-7199: SQL Injection in Pharmacy Sales and Inventory System

CVE-2026-7199 — A vulnerability was detected in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected by this vulnerability is an unknown functionality of the file...

vulnerabilityCVEhigh-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7196 — CodeAstro Online Classroom SQL Injection

CVE-2026-7196 — A security vulnerability has been detected in CodeAstro Online Classroom 1.0. Affected is an unknown function of the file /guestdetails. Such manipulation of...

vulnerabilityCVEmedium-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-41372 — OpenClaw before 2026.4.2 fails to normalize trailing-dot

CVE-2026-41372 — OpenClaw before 2026.4.2 fails to normalize trailing-dot localhost hosts in remote CDP discovery responses, allowing bypass of loopback protections. Attackers can craft hostile...

vulnerabilityCVEmedium-severitycwe-639
/SCW Vulnerability Desk /MEDIUM /5.8 /⚑ 2 IOCs /⚙ 1 Sigma

OpenClaw Privilege Escalation (CVE-2026-41371) Allows Session Reset

CVE-2026-41371 — OpenClaw before 2026.3.28 contains a privilege escalation vulnerability in chat.send that allows write-scoped gateway callers to trigger admin-only session reset operations. Attackers can...

vulnerabilityCVEhigh-severityprivilege-escalationcwe-863
/SCW Vulnerability Desk /HIGH /8.5 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-41370 — ACP Dispatch That Path Traversal

CVE-2026-41370 — OpenClaw before 2026.3.31 contains a path traversal vulnerability in ACP dispatch that allows attackers to read arbitrary files by manipulating inbound channel attachment...

vulnerabilityCVEmedium-severitypath-traversalcwe-22
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-41369 — OpenClaw before 2026.3.31 contains insufficient environment

CVE-2026-41369 — OpenClaw before 2026.3.31 contains insufficient environment variable sanitization in host exec operations, failing to filter package, registry, Docker, compiler, and TLS override variables....

vulnerabilityCVEmedium-severitycwe-668
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-41368 — OpenClaw before 2026.3.28 contains an environment variable

CVE-2026-41368 — OpenClaw before 2026.3.28 contains an environment variable disclosure vulnerability in the jq safe-bin policy that fails to block the $ENV filter. Attackers can...

vulnerabilityCVEmedium-severitycwe-668
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-41366 — AppendLocalMediaParentRoots That Vulnerability

CVE-2026-41366 — OpenClaw before 2026.3.31 contains a local roots self-whitelisting vulnerability in appendLocalMediaParentRoots that allows model-initiated arbitrary host file read. Attackers can exploit improper media...

vulnerabilityCVEmedium-severitycwe-732
/SCW Vulnerability Desk /MEDIUM /5.5 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-41365 — OpenClaw before 2026.3.31 contains a sender allowlist

CVE-2026-41365 — OpenClaw before 2026.3.31 contains a sender allowlist bypass vulnerability in MS Teams thread history fetched via Graph API. Attackers can retrieve thread messages...

vulnerabilityCVEmedium-severitycwe-441
/SCW Vulnerability Desk /MEDIUM /5.4 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-41364: OpenClaw Symlink Vulnerability Allows Arbitrary File Write

CVE-2026-41364 — OpenClaw before 2026.3.31 contains a symlink following vulnerability in SSH sandbox tar upload that allows remote attackers to write arbitrary files. Attackers can...

vulnerabilityCVEhigh-severityarbitrary-file-accesscwe-59
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-41363 — Path Traversal

CVE-2026-41363 — OpenClaw versions 2026.2.6 through 2026.3.24 contain a path traversal vulnerability in the Feishu extension resolveUploadInput function that bypasses file-system sandbox restrictions. Attackers can...

vulnerabilityCVEmedium-severitypath-traversalcwe-22
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-40976: Spring Boot Default Security Bypass Exposes Endpoints

CVE-2026-40976 — In certain circumstances, Spring Boot's default web security is ineffective allowing unauthorized access to all endpoints. For an application to be vulnerable, it...

vulnerabilityCVEcriticalhigh-severitycwe-862
/SCW Vulnerability Desk /CRITICAL /9.1 /⚑ 4 IOCs /⚙ 3 Sigma

Spring Boot CVE-2026-40973: Local Attacker Can Hijack Sessions, Execute Code

CVE-2026-40973 — A local attacker on the same host as the application may be able to take control of the directory used by `ApplicationTemp`. When...

vulnerabilityCVEhigh-severitycwe-377
/SCW Vulnerability Desk /HIGH /7 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-40972: Spring Boot DevTools Timing Attack Exposes Secrets, RCE Risk

CVE-2026-40972 — An attacker on the same network as the remote application may be able to utilize a timing attack to discover information about the...

vulnerabilityCVEhigh-severityremote-code-executioncwe-208
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 5 IOCs /⚙ 3 Sigma

CVE-2026-27785: Milesight AIOT Cameras Exposed by Hardcoded Credentials

CVE-2026-27785 — Specific firmware versions of Milesight AIOT camera firmware contain hard-coded credentials.

vulnerabilityCVEhigh-severitycwe-798
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-7194: SourceCodester Pharmacy System SQL Injection Publicly Exploitable

CVE-2026-7194 — A weakness has been identified in SourceCodester Pharmacy Sales and Inventory System 1.0. This impacts an unknown function of the file /ajax.php?action=save_product. This...

vulnerabilityCVEhigh-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs

CVE-2026-7183 — Aligungr UERANSIM Vulnerability

CVE-2026-7183 — A vulnerability has been found in aligungr UERANSIM up to 3.2.7. The affected element is the function rls::DecodeRlsMessage in the library src/lib/rls/rls_pdu.cpp of...

vulnerabilityCVEmedium-severitycwe-248
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 4 Sigma

CVE-2026-7179 — OSPG Binwalk Path Traversal

CVE-2026-7179 — A security vulnerability has been detected in OSPG binwalk up to 2.4.3. This vulnerability affects the function read_null_terminated_string of the file src/binwalk/plugins/winceextract.py of...

vulnerabilityCVEmedium-severitypath-traversalcwe-22
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs

CVE-2026-40971 — When configured to use an SSL bundle, Spring Boot's

CVE-2026-40971 — When configured to use an SSL bundle, Spring Boot's RabbitMQ auto-configuration does not perform hostname verification when connecting to the RabbitMQ broker. Affected:...

vulnerabilityCVEmedium-severitycwe-295
/SCW Vulnerability Desk /MEDIUM /5 /⚑ 2 IOCs

Milesight AIOT Cameras Vulnerable to Authorization Bypass via Weak Key Generation

CVE-2026-28747 — A weak key generation vulnerability exists in specific firmware versions of Milesight AIOT cameras allows authorization to be bypassed.

vulnerabilityCVEhigh-severitycwe-639
/SCW Vulnerability Desk /HIGH /7.1 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-7178: ChatGPTNextWeb NextChat SSRF Vulnerability

CVE-2026-7178 — A weakness has been identified in ChatGPTNextWeb NextChat up to 2.16.1. This affects the function storeUrl of the file app/api/artifacts/route.ts of the component...

vulnerabilityCVEhigh-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 5 IOCs /⚙ 3 Sigma

ChatGPTNextWeb NextChat SSRF Vulnerability (CVE-2026-7177) Exposed

CVE-2026-7177 — A security flaw has been discovered in ChatGPTNextWeb NextChat up to 2.16.1. Affected by this issue is the function proxyHandler of the file...

vulnerabilityCVEhigh-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 2 IOCs /⚙ 3 Sigma

Tenda HG3 Router Command Injection (CVE-2026-7160) Exposes Networks

CVE-2026-7160 — A vulnerability was determined in Tenda HG3 2.0. This vulnerability affects the function formTracert of the file /boaform/formTracert. Executing a manipulation of the...

vulnerabilityCVEhigh-severitycommand-injectioncwe-74cwe-77
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 4 IOCs /⚙ 5 Sigma

CVE-2026-7159: douinc mkdocs-mcp-plugin Path Traversal Vulnerability

CVE-2026-7159 — A vulnerability was found in douinc mkdocs-mcp-plugin up to 0.4.1. This affects the function read_document/list_documents of the file server.py. Performing a manipulation of...

vulnerabilityCVEhigh-severitypath-traversalcwe-22
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-7191: qnabot-on-aws Admin RCE via Prototype Manipulation

CVE-2026-7191 — Improper use of the static-eval npm package in the open source solution qnabot-on-aws versions 7.2.4 and earlier may allow an authenticated administrator to...

vulnerabilityCVEhigh-severitycwe-94
/SCW Vulnerability Desk /HIGH /7.2 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-7158: dmitryglhf mcp-url-downloader SSRF Vulnerability

CVE-2026-7158 — A vulnerability has been found in dmitryglhf mcp-url-downloader up to 4b8cf2de55f6e8864a77d108e8a94a5b8e4394c6. Affected by this issue is the function _validate_url_safe of the file src/mcp_url_downloader/server.py....

vulnerabilityCVEhigh-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-7157: Aider-MCP-Server Command Injection Vulnerability

CVE-2026-7157 — A flaw has been found in disler aider-mcp-server up to b2516fa466d0d851932da92ee6d0e66946db9efc. Affected by this vulnerability is an unknown functionality of the file src/aider_mcp_server/server.py...

vulnerabilityCVEhigh-severitycommand-injectioncwe-74cwe-77
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 2 Sigma

Totolink A8000RU Critical OS Command Injection (CVE-2026-7156)

CVE-2026-7156 — A vulnerability was detected in Totolink A8000RU 7.1cu.643_b20200521. Affected is the function CsteSystem of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The...

vulnerabilityCVEcriticalhigh-severitycommand-injectioncwe-77cwe-78
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 4 IOCs /⚙ 2 Sigma

Totolink A8000RU Faces Critical Remote Command Injection (CVE-2026-7155)

CVE-2026-7155 — A security vulnerability has been detected in Totolink A8000RU 7.1cu.643_b20200521. This impacts the function setLoginPasswordCfg of the file /cgi-bin/cstecgi.cgi of the component CGI...

vulnerabilityCVEcriticalhigh-severitycommand-injectioncwe-77cwe-78
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 4 IOCs /⚙ 2 Sigma

Totolink A8000RU Critical OS Command Injection (CVE-2026-7154)

CVE-2026-7154 — A weakness has been identified in Totolink A8000RU 7.1cu.643_b20200521. This affects the function setAdvancedInfoShow of the file /cgi-bin/cstecgi.cgi of the component CGI Handler....

vulnerabilityCVEcriticalhigh-severitycommand-injectioncwe-77cwe-78
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 5 IOCs /⚙ 2 Sigma

CVE-2026-7153: Critical OS Command Injection in Totolink A8000RU Routers

CVE-2026-7153 — A security flaw has been discovered in Totolink A8000RU 7.1cu.643_b20200521. The impacted element is the function setMiniuiHomeInfoShow of the file /cgi-bin/cstecgi.cgi of the...

vulnerabilityCVEcriticalhigh-severitycommand-injectioncwe-77cwe-78
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 5 IOCs /⚙ 3 Sigma

Totolink A8000RU Critical Command Injection (CVE-2026-7152)

CVE-2026-7152 — A vulnerability was identified in Totolink A8000RU 7.1cu.643_b20200521. The affected element is the function setTelnetCfg of the file /cgi-bin/cstecgi.cgi of the component CGI...

vulnerabilityCVEcriticalhigh-severitycommand-injectioncwe-77cwe-78
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 4 IOCs /⚙ 2 Sigma

Tenda HG3 2.0 Router Vulnerability: Remote Stack Buffer Overflow

CVE-2026-7151 — A vulnerability was determined in Tenda HG3 2.0. Impacted is the function formUploadConfig of the file /boaform/formIPv6Routing. This manipulation of the argument destNet...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-121
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-6741: WordPress LatePoint Plugin Privilege Escalation

CVE-2026-6741 — The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to Privilege Escalation in versions up to and...

vulnerabilityCVEhigh-severityprivilege-escalationcwe-269
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-7150 — Dh1011 Auto-Favicon Server-Side Request Forgery

CVE-2026-7150 — A vulnerability was found in dh1011 auto-favicon up to f189116a9259950c2393f114dbcb94dde0ad864b. This issue affects the function generate_favicon_from_url of the file src/auto_favicon/server.py of the component...

vulnerabilityCVEmedium-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-7149: Dexhunter Kaggle-MCP Path Traversal Vulnerability Disclosed

CVE-2026-7149 — A vulnerability has been found in dexhunter kaggle-mcp up to 406127ffcb2b91b8c10e20e6c2ca787fbc1dc92d. This vulnerability affects the function prepare_kaggle_dataset of the file src/kaggle_mcp/server.py. The manipulation...

vulnerabilityCVEhigh-severitypath-traversalcwe-22
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7148 — CodeAstro Online Classroom SQL Injection

CVE-2026-7148 — A flaw has been found in CodeAstro Online Classroom 1.0. This affects an unknown part of the file /addnewfaculty. Executing a manipulation of...

vulnerabilityCVEmedium-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 7 Sigma

CVE-2026-7147: JoeCastrom mcp-chat-studio SSRF Vulnerability Publicly Exploitable

CVE-2026-7147 — A vulnerability was detected in JoeCastrom mcp-chat-studio up to 1.5.0. Affected by this issue is some unknown functionality of the file server/routes/llm.js of...

vulnerabilityCVEhigh-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-40970 — When configured to use an SSL bundle, Spring Boot's

CVE-2026-40970 — When configured to use an SSL bundle, Spring Boot's Elasticsearch auto-configuration does not perform hostname verification when connecting to the Elasticsearch server. Affected:...

vulnerabilityCVEmedium-severitycwe-295
/SCW Vulnerability Desk /MEDIUM /5 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-32655 — Dell Alienware Command Center (AWCC), versions prior to

CVE-2026-32655 — Dell Alienware Command Center (AWCC), versions prior to 6.13.8.0, contain a Least Privilege Violation vulnerability. A low privileged attacker with local access could...

vulnerabilityCVEmedium-severitycwe-272
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-7146: AlejandroArciniegas mcp-data-vis Vulnerable to SSRF

CVE-2026-7146 — A security vulnerability has been detected in AlejandroArciniegas mcp-data-vis up to de5a51525a69822290eaee569a1ab447b490746d. Affected by this vulnerability is the function axios of the file...

vulnerabilityCVEhigh-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7145 — A weakness has been identified in mettle sendportal up to

CVE-2026-7145 — A weakness has been identified in mettle sendportal up to 3.0.1. Affected is the function destroy of the file app/Http/Controllers/Workspaces/WorkspaceInvitationsController.php of the component...

vulnerabilityCVEmedium-severitycwe-285cwe-639
/SCW Vulnerability Desk /MEDIUM /5.4 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-7144 — 1000 Projects Portfolio Management System MCA Vulnerability

CVE-2026-7144 — A security flaw has been discovered in 1000 Projects Portfolio Management System MCA 1.0. This impacts an unknown function of the file update_passwd_process.php....

vulnerabilityCVEmedium-severitycwe-285cwe-639
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-7143 — 1000 Projects Portfolio Management System MCA SQL Injection

CVE-2026-7143 — A vulnerability was identified in 1000 Projects Portfolio Management System MCA up to 1.0. This affects an unknown function of the file /admin/block_status.php....

vulnerabilityCVEmedium-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-25908 — The AWCC. A Low Privileged Attacker With Local Access Vulnerability

CVE-2026-25908 — Dell Alienware Command Center (AWCC), versions prior to 6.13.8.0, contain an Execution with Unnecessary Privileges vulnerability in the AWCC. A low privileged attacker...

vulnerabilityCVEmedium-severitycwe-250
/SCW Vulnerability Desk /MEDIUM /6.7 /⚑ 2 IOCs /⚙ 3 Sigma

Fan Control App V251 Privilege Escalation (CVE-2025-69689)

CVE-2025-69689 — The Fan Control application V251 contains an improper privilege handling vulnerability in its Open File Dialog. The dialog processes user-supplied paths with elevated...

vulnerabilityCVEhigh-severitycwe-269
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-7142 — A vulnerability was determined in Wooey up to 0.13.2. The

CVE-2026-7142 — A vulnerability was determined in Wooey up to 0.13.2. The impacted element is the function add_or_update_script of the file wooey/api/scripts.py of the component...

vulnerabilityCVEmedium-severitycwe-266cwe-285
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7141 — Vllm Vulnerability

CVE-2026-7141 — A vulnerability was found in vllm up to 0.19.0. The affected element is the function has_mamba_layers of the file vllm/v1/kv_cache_interface.py of the component...

vulnerabilityCVEmedium-severitycwe-908
/SCW Vulnerability Desk /MEDIUM /5.6 /⚑ 2 IOCs /⚙ 4 Sigma

CVE-2026-7140: Critical OS Command Injection in Totolink A8000RU Routers

CVE-2026-7140 — A vulnerability has been found in Totolink A8000RU 7.1cu.643_b20200521. Impacted is the function CsteSystem of the file /cgi-bin/cstecgi.cgi of the component CGI Handler....

vulnerabilityCVEcriticalhigh-severitycommand-injectioncwe-77cwe-78
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 5 IOCs /⚙ 3 Sigma

Totolink A8000RU Critical Command Injection (CVE-2026-7139)

CVE-2026-7139 — A flaw has been found in Totolink A8000RU 7.1cu.643_b20200521. This issue affects the function setWiFiAclRules of the file /cgi-bin/cstecgi.cgi of the component CGI...

vulnerabilityCVEcriticalhigh-severitycommand-injectioncwe-77cwe-78
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 1 IOC

CVE-2026-7138: Critical Command Injection in Totolink Routers

CVE-2026-7138 — A vulnerability was detected in Totolink A8000RU 7.1cu.643_b20200521. This vulnerability affects the function setNtpCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler....

vulnerabilityCVEcriticalhigh-severitycommand-injectioncwe-77cwe-78
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 4 IOCs /⚙ 3 Sigma

Totolink Router RCE: CVE-2026-7137 Exposes Home and Small Business Networks

CVE-2026-7137 — A security vulnerability has been detected in Totolink A8000RU 7.1cu.643_b20200521. This affects the function setStorageCfg of the file /cgi-bin/cstecgi.cgi of the component CGI...

vulnerabilityCVEcriticalhigh-severitycommand-injectioncwe-77cwe-78
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 4 IOCs /⚙ 3 Sigma

Totolink A8000RU Critical Command Injection Flaw (CVE-2026-7136)

CVE-2026-7136 — A weakness has been identified in Totolink A8000RU 7.1cu.643_b20200521. Affected by this issue is the function setDmzCfg of the file /cgi-bin/cstecgi.cgi of the...

vulnerabilityCVEcriticalhigh-severitycommand-injectioncwe-77cwe-78
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 1 IOC /⚙ 3 Sigma

CVE-2026-7135 — GPAC Out-of-Bounds $1

CVE-2026-7135 — A security flaw has been discovered in GPAC up to 26.03-DEV-rev105-g8f39a1eb3-master. Affected by this vulnerability is the function elng_box_read of the file src/isomedia/box_code_base.c...

vulnerabilityCVEmedium-severityout-of-bounds-1cwe-119cwe-125
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7134 — Code-Projects Online Lot Reservation System Unrestricted File Upload

CVE-2026-7134 — A vulnerability was identified in code-projects Online Lot Reservation System 1.0. Affected is an unknown function of the file /edithousepic.php. Such manipulation of...

vulnerabilityCVEmedium-severityunrestricted-file-uploadcwe-284cwe-434
/SCW Vulnerability Desk /MEDIUM /4.7 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-41467 — Cross-Site Scripting (XSS)

CVE-2026-41467 — ProjeQtor versions 7.0 through 12.4.3 contain a stored cross-site scripting vulnerability in the file upload functionality where the checkValidFileName() function fails to restrict...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /5.4 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-41466 — Cross-Site Scripting (XSS)

CVE-2026-41466 — ProjeQtor versions 7.0 through 12.4.3 contain a stored cross-site scripting vulnerability in the checkValidHtmlText() function within Security.php that fails to properly sanitize user...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /5.4 /⚑ 2 IOCs /⚙ 5 Sigma

CVE-2026-41465 — Path Traversal

CVE-2026-41465 — ProjeQtor versions 7.0 through 12.4.3 contains a path traversal vulnerability in the log file viewer at dynamicDialog.php where the logname parameter is not...

vulnerabilityCVEmedium-severitypath-traversalcwe-22
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-41464 — The ObjectDetail.Php Endpoint That Privilege Escalation

CVE-2026-41464 — ProjeQtor versions 7.0 through 12.4.3 contain a missing authorization vulnerability in the objectDetail.php endpoint that allows authenticated users with guest-level privileges to retrieve...

vulnerabilityCVEmedium-severityprivilege-escalationcwe-862
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 3 Sigma

ProjeQtor ZipSlip Flaw: Authenticated RCE via Plugin Upload

CVE-2026-41463 — ProjeQtor versions 7.0 through 12.4.3 contain a ZipSlip path traversal vulnerability in the plugin upload functionality that allows authenticated attackers with upload permissions...

vulnerabilityCVEhigh-severityremote-code-executioncwe-22
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 1 IOC /⚙ 2 Sigma

ProjeQtor Critical SQL Injection Flaw Exposes Sensitive Data

CVE-2026-41462 — ProjeQtor versions 7.0 through 12.4.3 contain an unauthenticated SQL injection vulnerability in the login functionality where the login variable is directly concatenated into...

vulnerabilityCVEcriticalhigh-severitysql-injectioncwe-89
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 1 IOC /⚙ 7 Sigma

CVE-2026-30352: Critical RCE in leonvanzyl autocoder /devserver/start Endpoint

CVE-2026-30352 — A remote code execution (RCE) vulnerability in the /devserver/start endpoint of leonvanzyl autocoder commit 79d02a allows attackers to execute arbitrary code via providing...

vulnerabilityCVEcriticalhigh-severityremote-code-executioncwe-77
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-30351: Path Traversal Hits leonvanzyl autocoder

CVE-2026-30351 — A path traversal vulnerability in the UI/static component of leonvanzyl autocoder commit 79d02a allows attackers to read arbitrary files via sending crafted URL...

vulnerabilityCVEhigh-severitypath-traversalcwe-22
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 3 IOCs /⚙ 2 Sigma

Windows 'PhantomRPC' Flaw Enables Privilege Escalation

Dark Reading reports an unpatched architectural weakness in Windows' Remote Procedure Call (RPC) mechanism, dubbed 'PhantomRPC', that enables privilege escalation. A security researcher identified five...

threat-inteltoolsvulnerabilitymicrosoft
/SCW Vulnerability Desk /MEDIUM /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-7133 — Unrestricted File Upload

CVE-2026-7133 — A vulnerability was determined in code-projects Online Lot Reservation System 1.0. This impacts an unknown function of the file /activity.php. This manipulation of...

vulnerabilityCVEmedium-severityunrestricted-file-uploadcwe-284cwe-434
/SCW Vulnerability Desk /MEDIUM /4.7 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-7132 — Code-Projects Online Lot Reservation System Path Traversal

CVE-2026-7132 — A vulnerability was found in code-projects Online Lot Reservation System up to 1.0. This affects the function readfile of the file /download.php. The...

vulnerabilityCVEmedium-severitypath-traversalcwe-22
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-7131: SQL Injection in Online Lot Reservation System Exposes Sensitive Data

CVE-2026-7131 — A vulnerability has been found in code-projects Online Lot Reservation System up to 1.0. The impacted element is an unknown function of the...

vulnerabilityCVEhigh-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-40514 — SmarterTools SmarterMail builds prior to 9610 contain a

CVE-2026-40514 — SmarterTools SmarterMail builds prior to 9610 contain a cryptographic weakness in the file and email sharing endpoints that use DES-CBC encryption with keys...

vulnerabilityCVEmedium-severitycwe-338
/SCW Vulnerability Desk /MEDIUM /5.9 /⚑ 2 IOCs /⚙ 3 Sigma

Checkmarx GitHub Data Leaked Post Supply Chain Attack

Checkmarx has confirmed that data originating from its GitHub repository was published on the dark web. The company's investigation indicates this breach is a direct...

threat-intelvulnerabilitytools
/SCW Vulnerability Desk /HIGH /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-7130: Critical SQL Injection Flaw in Pharmacy System

CVE-2026-7130 — A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. The affected element is an unknown function of the file...

vulnerabilityCVEhigh-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 1 IOC /⚙ 3 Sigma

CVE-2026-7129 — SourceCodester Pharmacy Sales And Inventory System Vulnerability

CVE-2026-7129 — A vulnerability was detected in SourceCodester Pharmacy Sales and Inventory System 1.0. Impacted is an unknown function of the file /index.php?page=categories. Performing a...

vulnerabilityCVEmedium-severitycwe-79cwe-94
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7128: SQL Injection in SourceCodester Pharmacy System

CVE-2026-7128 — A security vulnerability has been detected in SourceCodester Pharmacy Sales and Inventory System 1.0. This issue affects some unknown processing of the file...

vulnerabilityCVEhigh-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7127: SQL Injection in Pharmacy System Exposes Sensitive Data

CVE-2026-7127 — A weakness has been identified in SourceCodester Pharmacy Sales and Inventory System 1.0. This vulnerability affects unknown code of the file /ajax.php?action=delete_receiving. This...

vulnerabilityCVEhigh-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 7 Sigma

CVE-2026-7126: SQL Injection in Pharmacy Sales and Inventory System

CVE-2026-7126 — A security flaw has been discovered in SourceCodester Pharmacy Sales and Inventory System 1.0. This affects an unknown part of the file /ajax.php?action=save_category....

vulnerabilityCVEhigh-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 1 IOC /⚙ 3 Sigma

Weekly Recap: Fast16 Malware, Supply Chain Attacks, and Federal Backdoors

The Hacker News's weekly recap highlights a recurring pattern of familiar attack vectors resurfacing and novel tools being weaponized. Key threats include the Fast16 malware,...

threat-intelvulnerabilitymalwaretools
/SCW Vulnerability Desk /MEDIUM /⚑ 4 IOCs

Totolink A8000RU Critical OS Command Injection (CVE-2026-7125)

CVE-2026-7125 — A vulnerability was identified in Totolink A8000RU 7.1cu.643_b20200521. Affected by this issue is the function setWiFiEasyCfg of the file /cgi-bin/cstecgi.cgi of the component...

vulnerabilityCVEcriticalhigh-severitycommand-injectioncwe-77cwe-78
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 5 IOCs /⚙ 2 Sigma

CVE-2026-7124: Critical OS Command Injection in Totolink A8000RU Routers

CVE-2026-7124 — A vulnerability was determined in Totolink A8000RU 7.1cu.643_b20200521. Affected by this vulnerability is the function setIpv6LanCfg of the file /cgi-bin/cstecgi.cgi of the component...

vulnerabilityCVEcriticalhigh-severitycommand-injectioncwe-77cwe-78
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-7123: Critical Command Injection in Totolink Routers Exposes Networks

CVE-2026-7123 — A vulnerability was found in Totolink A8000RU 7.1cu.643_b20200521. Affected is the function setIptvCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing...

vulnerabilityCVEcriticalhigh-severitycommand-injectioncwe-77cwe-78
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 1 IOC /⚙ 3 Sigma

Microsoft Windows Patch Incomplete, APT28 Exploits Zero-Click Vulnerability

Microsoft's attempt to patch a critical Windows vulnerability has fallen short, leaving a zero-click attack vector wide open. SecurityWeek reports that the initial flaw was...

threat-intelvulnerabilitymicrosoft
/SCW Vulnerability Desk /HIGH /⚑ 3 IOCs /⚙ 3 Sigma

Totolink A8000RU Critical Command Injection (CVE-2026-7122)

CVE-2026-7122 — A vulnerability has been found in Totolink A8000RU 7.1cu.643_b20200521. This impacts the function setUPnPCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler....

vulnerabilityCVEcriticalhigh-severitycommand-injectioncwe-77cwe-78
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 3 IOCs /⚙ 2 Sigma

Totolink A8000RU Critical Command Injection (CVE-2026-7121) Exposed

CVE-2026-7121 — A flaw has been found in Totolink A8000RU 7.1cu.643_b20200521. This affects the function setWizardCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler....

vulnerabilityCVEcriticalhigh-severitycommand-injectioncwe-77cwe-78
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 5 IOCs /⚙ 2 Sigma

Tenda HG3 Router OS Command Injection (CVE-2026-7119)

CVE-2026-7119 — A vulnerability was detected in Tenda HG3 2.0. The impacted element is an unknown function of the file /boaform/formCountrystr. The manipulation of the...

vulnerabilityCVEhigh-severitycommand-injectioncwe-77cwe-78
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-7118 — Code-Projects Employee Management System SQL Injection

CVE-2026-7118 — A security vulnerability has been detected in code-projects Employee Management System 1.0. The affected element is an unknown function of the file 370project/cancel.php....

vulnerabilityCVEmedium-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7117 — SQL Injection

CVE-2026-7117 — A weakness has been identified in code-projects Employee Management System 1.0. Impacted is an unknown function of the file 370project/approve.php. Executing a manipulation...

vulnerabilityCVEmedium-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7116 — Code-Projects Employee Management System Vulnerability

CVE-2026-7116 — A security flaw has been discovered in code-projects Employee Management System 1.0. This issue affects some unknown processing of the file 370project/mark.php. Performing...

vulnerabilityCVEmedium-severitycwe-79cwe-94
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-5943: High-Severity Memory Corruption Vulnerability Uncovered

CVE-2026-5943 — Document structural anomalies caused inconsistencies between page element relationships and internal index states. When scripts triggered document modifications, object reference validity was not...

vulnerabilityCVEhigh-severitycwe-416
/SCW Vulnerability Desk /HIGH /7.8 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-5942 — Flaws in page lifecycle management allow document structure

CVE-2026-5942 — Flaws in page lifecycle management allow document structure changes to desynchronize internal component states, causing subsequent operations to access invalidated objects and crash...

vulnerabilityCVEmedium-severitycwe-416
/SCW Vulnerability Desk /MEDIUM /5.5 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-5941: Parsing Flaws Lead to Memory Corruption

CVE-2026-5941 — Parsing logic flaws cause non-signature data to be misidentified as valid signatures when processing malformed form field hierarchies, leading to invalid memory writes...

vulnerabilityCVEhigh-severitycwe-20
/SCW Vulnerability Desk /HIGH /7.8 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-5940: UI Refresh Flaw Triggers Program Crashes

CVE-2026-5940 — Calling a function that triggers a UI refresh after removing comments via a script may access an invalidated object, leading to program crashes....

vulnerabilityCVEhigh-severitycwe-416
/SCW Vulnerability Desk /HIGH /7.8 /⚑ 1 IOC /⚙ 3 Sigma

CVE-2026-5937 — Insufficient parameter verification leads to the occurrence

CVE-2026-5937 — Insufficient parameter verification leads to the occurrence of format errors in files, which will trigger an unhandled "std::invalid_argument" exception, ultimately causing the program...

vulnerabilityCVEmedium-severitycwe-248
/SCW Vulnerability Desk /MEDIUM /5.5 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-42410 — CodexThemes TheGem Theme Elements (For Elementor) Cross-Site Scripting (XSS)

CVE-2026-42410 — Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CodexThemes TheGem Theme Elements (for Elementor) allows DOM-Based XSS.This issue affects...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 2 Sigma

Anthropic Claude Mythos: AI-Driven Vulnerability Discovery Changes Remediation Math

Anthropic’s Claude Mythos Preview, announced on April 7, is reshaping the vulnerability discovery landscape. The Hacker News reports that this powerful cybersecurity-focused AI system can...

threat-intelvulnerability
/SCW Vulnerability Desk /MEDIUM /⚑ 1 IOC

PhantomCore Exploits TrueConf Vulnerabilities in Russian Networks

Pro-Ukrainian hacktivist group PhantomCore has been actively targeting Russian servers running TrueConf video conferencing software since September 2025. The Hacker News, citing a report by...

threat-intelvulnerabilitydata-breach
/SCW Vulnerability Desk /MEDIUM /⚑ 2 IOCs /⚙ 3 Sigma

73 Malicious VS Code Extensions Push GlassWorm v2 Malware

Researchers have identified a significant campaign, dubbed GlassWorm, targeting developers through the Open VSX repository. According to The Hacker News, 73 Visual Studio Code extensions...

threat-intelvulnerabilitymalwaremicrosoft
/SCW Vulnerability Desk /MEDIUM /⚑ 3 IOCs

CVE-2026-7115 — Code-Projects Employee Management System SQL Injection

CVE-2026-7115 — A vulnerability was identified in code-projects Employee Management System 1.0. This vulnerability affects unknown code of the file 370project/delete.php. Such manipulation of the...

vulnerabilityCVEmedium-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7114 — An Unknown Part Of The File 370project/Edit.Php SQL Injection

CVE-2026-7114 — A vulnerability was determined in code-projects Employee Management System 1.0. This affects an unknown part of the file 370project/edit.php. This manipulation of the...

vulnerabilityCVEmedium-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7113 — NousResearch Hermes-Agent Vulnerability

CVE-2026-7113 — A vulnerability was found in NousResearch hermes-agent 0.8.0. Affected by this issue is some unknown functionality of the file gateway/platforms/webhook.py of the component...

vulnerabilityCVEmedium-severitycwe-287cwe-306
/SCW Vulnerability Desk /MEDIUM /5.6 /⚑ 3 IOCs /⚙ 2 Sigma

Directorist Social Login Flaw CVE-2026-22337 Exposes Critical Privilege Escalation

CVE-2026-22337 — Incorrect Privilege Assignment vulnerability in Directorist Directorist Social Login allows Privilege Escalation.This issue affects Directorist Social Login: from n/a before 2.1.4.

vulnerabilityCVEcriticalhigh-severityprivilege-escalationcwe-266
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 3 IOCs /⚙ 3 Sigma

Directorist Booking SQL Injection Flaw Exposes Critical Data

CVE-2026-22336 — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Directorist Booking allows SQL Injection.This issue affects Directorist Booking:...

vulnerabilityCVEcriticalhigh-severitysql-injectioncwe-89
/SCW Vulnerability Desk /CRITICAL /9.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-7112 — NousResearch Hermes-Agent Vulnerability

CVE-2026-7112 — A vulnerability has been found in NousResearch hermes-agent 0.8.0. Affected by this vulnerability is the function _check_auth of the file gateway/platforms/api_server.py of the...

vulnerabilityCVEmedium-severitycwe-287
/SCW Vulnerability Desk /MEDIUM /5.6 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-7109 — Code-Projects Invoice System In Laravel Vulnerability

CVE-2026-7109 — A vulnerability was detected in code-projects Invoice System in Laravel 1.0. This impacts an unknown function of the file /item of the component...

vulnerabilityCVEmedium-severitycwe-266cwe-285
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 3 IOCs /⚙ 2 Sigma

Apache MINA Deserialization Vulnerability: CVE-2026-41409 Critical Patch Bypass

CVE-2026-41409 — The fix for CVE-2024-52046 in Apache MINA AbstractIoBuffer.getObject() was incomplete. The classname allowlist of classes allowed to be deserialized was applied too late...

vulnerabilityCVEcriticalhigh-severitycwe-502
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 1 IOC /⚙ 3 Sigma

US Cracks Down on Southeast Asia Cyberscams, Sanctions Cambodian Senator

The U.S. government has initiated a significant offensive against Southeast Asian cyberscam operations, framing it as a "new theater of war" against Chinese transnational organized...

threat-intelvulnerability
/SCW Vulnerability Desk /MEDIUM /⚙ 3 Sigma

CVE-2026-7108 — Code-Projects Invoice System In Laravel Vulnerability

CVE-2026-7108 — A security vulnerability has been detected in code-projects Invoice System in Laravel 1.0. This affects an unknown function. Such manipulation leads to cross-site...

vulnerabilityCVEmedium-severitycwe-352cwe-862
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-7107 — Unrestricted File Upload

CVE-2026-7107 — A weakness has been identified in code-projects Invoice System in Laravel 1.0. The impacted element is an unknown function of the file /company....

vulnerabilityCVEmedium-severityunrestricted-file-uploadcwe-284cwe-434
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7102 — Tenda F456 Command Injection

CVE-2026-7102 — A vulnerability was found in Tenda F456 1.0.0.5. This impacts the function FromWriteFacMac of the file /goform/WriteFacMac of the component httpd. The manipulation...

vulnerabilityCVEmedium-severitycommand-injectioncwe-74cwe-77
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 2 Sigma

Tenda F456 Router Buffer Overflow (CVE-2026-7101) Allows Remote Exploitation

CVE-2026-7101 — A vulnerability has been found in Tenda F456 1.0.0.5. This affects the function fromWrlclientSet of the file /goform/WrlclientSet of the component httpd. The...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-120
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 1 IOC /⚙ 5 Sigma

CVE-2026-7100: Tenda F456 Router Vulnerability Allows Remote Buffer Overflow

CVE-2026-7100 — A flaw has been found in Tenda F456 1.0.0.5. The impacted element is the function fromNatlimitof of the file /goform/Natlimit of the component...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-120
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 2 Sigma

Tenda F456 Router Vulnerability (CVE-2026-7099) Exposes Networks

CVE-2026-7099 — A vulnerability was detected in Tenda F456 1.0.0.5. The affected element is the function formQuickIndex of the file /goform/QuickIndex of the component httpd....

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-120
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 4 IOCs /⚙ 2 Sigma

Tenda F456 Router Vulnerable to Remote Buffer Overflow (CVE-2026-7098)

CVE-2026-7098 — A security vulnerability has been detected in Tenda F456 1.0.0.5. Impacted is the function fromDhcpListClient of the file /goform/DhcpListClient of the component httpd....

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-120
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 4 IOCs /⚙ 2 Sigma

WPDeveloper Templately Vulnerability Exposes Sensitive Data

CVE-2026-42379 — Insertion of Sensitive Information Into Sent Data vulnerability in WPDeveloper Templately allows Retrieve Embedded Sensitive Data.This issue affects Templately: from n/a through 3.6.1....

vulnerabilityCVEhigh-severitycwe-201
/SCW Vulnerability Desk /HIGH /7.7 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-41635: Critical Apache MINA RCE bypasses allowlist

CVE-2026-41635 — Apache MINA's AbstractIoBuffer.resolveClass() contains two branches, one of them (for static classes or primitive types) does not check the class at all, bypassing...

vulnerabilityCVEcriticalhigh-severitycwe-502
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 2 IOCs /⚙ 3 Sigma

Firefox Vulnerability CVE-2026-6770 Allows Tor User Fingerprinting

SecurityWeek reports a critical vulnerability, CVE-2026-6770, in Firefox that exposed Tor users to fingerprinting. This wasn't a theoretical flaw; it was a direct compromise of...

threat-intelvulnerabilitytools
/SCW Vulnerability Desk /MEDIUM /⚑ 2 IOCs /⚙ 3 Sigma

Tenda F456 Router Vulnerability: Remote Buffer Overflow (CVE-2026-7097)

CVE-2026-7097 — A weakness has been identified in Tenda F456 1.0.0.5. This issue affects the function fromwebExcptypemanFilter of the file /goform/webExcptypemanFilter of the component httpd....

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-120
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 5 IOCs /⚙ 2 Sigma

CVE-2026-7096: Tenda HG3 Router OS Command Injection

CVE-2026-7096 — A security flaw has been discovered in Tenda HG3 2.0 300003070. This vulnerability affects the function formgponConf of the file /boaform/admin/formgponConf. The manipulation...

vulnerabilityCVEhigh-severitycommand-injectioncwe-77cwe-78
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-7095 — Code-Projects Employee Management System Vulnerability

CVE-2026-7095 — A vulnerability was identified in code-projects Employee Management System 1.0. This affects an unknown part of the file 370project/edit.php. The manipulation of the...

vulnerabilityCVEmedium-severitycwe-79cwe-94
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-7094: High-Severity SSRF in ShadowCloneLabs GlutamateMCPServers

CVE-2026-7094 — A vulnerability was determined in ShadowCloneLabs GlutamateMCPServers up to e2de73280b01e5d943593dd1aa2c01c5b9112f78. Affected by this issue is some unknown functionality of the file src/puppeteer/index.ts of...

vulnerabilityCVEhigh-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-7093 — Code-Projects Invoice System In Laravel Vulnerability

CVE-2026-7093 — A vulnerability was found in code-projects Invoice System in Laravel 1.0. Affected by this vulnerability is an unknown functionality of the file /invoice/...

vulnerabilityCVEmedium-severitycwe-266cwe-285
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7092 — Code-Projects Invoice System In Laravel Vulnerability

CVE-2026-7092 — A vulnerability has been found in code-projects Invoice System in Laravel 1.0. Affected is an unknown function of the file /profile/ of the...

vulnerabilityCVEmedium-severitycwe-266cwe-285
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-7091 — Code-Projects Invoice System In Laravel Vulnerability

CVE-2026-7091 — A flaw has been found in code-projects Invoice System in Laravel 1.0. This impacts an unknown function of the file /user of the...

vulnerabilityCVEmedium-severitycwe-266cwe-285
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 2 Sigma

Fake CAPTCHA Scams Exploit Users for International SMS Fraud

Cybersecurity researchers, as detailed by The Hacker News, have uncovered a widespread telecommunications fraud campaign. Threat actors are deploying fake CAPTCHA verification pages designed to...

threat-intelvulnerability
/SCW Vulnerability Desk /MEDIUM /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-7089 — Code-Projects Home Service System Vulnerability

CVE-2026-7089 — A security vulnerability has been detected in code-projects Home Service System 1.0. The impacted element is an unknown function of the file /booking.php...

vulnerabilityCVEmedium-severitycwe-79cwe-94
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7088: SQL Injection in Pharmacy System Exposes Sensitive Data

CVE-2026-7088 — A weakness has been identified in SourceCodester Pharmacy Sales and Inventory System 1.0. The affected element is an unknown function of the file...

vulnerabilityCVEhigh-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7087: SourceCodester Pharmacy System SQLi Puts Data at Risk

CVE-2026-7087 — A security flaw has been discovered in SourceCodester Pharmacy Sales and Inventory System 1.0. Impacted is an unknown function of the file /ajax.php?action=save_sales....

vulnerabilityCVEhigh-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7086 — HBAI-Ltd Toonflow-App Path Traversal

CVE-2026-7086 — A vulnerability was identified in HBAI-Ltd Toonflow-app up to 1.1.1. This issue affects the function updateStoryboardUrl of the file replaceUrl.ts of the component...

vulnerabilityCVEmedium-severitypath-traversalcwe-22
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-7085 — The Function Z.Url Of The File Src/Routes/Setting/About/Down Path Traversal

CVE-2026-7085 — A vulnerability was determined in HBAI-Ltd Toonflow-app up to 1.1.1. This vulnerability affects the function z.url of the file src/routes/setting/about/downloadApp.ts of the component...

vulnerabilityCVEmedium-severitypath-traversalcwe-22
/SCW Vulnerability Desk /MEDIUM /5 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-7084 — HBAI-Ltd Toonflow-App Server-Side Request Forgery

CVE-2026-7084 — A vulnerability was found in HBAI-Ltd Toonflow-app up to 1.1.1. This affects the function fetch of the file src/routes/setting/vendorConfig/getCodeByLink.ts of the component getCodeByLink...

vulnerabilityCVEmedium-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-7083 — Likeadmin-Likeshop Likeadmin_php SQL Injection

CVE-2026-7083 — A vulnerability has been found in likeadmin-likeshop likeadmin_php up to 1.9.6. Affected by this issue is the function queryResult of the file server\app\adminapi\lists\tools\DataTableLists.php...

vulnerabilityCVEmedium-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /MEDIUM /4.7 /⚑ 3 IOCs /⚙ 3 Sigma

Tenda F456 Buffer Overflow (CVE-2026-7082) Allows Remote Attack

CVE-2026-7082 — A flaw has been found in Tenda F456 1.0.0.5. Affected by this vulnerability is the function formWrlExtraSet of the file /goform/WrlExtraSet of the...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-120
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 5 IOCs /⚙ 2 Sigma

Tenda F456 Router: Critical Buffer Overflow (CVE-2026-7081) Puts Networks at Risk

CVE-2026-7081 — A vulnerability was detected in Tenda F456 1.0.0.5. Affected is the function fromGstDhcpSetSer of the file /goform/GstDhcpSetSer of the component httpd. Performing a...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-120
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 5 IOCs /⚙ 2 Sigma

CVE-2026-7106: WordPress Plugin Privilege Escalation Exposes User Roles

CVE-2026-7106 — The Highland Software Custom Role Manager plugin for WordPress is vulnerable to Privilege Escalation in versions up to and including 1.0.0. This is...

vulnerabilityCVEhigh-severityprivilege-escalationcwe-269
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 5 IOCs /⚙ 2 Sigma

Tenda F456 Router Vulnerability: Remote Buffer Overflow Exposes Networks

CVE-2026-7080 — A security vulnerability has been detected in Tenda F456 1.0.0.5. This impacts the function fromPPTPUserSetting of the file /goform/PPTPUserSetting of the component httpd....

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-120
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 5 IOCs /⚙ 2 Sigma

Tenda F456 Router Buffer Overflow (CVE-2026-7079) Exposes Networks

CVE-2026-7079 — A weakness has been identified in Tenda F456 1.0.0.5. This affects the function fromAdvSetWan of the file /goform/AdvSetWan of the component httpd. This...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-120
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 5 IOCs /⚙ 2 Sigma

CVE-2026-7078: Tenda F456 Router Buffer Overflow Exposes Networks

CVE-2026-7078 — A security flaw has been discovered in Tenda F456 1.0.0.5. The impacted element is the function fromSetIpBind of the file /goform/SetIpBind of the...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-120
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 4 IOCs /⚙ 2 Sigma

CVE-2026-7077: itsourcecode Courier Management System SQLi Exploited

CVE-2026-7077 — A vulnerability was identified in itsourcecode Courier Management System 1.0. The affected element is an unknown function of the file /edit_parcel.php. The manipulation...

vulnerabilityCVEhigh-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-3006: Kernel Race Condition Leads to Local Privilege Escalation

CVE-2026-3006 — Successful exploitation of the race condition vulnerability could allow an attacker to trigger a kernel heap overflow, potentially leading to local privilege escalation...

vulnerabilityCVEhigh-severityrace-condition
/SCW Vulnerability Desk /HIGH /7 /⚑ 2 IOCs /⚙ 2 Sigma

itSourceCode Courier Management System SQLi: CVE-2026-7076

CVE-2026-7076 — A vulnerability was determined in itsourcecode Courier Management System 1.0. Impacted is an unknown function of the file /edit_branch.php. Executing a manipulation of...

vulnerabilityCVEhigh-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 3 Sigma

itsourcecode Construction Management System SQLi (CVE-2026-7075)

CVE-2026-7075 — A vulnerability was found in itsourcecode Construction Management System 1.0. This issue affects some unknown processing of the file /locations.php. Performing a manipulation...

vulnerabilityCVEhigh-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 7 Sigma

CVE-2026-7074: SQL Injection in Construction Management System 1.0

CVE-2026-7074 — A vulnerability has been found in itsourcecode Construction Management System 1.0. This vulnerability affects unknown code of the file /execute1.php. Such manipulation of...

vulnerabilityCVEhigh-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 3 Sigma

itsourcecode Construction Management System SQLi: CVE-2026-7073

CVE-2026-7073 — A flaw has been found in itsourcecode Construction Management System 1.0. This affects an unknown part of the file /execute.php. This manipulation of...

vulnerabilityCVEhigh-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7072: CodePanda Source Canteen Management System SQLi

CVE-2026-7072 — A vulnerability was detected in CodePanda Source canteen_management_system 1.0. Affected by this issue is some unknown functionality of the file /api/login.php. The manipulation...

vulnerabilityCVEhigh-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7071 — CodeAstro Online Job Portal Vulnerability

CVE-2026-7071 — A security vulnerability has been detected in CodeAstro Online Job Portal 1.0. Affected by this vulnerability is an unknown functionality of the file...

vulnerabilityCVEmedium-severitycwe-200cwe-538
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-7070: High-Severity SQLi in Inventory Management System

CVE-2026-7070 — A weakness has been identified in code-projects Inventory Management System 1.0. Affected is an unknown function of the component Login. Executing a manipulation...

vulnerabilityCVEhigh-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-7069: D-Link DIR-825 Vulnerability Exposes End-of-Life Routers

CVE-2026-7069 — A security flaw has been discovered in D-Link DIR-825 up to 3.00b32. This impacts the function AddPortMapping of the file upnpsoap.c of the...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-120
/SCW Vulnerability Desk /HIGH /8 /⚑ 3 IOCs /⚙ 5 Sigma

D-Link DIR-825 Vulnerability (CVE-2026-7068) Leads to Buffer Overflow

CVE-2026-7068 — A vulnerability was identified in D-Link DIR-825 3.00b32. This affects the function NMBD_process of the file sserver.c of the component nmbd. Such manipulation...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-120
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 2 IOCs /⚙ 5 Sigma

D-Link DIR-822 A_101 Command Injection (CVE-2026-7067) in udhcpd

CVE-2026-7067 — A vulnerability was determined in D-Link DIR-822 A_101. The impacted element is the function system of the file /udhcpcd/dhcpd.c of the component udhcpd...

vulnerabilityCVEhigh-severitycommand-injectioncwe-74cwe-77
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 4 IOCs /⚙ 2 Sigma

CVE-2026-7066: choieastsea simple-openstack-mcp OS Command Injection

CVE-2026-7066 — A vulnerability was found in choieastsea simple-openstack-mcp up to 767b2f4a8154cca344344b9725537a58399e6036. The affected element is the function exec_openstack of the file server.py. The manipulation...

vulnerabilityCVEhigh-severitycommand-injectioncwe-77cwe-78
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7065: BidingCC BuildingAI SSRF Vulnerability Publicly Disclosed

CVE-2026-7065 — A vulnerability has been found in BidingCC BuildingAI up to 26.0.1. Impacted is the function uploadRemoteFile of the file packages/core/src/modules/upload/services/file-storage.service.ts of the component...

vulnerabilityCVEhigh-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 5 IOCs /⚙ 3 Sigma

CVE-2026-42363: GeoVision GV-IP Device Utility Critical Credential Leak

CVE-2026-42363 — An insufficient encryption vulnerability exists in the Device Authentication functionality of GeoVision GV-IP Device Utility 9.0.5. Listening to broadcast packets can lead to...

vulnerabilityCVEcriticalhigh-severitycwe-656
/SCW Vulnerability Desk /CRITICAL /9.3 /⚑ 3 IOCs /⚙ 3 Sigma

LogonTracer OS Command Injection Poses High Risk

CVE-2026-33277 — An OS command Injection issue exists in LogonTracer prior to v2.0.0. An arbitrary OS command may be executed by a logged-in user.

vulnerabilityCVEhigh-severitycommand-injectioncwe-78
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-7064: AgentDeskAI Browser Tool Suffers OS Command Injection

CVE-2026-7064 — A flaw has been found in AgentDeskAI browser-tools-mcp up to 1.2.0. This issue affects some unknown processing of the file browser-tools-server/browser-connector.ts. Executing a...

vulnerabilityCVEhigh-severitycommand-injectioncwe-77cwe-78
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 5 Sigma

CVE-2026-7063: Employee Management System SQL Injection Publicly Exploitable

CVE-2026-7063 — A vulnerability was detected in code-projects Employee Management System 1.0. This vulnerability affects unknown code of the file /370project/process/eprocess.php of the component Endpoint....

vulnerabilityCVEhigh-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 4 IOCs /⚙ 3 Sigma

Intina47 Context-Sync OS Command Injection (CVE-2026-7062)

CVE-2026-7062 — A security vulnerability has been detected in Intina47 context-sync up to 2.0.0. This affects an unknown part of the file src/git-integration.ts of the...

vulnerabilityCVEhigh-severitycommand-injectioncwe-77cwe-78
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7061: Toowiredd chatgpt-mcp-server Vulnerable to OS Command Injection

CVE-2026-7061 — A weakness has been identified in Toowiredd chatgpt-mcp-server up to 0.1.0. Affected by this issue is some unknown functionality of the file src/services/docker.service.ts...

vulnerabilityCVEhigh-severitycommand-injectioncwe-77cwe-78
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7060: High-Severity SQL Injection in liyupi yu-picture

CVE-2026-7060 — A vulnerability was determined in liyupi yu-picture up to a053632c41340152bf75b66b3c543d129123d8ec. This impacts the function PageRequest of the file yu-picture-backend/src/main/java/com/yupi/yupicturebackend/service/impl/PictureServiceImpl.java of the component MyBatis-Plus....

vulnerabilityCVEhigh-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-7058: MiroFish IPC Vulnerability Enables Remote Command Injection

CVE-2026-7058 — A vulnerability has been found in 666ghj MiroFish up to 0.1.2. The impacted element is the function SimulationIPCClient.send_command of the file backend/app/services/simulation_ipc.py of...

vulnerabilityCVEhigh-severitycommand-injectioncwe-74cwe-77
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 1 IOC /⚙ 3 Sigma

Tenda F456 Vulnerability: Remote Buffer Overflow in HTTP Daemon

CVE-2026-7057 — A flaw has been found in Tenda F456 1.0.0.5. The affected element is an unknown function of the file /goform/setcfm of the component...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-120
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 4 IOCs /⚙ 2 Sigma

Tenda F456 Router: Remote Buffer Overflow (CVE-2026-7056) Public Exploit

CVE-2026-7056 — A vulnerability was detected in Tenda F456 1.0.0.5. Impacted is the function fromSafeUrlFilter of the file /goform/SafeUrlFilter of the component httpd. The manipulation...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-120
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 5 IOCs /⚙ 2 Sigma

Tenda F456 Router Buffer Overflow (CVE-2026-7055) Exposes Remote Attack

CVE-2026-7055 — A security vulnerability has been detected in Tenda F456 1.0.0.5. This issue affects the function fromVirtualSer of the file /goform/VirtualSer of the component...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-120
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 5 IOCs /⚙ 2 Sigma

CVE-2026-7054: Tenda F456 Router Buffer Overflow Critical for Defenders

CVE-2026-7054 — A weakness has been identified in Tenda F456 1.0.0.5. This vulnerability affects the function fromPptpUserAdd of the file /goform/PPTPDClient of the component httpd....

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-120
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 5 IOCs /⚙ 5 Sigma

Tenda F456 Router Vulnerability (CVE-2026-7053) Exposes Buffer Overflow

CVE-2026-7053 — A security flaw has been discovered in Tenda F456 1.0.0.5. This affects the function frmL7ProtForm of the file /goform/L7Prot of the component httpd....

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-120
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-7045 — A vulnerability was determined in baomidou

CVE-2026-7045 — A vulnerability was determined in baomidou dynamic-datasource 2.5.0. Affected by this vulnerability is the function DsSpelExpressionProcessor#doDetermineDatasource of the file dynamic-datasource-spring/src/main/java/com/baomidou/dynamic/datasource/processor/DsSpelExpressionProcessor.

vulnerabilityCVEmedium-severitycwe-74cwe-707
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7044 — GreenCMS Unrestricted File Upload

CVE-2026-7044 — A vulnerability was found in GreenCMS up to 2.3. Affected is the function themeadd of the file /index.php?m=admin&c=custom&a=themeadd. The manipulation results in unrestricted...

vulnerabilityCVEmedium-severityunrestricted-file-uploadcwe-284cwe-434
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7043 — GreenCMS Unrestricted File Upload

CVE-2026-7043 — A vulnerability has been found in GreenCMS up to 2.3. This impacts the function pluginAddLocal of the file /index.php?m=admin&c=custom&a=pluginadd. The manipulation leads to...

vulnerabilityCVEmedium-severityunrestricted-file-uploadcwe-284cwe-434
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-7042: MiroFish REST API Lacks Authentication, High Severity

CVE-2026-7042 — A flaw has been found in 666ghj MiroFish up to 0.1.2. This affects the function create_app of the file backend/app/__init__.py of the component...

vulnerabilityCVEhigh-severitycwe-287cwe-306
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2018-25294: CEWE Photoshow Buffer Overflow DoS

CVE-2018-25294 — CEWE Photoshow 6.3.4 contains a buffer overflow vulnerability in the login dialog that allows attackers to crash the application by submitting oversized input....

vulnerabilityCVEhigh-severitybuffer-overflowcwe-120
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 4 IOCs /⚙ 5 Sigma

iSmartViewPro 1.5 SEH Buffer Overflow Allows Local Code Execution

CVE-2018-25283 — iSmartViewPro 1.5 contains a structured exception handling (SEH) buffer overflow vulnerability in the 'Save Path for Snapshot and Record file' field that allows...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-120
/SCW Vulnerability Desk /HIGH /8.4 /⚑ 3 IOCs /⚙ 2 Sigma

Faleemi Desktop Software 1.8.2 Suffers High-Severity Buffer Overflow

CVE-2018-25263 — Faleemi Desktop Software 1.8.2 contains a local buffer overflow vulnerability in the Device alias field that allows local attackers to trigger a structured...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-120
/SCW Vulnerability Desk /HIGH /8.4 /⚑ 3 IOCs /⚙ 3 Sigma

Firefox, Thunderbird Patches Address High-Severity Memory Safety Bugs

CVE-2026-6786 — Memory safety bugs present in Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149. Some of these bugs showed evidence of...

vulnerabilityCVEhigh-severitycwe-125cwe-416cwe-787
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 5 IOCs /⚙ 3 Sigma

CVE-2026-6785: Firefox & Thunderbird Memory Safety Bugs Allow RCE

CVE-2026-6785 — Memory safety bugs present in Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149. Some of these bugs...

vulnerabilityCVEhigh-severitycwe-125cwe-416cwe-787
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 5 IOCs /⚙ 3 Sigma

CVE-2026-7039: tufantunc ssh-mcp Local Command Injection Exposed

CVE-2026-7039 — A security vulnerability has been detected in tufantunc ssh-mcp up to 1.5.0. The affected element is the function shell.write of the file src/index.ts....

vulnerabilityCVEhigh-severitycommand-injectioncwe-74cwe-77
/SCW Vulnerability Desk /HIGH /7.8 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7037: Totolink A8000RU Critical OS Command Injection

CVE-2026-7037 — A security flaw has been discovered in Totolink A8000RU 7.1cu.643_b20200521. This issue affects the function setVpnPassCfg of the file /cgi-bin/cstecgi.cgi of the component...

vulnerabilityCVEcriticalhigh-severitycommand-injectioncwe-77cwe-78
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 4 IOCs /⚙ 2 Sigma

Tenda i9 Path Traversal (CVE-2026-7036) Exposes Networks to Remote Exploitation

CVE-2026-7036 — A vulnerability was identified in Tenda i9 1.0.0.5(2204). This vulnerability affects the function R7WebsSecurityHandlerfunction of the component HTTP Handler. The manipulation leads to...

vulnerabilityCVEhigh-severitypath-traversalcwe-22
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 2 Sigma

Tenda FH1202 Router Vulnerability (CVE-2026-7035) Exposes Networks

CVE-2026-7035 — A vulnerability was determined in Tenda FH1202 1.2.0.14. This affects the function fromWrlclientSet of the file /goform/WrlclientSet of the component httpd. Executing a...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-121
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 5 IOCs /⚙ 5 Sigma

CVE-2026-7034: Tenda FH1202 Router Hit by High-Severity Buffer Overflow

CVE-2026-7034 — A vulnerability was found in Tenda FH1202 1.2.0.14(408). Affected by this issue is the function WrlExtraSet of the file /goform/WrlExtraSet of the component...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-121
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 5 IOCs /⚙ 5 Sigma

Tenda F456 Buffer Overflow (CVE-2026-7033) Exposes Routers

CVE-2026-7033 — A vulnerability has been found in Tenda F456 1.0.0.5. Affected by this vulnerability is the function fromSafeClientFilter of the file /goform/SafeClientFilter. Such manipulation...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-120
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 4 IOCs /⚙ 2 Sigma

CVE-2026-7032: Tenda F456 Router Buffer Overflow Exploited Remotely

CVE-2026-7032 — A flaw has been found in Tenda F456 1.0.0.5. Affected is the function SafeEmailFilter of the file /goform/SafeEmailFilter. This manipulation of the argument...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-120
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 2 Sigma

Tenda F456 Buffer Overflow (CVE-2026-7031) Publicly Exploitable

CVE-2026-7031 — A vulnerability was detected in Tenda F456 1.0.0.5. This impacts the function fromSafeMacFilter of the file /goform/SafeMacFilter. The manipulation of the argument page...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-120
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 4 IOCs /⚙ 2 Sigma

CVE-2026-7030: Tenda F456 Router Buffer Overflow Exposes Networks

CVE-2026-7030 — A security vulnerability has been detected in Tenda F456 1.0.0.5. This affects the function fromRouteStatic of the file /goform/RouteStatic. The manipulation of the...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-120
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 1 Sigma

CVE-2026-7029: Tenda F456 Buffer Overflow Exposes Routers to Remote Attacks

CVE-2026-7029 — A weakness has been identified in Tenda F456 1.0.0.5. The impacted element is the function fromaddressNat of the file /goform/addressNat. Executing a manipulation...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-120
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 5 Sigma

CVE-2026-7028 — CodeAstro Online Job Portal SQL Injection

CVE-2026-7028 — A security flaw has been discovered in CodeAstro Online Job Portal 1.0. The affected element is an unknown function of the file /admin/jobs-admins/delete-jobs.php...

vulnerabilityCVEmedium-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /MEDIUM /4.7 /⚑ 3 IOCs /⚙ 7 Sigma

CVE-2026-7026 — Some Unknown Processing Of The Component System Information Vulnerability

CVE-2026-7026 — A vulnerability was determined in D-Link DGS-3420 1.50.018. This issue affects some unknown processing of the component System Information Settings Page. This manipulation...

vulnerabilityCVEmedium-severitycwe-79cwe-94
/SCW Vulnerability Desk /MEDIUM /4.5 /⚑ 3 IOCs /⚙ 2 Sigma

Typecho SSRF Vulnerability (CVE-2026-7025) Publicly Exploitable

CVE-2026-7025 — A vulnerability was found in Typecho up to 1.3.0. This vulnerability affects the function Service::sendPingHandle of the file var/Widget/Service.php of the component Ping...

vulnerabilityCVEhigh-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-7024 — Rawchen Sims Path Traversal

CVE-2026-7024 — A flaw has been found in rawchen sims up to 004f783b1db5ecdfad81c8fdc3b34171211112de. Affected by this issue is some unknown functionality of the file sims-master/src/web/servlet/file/DeleteFileServlet.java...

vulnerabilityCVEmedium-severitypath-traversalcwe-22
/SCW Vulnerability Desk /MEDIUM /5.4 /⚑ 2 IOCs /⚙ 5 Sigma

CVE-2026-7023 — ByteDance Coze-Studio SQL Injection

CVE-2026-7023 — A vulnerability was detected in ByteDance coze-studio up to 0.5.1. Affected by this vulnerability is the function ExecuteSQL of the file backend/domain/memory/database/service/database_impl.go of...

vulnerabilityCVEmedium-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7022: SmythOS Improper Authentication Vulnerability Publicly Disclosed

CVE-2026-7022 — A security vulnerability has been detected in SmythOS sre up to 0.0.15. Affected is the function AgentRuntime of the file packages/core/src/subsystems/AgentManager/AgentRuntime.class.ts of the...

vulnerabilityCVEhigh-severitycwe-287
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 4 IOCs /⚙ 2 Sigma

CVE-2026-7020 — Ollama Path Traversal

CVE-2026-7020 — A security flaw has been discovered in Ollama up to 0.20.2. This affects the function digestToPath of the file x/imagegen/transfer/transfer.go of the component...

vulnerabilityCVEmedium-severitypath-traversalcwe-22
/SCW Vulnerability Desk /MEDIUM /5.6 /⚑ 2 IOCs /⚙ 3 Sigma

Tenda F456 Router Vulnerability (CVE-2026-7019) Exposes Networks to Remote Attacks

CVE-2026-7019 — A vulnerability was identified in Tenda F456 1.0.0.5. The impacted element is the function fromP2pListFilter of the file /goform/P2pListFilter. The manipulation of the...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-120
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 4 IOCs /⚙ 2 Sigma

CVE-2026-7018 — A vulnerability was determined in Datavane Datavines up to

CVE-2026-7018 — A vulnerability was determined in Datavane Datavines up to 13607645e14a4982468cfdbcf75c85cde63bae71. The affected element is an unknown function of the file datavines-core/src/main/java/io/datavines/core/utils/TokenManager.java of the...

vulnerabilityCVEmedium-severitycwe-320cwe-321
/SCW Vulnerability Desk /MEDIUM /5.6 /⚑ 3 IOCs /⚙ 2 Sigma

Technitium DNS Server Vulnerability Allows DNS Amplification Attacks

CVE-2026-42255 — Technitium DNS Server before 15.0 allows DNS traffic amplification via cyclic name server delegation.

vulnerabilityCVEhigh-severitycwe-684
/SCW Vulnerability Desk /HIGH /7.2 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-7002: KLiK SocialMediaWebsite SQLi Poses Remote Risk

CVE-2026-7002 — A vulnerability was determined in KLiK SocialMediaWebsite up to 1.0.1. This vulnerability affects unknown code of the file /includes/get_message_ajax.php of the component Private...

vulnerabilityCVEhigh-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-6994 — A weakness has been identified in Envoy up to 1.33.0.

CVE-2026-6994 — A weakness has been identified in Envoy up to 1.33.0. Affected is the function params.add of the file source/extensions/filters/http/header_mutation/header_mutation.cc of the component Query...

vulnerabilityCVEmedium-severitycwe-74cwe-707
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-6993 — Go-Kratos Kratos Vulnerability

CVE-2026-6993 — A security flaw has been discovered in go-kratos kratos up to 2.9.2. This impacts the function NewServer of the file transport/http/server.go of the...

vulnerabilityCVEmedium-severitycwe-441
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 1 Sigma

Linksys MR9600 RCE: Critical OS Command Injection Vulnerability

CVE-2026-6992 — A vulnerability was identified in Linksys MR9600 2.0.6.206937. This affects the function BTRequestGetSmartConnectStatus of the file /etc/init.d/run_central2.sh of the component JNAP Action Handler....

vulnerabilityCVEhigh-severitycommand-injectioncwe-77cwe-78
/SCW Vulnerability Desk /HIGH /7.2 /⚑ 5 IOCs /⚙ 2 Sigma

CVE-2026-6991 — SQL Injection

CVE-2026-6991 — A vulnerability was determined in colinhacks Zod up to 4.3.6. The impacted element is an unknown function of the file packages/zod/src/v4/core/regexes.ts of the...

vulnerabilityCVEmedium-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-6989 — Tenda F453 Command Injection

CVE-2026-6989 — A vulnerability has been found in Tenda F453 up to 1.0.0.3. Impacted is the function TendaTelnet of the file /goform/telnet of the component...

vulnerabilityCVEmedium-severitycommand-injectioncwe-74cwe-77
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 2 Sigma

Tenda HG10 Router Buffer Overflow (CVE-2026-6988) Exposes Remote Attack

CVE-2026-6988 — A flaw has been found in Tenda HG10 HG7_HG9_HG10re_300001138_en_xpon. This issue affects the function formRoute of the file /boaform/formRouting of the component Boa...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-120
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 5 IOCs /⚙ 2 Sigma

CVE-2026-6987: PicoClaw Web Launcher Command Injection

CVE-2026-6987 — A vulnerability was detected in PicoClaw up to 0.2.4. Impacted is an unknown function of the file /api/gateway/restart of the component Web Launcher...

vulnerabilityCVEhigh-severitycommand-injectioncwe-74cwe-77
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-6985 — The Function Handle_opt Of The File /Src/Net_builtin.C Of Th Vulnerability

CVE-2026-6985 — A weakness has been identified in Cesanta Mongoose up to 7.20. This vulnerability affects the function handle_opt of the file /src/net_builtin.c of the...

vulnerabilityCVEmedium-severitycwe-404cwe-835
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 3 IOCs /⚙ 1 Sigma

CVE-2026-6984 — AstrBotDevs AstrBot Vulnerability

CVE-2026-6984 — A security flaw has been discovered in AstrBotDevs AstrBot up to 4.22.1. This affects the function create_template of the file astrbot/dashboard/routes/t2i.py of the...

vulnerabilityCVEmedium-severitycwe-791cwe-1336
/SCW Vulnerability Desk /MEDIUM /4.7 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-6983 — Pagekit Server-Side Request Forgery

CVE-2026-6983 — A vulnerability was identified in pagekit up to 1.0.18. Affected by this issue is some unknown functionality of the file /index.php/admin/system/update/download. The manipulation...

vulnerabilityCVEmedium-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /MEDIUM /4.7 /⚑ 2 IOCs /⚙ 3 Sigma

Global Payment Provider, Government Entity Hit in Major Data Leaks

DARKFEED reports a significant data leak from a global payment provider, exposing extensive financial data and payment integrations across numerous regions. This incident carries high...

darkwebthreat-intelransomwarevulnerabilitydata-breach
/SCW Vulnerability Desk /HIGH /⚑ 3 IOCs

CVE-2026-6982 — SQL Injection

CVE-2026-6982 — A vulnerability was determined in star7th ShowDoc up to 2.10.10/3.6.2/3.8.0. Affected by this vulnerability is an unknown functionality of the file server/Application/Api/Controller/PageController.class.PHP of...

vulnerabilityCVEmedium-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-6981 — IhateCreatingUserNames2 AiraHub2 Server-Side Request Forgery

CVE-2026-6981 — A vulnerability was found in IhateCreatingUserNames2 AiraHub2 up to 3e4b77fd7d48ed811ffe5b8d222068c17c76495e. Affected is the function connect_stream_endpoint/sync_agents of the file AiraHub.py of the component Endpoint....

vulnerabilityCVEmedium-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-6980: Divyanshu-hash GitPilot-MCP Command Injection

CVE-2026-6980 — A vulnerability has been found in Divyanshu-hash GitPilot-MCP up to 9ed9f153ba4158a2ad230ee4871b25130da29ffd. This impacts the function repo_path of the file main.py. Such manipulation of...

vulnerabilityCVEhigh-severitycommand-injectioncwe-74cwe-77
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-6979 — Devlikeapro WAHA Server-Side Request Forgery

CVE-2026-6979 — A flaw has been found in devlikeapro WAHA up to 2026.3.4. This affects an unknown function of the file src/api/media.controller.ts of the component...

vulnerabilityCVEmedium-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-6978 — JiZhiCMS SQL Injection

CVE-2026-6978 — A vulnerability was detected in JiZhiCMS up to 2.5.6. The impacted element is the function htmlspecialchars_decode of the file /index.php/admins/Sys/addcache.html. The manipulation of...

vulnerabilityCVEmedium-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /MEDIUM /4.7 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-6977: Vanna-AI Legacy Flask API Improper Authorization

CVE-2026-6977 — A security vulnerability has been detected in vanna-ai vanna up to 2.0.2. The affected element is an unknown function of the component Legacy...

vulnerabilityCVEhigh-severitycwe-266cwe-285
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 3 Sigma

Pre-Stuxnet 'fast16' Malware Targeted Engineering Software in 2005

The Hacker News reports on a newly uncovered Lua-based malware, dubbed 'fast16,' which predates the notorious Stuxnet worm by several years. According to SentinelOne's research,...

threat-intelvulnerabilitymalwaretools
/SCW Vulnerability Desk /MEDIUM /⚑ 3 IOCs

simple-git RCE: Incomplete Fix Leaves Critical Vulnerability Open

CVE-2026-6951 — Versions of the package simple-git before 3.36.0 are vulnerable to Remote Code Execution (RCE) due to an incomplete fix for [CVE-2022-25912](https://security.snyk.io/vuln/SNYK-JS-SIMPLEGIT-3112221) that blocks...

vulnerabilityCVEcriticalhigh-severityremote-code-executioncwe-94
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-42171: NSIS Privilege Escalation Vulnerability

CVE-2026-42171 — NSIS (Nullsoft Scriptable Install System) 3.06.1 before 3.12 sometimes uses the Low IL temp directory when executing as SYSTEM, allowing local attackers to...

vulnerabilityCVEhigh-severitycwe-427
/SCW Vulnerability Desk /HIGH /7.8 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-41481 — Server-Side Request Forgery

CVE-2026-41481 — LangChain is a framework for building agents and LLM-powered applications. Prior to langchain-text-splitters 1.1.2, HTMLHeaderTextSplitter.split_text_from_url() validated the initial URL using validate_safe_url() but then...

vulnerabilityCVEmedium-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 3 Sigma

Saltcorn SQL Injection (CVE-2026-41478) Exposes Sensitive Data

CVE-2026-41478 — Saltcorn is an extensible, open source, no-code database application builder. Prior to 1.4.6, 1.5.6, and 1.6.0-beta.5, a SQL injection vulnerability in Saltcorn’s mobile-sync...

vulnerabilityCVEcriticalhigh-severitysql-injectioncwe-89
/SCW Vulnerability Desk /CRITICAL /9.9 /⚑ 1 IOC /⚙ 3 Sigma

CVE-2026-41248: Clerk Auth Bypass Exposes Critical Web Applications

CVE-2026-41248 — Clerk JavaScript is the official JavaScript repository for Clerk authentication. createRouteMatcher in @clerk/nextjs, @clerk/nuxt, and @clerk/astro can be bypassed by certain crafted requests,...

vulnerabilityCVEcriticalhigh-severitycwe-436cwe-863
/SCW Vulnerability Desk /CRITICAL /9.1 /⚑ 1 IOC /⚙ 3 Sigma

Cisco Firestarter Malware Persists Through Updates

Cybersecurity agencies in the U.S. and U.K. are sounding the alarm on Firestarter, a custom malware exhibiting troubling persistence on Cisco Firepower and Secure Firewall...

threat-inteldata-breachmalwarevulnerability
/SCW Vulnerability Desk /MEDIUM /⚑ 5 IOCs

Dgraph CVE-2026-41492: Unauthenticated Admin Token Exposure Via /debug/vars

CVE-2026-41492 — Dgraph is an open source distributed GraphQL database. Prior to 25.3.3, Dgraphl exposes the process command line through the unauthenticated /debug/vars endpoint on...

vulnerabilityCVEcriticalhigh-severitycwe-200
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-41421: SiYuan Desktop RCE via HTML Notification Abuse

CVE-2026-41421 — SiYuan is an open-source personal knowledge management system. Prior to 3.6.5, SiYuan desktop renders notification messages as raw HTML inside an Electron renderer....

vulnerabilityCVEhigh-severitycode-executioncwe-78cwe-79
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 4 IOCs /⚙ 3 Sigma

4ga Boards Path Traversal Vulnerability Exposes Local Files (CVE-2026-41419)

CVE-2026-41419 — 4ga Boards is a boards system for realtime project management. Prior to 3.3.5, a path traversal vulnerability allows an authenticated user with board...

vulnerabilityCVEhigh-severitypath-traversalcwe-22
/SCW Vulnerability Desk /HIGH /7.6 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-41418 — 4ga Boards is a boards system for realtime project

CVE-2026-41418 — 4ga Boards is a boards system for realtime project management. Prior to 3.3.5, 4ga Boards is vulnerable to user enumeration via a timing...

vulnerabilityCVEmedium-severitycwe-208
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-41414: Skim Fuzzy Finder Vulnerability Exposes GitHub Tokens

CVE-2026-41414 — Skim is a fuzzy finder designed to through files, lines, and commands. The generate-files job in .github/workflows/pr.yml checks out attacker-controlled fork code and...

vulnerabilityCVEhigh-severitycwe-94
/SCW Vulnerability Desk /HIGH /7.4 /⚑ 5 IOCs /⚙ 3 Sigma

Dgraph CVE-2026-41328: Unauthenticated Data Read Access Critical Flaw

CVE-2026-41328 — Dgraph is an open source distributed GraphQL database. Prior to 25.3.3, a vulnerability has been found in Dgraph that gives an unauthenticated attacker...

vulnerabilityCVEcriticalhigh-severitycwe-943
/SCW Vulnerability Desk /CRITICAL /9.1 /⚑ 5 IOCs /⚙ 3 Sigma

CVE-2026-41327: Dgraph GraphQL Database Critical Unauthenticated Data Read

CVE-2026-41327 — Dgraph is an open source distributed GraphQL database. Prior to 25.3.3, a vulnerability has been found in Dgraph that gives an unauthenticated attacker...

vulnerabilityCVEcriticalhigh-severitycwe-943
/SCW Vulnerability Desk /CRITICAL /9.1 /⚑ 4 IOCs /⚙ 7 Sigma

CVE-2026-33666: Zserio BitStreamReader Overflow Bypasses Bounds Check

CVE-2026-33666 — Zserio is a framework for serializing structured data with a compact and efficient way with low overhead. Prior to 2.18.1, in BitStreamReader.h readBytes()...

vulnerabilityCVEhigh-severitycwe-190
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-33662: OP-TEE RSA Padding Underflow Leads to Crash

CVE-2026-33662 — OP-TEE is a Trusted Execution Environment (TEE) designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone...

vulnerabilityCVEhigh-severitycwe-190
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 4 IOCs /⚙ 2 Sigma

Zserio DoS: Crafted Payload Triggers Massive Memory Allocation

CVE-2026-33524 — Zserio is a framework for serializing structured data with a compact and efficient way with low overhead. Prior to 2.18.1, a crafted payload...

vulnerabilityCVEhigh-severitydenial-of-servicecwe-789
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-42044 — Privilege Escalation

CVE-2026-42044 — Axios is a promise based HTTP client for the browser and Node.js. From 1.0.0 to before 1.15.2, he Axios library is vulnerable to...

vulnerabilityCVEmedium-severityprivilege-escalationcwe-915cwe-1321
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 3 IOCs /⚙ 3 Sigma

Axios CVE-2026-42043: NO_PROXY Bypass Vulnerability

CVE-2026-42043 — Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.1 and 0.31.1, an attacker who can influence the...

vulnerabilityCVEhigh-severitycwe-183cwe-441cwe-918
/SCW Vulnerability Desk /HIGH /7.2 /⚑ 3 IOCs /⚙ 4 Sigma

CVE-2026-42042 — Axios is a promise based HTTP client for the browser and

CVE-2026-42042 — Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.1 and 0.31.1, the Axios library's XSRF token protection...

vulnerabilityCVEmedium-severitycwe-183cwe-201
/SCW Vulnerability Desk /MEDIUM /5.4 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-42041 — Axios is a promise based HTTP client for the browser and

CVE-2026-42041 — Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.1 and 0.31.1, the Axios library is vulnerable to...

vulnerabilityCVEmedium-severitycwe-287cwe-1321
/SCW Vulnerability Desk /MEDIUM /4.8 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-42038 — Axios is a promise based HTTP client for the browser and

CVE-2026-42038 — Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.1 and 0.31.1, he fix for no_proxy hostname normalization...

vulnerabilityCVEmedium-severitycwe-918
/SCW Vulnerability Desk /MEDIUM /6.8 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-42037 — Axios is a promise based HTTP client for the browser and

CVE-2026-42037 — Axios is a promise based HTTP client for the browser and Node.js. From 1.0.0 to before 1.15.1, the FormDataPart constructor in lib/helpers/formDataToStream.js interpolates...

vulnerabilityCVEmedium-severitycwe-93
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-42036 — Axios is a promise based HTTP client for the browser and

CVE-2026-42036 — Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.1 and 0.31.1, when responseType: 'stream' is used, Axios...

vulnerabilityCVEmedium-severitycwe-770
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 6 Sigma

Axios CVE-2026-42035: Prototype Pollution Leads to Header Injection

CVE-2026-42035 — Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.1 and 0.31.1, a prototype pollution gadget exists in...

vulnerabilityCVEhigh-severitycwe-113cwe-1321
/SCW Vulnerability Desk /HIGH /7.4 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-42034 — Axios is a promise based HTTP client for the browser and

CVE-2026-42034 — Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.1 and 0.31.1, for stream request bodies, maxBodyLength is...

vulnerabilityCVEmedium-severitycwe-770
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-42033: Axios Prototype Pollution Allows Response Tampering, HTTP Hijacking

CVE-2026-42033 — Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.1 and 0.31.1, when Object.prototype has been polluted by...

vulnerabilityCVEhigh-severitycwe-1321
/SCW Vulnerability Desk /HIGH /7.4 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-41322 — @astrojs/node allows Astro to deploy your SSR site to Node

CVE-2026-41322 — @astrojs/node allows Astro to deploy your SSR site to Node targets. Prior to 10.0.5, requesting a static js/css resources from _astro path with...

vulnerabilityCVEmedium-severitycwe-525
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 2 Sigma

AWS Cognito Flaw Grants Deployment Admin Privileges

CVE-2026-6912 — Improperly controlled modification of dynamically-determined object attributes in the Cognito User Pool configuration in AWS Ops Wheel before PR #165 allows remote authenticated...

vulnerabilityCVEhigh-severitycwe-915
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 3 Sigma

Critical JWT Bypass in AWS Ops Wheel Grants Admin Access

CVE-2026-6911 — Missing JWT signature verification in AWS Ops Wheel allows unauthenticated attackers to forge JWT tokens and gain unintended administrative access to the application,...

vulnerabilityCVEcriticalhigh-severitycwe-347
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-41411 — Command Injection

CVE-2026-41411 — Vim is an open source, command line text editor. Prior to 9.2.0357, A command injection vulnerability exists in Vim's tag file processing. When...

vulnerabilityCVEmedium-severitycommand-injectioncwe-78
/SCW Vulnerability Desk /MEDIUM /6.6 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-41079 — Out-of-Bounds $1

CVE-2026-41079 — OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. Prior to 2.4.17, a network-adjacent attacker can send...

vulnerabilityCVEmedium-severityout-of-bounds-1cwe-125cwe-200
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-41067 — Astro is a web framework. Prior to 6.1.6, the

CVE-2026-41067 — Astro is a web framework. Prior to 6.1.6, the defineScriptVars function in Astro's server-side rendering pipeline uses a case-sensitive regex //g to sanitize...

vulnerabilityCVEmedium-severitycwe-79
/SCW Vulnerability Desk /MEDIUM /6.1 /⚑ 2 IOCs /⚙ 3 Sigma

lxml XML Parsing Vulnerability Exposes Local Files

CVE-2026-41066 — lxml is a library for processing XML and HTML in the Python language. Prior to 6.1.0, using either of the two parsers in...

vulnerabilityCVEhigh-severitycwe-611
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 3 IOCs /⚙ 3 Sigma

Critical RCE in Math.js Expression Parser (CVE-2026-40897)

CVE-2026-40897 — Math.js is an extensive math library for JavaScript and Node.js. From 13.1.1 to before 15.2.0, a vulnerability allowed executing arbitrary JavaScript via the...

vulnerabilityCVEhigh-severitycwe-915
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 2 IOCs /⚙ 3 Sigma

Critical RCE in BridgeHead FileStore via Default Axis2 Credentials

CVE-2026-39920 — BridgeHead FileStore versions prior to 24A (released in early 2024) expose the Apache Axis2 administration module on network-accessible endpoints with default credentials that...

vulnerabilityCVEcriticalhigh-severitycwe-1188cwe-1391
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 3 IOCs /⚙ 4 Sigma

CVE-2026-42095 — bookserver in KDE Arianna before 26.04.1 allows attackers

CVE-2026-42095 — bookserver in KDE Arianna before 26.04.1 allows attackers to read files over a socket connection by guessing a URL.

vulnerabilityCVEmedium-severitycwe-306
/SCW Vulnerability Desk /MEDIUM /4 /⚑ 2 IOCs /⚙ 2 Sigma

Mythos Unauthorized Access, CISA Nom Withdrawal, New Display Security

SecurityWeek reported on several under-the-radar stories this week, including unauthorized access to Mythos, the withdrawal of Plankey's CISA nomination, and the introduction of a new...

threat-intelvulnerabilitydata-breach
/SCW Vulnerability Desk /MEDIUM /⚑ 2 IOCs

China Targets NASA with Phishing for Defense Software

The NASA Office of Inspector General (OIG) has exposed a sophisticated spear-phishing operation orchestrated by a Chinese national. Posing as a U.S. researcher, the attacker...

threat-intelvulnerabilitycloudmicrosoftphishing
/SCW Vulnerability Desk /MEDIUM /⚑ 3 IOCs /⚙ 3 Sigma

OVN Out-of-Bounds Read Exposes Heap Memory via DHCPv6

CVE-2026-5367 — A flaw was found in OVN (Open Virtual Network). A remote attacker, by sending crafted DHCPv6 (Dynamic Host Configuration Protocol for IPv6) SOLICIT...

vulnerabilityCVEhigh-severityout-of-bounds-1cwe-130
/SCW Vulnerability Desk /HIGH /8.6 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-5265 — When generating an ICMP Destination Unreachable or Packet

CVE-2026-5265 — When generating an ICMP Destination Unreachable or Packet Too Big response, the handler copies a portion of the original packet into the ICMP...

vulnerabilityCVEmedium-severitycwe-130
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 3 Sigma

Critical Azure IoT Central Flaw Exposes Sensitive Data, Allows Privilege Escalation

CVE-2026-21515 — Exposure of sensitive information to an unauthorized actor in Azure IOT Central allows an authorized attacker to elevate privileges over a network.

vulnerabilityCVEcriticalhigh-severitycwe-200
/SCW Vulnerability Desk /CRITICAL /9.9 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2024-7399 — Samsung MagicINFO 9 Server: Samsung MagicINFO 9 Server Path Traversal Vulnerability

CVE-2024-7399 — Samsung MagicINFO 9 Server contains a path traversal vulnerability that could allow an attacker to write arbitrary files as system authority.

vulnerabilityCVEcisa-kevactively-exploited
/SCW Vulnerability Desk /HIGH /⚑ 2 IOCs

CVE-2024-57728 — SimpleHelp SimpleHelp: SimpleHelp Path Traversal Vulnerability

CVE-2024-57728 — SimpleHelp contains a path traversal vulnerability that allows admin users to upload arbitrary files anywhere on the file system by uploading a crafted...

vulnerabilityCVEcisa-kevactively-exploited
/SCW Vulnerability Desk /HIGH /⚑ 2 IOCs

CVE-2024-57726 — SimpleHelp SimpleHelp: SimpleHelp Missing Authorization Vulnerability

CVE-2024-57726 — SimpleHelp contains a missing authorization vulnerability that could allow low-privileged technicians to create API keys with excessive permissions. These API keys can be...

vulnerabilityCVEcisa-kevactively-exploited
/SCW Vulnerability Desk /HIGH /⚑ 2 IOCs

AI Agents: The Delegated Risk Gap Defenders Must Close

The proliferation of AI agents in enterprise environments presents a unique security challenge, not just as new actors, but as delegated ones. The Hacker News...

threat-intelvulnerabilityai-security
/SCW Vulnerability Desk /MEDIUM /⚑ 2 IOCs

Fake Crypto Wallets Flood App Store, Targeting User Seed Phrases

The Apple App Store is hosting at least 26 fake cryptocurrency wallet applications designed to steal users' recovery phrases and private keys. The Hacker News...

threat-intelvulnerabilitymalware
/SCW Vulnerability Desk /MEDIUM

Critical Flaws Hit CrowdStrike, Tenable Products; Patches Released

SecurityWeek reports that critical vulnerabilities have been addressed in products from CrowdStrike and Tenable. CrowdStrike has issued a fix for a severe flaw impacting its...

threat-intelvulnerability
/SCW Vulnerability Desk /MEDIUM /⚑ 1 IOC /⚙ 3 Sigma

Tropic Trooper Exploits SumatraPDF and VS Code Tunnels for Espionage

A sophisticated campaign by the threat group Tropic Trooper is targeting Chinese-speaking individuals. The attackers are leveraging a trojanized version of the SumatraPDF reader to...

threat-intelvulnerabilitymalwaremicrosofttools
/SCW Vulnerability Desk /MEDIUM /⚑ 4 IOCs /⚙ 3 Sigma

Tempo Vulnerability: High-Severity Flaw Risks Service Availability

CVE-2026-21728 — Tempo queries with large limits can cause large memory allocations which can impact the availability of the service, depending on its deployment strategy....

vulnerabilityCVEhigh-severity
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 1 IOC /⚙ 2 Sigma

CVE-2026-4078 — Cross-Site Scripting (XSS)

CVE-2026-4078 — The ITERAS plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple shortcodes (iteras-ordering, iteras-signup, iteras-paywall-login, iteras-selfservice) in all versions up to...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-3569 — The Liaison Site Prober plugin for WordPress is vulnerable

CVE-2026-3569 — The Liaison Site Prober plugin for WordPress is vulnerable to Information Exposure in all versions up to and including 1.2.1 via the /wp-json/site-prober/v1/logs...

vulnerabilityCVEmedium-severitycwe-862
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-3565 — The Taqnix plugin for WordPress is vulnerable to Cross-Site

CVE-2026-3565 — The Taqnix plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.3. This is due to...

vulnerabilityCVEmedium-severitycwe-352
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2025-11762 — The HubSpot All-In-One Marketing - Forms, Popups, Live Chat

CVE-2025-11762 — The HubSpot All-In-One Marketing - Forms, Popups, Live Chat plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to,...

vulnerabilityCVEmedium-severitycwe-862
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 2 Sigma

Delta Electronics AS320T Plagued by Critical DoS Vulnerability

CVE-2026-1952 — Delta Electronics AS320T has denial of service via the undocumented subfunction vulnerability.

vulnerabilityCVEcriticalhigh-severitydenial-of-servicecwe-912
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 2 IOCs /⚙ 1 Sigma

Critical Buffer Overflow in Delta Electronics AS320T PLC

CVE-2026-1951 — Delta Electronics AS320T has no checking of the length of the buffer with the directory name vulnerability.

vulnerabilityCVEcriticalhigh-severitycwe-121
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 2 IOCs /⚙ 1 Sigma

Critical Buffer Overflow Hits Delta Electronics AS320T

CVE-2026-1950 — Delta Electronics AS320T has No checking of the length of the buffer with the file name vulnerability.

vulnerabilityCVEcriticalhigh-severitycwe-121
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 2 IOCs /⚙ 4 Sigma

CVE-2026-6810 — The Booking Calendar Contact Form plugin for WordPress is

CVE-2026-6810 — The Booking Calendar Contact Form plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.2.63...

vulnerabilityCVEmedium-severitycwe-639
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 6 Sigma

CVE-2026-5428 — Cross-Site Scripting (XSS)

CVE-2026-5428 — The Royal Elementor Addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via image captions in the Image Grid/Slider/Carousel widget in versions...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs /⚙ 2 Sigma

WordPress Plugin Flaw Exposes Sites to RCE

CVE-2026-5364 — The Drag and Drop File Upload for Contact Form 7 plugin for WordPress is vulnerable to arbitrary file upload in versions up to,...

vulnerabilityCVEhigh-severityremote-code-executioncwe-434
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-5347 — The HM Books Gallery plugin for WordPress is vulnerable to

CVE-2026-5347 — The HM Books Gallery plugin for WordPress is vulnerable to Missing Authorization in versions up to and including 4.8.0. This is due to...

vulnerabilityCVEmedium-severitycwe-862
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 2 Sigma

Critical RCE in Delta Electronics AS320T Industrial Controllers

CVE-2026-1949 — Delta Electronics AS320T has incorrect calculation of the buffer size on the stack in the GET/PUT request handler of the web service.

vulnerabilityCVEcriticalhigh-severitycwe-131
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 3 IOCs /⚙ 4 Sigma

D-Link DWM-222W Wi-Fi Adapter Vulnerable to Brute-Force Bypass

CVE-2026-6947 — DWM-222W USB Wi-Fi Adapter developed by D-Link has a Brute-Force Protection Bypass vulnerability, allowing unauthenticated adjacent network attackers to bypass login attempt limits...

vulnerabilityCVEhigh-severitycwe-307
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-6393 — The BetterDocs plugin for WordPress is vulnerable to

CVE-2026-6393 — The BetterDocs plugin for WordPress is vulnerable to Missing Authorization in versions up to and including 4.3.11. This is due to a missing...

vulnerabilityCVEmedium-severitycwe-862
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-5488 — The ExactMetrics – Google Analytics Dashboard for WordPress

CVE-2026-5488 — The ExactMetrics – Google Analytics Dashboard for WordPress plugin for WordPress is vulnerable to Missing Authorization in versions up to and including 9.1.2....

vulnerabilityCVEmedium-severitycwe-862
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 3 Sigma

Kyverno Policy Engine Flaw: Cluster Crash and Admission Controller Bypass

CVE-2026-41485 — Kyverno is a policy engine designed for cloud native platform engineering teams. Prior to versions 1.17.2 and 1.16.4, an unchecked type assertion in...

vulnerabilityCVEhigh-severitycwe-617
/SCW Vulnerability Desk /HIGH /7.7 /⚑ 5 IOCs /⚙ 2 Sigma

Node.js FTP Clients Exposed to DoS via Malicious Listings

CVE-2026-41324 — basic-ftp is an FTP client for Node.js. Versions prior to 5.3.0 are vulnerable to denial of service through unbounded memory growth while processing...

vulnerabilityCVEhigh-severitydenial-of-servicecwe-400cwe-770
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 2 IOCs /⚙ 2 Sigma

Kyverno API Call Vulnerability Exposes Kubernetes Clusters

CVE-2026-41323 — Kyverno is a policy engine designed for cloud native platform engineering teams. Prior to versions 1.18.0-rc1, 1.17.2-rc1, and 1.16.4, Kyverno's apiCall feature in...

vulnerabilityCVEhigh-severitycwe-200cwe-918
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-41319 — Versions Prior To Vulnerability

CVE-2026-41319 — MailKit is a cross-platform mail client library built on top of MimeKit. A STARTTLS Response Injection vulnerability in versions prior to 4.16.0 allows...

vulnerabilityCVEmedium-severitycwe-74
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-41318 — Cross-Site Scripting (XSS)

CVE-2026-41318 — AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. Prior to version...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79cwe-116cwe-1336
/SCW Vulnerability Desk /MEDIUM /5.4 /⚑ 4 IOCs /⚙ 2 Sigma

Kyverno Privilege Escalation: RBAC Bypass in Multi-Tenant Clusters

CVE-2026-41068 — Kyverno is a policy engine designed for cloud native platform engineering teams. The patch for CVE-2026-22039 fixed cross-namespace privilege escalation in Kyverno's `apiCall`...

vulnerabilityCVEhigh-severityprivilege-escalationcwe-863
/SCW Vulnerability Desk /HIGH /7.7 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-2028 — Arbitrary File Access

CVE-2026-2028 — The MaxiBlocks Builder plugin for WordPress is vulnerable to arbitrary media file deletion due to insufficient file ownership validation on the 'maxi_remove_custom_image_size' AJAX...

vulnerabilityCVEmedium-severityarbitrary-file-accesscwe-639
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 3 Sigma

Ruby ERB Deserialization Flaw Allows Code Execution

CVE-2026-41316 — ERB is a templating system for Ruby. Ruby 2.7.0 (before ERB 2.2.0 was published on rubygems.org) introduced an `@_init` instance variable guard in...

vulnerabilityCVEhigh-severitycode-executioncwe-693
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 4 IOCs /⚙ 3 Sigma

OSSN Resource Exhaustion: DoS Risk from Malicious Image Uploads

CVE-2026-41309 — Open Source Social Network (OSSN) is open-source social networking software developed in PHP. Versions prior to 9.0 are vulnerable to resource exhaustion. An...

vulnerabilityCVEhigh-severitydenial-of-servicecwe-400cwe-770
/SCW Vulnerability Desk /HIGH /8.2 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-41305 — Cross-Site Scripting (XSS)

CVE-2026-41305 — PostCSS takes a CSS file and provides an API to analyze and modify its rules by transforming the rules into an Abstract Syntax...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.1 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-40254 — Path Traversal

CVE-2026-40254 — FreeRDP is a free implementation of the Remote Desktop Protocol. Versions prior to 3.25.0 have an off-by-one in the path traversal filter in...

vulnerabilityCVEmedium-severitypath-traversalcwe-193
/SCW Vulnerability Desk /MEDIUM /4.2 /⚑ 2 IOCs /⚙ 2 Sigma

Actual Finance Tool: Local Admin Escalation via OIDC Migration Flaw

CVE-2026-33318 — Actual is a local-first personal finance tool. Prior to version 26.4.0, any authenticated user (including `BASIC` role) can escalate to `ADMIN` on servers...

vulnerabilityCVEhigh-severityprivilege-escalationcwe-284cwe-862
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 4 IOCs /⚙ 2 Sigma

OP-TEE Vulnerability Exposes TrustZone to OOB Reads, Crashes

CVE-2026-33317 — OP-TEE is a Trusted Execution Environment (TEE) designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone...

vulnerabilityCVEhigh-severityout-of-bounds-1cwe-125cwe-787
/SCW Vulnerability Desk /HIGH /8.7 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-32952 — go-ntlmssp is a Go package that provides NTLM/Negotiate

CVE-2026-32952 — go-ntlmssp is a Go package that provides NTLM/Negotiate authentication over HTTP. Prior to version 0.1.1, a malicious NTLM challenge message can causes an...

vulnerabilityCVEmedium-severitycwe-190
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-31956 — Xibo is an open source digital signage platform with a web

CVE-2026-31956 — Xibo is an open source digital signage platform with a web content management system and Windows display player software. Prior to version 4.4.1,...

vulnerabilityCVEmedium-severitycwe-639
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-31955 — Versions Prior To Server-Side Request Forgery

CVE-2026-31955 — Xibo is an open source digital signage platform with a web content management system and Windows display player software. An authenticated Server-Side Request...

vulnerabilityCVEmedium-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /MEDIUM /4.9 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-31953 — Versions Prior To Cross-Site Scripting (XSS)

CVE-2026-31953 — Xibo is an open source digital signage platform with a web content management system and Windows display player software. A stored Cross-Site Scripting...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs /⚙ 3 Sigma

Critical Flaw in SenseLive X3050 Exposes Sensitive Configurations

CVE-2026-40630 — A vulnerability in  SenseLive X3050’s web management interface allows unauthorized access to certain configuration endpoints due to improper access control enforcement. An attacker...

vulnerabilityCVEcriticalhigh-severityimproper-access-controlcwe-288
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 2 IOCs /⚙ 3 Sigma

SenseLive X3050 Vulnerability: Critical Configuration Bypass

CVE-2026-40623 — A vulnerability in SenseLive X3050's web management interface allows critical system and network configuration parameters to be modified without sufficient validation and safety controls. Due...

vulnerabilityCVEhigh-severitycwe-862
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 5 IOCs /⚙ 3 Sigma

SenseLive X3050: Critical Unauthenticated Admin Access

CVE-2026-40620 — A vulnerability in SenseLive X3050’s embedded management service allows full administrative control to be established without any form of authentication or authorization on the SenseLive...

vulnerabilityCVEcriticalhigh-severitycwe-306
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-40431 — A vulnerability exists in SenseLive X3050’s web management

CVE-2026-40431 — A vulnerability exists in SenseLive X3050’s web management interface due to its reliance on unencrypted HTTP for all administrative communication. Because management traffic, including authentication...

vulnerabilityCVEmedium-severitycwe-319
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 3 Sigma

SenseLive X3050: Password Changes Failing After Reset

CVE-2026-39462 — A vulnerability exists in SenseLive X3050’s web management interface in which password updates are not reliably applied due to improper handling of credential changes...

vulnerabilityCVEhigh-severitycwe-522
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 3 IOCs /⚙ 2 Sigma

SenseLive X3050 Critical Vulnerability: Client-Side Auth Bypass

CVE-2026-35503 — A vulnerability in SenseLive X3050’s web management interface allows authentication logic to be performed entirely on the client side, relying on hardcoded values within...

vulnerabilityCVEcriticalhigh-severitycwe-798
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 3 IOCs /⚙ 2 Sigma

SenseLive X3050 Vulnerability Exposes Management Interfaces Unauthenticated

CVE-2026-35064 — A vulnerability in SenseLive X3050’s management ecosystem allows unauthenticated discovery of deployed units through the vendor’s management protocol, enabling identification of device presence, identifiers, and...

vulnerabilityCVEhigh-severitycwe-306
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 3 IOCs /⚙ 3 Sigma

Xibo Digital Signage Platform Hit with Critical SQL Injection

CVE-2026-31952 — Xibo is an open source digital signage platform with a web content management system and Windows display player software. Versions 1.7 through 4.4.0...

vulnerabilityCVEhigh-severitysql-injectioncwe-89cwe-184
/SCW Vulnerability Desk /HIGH /7.6 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-29051 — Deployments That Explicitly Pass `--Persist-Lint-Results`; T Vulnerability

CVE-2026-29051 — melange allows users to build apk packages using declarative pipelines. Starting in version 0.32.0 and prior to version 0.43.4, `melange lint --persist-lint-results` (opt-in...

vulnerabilityCVEmedium-severitycwe-22
/SCW Vulnerability Desk /MEDIUM /4.4 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-29050 — melange allows users to build apk packages using

CVE-2026-29050 — melange allows users to build apk packages using declarative pipelines. Starting in version 0.32.0 and prior to version 0.43.4, an attacker who can...

vulnerabilityCVEmedium-severitycwe-22
/SCW Vulnerability Desk /MEDIUM /6.1 /⚑ 2 IOCs /⚙ 3 Sigma

SenseLive X3050 Critical Vulnerability: Persistent Lockout, No Physical Reset

CVE-2026-27843 — A vulnerability exists in SenseLive X3050's web management interface that allows critical configuration parameters to be modified without sufficient authentication or server-side validation. By...

vulnerabilityCVEcriticalhigh-severitycwe-306
/SCW Vulnerability Desk /CRITICAL /9.1 /⚑ 3 IOCs /⚙ 3 Sigma

SenseLive X3050 CSRF Vulnerability: High Risk Remote Configuration Abuse

CVE-2026-27841 — A vulnerability in SenseLive X3050's web management interface allows state-changing operations to be triggered without proper Cross-Site Request Forgery (CSRF) protections. Because the application does...

vulnerabilityCVEhigh-severitycwe-352
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 3 IOCs /⚙ 3 Sigma

Critical Unauthenticated Firmware Flaws in SenseLive X3050

CVE-2026-25775 — A vulnerability in SenseLive X3050’s remote management service allows firmware retrieval and update operations to be performed without authentication or authorization. The service accepts firmware-related...

vulnerabilityCVEcriticalhigh-severitycwe-306
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 5 IOCs /⚙ 3 Sigma

CVE-2026-25720 — A vulnerability exists in SenseLive X3050’s web management

CVE-2026-25720 — A vulnerability exists in SenseLive X3050’s web management interface due to improper session lifetime enforcement, allowing authenticated sessions to remain active for extended periods...

vulnerabilityCVEmedium-severitycwe-613
/SCW Vulnerability Desk /MEDIUM /5.4 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-1789 — A vulnerability in the browser-based remote management

CVE-2026-1789 — A vulnerability in the browser-based remote management interface may allow an administrator to access sensitive information on the device via crafted requests, affecting...

vulnerabilityCVEmedium-severitycwe-807
/SCW Vulnerability Desk /MEDIUM /4.9 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-6732 — Libxml2 Denial of Service

CVE-2026-6732 — A flaw was found in libxml2. This vulnerability occurs when the library processes a specially crafted XML Schema Definition (XSD) validated document that...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-843
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 2 Sigma

OpenShell Mirror Mode Allows Arbitrary Code Execution

CVE-2026-41355 — OpenShell before 2026.3.28 contains an arbitrary code execution vulnerability in mirror mode that converts untrusted sandbox files into workspace hooks. Attackers with mirror...

vulnerabilityCVEhigh-severitycode-executioncwe-829
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 4 IOCs /⚙ 3 Sigma

OpenClaw: High-Severity Access Control Bypass Looms

CVE-2026-41353 — OpenClaw before 2026.3.22 contains an access control bypass vulnerability in the allowProfiles feature that allows attackers to circumvent profile restrictions through persistent profile...

vulnerabilityCVEhigh-severitycwe-472
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 4 IOCs /⚙ 2 Sigma

OpenClaw RCE: Paired Nodes Bypass Auth, Allow Arbitrary Commands

CVE-2026-41352 — OpenClaw before 2026.3.31 contains a remote code execution vulnerability where a device-paired node can bypass the node scope gate authentication mechanism. Attackers with...

vulnerabilityCVEhigh-severityremote-code-executioncwe-862
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 3 Sigma

OpenClaw LLM Agent Bypass: Silent Execution Approval Disabled

CVE-2026-41349 — OpenClaw before 2026.3.28 contains an agentic consent bypass vulnerability allowing LLM agents to silently disable execution approval via config.patch parameter. Remote attackers can...

vulnerabilityCVEhigh-severitycwe-862
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 3 Sigma

OpenClaw CSRF Vulnerability: High-Severity Risk in Trusted-Proxy Deployments

CVE-2026-41347 — OpenClaw before 2026.3.31 lacks browser-origin validation in HTTP operator endpoints when operating in trusted-proxy mode, allowing cross-site request forgery attacks. Attackers can exploit...

vulnerabilityCVEhigh-severitycwe-352
/SCW Vulnerability Desk /HIGH /7.1 /⚑ 4 IOCs /⚙ 3 Sigma

OpenClaw Authentication Bypass Poses Remote Onboarding Risk

CVE-2026-41342 — OpenClaw before 2026.3.28 contains an authentication bypass vulnerability in the remote onboarding component that persists unauthenticated discovery endpoints without explicit trust confirmation. Attackers...

vulnerabilityCVEhigh-severityauthentication-bypasscwe-346
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 3 Sigma

OpenClaw Vulnerability: Arbitrary Code Execution via .env File Override

CVE-2026-41336 — OpenClaw before 2026.3.31 allows workspace .env files to override the OPENCLAW_BUNDLED_HOOKS_DIR environment variable, enabling loading of attacker-controlled hook code. Attackers can replace trusted...

vulnerabilityCVEhigh-severitycwe-829
/SCW Vulnerability Desk /HIGH /7.8 /⚑ 3 IOCs /⚙ 3 Sigma

Critical SSRF in Microsoft Entra ID Entitlement Management

CVE-2026-35431 — Server-side request forgery (ssrf) in Microsoft Entra ID Entitlement Management allows an unauthorized attacker to perform spoofing over a network.

vulnerabilityCVEcriticalhigh-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /CRITICAL /10 /⚑ 2 IOCs /⚙ 3 Sigma

Critical Deserialization RCE in Microsoft Bing (CVE-2026-33819)

CVE-2026-33819 — Deserialization of untrusted data in Microsoft Bing allows an unauthorized attacker to execute code over a network.

vulnerabilityCVEcriticalhigh-severityinsecure-deserializationcwe-502
/SCW Vulnerability Desk /CRITICAL /10 /⚑ 2 IOCs /⚙ 3 Sigma

M365 Copilot Critical Open Redirect Allows Privilege Escalation

CVE-2026-33102 — Url redirection to untrusted site ('open redirect') in M365 Copilot allows an unauthorized attacker to elevate privileges over a network.

vulnerabilityCVEcriticalhigh-severityopen-redirectcwe-601
/SCW Vulnerability Desk /CRITICAL /9.3 /⚑ 2 IOCs /⚙ 2 Sigma

Critical SSRF in Microsoft Dynamics 365 Poses Spoofing Risk

CVE-2026-32210 — Server-side request forgery (ssrf) in Microsoft Dynamics 365 (Online) allows an unauthorized attacker to perform spoofing over a network.

vulnerabilityCVEcriticalhigh-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /CRITICAL /9.3 /⚑ 1 IOC /⚙ 3 Sigma

Microsoft Power Apps Vulnerability Allows Remote Code Execution

CVE-2026-32172 — Uncontrolled search path element in Microsoft Power Apps allows an unauthorized attacker to execute code over a network.

vulnerabilityCVEhigh-severitycwe-427
/SCW Vulnerability Desk /HIGH /8 /⚑ 2 IOCs /⚙ 3 Sigma

Critical KTransformers Unsafe Deserialization Vulnerability (CVE-2026-26210)

CVE-2026-26210 — KTransformers through 0.5.3 contains an unsafe deserialization vulnerability in the balance_serve backend mode where the scheduler RPC server binds a ZMQ ROUTER socket...

vulnerabilityCVEcriticalhigh-severityinsecure-deserializationcwe-502
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 1 IOC /⚙ 3 Sigma

Microsoft Purview SSRF: Privilege Escalation Risk

CVE-2026-26150 — Server-side request forgery (ssrf) in Microsoft Purview allows an unauthorized attacker to elevate privileges over a network.

vulnerabilityCVEhigh-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /HIGH /8.6 /⚑ 2 IOCs /⚙ 3 Sigma

Critical Privilege Escalation in Microsoft Partner Center

CVE-2026-24303 — Improper access control in Microsoft Partner Center allows an authorized attacker to elevate privileges over a network.

vulnerabilityCVEcriticalhigh-severityimproper-access-controlcwe-284
/SCW Vulnerability Desk /CRITICAL /9.6 /⚑ 2 IOCs /⚙ 3 Sigma

Breeze Cache Plugin Exploit: Unauthenticated File Upload Hits WordPress

BleepingComputer reports active exploitation of a critical file upload vulnerability in the Breeze Cache WordPress plugin. This flaw allows unauthenticated attackers to upload arbitrary files...

threat-inteldata-breachmalwarevulnerabilityidentity
/SCW Vulnerability Desk /MEDIUM /⚑ 1 IOC /⚙ 3 Sigma

Critical RCE Flaw in radare2-mcp: Command Injection via JSON-RPC

CVE-2026-6942 — radare2-mcp version 1.6.0 and earlier contains an os command injection vulnerability that allows remote attackers to execute arbitrary commands by bypassing the command...

vulnerabilityCVEcriticalhigh-severityremote-code-executioncwe-78
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-6941 — Its Project Notes Handling That Path Traversal

CVE-2026-6941 — radare2 prior to 6.1.4 contains a path traversal vulnerability in its project notes handling that allows attackers to read or write files outside...

vulnerabilityCVEmedium-severitypath-traversalcwe-59
/SCW Vulnerability Desk /MEDIUM /6.6 /⚑ 2 IOCs /⚙ 3 Sigma

Radare2 Path Traversal Flaw: Local Attackers Can Delete Arbitrary Directories

CVE-2026-6940 — radare2 prior to 6.1.4 contains a path traversal vulnerability in project deletion that allows local attackers to recursively delete arbitrary directories by supplying...

vulnerabilityCVEhigh-severitypath-traversalcwe-22
/SCW Vulnerability Desk /HIGH /7.1 /⚑ 1 IOC /⚙ 3 Sigma

CVE-2026-28525 — The Multipart Upload Parser In Mongoose_multipart.C That Denial of Service

CVE-2026-28525 — SWUpdate contains an integer underflow vulnerability in the multipart upload parser in mongoose_multipart.c that allows unauthenticated attackers to cause a denial of service...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-125cwe-191
/SCW Vulnerability Desk /MEDIUM /6.8 /⚑ 3 IOCs /⚙ 5 Sigma

Flowise SSRF Bypass: DNS Rebinding Opens LLM Flows to Attackers

CVE-2026-41272 — Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, the core security wrappers...

vulnerabilityCVEhigh-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /HIGH /7.1 /⚑ 4 IOCs /⚙ 3 Sigma

Flowise SSRF Vulnerability Exposes Internal Systems

CVE-2026-41271 — Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, a Server-Side Request Forgery...

vulnerabilityCVEhigh-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /HIGH /7.1 /⚑ 1 IOC /⚙ 3 Sigma

Flowise SSRF Bypass: Internal Network at Risk

CVE-2026-41270 — Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, a Server-Side Request Forgery...

vulnerabilityCVEhigh-severityserver-side-request-forgerycwe-284cwe-918
/SCW Vulnerability Desk /HIGH /7.1 /⚑ 3 IOCs /⚙ 3 Sigma

Flowise RCE via Malicious JavaScript Uploads

CVE-2026-41269 — Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, the Chatflow configuration file...

vulnerabilityCVEhigh-severityremote-code-executioncwe-434
/SCW Vulnerability Desk /HIGH /7.1 /⚑ 3 IOCs /⚙ 3 Sigma

Flowise RCE: Unauthenticated Command Execution

CVE-2026-41268 — Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, Flowise is vulnerable to...

vulnerabilityCVEhigh-severitycwe-20
/SCW Vulnerability Desk /HIGH /7.7 /⚑ 1 IOC /⚙ 3 Sigma

Flowise Cloud Vulnerability Exposes Multi-Tenant Environments

CVE-2026-41267 — Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, an improper mass assignment...

vulnerabilityCVEhigh-severitycwe-639cwe-915
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 3 IOCs /⚙ 2 Sigma

Flowise RCE: Unchecked Input Leads to Code Execution

CVE-2026-41138 — Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, there is a remote...

vulnerabilityCVEhigh-severityremote-code-executioncwe-94
/SCW Vulnerability Desk /HIGH /8.3 /⚑ 3 IOCs /⚙ 3 Sigma

Contour Kubernetes Ingress: Lua Code Injection Leads to Envoy RCE

CVE-2026-41246 — Contour is a Kubernetes ingress controller using Envoy proxy. From v1.19.0 to before v1.33.4, v1.32.5, and v1.31.6, Contour's Cookie Rewriting feature is vulnerable...

vulnerabilityCVEhigh-severitycode-executioncwe-94
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 4 IOCs /⚙ 3 Sigma

Pretalx XSS: Organizer Search Exposes User Data

CVE-2026-41241 — pretalx is a conference planning tool. Prior to 2026.1.0, The organiser search in the pretalx backend rendered submission titles, speaker display names, and...

vulnerabilityCVEhigh-severitycwe-79
/SCW Vulnerability Desk /HIGH /8.7 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-41213 — @node-oauth/oauth2-server is a module for implementing an

CVE-2026-41213 — @node-oauth/oauth2-server is a module for implementing an OAuth2 server in Node.js. The token exchange path accepts RFC7636-invalid code_verifier values (including one-character strings) for...

vulnerabilityCVEmedium-severitycwe-307cwe-1289
/SCW Vulnerability Desk /MEDIUM /5.9 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-41173 — The AWS X-Ray Remote Sampler package provides a sampler

CVE-2026-41173 — The AWS X-Ray Remote Sampler package provides a sampler which can get sampling configurations from AWS X-Ray. Prior to 0.1.0-alpha.8, OpenTelemetry.Sampler.AWS reads unbounded...

vulnerabilityCVEmedium-severitycwe-770
/SCW Vulnerability Desk /MEDIUM /5.9 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-41078 — Denial of Service

CVE-2026-41078 — OpenTelemetry dotnet is a dotnet telemetry framework. In 1.6.0-rc.1 and earlier, OpenTelemetry.Exporter.Jaeger may allow sustained memory pressure when the internal pooled-list sizing grows...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-770
/SCW Vulnerability Desk /MEDIUM /5.9 /⚑ 2 IOCs /⚙ 1 Sigma

CVE-2026-40894 — Denial of Service

CVE-2026-40894 — OpenTelemetry dotnet is a dotnet telemetry framework. In OpenTelemetry.Api 0.5.0-beta.2 to 1.15.2 and OpenTelemetry.Extensions.Propagators 1.3.1 to 1.15.2, The implementation details of the baggage,...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-789
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 1 Sigma

Argo Workflows Crash Loop: Malformed Annotation Halts Processing

CVE-2026-40886 — Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. From 3.6.5 to 4.0.4, an unchecked array index...

vulnerabilityCVEhigh-severitycwe-129
/SCW Vulnerability Desk /HIGH /7.7 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-31173 — ToToLink A3300R Firmware Vulnerability

CVE-2026-31173 — An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to execute arbitrary commands via the interval parameter to /cgi-bin/cstecgi.cgi.

vulnerabilityCVEmedium-severitycwe-77
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-31168 — ToToLink A3300R Firmware Vulnerability

CVE-2026-31168 — An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to execute arbitrary commands via the recHour parameter to /cgi-bin/cstecgi.cgi.

vulnerabilityCVEmedium-severitycwe-77
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-31163 — ToToLink A3300R Firmware Vulnerability

CVE-2026-31163 — An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to execute arbitrary commands via the dhcpMtu parameter to /cgi-bin/cstecgi.cgi.

vulnerabilityCVEmedium-severitycwe-77
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-31162 — ToToLink A3300R Firmware Vulnerability

CVE-2026-31162 — An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to execute arbitrary commands via the ttlWay parameter to /cgi-bin/cstecgi.cgi.

vulnerabilityCVEmedium-severitycwe-77
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 2 Sigma

CISA Breach: Cisco Vulnerability Led to Persistent Backdoor

A U.S. government agency, unnamed but confirmed by CISA, was compromised via a Cisco vulnerability, according to The Record by Recorded Future. The attack deployed...

threat-inteldata-breachgovernmentmalwarevulnerability
/SCW Vulnerability Desk /HIGH /⚑ 2 IOCs /⚙ 3 Sigma

Surveillance Firms Weaponize Telecom Flaws for Location Tracking

New research from The Record by Recorded Future reveals surveillance companies are actively exploiting a critical weakness within global telecom infrastructure. These vendors are reportedly...

threat-inteldata-breachgovernmentvulnerability
/SCW Vulnerability Desk /MEDIUM /⚑ 2 IOCs

CVE-2026-6921 — Race in GPU in Google Chrome on Windows prior to

CVE-2026-6921 — Race in GPU in Google Chrome on Windows prior to 147.0.7727.117 allowed a remote attacker to potentially perform a sandbox escape via a...

vulnerabilityCVEmedium-severitycwe-362cwe-362
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 3 IOCs /⚙ 3 Sigma

Chrome on Android GPU Vulnerability Allows Sandbox Escape

CVE-2026-6920 — Out of bounds read in GPU in Google Chrome on Android prior to 147.0.7727.117 allowed a remote attacker who had compromised the renderer...

vulnerabilityCVEhigh-severityout-of-bounds-1cwe-125cwe-125
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-41909 — Paired-Device Pairing Management That Vulnerability

CVE-2026-41909 — OpenClaw before 2026.4.20 contains an improper authorization vulnerability in paired-device pairing management that allows limited-scope sessions to enumerate and act on pairing requests....

vulnerabilityCVEmedium-severitycwe-863
/SCW Vulnerability Desk /MEDIUM /5.4 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-41908 — The Assistant-Media Route That Vulnerability

CVE-2026-41908 — OpenClaw before 2026.4.20 contains a scope enforcement bypass vulnerability in the assistant-media route that allows trusted-proxy callers without operator.read scope to access protected...

vulnerabilityCVEmedium-severitycwe-863
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-40891 — Denial of Service

CVE-2026-40891 — OpenTelemetry dotnet is a dotnet telemetry framework. From 1.13.1 to before 1.15.2, When exporting telemetry over gRPC using the OpenTelemetry Protocol (OTLP), the...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-789
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-40182 — OpenTelemetry dotnet is a dotnet telemetry framework. From

CVE-2026-40182 — OpenTelemetry dotnet is a dotnet telemetry framework. From 1.13.1 to before 1.15.2, When exporting telemetry to a back-end/collector over gRPC or HTTP using...

vulnerabilityCVEmedium-severitycwe-789
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-31179 — ToToLink A3300R Firmware Vulnerability

CVE-2026-31179 — An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to execute arbitrary commands via the stun-port parameter to /cgi-bin/cstecgi.cgi.

vulnerabilityCVEmedium-severitycwe-77
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-31176 — ToToLink A3300R Firmware Vulnerability

CVE-2026-31176 — An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to execute arbitrary commands via the stun-user parameter to /cgi-bin/cstecgi.cgi.

vulnerabilityCVEmedium-severitycwe-77
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-31159 — ToToLink A3300R Firmware Vulnerability

CVE-2026-31159 — An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to execute arbitrary commands via the password parameter to /cgi-bin/cstecgi.cgi.

vulnerabilityCVEmedium-severitycwe-77
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 2 Sigma

UNC6692 Impersonates IT Helpdesk via Microsoft Teams with SNOW Malware

SCW notes a new threat cluster, UNC6692, is actively deploying custom malware named SNOW. The Hacker News reports that UNC6692 employs social engineering via Microsoft...

threat-intelvulnerabilitymalwaremicrosoftphishing
/SCW Vulnerability Desk /MEDIUM /⚑ 3 IOCs

CVE-2026-41239 — Cross-Site Scripting (XSS)

CVE-2026-41239 — DOMPurify is a DOM-only cross-site scripting sanitizer for HTML, MathML, and SVG. Starting in version 1.0.10 and prior to version 3.4.0, `SAFE_FOR_TEMPLATES` strips...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79cwe-1289
/SCW Vulnerability Desk /MEDIUM /6.8 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-41238 — Cross-Site Scripting (XSS)

CVE-2026-41238 — DOMPurify is a DOM-only cross-site scripting sanitizer for HTML, MathML, and SVG. Versions 3.0.1 through 3.3.3 are vulnerable to a prototype pollution-based XSS...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79cwe-1321
/SCW Vulnerability Desk /MEDIUM /6.9 /⚑ 3 IOCs /⚙ 3 Sigma

Critical XSS in hackage-server via Malicious .cabal Metadata

CVE-2026-40472 — In hackage-server, user-controlled metadata from .cabal files are rendered into HTML href attributes without proper sanitization, enabling stored Cross-Site Scripting (XSS) attacks.

vulnerabilityCVEcriticalhigh-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /CRITICAL /9.9 /⚑ 3 IOCs /⚙ 3 Sigma

Critical CSRF Flaw in hackage-server Poses Supply Chain Risk

CVE-2026-40471 — hackage-server lacked Cross-Site Request Forgery (CSRF) protection across its endpoints. Scripts on foreign sites could trigger requests to hackage server, possibly abusing latent...

vulnerabilityCVEcriticalhigh-severitycwe-352
/SCW Vulnerability Desk /CRITICAL /9.6 /⚑ 3 IOCs /⚙ 3 Sigma

Critical XSS in Hackage Server Exposes User Sessions

CVE-2026-40470 — A critical XSS vulnerability affected hackage-server and hackage.haskell.org. HTML and JavaScript files provided in source packages or via the documentation upload facility were...

vulnerabilityCVEcriticalhigh-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /CRITICAL /9.9 /⚑ 3 IOCs /⚙ 3 Sigma

X.Org X Server Flaw: Local Attackers Exploit OOB Memory Access

CVE-2026-34003 — A flaw was found in the X.Org X server's XKB key types request validation. A local attacker could send a specially crafted request...

vulnerabilityCVEhigh-severitydenial-of-servicecwe-125
/SCW Vulnerability Desk /HIGH /7.8 /⚑ 3 IOCs /⚙ 3 Sigma

X.Org Server Flaw: Use-After-Free Threatens Linux Desktops

CVE-2026-34001 — A flaw was found in the X.Org X server. This use-after-free vulnerability occurs in the XSYNC fence triggering logic, specifically within the miSyncTriggerFence()...

vulnerabilityCVEhigh-severityuse-after-freecwe-825
/SCW Vulnerability Desk /HIGH /7.8 /⚑ 3 IOCs /⚙ 2 Sigma

X.Org Server Underflow: Local RCE and DoS Risk

CVE-2026-33999 — A flaw was found in the X.Org X server. This integer underflow vulnerability, specifically in the XKB compatibility map handling, allows an attacker...

vulnerabilityCVEhigh-severitydenial-of-servicecwe-191
/SCW Vulnerability Desk /HIGH /7.8 /⚑ 3 IOCs /⚙ 2 Sigma

Critical Kofax Capture RCE Vulnerability: Unauthenticated Access to Files and NTLMv2 Coercion

CVE-2026-23751 — Kofax Capture, now referred to as Tungsten Capture, version 6.0.0.0 (other versions may be affected) exposes a deprecated .NET Remoting HTTP channel on...

vulnerabilityCVEcriticalhigh-severityremote-code-executioncwe-306cwe-441
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 4 IOCs /⚙ 4 Sigma

Critical RCE in Pipecat Python Framework: CVE-2025-62373

CVE-2025-62373 — Pipecat is an open-source Python framework for building real-time voice and multimodal conversational agents. Versions 0.0.41 through 0.0.93 have a vulnerability in `LivekitFrameSerializer`...

vulnerabilityCVEcriticalhigh-severityremote-code-executioncwe-502
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 4 IOCs /⚙ 3 Sigma

Bitwarden CLI Compromised in Checkmarx Supply Chain Attack

The Hacker News reports that the Bitwarden command-line interface (CLI) has been compromised. This incident is part of an ongoing supply chain campaign initially identified...

threat-intelvulnerability
/SCW Vulnerability Desk /MEDIUM /⚑ 3 IOCs /⚙ 3 Sigma

Supply Chain Exploits & DeFi Hacks: Old Bugs, New Targets

The cybersecurity landscape continues to see a troubling recurrence of familiar vulnerabilities, despite their long-standing presence. According to The Hacker News, incidents frequently surface that...

threat-intelvulnerabilitymalware
/SCW Vulnerability Desk /MEDIUM /⚑ 3 IOCs

Critical Code Injection Flaw in FunnelFormsPro Exposes Remote Execution Risk

CVE-2026-39440 — Improper Control of Generation of Code ('Code Injection') vulnerability in Funnelforms LLC FunnelFormsPro allows Remote Code Inclusion.This issue affects FunnelFormsPro: from n/a through...

vulnerabilityCVEcriticalhigh-severitycwe-94
/SCW Vulnerability Desk /CRITICAL /9.9 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2025-66286 — An API design flaw in WebKitGTK and WPE WebKit allows

CVE-2025-66286 — An API design flaw in WebKitGTK and WPE WebKit allows untrusted web content to unexpectedly perform IP connections, DNS lookups, and HTTP requests....

vulnerabilityCVEmedium-severitycwe-639
/SCW Vulnerability Desk /MEDIUM /4.7 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2025-13763 — Information Disclosure

CVE-2025-13763 — Multiple uses of uninitialized variables were found in libopensc that may lead to information disclosure or application crash. An attack requires a crafted...

vulnerabilityCVEmedium-severityinformation-disclosure
/SCW Vulnerability Desk /MEDIUM /5.7 /⚑ 1 IOC /⚙ 3 Sigma

CVE-2026-28040 — Magepeople Inc. Taxi Booking Manager For WooCommerce Cross-Site Scripting (XSS)

CVE-2026-28040 — Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Magepeople inc. Taxi Booking Manager for WooCommerce allows Stored XSS.This issue...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 5 Sigma

CVE-2025-62110 — Rescue Themes Rescue Shortcodes Cross-Site Scripting (XSS)

CVE-2025-62110 — Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rescue Themes Rescue Shortcodes allows Stored XSS.This issue affects Rescue Shortcodes:...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2025-62104 — Navneil Naicker ACF Galerie Vulnerability

CVE-2025-62104 — Missing Authorization vulnerability in Navneil Naicker ACF Galerie 4 allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ACF Galerie 4: from...

vulnerabilityCVEmedium-severitycwe-862
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 2 Sigma

AI Accelerates Exploitation: The Collapsing Exploit Window

The cybersecurity landscape is fundamentally shifting. As The Hacker News reports, AI is dramatically accelerating the speed and scale of automated exploitation. This isn't theoretical;...

threat-intelvulnerability
/SCW Vulnerability Desk /MEDIUM /⚑ 2 IOCs

Supply Chain Attack Targets Checkmarx Software Packages

The Israel National Cyber Directorate (INCD) has issued an alert regarding a supply chain attack that compromised several software packages maintained by Checkmarx. Malicious code...

INCDisraeladvisoryalert
/MEDIUM /⚑ 1 IOC /⚙ 3 Sigma

AI Finds Bugs Fast: Anthropic's Project Glasswing Fuels Pre-Emptive Patching

Anthropic's Project Glasswing represents a significant leap in AI's offensive security capabilities. The company has developed an AI model capable of identifying software vulnerabilities with...

threat-intelvulnerabilitymicrosoftai-securitytools
/SCW Vulnerability Desk /MEDIUM /⚑ 1 IOC

CISA Mandates Patching of Zero-Day Microsoft Defender Flaw

CISA has issued a directive compelling U.S. federal agencies to immediately patch a critical vulnerability in Microsoft Defender, identified as 'BlueHammer'. This elevation flaw has...

threat-inteldata-breachmalwarevulnerabilitymicrosoft
/SCW Vulnerability Desk /HIGH /⚑ 1 IOC /⚙ 3 Sigma

Luxury Cosmetics Giant Rituals Discloses Data Breach

Luxury cosmetics giant Rituals has disclosed a data breach, according to SecurityWeek. The company is currently notifying its "My Rituals" members that unauthorized actors successfully...

threat-intelvulnerabilitydata-breach
/SCW Vulnerability Desk /MEDIUM /⚑ 1 IOC /⚙ 3 Sigma

LabOne Web Server Suffers Arbitrary File Read Flaw

CVE-2026-6903 — The LabOne Web Server, backing the LabOne User Interface, contains insufficient input validation in its file access functionality. An unauthenticated attacker could exploit...

vulnerabilityCVEhigh-severityarbitrary-file-accesscwe-22cwe-346
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 3 IOCs /⚙ 3 Sigma

Critical SQL Injection in End-of-Life Borg SPM 2007

CVE-2026-6887 — Borg SPM 2007 (Sales Ended in 2008) developed by BorG Technology Corporation has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary...

vulnerabilityCVEcriticalhigh-severitysql-injectioncwe-89
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 3 IOCs /⚙ 3 Sigma

Critical Authentication Bypass in End-of-Life Borg SPM 2007

CVE-2026-6886 — Borg SPM 2007 (Sales Ended in 2008) developed by BorG Technology Corporation has a Authentication Bypass vulnerability, allowing unauthenticated remote attackers to log into...

vulnerabilityCVEcriticalhigh-severityauthentication-bypasscwe-1390
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 2 IOCs /⚙ 2 Sigma

Critical Borg SPM 2007 Vulnerability Allows Unauthenticated Remote Code Execution

CVE-2026-6885 — Borg SPM 2007 (Sales Ended in 2008) developed by BorG Technology Corporation has an Arbitrary File Upload vulnerability, allowing unauthenticated remote attackers to...

vulnerabilityCVEcriticalhigh-severitycode-executioncwe-434
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 1 IOC /⚙ 3 Sigma

WordPress Plugin Flaw Allows Arbitrary Plugin Installation and RCE

CVE-2026-5464 — The ExactMetrics – Google Analytics Dashboard for WordPress (Website Stats Plugin) plugin for WordPress is vulnerable to unauthorized arbitrary plugin installation and activation...

vulnerabilityCVEhigh-severityremote-code-executioncwe-862
/SCW Vulnerability Desk /HIGH /7.2 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-3960 — Remote Code Execution

CVE-2026-3960 — A critical remote code execution vulnerability exists in the unauthenticated REST API endpoint /99/ImportSQLTable in H2O-3 version 3.46.0.9 and prior. The vulnerability arises...

vulnerabilityCVEmedium-severityremote-code-executioncwe-94
/SCW Vulnerability Desk /MEDIUM /5.9 /⚑ 2 IOCs /⚙ 3 Sigma

GopherWhisper APT Targets Mongolian Government with Go Backdoors

A new China-aligned threat actor, dubbed GopherWhisper, has been identified targeting at least 12 Mongolian government systems. The group utilizes a toolkit primarily written in...

threat-intelvulnerabilitymalwaretools
/SCW Vulnerability Desk /MEDIUM /⚙ 3 Sigma

Vercel Confirms Additional Customer Accounts Compromised in Context.ai Breach

Vercel has disclosed that the security incident impacting its internal systems, linked to Context.ai, has resulted in the compromise of further customer accounts. The company...

threat-intelvulnerabilitydata-breach
/SCW Vulnerability Desk /HIGH /⚑ 2 IOCs /⚙ 3 Sigma

Zero-Day Flaw in Microsoft Defender Leveraged by Attackers

SecurityWeek reports a critical zero-day vulnerability in Microsoft Defender has been actively exploited. This flaw grants attackers the ability to access the Security Account Manager...

threat-intelvulnerabilitymicrosoft
/SCW Vulnerability Desk /MEDIUM /⚑ 3 IOCs /⚙ 3 Sigma

GROWI ReDoS Vulnerability (CVE-2026-41040) Poses High DoS Risk

CVE-2026-41040 — GROWI provided by GROWI, Inc. is vulnerable to a regular expression denial of service (ReDoS) via a crafted input string.

vulnerabilityCVEhigh-severitydenial-of-servicecwe-1333
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 3 IOCs /⚙ 2 Sigma

IP Setting Software Vulnerability Allows Arbitrary Code Execution

CVE-2026-34488 — IP Setting Software contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result,...

vulnerabilityCVEhigh-severitycwe-427
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-41990 — Libgcrypt before 1.12.2 mishandles Dilithium signing.

CVE-2026-41990 — Libgcrypt before 1.12.2 mishandles Dilithium signing. Writes to a static array lack a bounds check but do not use attacker-controlled data.

vulnerabilityCVEmedium-severitycwe-787
/SCW Vulnerability Desk /MEDIUM /4 /⚑ 2 IOCs /⚙ 1 Sigma

CVE-2026-41989 — Buffer Overflow

CVE-2026-41989 — Libgcrypt before 1.12.2 sometimes allows a heap-based buffer overflow and denial of service via crafted ECDH ciphertext to gcry_pk_decrypt.

vulnerabilityCVEmedium-severitybuffer-overflowcwe-787
/SCW Vulnerability Desk /MEDIUM /6.7 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-41233 — Froxlor is open source server administration software.

CVE-2026-41233 — Froxlor is open source server administration software. Prior to version 2.3.6, in `Domains.add()`, the `adminid` parameter is accepted from user input and used...

vulnerabilityCVEmedium-severitycwe-863
/SCW Vulnerability Desk /MEDIUM /5.4 /⚑ 2 IOCs

CVE-2026-41232 — Froxlor is open source server administration software.

CVE-2026-41232 — Froxlor is open source server administration software. Prior to version 2.3.6, in `EmailSender::add()`, the domain ownership validation for full email sender aliases uses...

vulnerabilityCVEmedium-severitycwe-863
/SCW Vulnerability Desk /MEDIUM /5 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-40529 — SQL Injection

CVE-2026-40529 — CMS ALAYA provided by KANATA Limited contains an SQL injection vulnerability. Information stored in the database may be obtained or altered by an...

vulnerabilityCVEmedium-severitysql-injectioncwe-89
/SCW Vulnerability Desk /MEDIUM /4.7 /⚑ 2 IOCs

Froxlor Vulnerability Grants Root Ownership of Arbitrary Directories

CVE-2026-41231 — Froxlor is open source server administration software. Prior to version 2.3.6, `DataDump.add()` constructs the export destination path from user-supplied input without passing the...

vulnerabilityCVEhigh-severitycwe-59
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 5 IOCs /⚙ 3 Sigma

Froxlor Critical Flaw Allows Arbitrary DNS Record Injection

CVE-2026-41230 — Froxlor is open source server administration software. Prior to version 2.3.6, `DomainZones::add()` accepts arbitrary DNS record types without a whitelist and does not...

vulnerabilityCVEhigh-severitycwe-93
/SCW Vulnerability Desk /HIGH /8.5 /⚑ 5 IOCs /⚙ 3 Sigma

Froxlor Critical RCE: Unsanitized Admin Input Leads to Persistent Code Execution

CVE-2026-41229 — Froxlor is open source server administration software. Prior to version 2.3.6, `PhpHelper::parseArrayToString()` writes string values into single-quoted PHP string literals without escaping single...

vulnerabilityCVEcriticalhigh-severitycwe-94
/SCW Vulnerability Desk /CRITICAL /9.1 /⚑ 4 IOCs /⚙ 3 Sigma

Critical Froxlor Bug: Authenticated Code Execution via Language File Path Traversal

CVE-2026-41228 — Froxlor is open source server administration software. Prior to version 2.3.6, the Froxlor API endpoint `Customers.update` (and `Admins.update`) does not validate the `def_language`...

vulnerabilityCVEcriticalhigh-severitycode-executioncwe-98
/SCW Vulnerability Desk /CRITICAL /9.9 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-3361 — Cross-Site Scripting (XSS)

CVE-2026-3361 — The WP Store Locator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'wpsl_address' post meta value in versions up to,...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-3007 — Cross-Site Scripting (XSS)

CVE-2026-3007 — Successful exploitation of the stored cross-site scripting (XSS) vulnerability could allow an attacker to execute arbitrary JavaScript on any user account that has...

vulnerabilityCVEmedium-severitycross-site-scripting-xss
/SCW Vulnerability Desk /MEDIUM /5.4 /⚑ 1 IOC /⚙ 2 Sigma

Apple Patches Critical Notification Data Leak Vulnerability

Apple has issued urgent updates to address CVE-2026-28950, a critical vulnerability within its notification management system. As reported by Cyber Updates - Asher Tamam, this...

israelvulnerability
/SCW Vulnerability Desk /MEDIUM /⚑ 4 IOCs /⚙ 3 Sigma

Critical RCE Flaw in Breeze Cache WordPress Plugin

CVE-2026-3844 — The Breeze Cache plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'fetch_gravatar_from_remote' function in...

vulnerabilityCVEcriticalhigh-severityremote-code-executioncwe-434
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-2951 — Cross-Site Scripting (XSS)

CVE-2026-2951 — The Gutentor – Gutenberg Blocks – Page Builder for Gutenberg Editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /5.4 /⚑ 2 IOCs /⚙ 3 Sigma

Critical RCE in Paperclip AI Orchestration Platform (CVE-2026-41679)

CVE-2026-41679 — Paperclip is a Node.js server and React UI that orchestrates a team of AI agents to run a business. Prior to version 2026.416.0,...

vulnerabilityCVEcriticalhigh-severityremote-code-executioncwe-287cwe-862cwe-1188
/SCW Vulnerability Desk /CRITICAL /10 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-41208: Paperclip AI Agent Privilege Escalation to RCE

CVE-2026-41208 — Paperclip is a Node.js server and React UI that orchestrates a team of AI agents to run a business. Versions of @paperclipai/server prior...

vulnerabilityCVEhigh-severityremote-code-executioncwe-78
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-41182 — LangSmith Client SDKs provide SDK's for interacting with

CVE-2026-41182 — LangSmith Client SDKs provide SDK's for interacting with the LangSmith platform. Prior to version 0.5.19 of the JavaScript SDK and version 0.7.31 of...

vulnerabilityCVEmedium-severitycwe-200cwe-359cwe-532
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 4 IOCs /⚙ 3 Sigma

PsiTransfer RCE: Unauthenticated Code Execution via Path Traversal

CVE-2026-41180 — PsiTransfer is an open source, self-hosted file sharing solution. Prior to version 2.4.3, the upload PATCH flow under `/files/:uploadId` validates the mounted request...

vulnerabilityCVEhigh-severitycwe-22
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 3 IOCs /⚙ 8 Sigma

CVE-2026-1923 — Cross-Site Scripting (XSS)

CVE-2026-1923 — The Social Rocket – Social Sharing Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘id’ parameter in all versions...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-6878 — ByteDance Verl Vulnerability

CVE-2026-6878 — A vulnerability was identified in ByteDance verl up to 0.7.0. Affected is the function math_equal of the file prime_math/grader.py. The manipulation leads to...

vulnerabilityCVEmedium-severitycwe-264cwe-265
/SCW Vulnerability Desk /MEDIUM /5.6 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-6874 — A vulnerability was determined in ericc-ch copilot-api up

CVE-2026-6874 — A vulnerability was determined in ericc-ch copilot-api up to 0.7.0. This impacts an unknown function of the file /token of the component Header...

vulnerabilityCVEmedium-severitycwe-350
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 2 Sigma

IBM Storage Console Flaw: Unauthenticated RCE Risk

CVE-2026-5935 — IBM Total Storage Service Console (TSSC) / TS4500 IMC 9.2, 9.3, 9.4, 9.5, 9.6 TSSC/IMC could allow an unauthenticated user to execute arbitrary commands...

vulnerabilityCVEhigh-severitycwe-78
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-5926 — IBM Verify Identity Access Container 11.0 through 11.0.2

CVE-2026-5926 — IBM Verify Identity Access Container 11.0 through 11.0.2 and IBM Security Verify Access Container 10.0 through 10.0.9.1 and IBM Verify Identity Access 11.0...

vulnerabilityCVEmedium-severity
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 1 IOC /⚙ 2 Sigma

CVE-2026-4919 — Cross-Site Scripting (XSS)

CVE-2026-4919 — IBM Guardium Data Protection 12.1 is vulnerable to cross-site scripting. This vulnerability allows an administrative user to embed arbitrary JavaScript code in the...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /4.8 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-4918 — Cross-Site Scripting (XSS)

CVE-2026-4918 — IBM Guardium Data Protection 12.1 is vulnerable to stored cross-site scripting. This vulnerability allows an administrative user to embed arbitrary JavaScript code in...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /5.5 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-4917 — Arbitrary File Access

CVE-2026-4917 — IBM Guardium Data Protection 12.1 could allow an administrative user to traverse directories on the system. An attacker could send a specially crafted...

vulnerabilityCVEmedium-severityarbitrary-file-accesscwe-22
/SCW Vulnerability Desk /MEDIUM /4.9 /⚑ 2 IOCs /⚙ 3 Sigma

Ziostation2 Path Traversal Exposes Sensitive OS Info

CVE-2026-40062 — A path Traversal vulnerability exists in Ziostation2 v2.9.8.7 and earlier. A remote unauthenticated attacker may get sensitive information on the operating system.

vulnerabilityCVEhigh-severitypath-traversalcwe-22
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 2 IOCs /⚙ 2 Sigma

IBM WebSphere Liberty Identity Spoofing: High-Severity Vulnerability

CVE-2026-3621 — IBM WebSphere Application Server - Liberty 17.0.0.3 through 26.0.0.4 IBM WebSphere Application Server Liberty is vulnerable to identity spoofing under limited conditions when...

vulnerabilityCVEhigh-severitycwe-269
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-32679: DLL Hijacking in LiveOn Meet and Canon Camera Installers

CVE-2026-32679 — The installers of LiveOn Meet Client for Windows (Downloader5Installer.exe and Downloader5InstallerForAdmin.exe) and the installers of Canon Network Camera Plugin (CanonNWCamPlugin.exe and CanonNWCamPluginForAdmin.exe) insecurely...

vulnerabilityCVEhigh-severitycwe-427
/SCW Vulnerability Desk /HIGH /7.8 /⚑ 5 IOCs /⚙ 3 Sigma

CVE-2026-1352 — Denial of Service

CVE-2026-1352 — IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 for Linux, UNIX and Windows (includes Db2 Connect Server) could allow an authenticated user to...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-1284
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 1 Sigma

CVE-2025-36074 — IBM Security Verify Directory (Container) 10.0.0 through

CVE-2025-36074 — IBM Security Verify Directory (Container) 10.0.0 through 10.0.0.3 IBM Security Verify Directory could be vulnerable to malicious file upload by not validating file...

vulnerabilityCVEmedium-severitycwe-434
/SCW Vulnerability Desk /MEDIUM /5.5 /⚑ 2 IOCs /⚙ 2 Sigma

WeKan SSRF Vulnerability: Internal Network Exposure Risk

CVE-2026-41455 — WeKan before 8.35 contains a server-side request forgery vulnerability in webhook integration URL handling where the url schema field accepts any string without protocol...

vulnerabilityCVEhigh-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /HIGH /8.5 /⚑ 3 IOCs /⚙ 3 Sigma

Wekan API Flaw Grants Board Members Admin Powers

CVE-2026-41454 — WeKan before 8.35 contains a missing authorization vulnerability in the Integration REST API endpoints that allows authenticated board members to perform administrative actions without...

vulnerabilityCVEhigh-severitycwe-862
/SCW Vulnerability Desk /HIGH /8.3 /⚑ 5 IOCs /⚙ 3 Sigma

CVE-2026-41177 — Server-Side Request Forgery

CVE-2026-41177 — Squidex is an open source headless content management system and content management hub. Prior to version 7.23.0, the Squidex Restore API is vulnerable...

vulnerabilityCVEmedium-severityserver-side-request-forgerycwe-73cwe-918
/SCW Vulnerability Desk /MEDIUM /5.5 /⚑ 3 IOCs /⚙ 3 Sigma

Statamic CMS Vulnerability Allows Data Deletion via API Manipulation

CVE-2026-41175 — Statamic is a Laravel and Git powered content management system (CMS). Prior to versions 5.73.20 and 6.13.0, manipulating query parameters on Control Panel...

vulnerabilityCVEhigh-severitycwe-470
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 5 IOCs /⚙ 3 Sigma

Radare2 Command Injection: Malicious PDB Files Execute OS Commands

CVE-2026-40517 — radare2 prior to 6.1.4 contains a command injection vulnerability in the PDB parser's print_gvars() function that allows attackers to execute arbitrary commands by...

vulnerabilityCVEhigh-severitycommand-injectioncwe-78
/SCW Vulnerability Desk /HIGH /7.8 /⚑ 5 IOCs /⚙ 3 Sigma

Jellystat SQLi to RCE Critical Vulnerability (CVE-2026-41167)

CVE-2026-41167 — Jellystat is a free and open source Statistics App for Jellyfin. Prior to version 1.1.10, multiple API endpoints in Jellystat build SQL queries...

vulnerabilityCVEcriticalhigh-severitycwe-89
/SCW Vulnerability Desk /CRITICAL /9.1 /⚑ 4 IOCs /⚙ 3 Sigma

OpenRemote Privilege Escalation: Master Realm at Risk

CVE-2026-41166 — OpenRemote is an open-source internet-of-things platform. Prior to version 1.22.1, a user who has `write:admin` in one Keycloak realm can call the Manager...

vulnerabilityCVEhigh-severityprivilege-escalationcwe-284
/SCW Vulnerability Desk /HIGH /7 /⚑ 3 IOCs /⚙ 2 Sigma

RustFS Flaw: Non-Admin Takeover of Notification Targets

CVE-2026-40937 — RustFS is a distributed object storage system built in Rust. Prior to 1.0.0-alpha.94, all four notification target admin API endpoints in `rustfs/src/admin/handlers/event.rs` use...

vulnerabilityCVEhigh-severitycwe-862
/SCW Vulnerability Desk /HIGH /8.3 /⚑ 3 IOCs /⚙ 3 Sigma

OpenRemote XXE Flaw Exposes IoT Platforms to File Disclosure

CVE-2026-40882 — OpenRemote is an open-source internet-of-things platform. Prior to version 1.22.0, the Velbus asset import path parses attacker-controlled XML without explicit XXE hardening. An...

vulnerabilityCVEhigh-severityserver-side-request-forgerycwe-611
/SCW Vulnerability Desk /HIGH /7.6 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-34068 — nimiq-transaction provides the transaction primitive to be

CVE-2026-34068 — nimiq-transaction provides the transaction primitive to be used in Nimiq's Rust implementation. Prior to version 1.3.0, the staking contract accepts `UpdateValidator` transactions that...

vulnerabilityCVEmedium-severitycwe-347
/SCW Vulnerability Desk /MEDIUM /6.8 /⚑ 2 IOCs /⚙ 2 Sigma

EspoCRM Path Traversal: Admin Creds Lead to Arbitrary File Access

CVE-2026-33733 — EspoCRM is an open source customer relationship management application. Prior to version 9.3.4, the admin template management endpoints accept attacker-controlled `name` and `scope`...

vulnerabilityCVEhigh-severityarbitrary-file-accesscwe-23
/SCW Vulnerability Desk /HIGH /7.2 /⚑ 4 IOCs /⚙ 3 Sigma

EspoCRM Critical Path Traversal: Admin Access Leads to Server Compromise

CVE-2026-33656 — EspoCRM is an open source customer relationship management application. Prior to version 9.3.4, EspoCRM's built-in formula scripting engine allowing updating attachment's sourceId thus...

vulnerabilityCVEcriticalhigh-severitycwe-22
/SCW Vulnerability Desk /CRITICAL /9.1 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-34066 — nimiq-blockchain provides persistent block storage for

CVE-2026-34066 — nimiq-blockchain provides persistent block storage for Nimiq's Rust implementation. Prior to version 1.3.0, `HistoryStore::put_historic_txns` uses an `assert!` to enforce invariants about `HistoricTransaction.block_number` (must...

vulnerabilityCVEmedium-severitycwe-20cwe-617cwe-754
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 4 IOCs /⚙ 2 Sigma

Nimiq Primitives Node Panic via Malformed BLS Key

CVE-2026-34065 — nimiq-primitives contains primitives (e.g., block, account, transaction) to be used in Nimiq's Rust implementation. Prior to version 1.3.0, an untrusted p2p peer can...

vulnerabilityCVEhigh-severitycwe-252cwe-755
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 3 IOCs /⚙ 1 Sigma

CVE-2026-34064 — nimiq-account contains account primitives to be used in

CVE-2026-34064 — nimiq-account contains account primitives to be used in Nimiq's Rust implementation. Prior to version 1.3.0, `VestingContract::can_change_balance` returns `AccountError::InsufficientFunds` when `new_balance < min_cap`, but...

vulnerabilityCVEmedium-severitycwe-191
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 1 Sigma

Nimiq network-libp2p Crash Vulnerability: CVE-2026-34063

CVE-2026-34063 — Nimiq's network-libp2p is a Nimiq network implementation based on libp2p. Prior to version 1.3.0, `network-libp2p` discovery uses a libp2p `ConnectionHandler` state machine. the...

vulnerabilityCVEhigh-severitycwe-617
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 3 IOCs /⚙ 1 Sigma

CVE-2026-34062 — nimiq-libp2p is a Nimiq network implementation based on

CVE-2026-34062 — nimiq-libp2p is a Nimiq network implementation based on libp2p. Prior to version 1.3.0, `MessageCodec::read_request` and `read_response` call `read_to_end()` on inbound substreams, so a...

vulnerabilityCVEmedium-severitycwe-770
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 2 Sigma

Critical Nimiq Block Vulnerability: SkipBlockProof Bypass

CVE-2026-33471 — nimiq-block contains block primitives to be used in Nimiq's Rust implementation. `SkipBlockProof::verify` computes its quorum check using `BitSet.len()`, then iterates `BitSet` indices and...

vulnerabilityCVEcriticalhigh-severitycwe-20cwe-190cwe-345cwe-1284
/SCW Vulnerability Desk /CRITICAL /9.6 /⚑ 3 IOCs /⚙ 2 Sigma

Mirai Botnet Exploits End-of-Life D-Link Routers via RCE

A new Mirai botnet campaign is actively exploiting a critical command injection vulnerability (CVE-2025-29635) in end-of-life D-Link DIR-823X routers. BleepingComputer reports that this flaw allows...

threat-inteldata-breachmalwarevulnerability
/SCW Vulnerability Desk /HIGH /⚑ 2 IOCs /⚙ 1 Sigma

CVE-2026-41469 — Beghelli Sicuro24 SicuroWeb does not enforce a Content

CVE-2026-41469 — Beghelli Sicuro24 SicuroWeb does not enforce a Content Security Policy, allowing unrestricted loading of external JavaScript resources from attacker-controlled origins. When chained with...

vulnerabilityCVEmedium-severitycwe-693
/SCW Vulnerability Desk /MEDIUM /5.2 /⚑ 2 IOCs /⚙ 3 Sigma

Beghelli SicuroWeb: EOL AngularJS Exposes Operators to Session Hijacking

CVE-2026-41468 — Beghelli Sicuro24 SicuroWeb embeds AngularJS 1.5.2, an end-of-life component containing known sandbox escape primitives. When combined with template injection present in the same...

vulnerabilityCVEhigh-severitycwe-1104
/SCW Vulnerability Desk /HIGH /8.7 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-41459 — Path Traversal

CVE-2026-41459 — Xerte Online Toolkits versions 3.15 and earlier contain an information disclosure vulnerability that allows unauthenticated attackers to retrieve the full server-side filesystem path...

vulnerabilityCVEmedium-severitypath-traversalcwe-497
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 2 Sigma

Critical RCE in Xerte Online Toolkits: Incomplete Input Validation Opens Backdoor

CVE-2026-34415 — Xerte Online Toolkits versions 3.15 and earlier contain an incomplete input validation vulnerability in the elFinder connector endpoint that fails to block PHP-executable...

vulnerabilityCVEcriticalhigh-severitypath-traversalcwe-184
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 5 IOCs /⚙ 3 Sigma

Xerte Online Toolkits Vulnerability: Path Traversal Risks Exposed

CVE-2026-34414 — Xerte Online Toolkits versions 3.15 and earlier contain a relative path traversal vulnerability in the elFinder connector endpoint at /editor/elfinder/php/connector.php where the name...

vulnerabilityCVEhigh-severityremote-code-executioncwe-22
/SCW Vulnerability Desk /HIGH /7.1 /⚑ 5 IOCs /⚙ 3 Sigma

Xerte Online Toolkits RCE: Unauthenticated File Operations

CVE-2026-34413 — Xerte Online Toolkits versions 3.15 and earlier contain a missing authentication vulnerability in the elFinder connector endpoint at /editor/elfinder/php/connector.php where an HTTP redirect...

vulnerabilityCVEhigh-severityremote-code-executioncwe-497
/SCW Vulnerability Desk /HIGH /8.6 /⚑ 4 IOCs /⚙ 3 Sigma

Dell PowerProtect DD OS Vulnerability Exposes Data to Remote Command Execution

CVE-2026-26354 — Dell PowerProtect Data Domain with Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.6, LTS2025 release version 8.3.1.0 through 8.3.1.10,...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-121
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 5 IOCs /⚙ 3 Sigma

Malicious KICS Docker Images and VS Code Extensions Hijack Checkmarx Supply Chain

The Hacker News reports a critical software supply chain attack targeting Checkmarx's KICS (Key Infrastructure as Code Security) product. Malicious images were pushed to the...

threat-intelvulnerabilitytools
/SCW Vulnerability Desk /MEDIUM /⚑ 4 IOCs /⚙ 3 Sigma

GitLab XSS Flaw: Unauthenticated JavaScript Execution Risk

CVE-2026-5816 — GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.10 before 18.10.4 and 18.11 before 18.11.1 that could have allowed...

vulnerabilityCVEhigh-severitycwe-41
/SCW Vulnerability Desk /HIGH /8 /⚑ 3 IOCs /⚙ 2 Sigma

GitLab Vulnerability Exposes Sensitive Tokens in Storybook

CVE-2026-5262 — GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.1.0 before 18.9.6, 18.10 before 18.10.4, and 18.11 before 18.11.1 that...

vulnerabilityCVEhigh-severitycwe-79
/SCW Vulnerability Desk /HIGH /8 /⚑ 1 IOC /⚙ 2 Sigma

GitLab CSRF Flaw Exposes Authenticated Users to Unauthenticated Attacks

CVE-2026-4922 — GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.0 before 18.9.6, 18.10 before 18.10.4, and 18.11 before 18.11.1 that...

vulnerabilityCVEhigh-severitycwe-352
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 1 IOC /⚙ 2 Sigma

Chroot Vulnerability Allows Root Privileges via Malicious NSS Modules

CVE-2026-35368 — A vulnerability exists in the chroot utility of uutils coreutils when using the --userspec option. The utility resolves the user specification via getpwnam()...

vulnerabilityCVEhigh-severityprivilege-escalationcwe-426
/SCW Vulnerability Desk /HIGH /7.8 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-35365 — The mv utility in uutils coreutils improperly handles

CVE-2026-35365 — The mv utility in uutils coreutils improperly handles directory trees containing symbolic links during moves across filesystem boundaries. Instead of preserving symlinks, the...

vulnerabilityCVEmedium-severitycwe-59
/SCW Vulnerability Desk /MEDIUM /6.6 /⚑ 2 IOCs /⚙ 3 Sigma

TOCTOU Flaw in coreutils mkfifo: Local Privilege Escalation Risk

CVE-2026-35352 — A Time-of-Check to Time-of-Use (TOCTOU) race condition exists in the mkfifo utility of uutils coreutils. The utility creates a FIFO and then performs...

vulnerabilityCVEhigh-severityprivilege-escalationcwe-367
/SCW Vulnerability Desk /HIGH /7 /⚑ 1 IOC /⚙ 3 Sigma

CVE-2026-35350 — The cp utility in uutils coreutils fails to properly handle

CVE-2026-35350 — The cp utility in uutils coreutils fails to properly handle setuid and setgid bits when ownership preservation fails. When copying with the -p...

vulnerabilityCVEmedium-severitycwe-281
/SCW Vulnerability Desk /MEDIUM /6.6 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-35349 — The Rm Utility Of Uutils Coreutils Vulnerability

CVE-2026-35349 — A vulnerability in the rm utility of uutils coreutils allows a bypass of the --preserve-root protection. The implementation uses a path-string check rather...

vulnerabilityCVEmedium-severitycwe-59
/SCW Vulnerability Desk /MEDIUM /6.7 /⚑ 2 IOCs /⚙ 3 Sigma

uutils mkfifo Flaw Exposes Sensitive Files to Permission Changes

CVE-2026-35341 — A vulnerability in uutils coreutils mkfifo allows for the unauthorized modification of permissions on existing files. When mkfifo fails to create a FIFO...

vulnerabilityCVEhigh-severitycwe-732
/SCW Vulnerability Desk /HIGH /7.1 /⚑ 3 IOCs /⚙ 3 Sigma

chmod Bypass Threatens System Integrity: CVE-2026-35338 Detailed

CVE-2026-35338 — A vulnerability in the chmod utility of uutils coreutils allows users to bypass the --preserve-root safety mechanism. The implementation only validates if the...

vulnerabilityCVEhigh-severitycwe-22
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-32885 — DDEV is an open-source tool for running local web

CVE-2026-32885 — DDEV is an open-source tool for running local web development environments for PHP and Node.js. Versions prior to 1.25.2 have unsanitized extraction in...

vulnerabilityCVEmedium-severitycwe-22
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-1660 — GitLab CE/EE Affecting All Versions From 12.3 Before 18.9.6, Denial of Service

CVE-2026-1660 — GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.3 before 18.9.6, 18.10 before 18.10.4, and 18.11 before 18.11.1 that...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-770
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2025-6016 — GitLab CE/EE Affecting All Versions From 9.2 Before 18.9.6, Denial of Service

CVE-2025-6016 — GitLab has remediated an issue in GitLab CE/EE affecting all versions from 9.2 before 18.9.6, 18.10 before 18.10.4, and 18.11 before 18.11.1 that...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-770
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 1 Sigma

CVE-2025-3922 — GitLab CE/EE Affecting All Versions From 12.4 Before 18.9.6, Denial of Service

CVE-2025-3922 — GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.4 before 18.9.6, 18.10 before 18.10.4, and 18.11 before 18.11.1 that...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-770
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2025-0186 — GitLab CE/EE Affecting All Versions From 10.6 Before 18.9.6, Denial of Service

CVE-2025-0186 — GitLab has remediated an issue in GitLab CE/EE affecting all versions from 10.6 before 18.9.6, 18.10 before 18.10.4, and 18.11 before 18.11.1 that...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-770
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 1 Sigma

CVE-2026-30139 — The AdvancedSearch Functionality Of Silverpeas Core Before V Cross-Site Scripting (XSS)

CVE-2026-30139 — A reflected cross-site scripting (XSS) vulnerability in the AdvancedSearch functionality of Silverpeas Core before version 6.4.6 allows attackers to execute arbitrary JavaScript in...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.1 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2024-58344 — Cross-Site Scripting (XSS)

CVE-2024-58344 — Carbon Forum 5.9.0 contains a persistent cross-site scripting vulnerability that allows authenticated administrators to inject malicious JavaScript code through the Forum Name field...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs

ELBA5 RCE Flaw Grants SYSTEM Access Via Database

CVE-2018-25272 — ELBA5 5.8.0 contains a remote code execution vulnerability that allows attackers to obtain database credentials and execute arbitrary commands with SYSTEM level permissions....

vulnerabilityCVEcriticalhigh-severityremote-code-executioncwe-326
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2018-25271 — Buffer Overflow

CVE-2018-25271 — Textpad 8.1.2 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long buffer string...

vulnerabilityCVEmedium-severitybuffer-overflowcwe-787
/SCW Vulnerability Desk /MEDIUM /6.2 /⚑ 2 IOCs /⚙ 1 Sigma

ThinkPHP RCE Bug: Unauthenticated Attackers Exploit Critical Flaw

CVE-2018-25270 — ThinkPHP 5.0.23 contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary PHP code by invoking functions through the routing...

vulnerabilityCVEcriticalhigh-severityremote-code-executioncwe-639
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 1 IOC /⚙ 3 Sigma

CVE-2018-25269 — Cross-Site Scripting (XSS)

CVE-2018-25269 — ICEWARP 11.0.0.0 contains a cross-site scripting vulnerability that allows attackers to inject malicious HTML elements into emails by embedding base64-encoded payloads in object...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.1 /⚑ 2 IOCs /⚙ 3 Sigma

LanSpy 2.0.1.159 Vulnerability: Local Buffer Overflow Leads to Code Execution

CVE-2018-25268 — LanSpy 2.0.1.159 contains a local buffer overflow vulnerability that allows attackers to overwrite the instruction pointer by supplying oversized input to the scan...

vulnerabilityCVEhigh-severitycode-executioncwe-787
/SCW Vulnerability Desk /HIGH /8.4 /⚑ 1 IOC /⚙ 2 Sigma

CVE-2018-25267 — The Output FileName Field Of The Make CD/DVD Image Dialog Th Buffer Overflow

CVE-2018-25267 — UltraISO 9.7.1.3519 contains a local buffer overflow vulnerability in the Output FileName field of the Make CD/DVD Image dialog that allows attackers to...

vulnerabilityCVEmedium-severitybuffer-overflowcwe-787
/SCW Vulnerability Desk /MEDIUM /6.2 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2018-25266 — The Preferences Dialog That Buffer Overflow

CVE-2018-25266 — Angry IP Scanner 3.5.3 contains a buffer overflow vulnerability in the preferences dialog that allows local attackers to crash the application by supplying...

vulnerabilityCVEmedium-severitybuffer-overflowcwe-787
/SCW Vulnerability Desk /MEDIUM /6.2 /⚑ 2 IOCs /⚙ 3 Sigma

LanSpy 2.0.1.159 Vulnerability: Local Buffer Overflow Allows Code Execution

CVE-2018-25265 — LanSpy 2.0.1.159 contains a local buffer overflow vulnerability in the scan section that allows local attackers to execute arbitrary code by exploiting structured...

vulnerabilityCVEhigh-severitycode-executioncwe-787
/SCW Vulnerability Desk /HIGH /8.4 /⚑ 3 IOCs /⚙ 6 Sigma

CVE-2018-25262 — Buffer Overflow

CVE-2018-25262 — Angry IP Scanner for Linux 3.5.3 contains a denial of service vulnerability that allows local attackers to crash the application by supplying malformed...

vulnerabilityCVEmedium-severitybuffer-overflowcwe-787
/SCW Vulnerability Desk /MEDIUM /6.2 /⚑ 2 IOCs

Iperius Backup Local Overflow: Code Execution via Malicious File Path

CVE-2018-25261 — Iperius Backup 5.8.1 contains a local buffer overflow vulnerability in the structured exception handling (SEH) mechanism that allows local attackers to execute arbitrary...

vulnerabilityCVEhigh-severitycode-executioncwe-787
/SCW Vulnerability Desk /HIGH /8.4 /⚑ 1 IOC /⚙ 4 Sigma

MAGIX Music Editor Exploit: Local Code Execution via Buffer Overflow

CVE-2018-25260 — MAGIX Music Editor 3.1 contains a buffer overflow vulnerability in the FreeDB Proxy Options dialog that allows local attackers to execute arbitrary code...

vulnerabilityCVEhigh-severitycode-executioncwe-787
/SCW Vulnerability Desk /HIGH /8.4 /⚑ 1 IOC /⚙ 3 Sigma

Old Vulnerability, New Headache: TSM 3.1 Buffer Overflow (CVE-2018-25259)

CVE-2018-25259 — Terminal Services Manager 3.1 contains a stack-based buffer overflow vulnerability in the computer names field that allows local attackers to execute arbitrary code...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-306
/SCW Vulnerability Desk /HIGH /8.4 /⚑ 1 IOC /⚙ 3 Sigma

Harvester's GoGra Backdoor Exploits Microsoft Graph API for Linux Targets

The threat actor known as Harvester is deploying a new Linux variant of its GoGra backdoor, specifically targeting entities in South Asia. The malware's ingenuity...

threat-intelvulnerabilitymalwaremicrosoft
/SCW Vulnerability Desk /MEDIUM /⚙ 3 Sigma

CVE-2026-6862 — Libefiboot, A Component Of Efivar Denial of Service

CVE-2026-6862 — A flaw was found in libefiboot, a component of efivar. The device path node parser in libefiboot fails to validate that each node's...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-674
/SCW Vulnerability Desk /MEDIUM /5.5 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-6861 — GNU Emacs Denial of Service

CVE-2026-6861 — A flaw was found in GNU Emacs. This vulnerability, a memory corruption issue, occurs when Emacs processes specially crafted SVG (Scalable Vector Graphics)...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-193
/SCW Vulnerability Desk /MEDIUM /6.1 /⚑ 2 IOCs /⚙ 2 Sigma

InstructLab Vulnerability: Remote Code Execution via Malicious HuggingFace Models

CVE-2026-6859 — A flaw was found in InstructLab. The `linux_train.py` script hardcodes `trust_remote_code=True` when loading models from HuggingFace. This allows a remote attacker to achieve...

vulnerabilityCVEhigh-severitycode-executioncwe-829
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 4 IOCs /⚙ 3 Sigma

PackageKit Vulnerability Allows Local Privilege Escalation via TOCTOU Exploit

CVE-2026-41651 — PackageKit is a a D-Bus abstraction layer that allows the user to manage packages in a secure way using a cross-distro, cross-architecture API....

vulnerabilityCVEhigh-severityprivilege-escalationcwe-367
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 1 IOC /⚙ 3 Sigma

CVE-2026-33611 — An operator allowed to use the REST API can cause the

CVE-2026-33611 — An operator allowed to use the REST API can cause the Authoritative server to produce invalid HTTPS or SVCB record data, which can...

vulnerabilityCVEmedium-severity
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 1 IOC /⚙ 1 Sigma

NVD Flags High-Severity Vulnerability: Bind Backend Configuration Exploit

CVE-2026-33608 — An attacker can send a notify request that causes a new secondary domain to be added to the bind backend, but causes said...

vulnerabilityCVEhigh-severity
/SCW Vulnerability Desk /HIGH /7.4 /⚑ 1 IOC /⚙ 1 Sigma

CVE-2026-33595 — A client can trigger excessive memory allocation by

CVE-2026-33595 — A client can trigger excessive memory allocation by generating a lot of errors responses over a single DoQ and DoH3 connection, as some...

vulnerabilityCVEmedium-severity
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 1 IOC /⚙ 2 Sigma

CVE-2026-33594 — A client can trigger excessive memory allocation by

CVE-2026-33594 — A client can trigger excessive memory allocation by generating a lot of queries that are routed to an overloaded DoH backend, causing queries...

vulnerabilityCVEmedium-severity
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 1 IOC /⚙ 3 Sigma

DNSCrypt Vulnerability Allows Remote Crash via Crafted Queries

CVE-2026-33593 — A client can trigger a divide by zero error leading to crash by sending a crafted DNSCrypt query.

vulnerabilityCVEhigh-severity
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 2 IOCs /⚙ 1 Sigma

CVE-2026-33254 — Denial of Service

CVE-2026-33254 — An attacker can create a large number of concurrent DoQ or DoH3 connections, causing unlimited memory allocation in DNSdist and leading to a...

vulnerabilityCVEmedium-severitydenial-of-service
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 1 IOC /⚙ 3 Sigma

Critical Deserialization Flaw in camel-infinispan Allows RCE

CVE-2026-6857 — A flaw was found in camel-infinispan. This vulnerability involves unsafe deserialization in the ProtoStream remote aggregation repository. A remote attacker with low privileges...

vulnerabilityCVEhigh-severitycode-executioncwe-502
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 3 IOCs /⚙ 3 Sigma

InstructLab Path Traversal Flaw Exposes Local File System

CVE-2026-6855 — A flaw was found in InstructLab. A local attacker could exploit a path traversal vulnerability in the chat session handler by manipulating the...

vulnerabilityCVEhigh-severitypath-traversalcwe-22
/SCW Vulnerability Desk /HIGH /7.1 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-33825 — Microsoft Defender: Microsoft Defender Insufficient Granularity of Access Control Vulnerability

CVE-2026-33825 — Microsoft Defender contains an insufficient granularity of access control vulnerability that could allow an authorized attacker to escalate privileges locally.

vulnerabilityCVEcisa-kevactively-exploited
/SCW Vulnerability Desk /HIGH /⚑ 2 IOCs

SBOMs Under Scrutiny Amidst Rising Supply Chain Attacks

SecurityWeek reports that Software Bill of Materials (SBOMs), intended to enhance software supply chain security, may be falling short. The core issue, according to researchers,...

threat-intelvulnerability
/SCW Vulnerability Desk /MEDIUM

Lotus Wiper Targets Venezuelan Energy Sector

The Hacker News reports on a novel data wiper, dubbed Lotus Wiper, deployed in destructive attacks against Venezuela's energy and utilities sector. These attacks, identified...

threat-intelvulnerabilitymalware
/SCW Vulnerability Desk /HIGH /⚑ 3 IOCs /⚙ 1 Sigma

Moltbook Breach Exposes AI Agent API Tokens and OpenAI Keys

On January 31, 2026, The Hacker News reported a significant breach involving Moltbook, a social network designed for AI agents. The platform's database was left...

threat-intelvulnerabilityidentityai-security
/SCW Vulnerability Desk /MEDIUM /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-6848 — Red Hat Quay Vulnerability

CVE-2026-6848 — A flaw was found in Red Hat Quay. When Red Hat Quay requests password re-verification for sensitive operations, such as token generation or...

vulnerabilityCVEmedium-severitycwe-613
/SCW Vulnerability Desk /MEDIUM /5.4 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-33601 — Denial of Service

CVE-2026-33601 — If you use the zoneToCache function with a malicious authoritative server, an attacker can send a zone that result in a null pointer...

vulnerabilityCVEmedium-severitydenial-of-service
/SCW Vulnerability Desk /MEDIUM /4.4 /⚑ 1 IOC /⚙ 2 Sigma

CVE-2026-33259 — Use-After-Free

CVE-2026-33259 — Having many concurrent transfers of the same RPZ can lead to inconsistent RPZ data, use after free and/or a crash of the recursor....

vulnerabilityCVEmedium-severityuse-after-free
/SCW Vulnerability Desk /MEDIUM /5 /⚑ 1 IOC /⚙ 3 Sigma

CVE-2026-1930 — The Emailchef plugin for WordPress is vulnerable to

CVE-2026-1930 — The Emailchef plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the page_options_ajax_disconnect() function in...

vulnerabilityCVEmedium-severitycwe-862
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-1913 — Cross-Site Scripting (XSS)

CVE-2026-1913 — The Gallagher Website Design plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's login_link shortcode in all versions up to,...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-1395 — Cross-Site Scripting (XSS)

CVE-2026-1395 — The Gutentools plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Post Slider block's block_id attribute in all versions up to,...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs /⚙ 3 Sigma

Google Antigravity Vulnerability Exploited for Malware Distribution

Security researchers have identified a critical remote code execution (RCE) vulnerability within Google's Antigravity system. While the specific details of the flaw remain under wraps...

threat-intelvulnerabilitymalware
/SCW Vulnerability Desk /HIGH /⚑ 1 IOC /⚙ 3 Sigma

Binutils Heap Overflow: Local Attackers Gain Code Execution via XCOFF Files

CVE-2026-6846 — A flaw was found in binutils. A heap-buffer-overflow vulnerability exists when processing a specially crafted XCOFF (Extended Common Object File Format) object file...

vulnerabilityCVEhigh-severitycode-executioncwe-122
/SCW Vulnerability Desk /HIGH /7.8 /⚑ 1 IOC /⚙ 3 Sigma

WordPress Plugin Flaw Lets Attackers Hijack Site Emails

CVE-2026-6235 — The Sendmachine for WordPress plugin for WordPress is vulnerable to authorization bypass via the 'manage_admin_requests' function in all versions up to, and including,...

vulnerabilityCVEcriticalhigh-severitycwe-862
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-5748 — Cross-Site Scripting (XSS)

CVE-2026-5748 — The Text Snippets plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's `ts` shortcode in all versions up to, and...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-4353 — Cross-Site Scripting (XSS)

CVE-2026-4353 — The CI HUB Connector plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' attribute of the `cihub_metadata` shortcode in all...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-4280 — Path Traversal

CVE-2026-4280 — The Breaking News WP plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.3. This is...

vulnerabilityCVEmedium-severitypath-traversalcwe-22
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-4279 — Cross-Site Scripting (XSS)

CVE-2026-4279 — The Bread & Butter plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'breadbutter-customevent-button' shortcode in all versions up to, and...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs /⚙ 3 Sigma

WordPress HTTP Headers Plugin Flaw Opens Door to RCE

CVE-2026-4132 — The HTTP Headers plugin for WordPress is vulnerable to External Control of File Name or Path leading to Remote Code Execution in all...

vulnerabilityCVEhigh-severityremote-code-executioncwe-73
/SCW Vulnerability Desk /HIGH /7.2 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-4125 — Cross-Site Scripting (XSS)

CVE-2026-4125 — The WPMK Block plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'class' shortcode attribute in all versions up to and...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs /⚙ 3 Sigma

WordPress Plugin Vulnerability Lets Subscribers Wreck Databases

CVE-2026-4119 — The Create DB Tables plugin for WordPress is vulnerable to authorization bypass in all versions up to and including 1.2.1. The plugin registers...

vulnerabilityCVEcriticalhigh-severitycwe-862
/SCW Vulnerability Desk /CRITICAL /9.1 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-4089 — Cross-Site Scripting (XSS)

CVE-2026-4089 — The Twittee Text Tweet plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' shortcode attribute in all versions up to...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-4088 — Cross-Site Scripting (XSS)

CVE-2026-4088 — The Switch CTA Box plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'wppw_cta_box' shortcode in all versions up to, and...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-4085 — Cross-Site Scripting (XSS)

CVE-2026-4085 — The Easy Social Photos Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'wrapper_class' shortcode attribute of the 'my-instagram-feed' shortcode...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-4082 — Cross-Site Scripting (XSS)

CVE-2026-4082 — The ER Swiffy Insert plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the [swiffy] shortcode in all versions up to and...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-4076 — Cross-Site Scripting (XSS)

CVE-2026-4076 — The Slider Bootstrap Carousel plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'category' and 'template' shortcode attributes in all versions...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-4074 — Cross-Site Scripting (XSS)

CVE-2026-4074 — The Quran Live Multilanguage plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'cheikh' and 'lang' shortcode attributes in all versions...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs /⚙ 3 Sigma

AI Unearths Hundreds of Firefox Vulnerabilities, Prompting Critical Patch

Cyber Updates - Asher Tamam reports that Mozilla has released a critical update for Firefox, patching 359 security issues. Significantly, a large portion of these...

israelvulnerability
/SCW Vulnerability Desk /MEDIUM /⚙ 3 Sigma

Oracle's April CPU: 450 Patches, Over 300 Remote, Unauthenticated Flaws

Oracle has dropped its April Critical Patch Update (CPU), delivering a significant batch of 481 security fixes across 28 product families. Of particular concern are...

threat-intelvulnerabilitycloudtools
/SCW Vulnerability Desk /MEDIUM /⚑ 2 IOCs /⚙ 3 Sigma

Telerik UI for AJAX RadFilter Vulnerable to RCE via Deserialization

CVE-2026-6023 — In Progress® Telerik® UI for AJAX versions 2024.4.1114 through 2026.1.421, the RadFilter control is vulnerable to insecure deserialization when restoring filter state if...

vulnerabilityCVEhigh-severityremote-code-executioncwe-502
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 1 IOC /⚙ 3 Sigma

Telerik UI Vulnerability Allows Disk Space Exhaustion Attacks

CVE-2026-6022 — In Progress® Telerik® UI for AJAX prior to 2026.1.421, RadAsyncUpload contains an uncontrolled resource consumption vulnerability that allows file uploads to exceed the...

vulnerabilityCVEhigh-severitycwe-400
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 1 IOC /⚙ 2 Sigma

Microsoft Rushes Patches for Critical ASP.NET Core Privilege Escalation Flaw

Microsoft has issued out-of-band updates to address a critical privilege escalation vulnerability (CVE-2026-40372) in ASP.NET Core's Data Protection APIs. BleepingComputer reports that unauthenticated attackers could...

threat-inteldata-breachmalwarevulnerabilitymicrosofttools
/SCW Vulnerability Desk /HIGH /⚑ 1 IOC /⚙ 3 Sigma

Mustang Panda's LOTUSLITE Variant Targets India Banks

The threat actor Mustang Panda has resurfaced with a new variant of its LOTUSLITE backdoor, specifically targeting India's banking sector. According to The Hacker News,...

threat-intelvulnerabilitymalware
/SCW Vulnerability Desk /MEDIUM

CVE-2026-6839 — Improper validation of STRING tensor offsets could allows

CVE-2026-6839 — Improper validation of STRING tensor offsets could allows malformed string metadata to trigger out of bounds access during constant tensor import in Samsung...

vulnerabilityCVEmedium-severitycwe-1284
/SCW Vulnerability Desk /MEDIUM /6.6 /⚑ 2 IOCs /⚙ 1 Sigma

CVE-2026-41667 — Integer Overflow

CVE-2026-41667 — Integer overflow in constant tensor data size calculation in Samsung Open Source ONE could cause incorrect buffer sizing for large constant nodes. Affected...

vulnerabilityCVEmedium-severityinteger-overflowcwe-190
/SCW Vulnerability Desk /MEDIUM /6.6 /⚑ 2 IOCs /⚙ 1 Sigma

CVE-2026-41666 — Integer Overflow

CVE-2026-41666 — Integer overflow in tensor copy size calculation in Samsung Open Source ONE could lead to out of bounds access during loop state propagation....

vulnerabilityCVEmedium-severityinteger-overflowcwe-190
/SCW Vulnerability Desk /MEDIUM /6.6 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-41665 — Integer Overflow

CVE-2026-41665 — Integer overflow in scratch buffer initialization size calculation in Samsung Open Source ONE cause incorrect memory initialization for large intermediate tensors. Affected version...

vulnerabilityCVEmedium-severityinteger-overflowcwe-190
/SCW Vulnerability Desk /MEDIUM /6.1 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-41664 — Integer Overflow

CVE-2026-41664 — Integer overflow in memory copy size calculation in Samsung Open Source ONE could lead to invalid memory operations with large tensor shapes. Affected...

vulnerabilityCVEmedium-severityinteger-overflowcwe-190
/SCW Vulnerability Desk /MEDIUM /6.6 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-40450 — Integer Overflow

CVE-2026-40450 — Integer overflow in output tensor copy size calculation in Samsung Open Source ONE could cause incorrect copy length and memory corruption for oversized...

vulnerabilityCVEmedium-severityinteger-overflowcwe-190
/SCW Vulnerability Desk /MEDIUM /6.6 /⚑ 2 IOCs /⚙ 1 Sigma

CVE-2026-40449 — Integer Overflow

CVE-2026-40449 — Integer overflow in buffer size calculation could result in out of bounds memory access when handling large tensors in Samsung Open Source ONE....

vulnerabilityCVEmedium-severityinteger-overflowcwe-190
/SCW Vulnerability Desk /MEDIUM /6.6 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-40448 — Integer Overflow

CVE-2026-40448 — Potential Integer overflow in tensor allocation size calculation could lead to insufficient memory allocation for large tensors in Samsung Open Source ONE. Affected...

vulnerabilityCVEmedium-severityinteger-overflowcwe-190
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 3 Sigma

Unpatched SharePoint Servers Remain Ripe for Spoofing Attacks

BleepingComputer reports that over 1,300 Microsoft SharePoint servers are still unpatched against a critical spoofing vulnerability. This flaw was initially exploited as a zero-day and...

threat-inteldata-breachmalwarevulnerabilitymicrosoft
/SCW Vulnerability Desk /HIGH /⚑ 2 IOCs /⚙ 3 Sigma

Spring Security Authorization Bypass: High Severity Vulnerability

CVE-2026-22754 — Vulnerability in Spring Spring Security. If an application uses  to define the servlet path for computing a path matcher, then the servlet path is...

vulnerabilityCVEhigh-severity
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 2 IOCs /⚙ 2 Sigma

Spring Security Flaw Bypasses Auth, Authorization

CVE-2026-22753 — Vulnerability in Spring Spring Security. If an application is using securityMatchers(String) and a PathPatternRequestMatcher.Builder bean to prepend a servlet path, matching requests to that filter chain may...

vulnerabilityCVEhigh-severity
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-22748 — Spring Security: From Vulnerability

CVE-2026-22748 — Vulnerability in Spring Spring Security. When an application configures JWT decoding with NimbusJwtDecoder  or NimbusReactiveJwtDecoder, it must configure an OAuth2TokenValidator separately, for example by calling setJwtValidator.This issue affects...

vulnerabilityCVEmedium-severity
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 1 IOC /⚙ 1 Sigma

CVE-2026-22747 — Spring Security: From Vulnerability

CVE-2026-22747 — Vulnerability in Spring Spring Security. SubjectX500PrincipalExtractor does not correctly handle certain malformed X.509 certificate CN values, which can lead to reading the wrong value for the username....

vulnerabilityCVEmedium-severity
/SCW Vulnerability Desk /MEDIUM /6.8 /⚑ 1 IOC /⚙ 2 Sigma

CVE-2026-40451 — Cross-Site Scripting (XSS)

CVE-2026-40451 — DeepL Chrome browser extension versions from v1.22.0 to v.1.23.0 contain a cross-site scripting vulnerability, which allows an attacker to execute arbitrary script in...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.1 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-6835 — Cross-Site Scripting (XSS)

CVE-2026-6835 — The a+HCM developed by aEnrich has an Arbitrary File Upload vulnerability, allowing unauthenticated remote attackers to upload arbitrary files to any path, including...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-434
/SCW Vulnerability Desk /MEDIUM /6.1 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-41127 — BigBlueButton is an open-source virtual classroom. Versions

CVE-2026-41127 — BigBlueButton is an open-source virtual classroom. Versions prior to 3.0.24 have a missing authorization that allows viewers to inject/overwrite captions Version 3.0.24 tightened...

vulnerabilityCVEmedium-severitycwe-639
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 1 Sigma

CVE-2026-41126 — Open Redirect

CVE-2026-41126 — BigBlueButton is an open-source virtual classroom. Versions prior to 3.0.24 have an Open Redirect through bigbluebutton/api/join via get-parameter "logoutURL." Version 3.0.24 has adjusted...

vulnerabilityCVEmedium-severityopen-redirectcwe-601
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 2 Sigma

Critical RCE in WWBN AVideo: Incomplete Patch Leaves Open Source Platform Exposed

CVE-2026-41064 — WWBN AVideo is an open source video platform. In versions up to and including 29.0, an incomplete fix for AVideo's `test.php` adds `escapeshellarg`...

vulnerabilityCVEcriticalhigh-severitycwe-78
/SCW Vulnerability Desk /CRITICAL /9.3 /⚑ 4 IOCs /⚙ 3 Sigma

OAuth2 Proxy Bypass: Fragment Handling Exposes Protected Resources

CVE-2026-41059 — OAuth2 Proxy is a reverse proxy that provides authentication using OAuth2 providers. Versions 7.5.0 through 7.15.1 have a configuration-dependent authentication bypass. Deployments are...

vulnerabilityCVEhigh-severityauthentication-bypasscwe-288
/SCW Vulnerability Desk /HIGH /8.2 /⚑ 4 IOCs /⚙ 5 Sigma

Critical OAuth2 Proxy Auth Bypass: CVE-2026-40575

CVE-2026-40575 — OAuth2 Proxy is a reverse proxy that provides authentication using OAuth2 providers. Versions 7.5.0 through 7.15.1 may trust a client-supplied `X-Forwarded-Uri` header when...

vulnerabilityCVEcriticalhigh-severitycwe-290
/SCW Vulnerability Desk /CRITICAL /9.1 /⚑ 4 IOCs /⚙ 2 Sigma

HKUDS OpenHarness Default Config Exposes Systems (CVE-2026-6823)

CVE-2026-6823 — HKUDS OpenHarness prior to PR #147 remediation contains an insecure default configuration vulnerability where remote channels inherit allow_from = ["*"] permitting arbitrary remote...

vulnerabilityCVEhigh-severitycwe-276
/SCW Vulnerability Desk /HIGH /8.2 /⚑ 3 IOCs /⚙ 3 Sigma

Critical AVideo XSS Vulnerability Exposes Admin Settings

CVE-2026-40925 — WWBN AVideo is an open source video platform. In versions 29.0 and prior, `objects/configurationUpdate.json.php` (also routed via `/updateConfig`) persists dozens of global site...

vulnerabilityCVEhigh-severitycwe-352
/SCW Vulnerability Desk /HIGH /8.3 /⚑ 5 IOCs /⚙ 3 Sigma

Critical RCE in AVideo YPTSocket Plugin: Unauthenticated Account Takeover

CVE-2026-40911 — WWBN AVideo is an open source video platform. In versions 29.0 and prior, the YPTSocket plugin's WebSocket server relays attacker-supplied JSON message bodies...

vulnerabilityCVEcriticalhigh-severitycwe-94
/SCW Vulnerability Desk /CRITICAL /10 /⚑ 2 IOCs /⚙ 3 Sigma

CRITICAL SQLi in ElectricSQL: Full Database Compromise

CVE-2026-40906 — Electric is a Postgres sync engine. From 1.1.12 to before 1.5.0, the order_by parameter in the ElectricSQL /v1/shape API is vulnerable to error-based...

vulnerabilityCVEcriticalhigh-severitysql-injectioncwe-89
/SCW Vulnerability Desk /CRITICAL /9.9 /⚑ 4 IOCs /⚙ 3 Sigma

LinkAce Password Reset Flaw: Account Takeover Risk

CVE-2026-40905 — LinkAce is a self-hosted archive to collect website links. Prior to 2.5.4, a password reset poisoning vulnerability was identified in the application due...

vulnerabilityCVEhigh-severitycwe-601
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 1 IOC /⚙ 3 Sigma

PeopleSoft Security Flaw: Critical Data at Risk via HTTP

CVE-2026-34309 — Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Security). Supported versions that are affected are 8.61-8.62. Easily exploitable vulnerability allows...

vulnerabilityCVEhigh-severity
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 4 IOCs /⚙ 3 Sigma

Oracle HTTP Server CVE-2026-34291: High-Severity RCE Risk

CVE-2026-34291 — Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Difficult...

vulnerabilityCVEhigh-severity
/SCW Vulnerability Desk /HIGH /8.7 /⚑ 3 IOCs /⚙ 3 Sigma

Critical Oracle Identity Manager Flaw: Unauthenticated Data Compromise

CVE-2026-34287 — Vulnerability in the Oracle Identity Manager Connector product of Oracle Fusion Middleware (component: Core). The supported version that is affected is 12.2.1.4.0. Easily...

vulnerabilityCVEcriticalhigh-severity
/SCW Vulnerability Desk /CRITICAL /9.1 /⚑ 3 IOCs /⚙ 4 Sigma

Critical Oracle Identity Manager Flaw: Unauthenticated Data Compromise

CVE-2026-34286 — Vulnerability in the Oracle Identity Manager Connector product of Oracle Fusion Middleware (component: Core). The supported version that is affected is 12.2.1.4.0. Easily...

vulnerabilityCVEcriticalhigh-severity
/SCW Vulnerability Desk /CRITICAL /9.1 /⚑ 3 IOCs /⚙ 3 Sigma

Critical Oracle Identity Manager Flaw: Unauthenticated Data Compromise

CVE-2026-34285 — Vulnerability in the Oracle Identity Manager Connector product of Oracle Fusion Middleware (component: Core). The supported version that is affected is 12.2.1.4.0. Easily...

vulnerabilityCVEcriticalhigh-severity
/SCW Vulnerability Desk /CRITICAL /9.1 /⚑ 3 IOCs /⚙ 3 Sigma

Critical RCE in Oracle Enterprise Manager Base Platform (CVE-2026-34279)

CVE-2026-34279 — Vulnerability in the Oracle Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Event Management). Supported versions that are affected are 13.5...

vulnerabilityCVEcriticalhigh-severity
/SCW Vulnerability Desk /CRITICAL /9.1 /⚑ 4 IOCs /⚙ 3 Sigma

Critical Oracle E-Business Suite Vulnerability: Full Takeover Possible

CVE-2026-34275 — Vulnerability in the Oracle Advanced Inbound Telephony product of Oracle E-Business Suite (component: Setup and Administration). Supported versions that are affected are 12.2.3-12.2.15....

vulnerabilityCVEcriticalhigh-severity
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 4 IOCs

Critical Esri Portal Vulnerability: Incorrect Authorization Exposes Developer Credentials

CVE-2026-33519 — An incorrect authorization vulnerability exists in Esri Portal for ArcGIS 11.4, 11.5 and 12.0 on Windows, Linux and Kubernetes that did not correctly...

vulnerabilityCVEcriticalhigh-severitycwe-266
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 2 IOCs /⚙ 2 Sigma

Critical Privilege Escalation in Esri Portal for ArcGIS

CVE-2026-33518 — An incorrect privilege assignment vulnerability exists in Esri Portal for ArcGIS 11.5 in Windows and Linux that allows highly privileged users to create...

vulnerabilityCVEcriticalhigh-severitycwe-266
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 2 IOCs /⚙ 2 Sigma

Critical Oracle Empirica Signal Flaw: Data Integrity at Risk

CVE-2026-21997 — Vulnerability in the Oracle Life Sciences Empirica Signal product of Oracle Life Science Applications (component: Common Core). Supported versions that are affected are...

vulnerabilityCVEhigh-severity
/SCW Vulnerability Desk /HIGH /8.5 /⚑ 3 IOCs /⚙ 3 Sigma

HKUDS OpenHarness Vulnerability Exposes Plugin Management to Attackers

CVE-2026-6819 — HKUDS OpenHarness prior to PR #156 remediation exposes plugin lifecycle commands including /plugin install, /plugin enable, /plugin disable, and /reload-plugins to remote senders...

vulnerabilityCVEhigh-severitycwe-276
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 4 Sigma

CVE-2026-41320 — SQL Injection

CVE-2026-41320 — Frappe HR is an open-source human resources management solution (HRMS). Prior to versions 15.54.0 and 14.38.1, a specially crafted request made to a...

vulnerabilityCVEmedium-severitysql-injectioncwe-89
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 3 Sigma

WWBN AVideo RCE: Path Traversal Exposes Servers to Arbitrary File Writes

CVE-2026-40909 — WWBN AVideo is an open source video platform. In versions 29.0 and prior, the locale save endpoint (`locale/save.php`) constructs a file path by...

vulnerabilityCVEhigh-severityremote-code-executioncwe-22
/SCW Vulnerability Desk /HIGH /8.7 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-40907 — WWBN AVideo is an open source video platform. In versions

CVE-2026-40907 — WWBN AVideo is an open source video platform. In versions 29.0 and prior, the endpoint `plugin/Live/view/Live_restreams/list.json.php` contains an Insecure Direct Object Reference (IDOR)...

vulnerabilityCVEmedium-severitycwe-639
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 3 Sigma

Critical ArtiPACKED Vulnerability in goshs Server Leaks GitHub Tokens

CVE-2026-40903 — goshs is a SimpleHTTPServer written in Go. Prior to 2.0.0-beta.6, goshs has an ArtiPACKED vulnerability. ArtiPACKED can lead to leakage of the GITHUB_TOKEN...

vulnerabilityCVEcriticalhigh-severitycwe-829
/SCW Vulnerability Desk /CRITICAL /9.1 /⚑ 3 IOCs /⚙ 3 Sigma

High-Severity Go Markdown Parser Bug: CVE-2026-40890

CVE-2026-40890 — The package `github.com/gomarkdown/markdown` is a Go library for parsing Markdown text and rendering as HTML. Processing a malformed input containing a character anywhere...

vulnerabilityCVEhigh-severityout-of-bounds-1cwe-125
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-40889 — Frappe HR is an open-source human resources management

CVE-2026-40889 — Frappe HR is an open-source human resources management solution (HRMS). Prior to versions 15.58.2 and 16.4.2, authenticated users can access unauthorized files by...

vulnerabilityCVEmedium-severitycwe-284
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-40888 — Frappe HR is an open-source human resources management

CVE-2026-40888 — Frappe HR is an open-source human resources management solution (HRMS). Prior to versions 15.58.1 and 16.4.1, an authenticated user with default role can...

vulnerabilityCVEmedium-severitycwe-284
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 3 Sigma

Critical SQLi in Vendure: Unauthenticated Remote Code Execution Risk

CVE-2026-40887 — Vendure is an open-source headless commerce platform. Starting in version 1.7.4 and prior to versions 2.3.4, 3.5.7, and 3.6.2, an unauthenticated SQL injection...

vulnerabilityCVEcriticalhigh-severitysql-injectioncwe-89
/SCW Vulnerability Desk /CRITICAL /9.1 /⚑ 4 IOCs /⚙ 3 Sigma

Critical SFTP Auth Bypass in goshs SimpleHTTPServer

CVE-2026-40884 — goshs is a SimpleHTTPServer written in Go. Prior to 2.0.0-beta.6, goshs contains an SFTP authentication bypass when the documented empty-username basic-auth syntax is...

vulnerabilityCVEcriticalhigh-severityauthentication-bypasscwe-306
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 2 IOCs /⚙ 6 Sigma

Nest.js DoS via Malformed JSON: CVE-2026-40879

CVE-2026-40879 — Nest is a framework for building scalable Node.js server-side applications. Prior to 11.1.19, when an attacker sends many small, valid JSON messages in...

vulnerabilityCVEhigh-severitycwe-674
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 1 IOC /⚙ 6 Sigma

Mailcow SQLi: Second-Order Vulnerability in Quarantine Notifications

CVE-2026-40871 — mailcow: dockerized is an open source groupware/email suite based on docker. Versions prior to 2026-03b have a second-order SQL injection vulnerability in the...

vulnerabilityCVEhigh-severitysql-injectioncwe-20cwe-89cwe-116cwe-564
/SCW Vulnerability Desk /HIGH /7.2 /⚑ 4 IOCs /⚙ 3 Sigma

Decidim API Flaw Exposes Sensitive Participatory Data

CVE-2026-40870 — Decidim is a participatory democracy framework. Starting in version 0.0.1 and prior to versions 0.30.5 and 0.31.1, the root level `commentable` field in...

vulnerabilityCVEhigh-severitycwe-862
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 3 IOCs /⚙ 3 Sigma

Decidim Flaw Allows Unauthorized Amendment Acceptance

CVE-2026-40869 — Decidim is a participatory democracy framework. Starting in version 0.19.0 and prior to versions 0.30.5 and 0.31.1, a vulnerability allows any registered and...

vulnerabilityCVEhigh-severitycwe-266
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 3 IOCs /⚙ 2 Sigma

Critical ASP.NET Core Flaw: Privilege Escalation via Signature Bypass

CVE-2026-40372 — Improper verification of cryptographic signature in ASP.NET Core allows an unauthorized attacker to elevate privileges over a network.

vulnerabilityCVEcriticalhigh-severitycwe-347
/SCW Vulnerability Desk /CRITICAL /9.1 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-6744 — Bagisto Server-Side Request Forgery

CVE-2026-6744 — A vulnerability was found in Bagisto up to 2.3.15. Affected is the function copy of the component Downloadable Link Handler. The manipulation results...

vulnerabilityCVEmedium-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 2 IOCs /⚙ 3 Sigma

Kyverno Policy Engine Flaw Leaks Service Account Tokens

CVE-2026-40868 — Kyverno is a policy engine designed for cloud native platform engineering teams. Prior to 1.16.4, kyverno’s apiCall servicecall helper implicitly injects Authorization: Bearer...

vulnerabilityCVEhigh-severitycwe-922
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 4 IOCs /⚙ 3 Sigma

Coturn ARM64 Crash: Unauthenticated DoS via Crafted STUN Message

CVE-2026-40613 — Coturn is a free open source implementation of TURN and STUN Server. Prior to 4.10.0, the STUN/TURN attribute parsing functions in coturn perform...

vulnerabilityCVEhigh-severitycwe-704
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 5 IOCs /⚙ 1 Sigma

CVE-2026-22751 — Spring Security: From Race Condition

CVE-2026-22751 — Vulnerability in Spring Spring Security. Applications that explicitly configure One-Time Token login with JdbcOneTimeTokenService are vulnerable to a Time-of-check Time-of-use (TOCTOU) race condition. This issue affects...

vulnerabilityCVEmedium-severityrace-conditioncwe-367
/SCW Vulnerability Desk /MEDIUM /4.8 /⚑ 2 IOCs /⚙ 2 Sigma

Exploits Weaponize Windows Defender Against Its Users

Dark Reading reports that three proof-of-concept exploits are actively being used to turn Microsoft's built-in Windows Defender security platform into an attacker tool. Two of...

threat-inteltoolsvulnerabilitymicrosoft
/SCW Vulnerability Desk /MEDIUM /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-41194 — FreeScout is a free self-hosted help desk and shared

CVE-2026-41194 — FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.215, the mailbox OAuth disconnect action is implemented as `GET...

vulnerabilityCVEmedium-severitycwe-352
/SCW Vulnerability Desk /MEDIUM /5.4 /⚑ 2 IOCs /⚙ 3 Sigma

FreeScout Vulnerability: Unrestricted File Write via ZIP Upload

CVE-2026-41193 — FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.215, FreeScout's module installation feature extracts ZIP archives without validating...

vulnerabilityCVEcriticalhigh-severitycwe-22
/SCW Vulnerability Desk /CRITICAL /9.1 /⚑ 3 IOCs /⚙ 3 Sigma

FreeScout Attachment Flaw Allows Data Deletion

CVE-2026-41192 — FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.215, the reply and draft flows trust client-supplied encrypted attachment...

vulnerabilityCVEhigh-severitycwe-862
/SCW Vulnerability Desk /HIGH /7.1 /⚑ 3 IOCs /⚙ 3 Sigma

Lego ACME Client Vulnerable to Path Traversal, Arbitrary File Write

CVE-2026-40611 — Let's Encrypt client and ACME library written in Go (Lego). Prior to 4.34.0, the webroot HTTP-01 challenge provider in lego is vulnerable to...

vulnerabilityCVEhigh-severitypath-traversalcwe-22
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-40608 — Next AI Draw.io is a next.js web application that

CVE-2026-40608 — Next AI Draw.io is a next.js web application that integrates AI capabilities with draw.io diagrams. Prior to 0.4.15, the embedded HTTP sidecar contains...

vulnerabilityCVEmedium-severitycwe-770
/SCW Vulnerability Desk /MEDIUM /6.2 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-40606 — mitmproxy is a interactive TLS-capable intercepting HTTP

CVE-2026-40606 — mitmproxy is a interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers and mitmweb is a web-based interface for mitmproxy. In...

vulnerabilityCVEmedium-severitycwe-90
/SCW Vulnerability Desk /MEDIUM /4.8 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-40602 — The Home Assistant Command-line interface (hass-cli) is a

CVE-2026-40602 — The Home Assistant Command-line interface (hass-cli) is a command-line tool for Home Assistant. Up to 1.0.0 of home-assitant-cli an unrestricted environment was used...

vulnerabilityCVEmedium-severitycwe-94cwe-1336
/SCW Vulnerability Desk /MEDIUM /5.6 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-40594 — Race Condition

CVE-2026-40594 — pyLoad is a free and open-source download manager written in Python. Prior to 0.5.0b3.dev98, the set_session_cookie_secure before_request handler in src/pyload/webui/app/__init__.py reads the X-Forwarded-Proto...

vulnerabilityCVEmedium-severityrace-conditioncwe-346
/SCW Vulnerability Desk /MEDIUM /4.8 /⚑ 2 IOCs /⚙ 3 Sigma

BlueprintUE Vulnerability Allows Permanent Account Takeover

CVE-2026-40588 — blueprintUE is a tool to help Unreal Engine developers. Prior to 4.2.0, the password change form at /profile/{slug}/edit/ does not include a current_password...

vulnerabilityCVEhigh-severitycross-site-scripting-xsscwe-620
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 1 IOC /⚙ 2 Sigma

CVE-2026-40587 — blueprintUE is a tool to help Unreal Engine developers.

CVE-2026-40587 — blueprintUE is a tool to help Unreal Engine developers. Prior to 4.2.0, when a user changes their password via the profile edit page,...

vulnerabilityCVEmedium-severitycwe-613
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 2 Sigma

Critical IODR Vulnerability in Crafty Controller Puts Servers at Risk

CVE-2026-5652 — An insecure direct object reference vulnerability in the Users API component of Crafty Controller allows a remote, authenticated attacker to perform user modification...

vulnerabilityCVEcriticalhigh-severitycwe-639
/SCW Vulnerability Desk /CRITICAL /9 /⚑ 2 IOCs /⚙ 3 Sigma

FreeScout Vulnerability Allows Unauthorized Chat Setting Changes

CVE-2026-41191 — FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.215, `MailboxesController::updateSave()` persists `chat_start_new` outside the allowed-field filter. A user...

vulnerabilityCVEhigh-severitycwe-863
/SCW Vulnerability Desk /HIGH /7.1 /⚑ 3 IOCs /⚙ 2 Sigma

FreeScout Help Desk Vulnerability Exposes Hidden Conversation Drafts

CVE-2026-41190 — FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.215, when `APP_SHOW_ONLY_ASSIGNED_CONVERSATIONS` is enabled, direct conversation view correctly blocks...

vulnerabilityCVEhigh-severitycwe-863
/SCW Vulnerability Desk /HIGH /7.1 /⚑ 2 IOCs /⚙ 2 Sigma

FreeScout Vulnerability Lets Unauthorized Users Edit Support Threads

CVE-2026-41189 — FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.215, customer-thread editing is authorized through `ThreadPolicy::edit()`, which checks mailbox...

vulnerabilityCVEhigh-severitycwe-863
/SCW Vulnerability Desk /HIGH /7.1 /⚑ 1 IOC /⚙ 2 Sigma

FreeScout Vulnerability Allows Low-Privilege Agents to Expose Hidden Customer Data

CVE-2026-40591 — FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.214, the phone-conversation creation flow accepts attacker-controlled `customer_id`, `name`, `to_email`,...

vulnerabilityCVEhigh-severitycwe-639
/SCW Vulnerability Desk /HIGH /7.1 /⚑ 1 IOC /⚙ 3 Sigma

FreeScout Vulnerability Exposes Hidden Customer Data

CVE-2026-40589 — FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.214, a low-privileged agent can edit a visible customer and...

vulnerabilityCVEhigh-severitycwe-639
/SCW Vulnerability Desk /HIGH /7.6 /⚑ 1 IOC /⚙ 3 Sigma

Unreal Engine Tool's Login Flaw Exposes Developers to Brute-Force Attacks

CVE-2026-40586 — blueprintUE is a tool to help Unreal Engine developers. Prior to 4.2.0, the login form handler performs no throttling of any kind. Failed...

vulnerabilityCVEhigh-severitycwe-307
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 1 IOC /⚙ 2 Sigma

Unreal Engine Dev Tool Vulnerability Allows Indefinite Password Reset Token Validity

CVE-2026-40585 — blueprintUE is a tool to help Unreal Engine developers. Prior to 4.2.0, when a password reset is initiated, a 128-character CSPRNG token is...

vulnerabilityCVEhigh-severitycwe-640
/SCW Vulnerability Desk /HIGH /7.4 /⚑ 3 IOCs /⚙ 2 Sigma

Excel-MCP-Server Path Traversal: Critical Flaw Exposes File System

CVE-2026-40576 — excel-mcp-server is a Model Context Protocol server for Excel file manipulation. A path traversal vulnerability exists in excel-mcp-server versions up to and including...

vulnerabilityCVEcriticalhigh-severitypath-traversalcwe-22
/SCW Vulnerability Desk /CRITICAL /9.4 /⚑ 2 IOCs /⚙ 4 Sigma

FreeScout Vulnerability Allows Silent Email Exfiltration and Hijacking

CVE-2026-40569 — FreeScout is a free self-hosted help desk and shared mailbox. Versions prior to 1.8.213 have a mass assignment vulnerability in the mailbox connection...

vulnerabilityCVEcriticalhigh-severitycross-site-scripting-xsscwe-284cwe-915
/SCW Vulnerability Desk /CRITICAL /9 /⚑ 1 IOC /⚙ 3 Sigma

FreeScout XSS Flaw Allows Session Hijacking and Data Exfiltration

CVE-2026-40568 — FreeScout is a free self-hosted help desk and shared mailbox. Versions prior to 1.8.213 have a stored cross-site scripting (XSS) vulnerability in the...

vulnerabilityCVEhigh-severitycross-site-scripting-xsscwe-79cwe-116
/SCW Vulnerability Desk /HIGH /8.5 /⚑ 5 IOCs /⚙ 6 Sigma

Tekton Pipelines Git Resolver Leaks API Tokens

CVE-2026-40161 — Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. From 1.0.0 to 1.10.0, the Tekton Pipelines git resolver in API mode sends...

vulnerabilityCVEhigh-severitycwe-201
/SCW Vulnerability Desk /HIGH /7.7 /⚑ 3 IOCs /⚙ 3 Sigma

Critical Unauthenticated Path Traversal in CrowdStrike LogScale

CVE-2026-40050 — CrowdStrike has released security updates to address a critical unauthenticated path traversal vulnerability (CVE-2026-40050) in LogScale. This vulnerability only requires mitigation by customers...

vulnerabilityCVEcriticalhigh-severitypath-traversalcwe-22cwe-306
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 3 IOCs /⚙ 2 Sigma

NVIDIA CUDA-Q Vulnerability Poses DoS, Info Disclosure Risk

CVE-2026-24189 — NVIDIA CUDA-Q contains a vulnerability in an endpoint, where an unauthenticated attacker could cause an out-of-bounds read by sending a maliciously crafted request....

vulnerabilityCVEhigh-severitydenial-of-servicecwe-125
/SCW Vulnerability Desk /HIGH /8.2 /⚑ 1 IOC /⚙ 3 Sigma

NVIDIA KAI Scheduler Flaw: Unauthorized API Access Poses Data Risk

CVE-2026-24177 — NVIDIA KAI Scheduler contains a vulnerability where an attacker could access API endpoints without authorization. A successful exploit of this vulnerability might lead...

vulnerabilityCVEhigh-severityinformation-disclosurecwe-306
/SCW Vulnerability Desk /HIGH /7.7 /⚑ 1 IOC /⚙ 3 Sigma

CVE-2026-40565 — FreeScout is a free self-hosted help desk and shared

CVE-2026-40565 — FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.213, FreeScout's linkify() function in app/Misc/Helper.php converts plain-text URLs in...

vulnerabilityCVEmedium-severitycwe-79
/SCW Vulnerability Desk /MEDIUM /6.1 /⚑ 2 IOCs /⚙ 3 Sigma

BRIDGE:BREAK Flaws Plague Lantronix and Silex Serial-to-IP Converters

Forescout Research Vedere Labs has uncovered 22 critical vulnerabilities, collectively named BRIDGE:BREAK, impacting Lantronix and Silex serial-to-IP converters. These devices, crucial for bridging legacy serial...

threat-intelvulnerabilitydata-breachcloudmicrosoft
/SCW Vulnerability Desk /MEDIUM /⚑ 1 IOC /⚙ 3 Sigma

Bomgar RMM Exploitation: A Supply Chain Wake-Up Call

Dark Reading reports a significant surge in the exploitation of a critical Remote Code Execution (RCE) vulnerability, CVE-2026-1731, within the Bomgar Remote Monitoring and Management...

threat-inteltoolsmalwareransomwarevulnerability
/SCW Vulnerability Desk /HIGH /⚑ 1 IOC /⚙ 3 Sigma

Fortra GoAnywhere MFT SFTP Brute Force Vulnerability

CVE-2026-0972 — The login limit is not enforced on the SFTP service of Fortra's GoAnywhere MFT prior to 7.10.0 if the Web User attempting to be...

vulnerabilityCVEhigh-severitycwe-307
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 1 IOC /⚙ 3 Sigma

CVE-2026-0971 — An improper session timeout issue in Fortra's GoAnywhere

CVE-2026-0971 — An improper session timeout issue in Fortra's GoAnywhere MFT prior to version 7.10.0 results in SAML configured Web Users being redirected to the...

vulnerabilityCVEmedium-severitycwe-613
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 1 Sigma

CVE-2025-31981 — HCL BigFix Service Management (SM) Discovery is vulnerable

CVE-2025-31981 — HCL BigFix Service Management (SM) Discovery is vulnerable to unenforced encryption due to port 80 (HTTP) being open, allowing unencrypted access.  An attacker...

vulnerabilityCVEmedium-severitycwe-319
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 3 Sigma

Fortra GoAnywhere MFT: SSH Key Brute Force Vulnerability Discovered

CVE-2025-14362 — The login limit is not enforced on the SFTP service of Fortra's GoAnywhere MFT prior to 7.10.0 if the Web User attempting to be...

vulnerabilityCVEhigh-severitycwe-307
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 1 IOC /⚙ 3 Sigma

CVE-2025-1241 — Encrypted values in Fortra's GoAnywhere MFT prior to

CVE-2025-1241 — Encrypted values in Fortra's GoAnywhere MFT prior to version 7.10.0 and GoAnywhere Agents prior to version 2.2.0 utilize a static IV which allows admin...

vulnerabilityCVEmedium-severitycwe-326
/SCW Vulnerability Desk /MEDIUM /5.8 /⚑ 2 IOCs /⚙ 3 Sigma

Anthropic's STDIO Design Flaw: RCE in AI Ecosystem

Researchers at OX Security have identified a critical RCE vulnerability stemming from the design of Anthropic's official SDKs, specifically how they handle STDIO. This flaw...

vulnerability
/SCW Vulnerability Desk /HIGH /⚑ 1 IOC /⚙ 3 Sigma

Google Patches Critical RCE in AI Filesystem Tool

Dark Reading reports that Google has addressed a critical remote code execution (RCE) vulnerability in an AI-powered tool designed for filesystem operations. The flaw, identified...

threat-inteltoolsvulnerabilityai-security
/SCW Vulnerability Desk /HIGH /⚑ 3 IOCs /⚙ 3 Sigma

FreePBX Command Injection: Authenticated Attackers Gain Host Access

CVE-2026-40520 — FreePBX api module version 17.0.8 and prior contain a command injection vulnerability in the initiateGqlAPIProcess() function where GraphQL mutation input fields are passed...

vulnerabilityCVEhigh-severitycommand-injectioncwe-78
/SCW Vulnerability Desk /HIGH /7.2 /⚑ 3 IOCs /⚙ 5 Sigma

MTTR Slowdown: It's Not Analysts, It's Bad Intel

Security teams often treat Mean Time to Respond (MTTR) as an internal Key Performance Indicator. However, leadership views it through a different lens: every hour...

threat-intelvulnerability
/SCW Vulnerability Desk /MEDIUM

Unsecured Perforce Servers Leak Sensitive Data from Major Organizations

Despite improvements, a recent analysis by SecurityWeek has identified over 1,500 exposed Perforce P4 instances. These unsecured servers allow unauthorized access, enabling attackers to read...

threat-intelvulnerability
/SCW Vulnerability Desk /MEDIUM /⚑ 2 IOCs /⚙ 3 Sigma

Progress Patches Critical Flaws in MOVEit WAF, LoadMaster

Progress has issued patches addressing multiple critical vulnerabilities in its MOVEit Transfer Web Application Firewall (WAF) and LoadMaster products. According to SecurityWeek, these flaws include...

threat-intelvulnerability
/SCW Vulnerability Desk /HIGH /⚑ 5 IOCs /⚙ 1 Sigma

Identity Attacks Dominate: No Exploit Needed for Breach

The cybersecurity industry's focus on sophisticated threats like zero-days and supply chain compromises often overshadows a persistent reality: stolen credentials remain the most reliable entry...

threat-intelvulnerabilitydata-breachidentity
/SCW Vulnerability Desk /HIGH /⚑ 2 IOCs

CISA Warns: Exploited Cisco, Kentico, Zimbra Flaws Demand Immediate Action

CISA has expanded its Known Exploited Vulnerabilities (KEV) catalog with eight new flaws, underscoring a critical threat landscape. According to SecurityWeek, five of these vulnerabilities...

threat-intelvulnerabilitycloud
/SCW Vulnerability Desk /MEDIUM /⚑ 3 IOCs /⚙ 3 Sigma

Healthcare Breaches Hit 600,000 in Illinois and Texas

Multiple healthcare organizations across Illinois and Texas have disclosed data breaches impacting approximately 600,000 individuals. SecurityWeek reports that Southern Illinois Dermatology, Saint Anthony Hospital, and...

threat-intelvulnerabilitydata-breach
/SCW Vulnerability Desk /MEDIUM /⚑ 3 IOCs /⚙ 3 Sigma

NGate Android Malware Targets Brazil, Abuses HandyPay App

A new iteration of the NGate Android malware family is actively targeting users in Brazil, according to The Hacker News. This campaign marks a shift...

threat-intelvulnerabilitymalware
/SCW Vulnerability Desk /MEDIUM /⚑ 4 IOCs

Google Antigravity IDE Flaw Led to Code Execution

The Hacker News reports a critical vulnerability in Google's agentic integrated development environment (IDE), Antigravity. This flaw, now patched, allowed for code execution by combining...

threat-intelvulnerabilityai-securitytools
/SCW Vulnerability Desk /MEDIUM /⚑ 3 IOCs /⚙ 3 Sigma

MetaSlider Vulnerability: Object Injection via Deserialization of Untrusted Data

CVE-2026-39467 — Deserialization of Untrusted Data vulnerability in MetaSlider Responsive Slider by MetaSlider allows Object Injection.This issue affects Responsive Slider by MetaSlider: from n/a through...

vulnerabilityCVEhigh-severityinsecure-deserializationcwe-502
/SCW Vulnerability Desk /HIGH /7.2 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-6712 — Cross-Site Scripting (XSS)

CVE-2026-6712 — The Website LLMs.txt plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 8.2.6...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /4.4 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-6711 — Cross-Site Scripting (XSS)

CVE-2026-6711 — The Website LLMs.txt plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'tab' parameter in all versions up to, and including,...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.1 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-6703 — The Responsive Blocks – Page Builder for Blocks & Patterns

CVE-2026-6703 — The Responsive Blocks – Page Builder for Blocks & Patterns plugin for WordPress is vulnerable to unauthorized access in all versions up to,...

vulnerabilityCVEmedium-severitycwe-862
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-31368: AiAssistant Privilege Bypass Poses High Risk

CVE-2026-31368 — AiAssistant is affected by type privilege bypass, successful exploitation of this vulnerability may affect service availability.

vulnerabilityCVEhigh-severity
/SCW Vulnerability Desk /HIGH /7.8 /⚑ 2 IOCs /⚙ 3 Sigma

CISA Adds 8 Exploited Vulnerabilities to KEV Catalog

CISA has added eight new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, mandating federal agencies to patch them by April and May 2026. Among...

threat-intelvulnerabilitycloudidentity
/SCW Vulnerability Desk /HIGH /⚑ 2 IOCs /⚙ 3 Sigma

Critical Command Injection in NewSoftOA: Unauthenticated RCE Risk

CVE-2026-5965 — NewSoftOA developed by NewSoft has an OS Command Injection vulnerability, allowing unauthenticated local attackers to inject arbitrary OS commands and execute them on...

vulnerabilityCVEcriticalhigh-severitycommand-injectioncwe-78
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-6675 — The Responsive Blocks – Page Builder for Blocks & Patterns

CVE-2026-6675 — The Responsive Blocks – Page Builder for Blocks & Patterns plugin for WordPress is vulnerable to Unauthenticated Open Email Relay in all versions...

vulnerabilityCVEmedium-severitycwe-20
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-6674 — SQL Injection

CVE-2026-6674 — The Plugin: CMS für Motorrad Werkstätten plugin for WordPress is vulnerable to SQL Injection via the 'arttype' parameter in all versions up to,...

vulnerabilityCVEmedium-severitysql-injectioncwe-89
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 3 Sigma

FreeScout CSS Injection Allows Privilege Escalation

CVE-2026-40497 — FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.213, FreeScout's `Helper::stripDangerousTags()` removes ``, ``, ``, `` but does...

vulnerabilityCVEhigh-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-6058 — The CGI Program Of Zyxel WRE6505 Denial of Service

CVE-2026-6058 — **UNSUPPORTED WHEN ASSIGNED** An improper encoding or escaping vulnerability in the CGI program of Zyxel WRE6505 v2 firmware version V1.00(ABDV.3)C0 could allow an...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-116
/SCW Vulnerability Desk /MEDIUM /4.5 /⚑ 2 IOCs /⚙ 2 Sigma

Apktool Path Traversal: Arbitrary File Write Leads to RCE

CVE-2026-39973 — Apktool is a tool for reverse engineering Android APK files. In versions 3.0.0 and 3.0.1, a path traversal vulnerability in `brut/androlib/res/decoder/ResFileDecoder.java` allows a...

vulnerabilityCVEhigh-severitypath-traversalcwe-22
/SCW Vulnerability Desk /HIGH /7.1 /⚑ 1 IOC /⚙ 4 Sigma

CVE-2026-39886 — Out-of-Bounds $1

CVE-2026-39886 — OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. Versions 3.4.0...

vulnerabilityCVEmedium-severityout-of-bounds-1cwe-190
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 3 Sigma

Neko Virtual Browser: Authenticated RCE to Admin Takeover

CVE-2026-39386 — Neko is a a self-hosted virtual browser that runs in Docker and uses WebRTC In versions 3.0.0 through 3.0.10 and 3.1.0 through 3.1.1,...

vulnerabilityCVEhigh-severitycwe-20cwe-269cwe-284cwe-639cwe-862
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-39378 — Path Traversal

CVE-2026-39378 — The nbconvert tool, jupyter nbconvert, converts Jupyter notebooks to various other formats via Jinja templates. In versions 6.5 through 7.17.0, when `HTMLExporter.embed_images=True`, nbconvert's...

vulnerabilityCVEmedium-severitypath-traversalcwe-22cwe-73
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-39377 — Path Traversal

CVE-2026-39377 — The nbconvert tool, jupyter nbconvert, converts Jupyter notebooks to various other formats via Jinja templates. Versions 6.5 through 7.17.0 allow arbitrary file writes...

vulnerabilityCVEmedium-severitypath-traversalcwe-22cwe-73
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 3 IOCs /⚙ 3 Sigma

Signal K Server DoS: Unauthenticated ReDoS Attack Hits Marine Systems

CVE-2026-39320 — Signal K Server is a server application that runs on a central hub in a boat. Versions prior to 2.25.0 are vulnerable to...

vulnerabilityCVEhigh-severitydenial-of-servicecwe-400cwe-1333
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-41331 — Telegram Audio Preflight Transcription That Vulnerability

CVE-2026-41331 — OpenClaw before 2026.3.31 contains a resource consumption vulnerability in Telegram audio preflight transcription that allows unauthorized group senders to trigger transcription processing. Attackers...

vulnerabilityCVEmedium-severitycwe-408
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 2 Sigma

Critical OpenClaw Sandbox Bypass Allows Privilege Escalation

CVE-2026-41329 — OpenClaw before 2026.3.31 contains a sandbox bypass vulnerability allowing attackers to escalate privileges via heartbeat context inheritance and senderIsOwner parameter manipulation. Attackers can...

vulnerabilityCVEcriticalhigh-severityprivilege-escalationcwe-648
/SCW Vulnerability Desk /CRITICAL /9.9 /⚑ 4 IOCs /⚙ 2 Sigma

OpenClaw Discord Bot Vulnerability Allows Unauthorized Exec Approvals

CVE-2026-41303 — OpenClaw before 2026.3.28 contains an authorization bypass vulnerability in Discord text approval commands that allows non-approvers to resolve pending exec approvals. Attackers can...

vulnerabilityCVEhigh-severitycwe-863
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 2 Sigma

OpenClaw SSRF Vulnerability Exposes Internal Resources

CVE-2026-41302 — OpenClaw before 2026.3.31 contains a server-side request forgery vulnerability in the marketplace plugin download functionality that allows remote attackers to make arbitrary network...

vulnerabilityCVEhigh-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /HIGH /7.6 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-41301 — The Nostr DM Ingress Path That Vulnerability

CVE-2026-41301 — OpenClaw versions 2026.3.22 before 2026.3.31 contain a signature verification bypass vulnerability in the Nostr DM ingress path that allows pairing challenges to be...

vulnerabilityCVEmedium-severitycwe-347
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-41300 — OpenClaw before 2026.3.31 contains a trust-decline

CVE-2026-41300 — OpenClaw before 2026.3.31 contains a trust-decline vulnerability that preserves attacker-discovered endpoints in remote onboarding flows. Attackers can route gateway credentials to malicious endpoints...

vulnerabilityCVEmedium-severitycwe-372
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 2 Sigma

OpenClaw Authorization Bypass Puts Operator Privileges at Risk

CVE-2026-41299 — OpenClaw before 2026.3.28 contains an authorization bypass vulnerability in the chat.send gateway method where ACP-only provenance fields are gated by self-declared client metadata...

vulnerabilityCVEhigh-severitycwe-807
/SCW Vulnerability Desk /HIGH /7.1 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-41298 — OpenClaw before 2026.4.2 fails to enforce write scopes on

CVE-2026-41298 — OpenClaw before 2026.4.2 fails to enforce write scopes on the POST /sessions/:sessionKey/kill endpoint in identity-bearing HTTP modes. Read-scoped callers can terminate running subagent...

vulnerabilityCVEmedium-severitycwe-862
/SCW Vulnerability Desk /MEDIUM /5.4 /⚑ 2 IOCs /⚙ 2 Sigma

OpenClaw SSRF Vulnerability Exposes Internal Resources

CVE-2026-41297 — OpenClaw before 2026.3.31 contains a server-side request forgery vulnerability in the marketplace plugin download functionality that allows attackers to access internal resources by...

vulnerabilityCVEhigh-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /HIGH /7.6 /⚑ 3 IOCs /⚙ 3 Sigma

OpenClaw Sandbox Escape Via Time-of-Check-Time-of-Use Race Condition

CVE-2026-41296 — OpenClaw before 2026.3.31 contains a time-of-check-time-of-use race condition in the remote filesystem bridge readFile function that allows sandbox escape. Attackers can exploit the...

vulnerabilityCVEhigh-severityarbitrary-file-accesscwe-367
/SCW Vulnerability Desk /HIGH /8.2 /⚑ 3 IOCs /⚙ 2 Sigma

OpenClaw Vulnerability Allows Untrusted Code Execution Before Plugin Trust

CVE-2026-41295 — OpenClaw before 2026.4.2 contains an improper trust boundary vulnerability allowing untrusted workspace channel shadows to execute during built-in channel setup and login. Attackers...

vulnerabilityCVEhigh-severitycode-executioncwe-829
/SCW Vulnerability Desk /HIGH /7.8 /⚑ 1 IOC /⚙ 3 Sigma

OpenClaw .env Vulnerability: Local File Can Hijack Config

CVE-2026-41294 — OpenClaw before 2026.3.28 loads the current working directory .env file before trusted state-dir configuration, allowing environment variable injection. Attackers can place a malicious...

vulnerabilityCVEhigh-severitycwe-15
/SCW Vulnerability Desk /HIGH /8.6 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-40045 — OpenClaw before 2026.4.2 accepts non-loopback cleartext

CVE-2026-40045 — OpenClaw before 2026.4.2 accepts non-loopback cleartext ws:// gateway endpoints and transmits stored gateway credentials over unencrypted connections. Attackers can forge discovery results or...

vulnerabilityCVEmedium-severitycwe-319
/SCW Vulnerability Desk /MEDIUM /5.7 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-35588 — Glances is an open-source system cross-platform monitoring

CVE-2026-35588 — Glances is an open-source system cross-platform monitoring tool. Prior to version 4.5.4, the Cassandra export module (`glances/exports/glances_cassandra/__init__.py`) interpolates `keyspace`, `table`, and `replication_factor` configuration...

vulnerabilityCVEmedium-severitycwe-89
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 2 IOCs /⚙ 2 Sigma

OpenClaude Path Traversal Bypasses Sandbox Controls

CVE-2026-35570 — OpenClaude is an open-source coding-agent command line interface for cloud and local model providers. Versions prior to 0.5.1 have a logic flaw in...

vulnerabilityCVEhigh-severitypath-traversalcwe-22cwe-284
/SCW Vulnerability Desk /HIGH /8.4 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-5721 — Cross-Site Scripting (XSS)

CVE-2026-5721 — The wpDataTables – WordPress Data Table, Dynamic Tables & Table Charts Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /4.7 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-6729 — HKUDS OpenHarness prior to PR #159 remediation contains a

CVE-2026-6729 — HKUDS OpenHarness prior to PR #159 remediation contains a session key derivation vulnerability that allows authenticated participants in shared chats or threads to...

vulnerabilityCVEmedium-severitycwe-287
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 2 IOCs

CVE-2026-4852 — Cross-Site Scripting (XSS)

CVE-2026-4852 — The Image Source Control Lite – Show Image Credits and Captions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Image...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs /⚙ 3 Sigma

LMDeploy Vulnerability Exposes LLM Servers to SSRF Attacks

CVE-2026-33626 — LMDeploy is a toolkit for compressing, deploying, and serving large language models. Versions prior to 0.12.3 have a Server-Side Request Forgery (SSRF) vulnerability...

vulnerabilityCVEhigh-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 1 IOC /⚙ 3 Sigma

Critical Spinnaker Vulnerability Exposes JVM to Attackers

CVE-2026-32613 — Spinnaker is an open source, multi-cloud continuous delivery platform. Echo like some other services, uses SPeL (Spring Expression Language) to process information -...

vulnerabilityCVEcriticalhigh-severitycwe-94
/SCW Vulnerability Desk /CRITICAL /9.9 /⚑ 3 IOCs /⚙ 3 Sigma

Critical Spinnaker Vulnerability Exposes Cloud Credentials

CVE-2026-32604 — Spinnaker is an open source, multi-cloud continuous delivery platform. In versions prior to 2026.1.0, 2026.0.1, 2025.4.2, and 2025.3.2, a bad actor can execute...

vulnerabilityCVEcriticalhigh-severitycwe-20
/SCW Vulnerability Desk /CRITICAL /9.9 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-6550 — Cryptographic algorithm downgrade in the caching layer of

CVE-2026-6550 — Cryptographic algorithm downgrade in the caching layer of Amazon AWS Encryption SDK for Python before version 3.3.1 and before version 4.0.5 might allow...

vulnerabilityCVEmedium-severitycwe-757
/SCW Vulnerability Desk /MEDIUM /4.7 /⚑ 2 IOCs /⚙ 2 Sigma

Vvveb CMS RCE: Authenticated Users Can Rename Files to Execute Code

CVE-2026-6257 — Vvveb CMS v1.0.8 contains a remote code execution vulnerability in its media management functionality where a missing return statement in the file rename...

vulnerabilityCVEcriticalhigh-severityremote-code-executioncwe-434
/SCW Vulnerability Desk /CRITICAL /9.1 /⚑ 1 IOC /⚙ 3 Sigma

Vvveb CMS RCE: Authenticated Users Can Own Your Server

CVE-2026-6249 — Vvveb CMS 1.0.8 contains a remote code execution vulnerability in its media upload handler that allows authenticated attackers to execute arbitrary operating system...

vulnerabilityCVEhigh-severityremote-code-executioncwe-434
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 1 IOC /⚙ 3 Sigma

Everest Forms Plugin Vulnerability Allows Arbitrary File Read and Deletion

CVE-2026-5478 — The Everest Forms plugin for WordPress is vulnerable to Arbitrary File Read and Deletion in all versions up to, and including, 3.4.4. This...

vulnerabilityCVEhigh-severitydenial-of-servicecwe-22
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 2 IOCs /⚙ 3 Sigma

wpForo Plugin Flaw Allows Arbitrary File Deletion, RCE

CVE-2026-6248 — The wpForo Forum plugin for WordPress is vulnerable to Arbitrary File Deletion in versions up to and including 3.0.5. This is due to...

vulnerabilityCVEhigh-severityremote-code-executioncwe-22
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 5 IOCs /⚙ 3 Sigma

CVE-2026-6060 — Denial of Service

CVE-2026-6060 — A vulnerability in the SQL Box in the admin interface of OTRS leads to an uncontrolled resource consumption leading to a DoS against...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-400cwe-770
/SCW Vulnerability Desk /MEDIUM /4.5 /⚑ 3 IOCs /⚙ 1 Sigma

CVE-2026-41389 — OpenClaw versions 2026.4.7 before 2026.4.15 fail to enforce

CVE-2026-41389 — OpenClaw versions 2026.4.7 before 2026.4.15 fail to enforce local-root containment on tool-result media paths, allowing arbitrary local and UNC file access. Attackers can...

vulnerabilityCVEmedium-severitycwe-73
/SCW Vulnerability Desk /MEDIUM /5.8 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-39112 — Cross Site Scripting vulnerability in Apartment Visitors

CVE-2026-39112 — Cross Site Scripting vulnerability in Apartment Visitors Management System Apartment Visitors Management System V1.1 in the visname parameter of visitors-form.php. An authenticated attacker...

vulnerabilityCVEmedium-severitycwe-79
/SCW Vulnerability Desk /MEDIUM /5.4 /⚑ 2 IOCs /⚙ 3 Sigma

Unauthenticated SQLi in Apartment Visitors Management System

CVE-2026-39111 — SQL Injection vulnerability in Apartment Visitors Management System Apartment Visitors Management System V1.1 in the email parameter of the forgot password page (forgot-password.php)....

vulnerabilityCVEhigh-severitysql-injectioncwe-89
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-23757 — Cross-Site Scripting (XSS)

CVE-2026-23757 — GFI HelpDesk before 4.99.10 contains a stored cross-site scripting vulnerability in the Reports module where the title parameter is passed directly to SWIFT_Report::Create() without...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /5.4 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-23756 — Cross-Site Scripting (XSS)

CVE-2026-23756 — GFI HelpDesk before 4.99.9 contains a stored cross-site scripting vulnerability in the Troubleshooter module where the subject POST parameter is not sanitized in Controller_Step.InsertSubmit()...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /5.4 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-23753 — Cross-Site Scripting (XSS)

CVE-2026-23753 — GFI HelpDesk before 4.99.9 contains a stored cross-site scripting vulnerability in the language management functionality where the charset POST parameter is passed directly to...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /4.8 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-23752 — The Template Group Creation And Editing Functionality That Cross-Site Scripting (XSS)

CVE-2026-23752 — GFI HelpDesk before 4.99.9 contains a stored cross-site scripting vulnerability in the template group creation and editing functionality that allows authenticated administrators to inject...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /4.8 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-6662: Open CORS Policy in copilot-api Exposes Token Endpoint

CVE-2026-6662 — A vulnerability was found in ericc-ch copilot-api up to 0.7.0. The impacted element is the function cors of the file src/server.ts of the...

vulnerabilityCVEhigh-severitycwe-346cwe-942
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 2 Sigma

KissFFT Integer Overflow: Heap Corruption Risk in Signal Processing

CVE-2026-41445 — KissFFT before commit 8a8e66e contains an integer overflow vulnerability in the kiss_fftndr_alloc() function in kiss_fftndr.c where the allocation size calculation dimOther*(dimReal+2)*sizeof(kiss_fft_scalar) overflows signed 32-bit...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-122cwe-190
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-35154 — IDRAC. A High Privileged Attacker With Local Access Vulnerability

CVE-2026-35154 — Dell PowerProtect Data Domain appliances, versions 7.7.1.0 through 8.7.0.0, LTS2025 release versions 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain an...

vulnerabilityCVEmedium-severitycwe-269
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-28684 — Arbitrary File Access

CVE-2026-28684 — python-dotenv reads key-value pairs from a .env file and can set them as environment variables. Prior to version 1.2.2, `set_key()` and `unset_key()` in...

vulnerabilityCVEmedium-severityarbitrary-file-accesscwe-59cwe-61
/SCW Vulnerability Desk /MEDIUM /6.6 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-26951 — Buffer Overflow

CVE-2026-26951 — Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain a stack-based...

vulnerabilityCVEmedium-severitybuffer-overflowcwe-121
/SCW Vulnerability Desk /MEDIUM /6.7 /⚑ 2 IOCs /⚙ 3 Sigma

Dell PowerProtect Data Domain OS Command Injection: Root Access Risk

CVE-2026-26943 — Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain an OS...

vulnerabilityCVEhigh-severitycommand-injectioncwe-78
/SCW Vulnerability Desk /HIGH /7.2 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-26942 — Command Injection

CVE-2026-26942 — Dell PowerProtect Data Domain, versions 8.5 through 8.6 contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS command injection...

vulnerabilityCVEmedium-severitycommand-injectioncwe-78
/SCW Vulnerability Desk /MEDIUM /6.7 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-25525 — Path Traversal

CVE-2026-25525 — Magento Long Term Support (LTS) is an unofficial, community-driven project provides an alternative to the Magento Community Edition e-commerce platform with a high...

vulnerabilityCVEmedium-severitypath-traversalcwe-22cwe-184
/SCW Vulnerability Desk /MEDIUM /4.9 /⚑ 3 IOCs /⚙ 4 Sigma

OpenMage LTS Vulnerability Allows Arbitrary Code Execution via Phar Files

CVE-2026-25524 — Magento Long Term Support (LTS) is an unofficial, community-driven project provides an alternative to the Magento Community Edition e-commerce platform with a high...

vulnerabilityCVEhigh-severitycode-executioncwe-502
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 1 IOC /⚙ 3 Sigma

Dell PowerProtect Data Domain: Root OS Command Injection

CVE-2026-24506 — Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain an OS...

vulnerabilityCVEhigh-severitycommand-injectioncwe-78
/SCW Vulnerability Desk /HIGH /7.2 /⚑ 1 IOC /⚙ 2 Sigma

Dell PowerProtect Data Domain: Remote Root Execution Vulnerability

CVE-2026-24505 — Dell PowerProtect Data Domain, versions 8.5 through 8.6 contain an improper input validation vulnerability. A high privileged attacker with remote access could potentially...

vulnerabilityCVEhigh-severitycwe-20
/SCW Vulnerability Desk /HIGH /7.2 /⚑ 2 IOCs /⚙ 3 Sigma

Dell PowerProtect Vulnerability Allows Root Command Execution

CVE-2026-24504 — Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain an improper...

vulnerabilityCVEhigh-severitycwe-20
/SCW Vulnerability Desk /HIGH /7.2 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-22761 — Command Injection

CVE-2026-22761 — Dell PowerProtect Data Domain, versions 8.5 through 8.6 contain a command injection vulnerability. A high privileged attacker with remote access could potentially exploit...

vulnerabilityCVEmedium-severitycommand-injectioncwe-78
/SCW Vulnerability Desk /MEDIUM /6.7 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2025-66954 — A vulnerability exists in the Buffalo Link Station version

CVE-2025-66954 — A vulnerability exists in the Buffalo Link Station version 1.85-0.01 that allows unauthenticated or guest-level users to enumerate valid usernames and their associated...

vulnerabilityCVEmedium-severitycwe-639
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 2 Sigma

Critical RCE in SGLang via Malicious GGUF Models

A critical remote code execution (RCE) vulnerability, tracked as CVE-2026-5760 with a CVSS score of 9.8, has been disclosed in SGLang. The Hacker News reports...

threat-intelvulnerability
/SCW Vulnerability Desk /HIGH /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-6652 — The Function Evaluate Of The File App/Modules/View/Src/PhpEn Vulnerability

CVE-2026-6652 — A weakness has been identified in Pagekit CMS up to 1.0.18. This issue affects the function evaluate of the file app/modules/view/src/PhpEngine.php of the...

vulnerabilityCVEmedium-severitycwe-94cwe-95
/SCW Vulnerability Desk /MEDIUM /4.7 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-6650 — Z-BlogPHP Unrestricted File Upload

CVE-2026-6650 — A vulnerability was identified in Z-BlogPHP 1.7.5. This affects the function App::UnPack of the file /zb_users/plugin/AppCentre/app_upload.php of the component ZBA File Handler. The...

vulnerabilityCVEmedium-severityunrestricted-file-uploadcwe-284cwe-434
/SCW Vulnerability Desk /MEDIUM /4.7 /⚑ 3 IOCs /⚙ 3 Sigma

ConnectWise Automate Flaw Exposes Client Traffic to Interception

CVE-2026-6066 — ConnectWise has released a security update for ConnectWise Automate™ that addresses a behavior in the ConnectWise Automate Solution Center where certain client-to-server communications...

vulnerabilityCVEhigh-severitycwe-319
/SCW Vulnerability Desk /HIGH /7.1 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-41245 — `LocalFolderExtractor` Path Traversal

CVE-2026-41245 — Junrar is an open source java RAR archive library. Prior to version 7.5.10, a path traversal vulnerability in `LocalFolderExtractor` allows an attacker to...

vulnerabilityCVEmedium-severitypath-traversalcwe-22
/SCW Vulnerability Desk /MEDIUM /5.9 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-40896 — OpenProject is open-source, web-based project management

CVE-2026-40896 — OpenProject is open-source, web-based project management software. Prior to version 17.3.0, a user with `manage_agendas` permission in any project can inject agenda items...

vulnerabilityCVEmedium-severitycwe-367cwe-639
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 3 IOCs /⚙ 3 Sigma

Unauthenticated RCE in Vvveb Installer: Critical Flaw Exposes Web Servers

CVE-2026-39918 — Vvveb prior to 1.0.8.1 contains a code injection vulnerability in the installation endpoint where the subdir POST parameter is written unsanitized into the env.php...

vulnerabilityCVEcriticalhigh-severityremote-code-executioncwe-94
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 1 IOC /⚙ 3 Sigma

CVE-2026-34429 — Remote Code Execution

CVE-2026-34429 — Vvveb prior to 1.0.8.1 contains a stored cross-site scripting vulnerability that allows authenticated users with media upload and rename permissions to execute arbitrary JavaScript...

vulnerabilityCVEmedium-severityremote-code-executioncwe-79
/SCW Vulnerability Desk /MEDIUM /5.4 /⚑ 2 IOCs /⚙ 3 Sigma

Vvveb SSRF Exposes Internal Networks and Files

CVE-2026-34428 — Vvveb prior to 1.0.8.1 contains a server-side request forgery vulnerability in the oEmbedProxy action of the editor/editor module where the url parameter is passed...

vulnerabilityCVEhigh-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /HIGH /7.7 /⚑ 4 IOCs /⚙ 3 Sigma

Vvveb Privilege Escalation: RCE via Admin Profile Modification

CVE-2026-34427 — Vvveb prior to 1.0.8.1 contains a privilege escalation vulnerability in the admin user profile save endpoint that allows authenticated users to modify privileged fields...

vulnerabilityCVEhigh-severityremote-code-executioncwe-915
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 4 IOCs /⚙ 3 Sigma

Critical Dell PowerProtect Vulnerability Allows Root Command Execution

CVE-2026-26944 — Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain a missing...

vulnerabilityCVEhigh-severitycwe-306
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 1 IOC /⚙ 3 Sigma

CVE-2026-25883 — Server-Side Request Forgery

CVE-2026-25883 — Vexa is an open-source, self-hostable meeting bot API and meeting transcription API. Prior to 0.10.0-260419-1910, the Vexa webhook feature allows authenticated users to...

vulnerabilityCVEmedium-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /MEDIUM /5.8 /⚑ 2 IOCs /⚙ 3 Sigma

Vexa Meeting Bot Exposes Unauthenticated Transcripts

CVE-2026-25058 — Vexa is an open-source, self-hostable meeting bot API and meeting transcription API. Prior to 0.10.0-260419-1910, the Vexa transcription-collector service exposes an internal endpoint...

vulnerabilityCVEhigh-severitycwe-306cwe-862
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-24468 — OpenAEV is an open source platform allowing organizations

CVE-2026-24468 — OpenAEV is an open source platform allowing organizations to plan, schedule and conduct cyber adversary simulation campaign and tests. Starting in version 1.11.0...

vulnerabilityCVEmedium-severitycwe-204
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 3 Sigma

OpenAEV Account Takeover: Critical Flaws in Password Reset

CVE-2026-24467 — OpenAEV is an open source platform allowing organizations to plan, schedule and conduct cyber adversary simulation campaign and tests. Starting in version 1.0.0...

vulnerabilityCVEcriticalhigh-severitycwe-640
/SCW Vulnerability Desk /CRITICAL /9 /⚑ 2 IOCs /⚙ 3 Sigma

Dell PowerProtect Data Domain Vulnerable to OS Command Injection

CVE-2026-23774 — Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.5, LTS2025 release version 8.3.1.0 through...

vulnerabilityCVEhigh-severitycommand-injectioncwe-78
/SCW Vulnerability Desk /HIGH /7.2 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-6649 — Server-Side Request Forgery

CVE-2026-6649 — A vulnerability was determined in Qibo CMS 1.0. Affected by this issue is some unknown functionality of the file /index/image/headers. Executing a manipulation...

vulnerabilityCVEmedium-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 2 IOCs /⚙ 3 Sigma

Authenticated Command Injection in Progress ADC LoadMaster

CVE-2026-4048 — OS Command Injection Remote Code Execution Vulnerability in UI in Progress ADC Products allows an authenticated attacker with “All” permissions to execute arbitrary...

vulnerabilityCVEhigh-severityremote-code-executioncwe-77
/SCW Vulnerability Desk /HIGH /8.4 /⚑ 1 IOC /⚙ 5 Sigma

Progress ADC RCE: Authenticated API Flaw Exposes LoadMaster

CVE-2026-3519 — OS Command Injection Remote Code Execution Vulnerability in API in Progress ADC Products allows an authenticated attacker with “VS Administration” permissions to execute...

vulnerabilityCVEhigh-severityremote-code-executioncwe-77
/SCW Vulnerability Desk /HIGH /8.4 /⚑ 4 IOCs /⚙ 2 Sigma

Critical RCE Flaw in Progress ADC LoadMaster Appliances

CVE-2026-3518 — OS Command Injection Remote Code Execution Vulnerability in API in Progress ADC Products allows an authenticated attacker with “All” permissions to execute arbitrary...

vulnerabilityCVEhigh-severityremote-code-executioncwe-77
/SCW Vulnerability Desk /HIGH /8.4 /⚑ 3 IOCs /⚙ 3 Sigma

Progress ADC Products Face Critical OS Command Injection RCE

CVE-2026-3517 — OS Command Injection Remote Code Execution Vulnerability in API in Progress ADC Products allows an authenticated attacker with “Geo Administration” permissions to execute...

vulnerabilityCVEhigh-severityremote-code-executioncwe-77
/SCW Vulnerability Desk /HIGH /8.4 /⚑ 4 IOCs /⚙ 3 Sigma

Attackers Exploit Trust, Not Just Systems, Weekly Threat Recap Shows

The latest threat landscape reveals attackers are increasingly 'bending trust' rather than solely breaking systems. The Hacker News reports a recurring pattern where initial access...

threat-intelvulnerabilitymalwaretools
/SCW Vulnerability Desk /HIGH /⚑ 5 IOCs

CVE-2026-6636 — P2r3 Convert Path Traversal

CVE-2026-6636 — A vulnerability was detected in p2r3 convert up to 6998584ace3e11db66dff0b423612a5cf91de75b. Affected is the function Bun.serve of the file buildCache.js of the component API....

vulnerabilityCVEmedium-severitypath-traversalcwe-22
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 3 Sigma

Rowboat Labs Tool Exposed by Improper Authentication Vulnerability

CVE-2026-6635 — A security vulnerability has been detected in rowboatlabs rowboat up to 0.1.67. This impacts the function tool_call of the file apps/experimental/tools_webhook/app.py of the...

vulnerabilityCVEhigh-severitycwe-287
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-6634 — The Function Memos_access_token Of The File Src/App.Tsx Of T Vulnerability

CVE-2026-6634 — A weakness has been identified in usememos memos up to 0.22.1. This affects the function memos_access_token of the file src/App.tsx of the component...

vulnerabilityCVEmedium-severitycwe-266cwe-285
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 2 Sigma

Attackers Disrupt Strong Authentication to Steal Credentials

The Israel National Cyber Directorate (INCD) has issued a warning regarding a sophisticated cyberattack technique that targets an organization's strong authentication mechanisms. Recently, the INCD...

INCDisraeladvisoryalert
/MEDIUM /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-20133 — Cisco Catalyst SD-WAN Manager: Cisco Catalyst SD-WAN Manager Exposure of Sensitive Information to an Unauthorized Actor Vulnerability

CVE-2026-20133 — Cisco Catalyst SD-WAN Manager contains an exposure of sensitive information to an unauthorized actor vulnerability that could allow remote attackers to view sensitive...

vulnerabilityCVEcisa-kevactively-exploited
/SCW Vulnerability Desk /HIGH /⚑ 1 IOC

CVE-2026-20128 — Cisco Catalyst SD-WAN Manager: Cisco Catalyst SD-WAN Manager Storing Passwords in a Recoverable Format Vulnerability

CVE-2026-20128 — Cisco Catalyst SD-WAN Manager contains a storing passwords in a recoverable format vulnerability that allows an authenticated, local attacker to gain DCA user...

vulnerabilityCVEcisa-kevactively-exploited
/SCW Vulnerability Desk /HIGH /⚑ 1 IOC

CVE-2026-20122 — Cisco Catalyst SD-WAN Manger: Cisco Catalyst SD-WAN Manager Incorrect Use of Privileged APIs Vulnerability

CVE-2026-20122 — Cisco Catalyst SD-WAN Manager contains an incorrect use of privileged APIs vulnerability due to improper file handling on the API interface of an...

vulnerabilityCVEcisa-kevactively-exploited
/SCW Vulnerability Desk /HIGH /⚑ 1 IOC

CVE-2025-48700 — Synacor Zimbra Collaboration Suite (ZCS): Synacor Zimbra Collaboration Suite (ZCS) Cross-site Scripting Vulnerability

CVE-2025-48700 — Synacor Zimbra Collaboration Suite (ZCS) contains a cross-site scripting vulnerability that could allow attackers to execute arbitrary JavaScript within the user's session, potentially...

vulnerabilityCVEcisa-kevactively-exploited
/SCW Vulnerability Desk /HIGH /⚑ 1 IOC

CVE-2025-32975 — Quest KACE Systems Management Appliance (SMA): Quest KACE Systems Management Appliance (SMA) Improper Authentication Vulnerability

CVE-2025-32975 — Quest KACE Systems Management Appliance (SMA) contains an improper authentication vulnerability that could allow attackers to impersonate legitimate users without valid credentials.

vulnerabilityCVEcisa-kevactively-exploited
/SCW Vulnerability Desk /HIGH /⚑ 2 IOCs

CVE-2025-2749 — Kentico Kentico Xperience: Kentico Xperience Path Traversal Vulnerability

CVE-2025-2749 — Kentico Xperience contains a path traversal vulnerability that could allow an authenticated user's Staging Sync Server to upload arbitrary data to path relative...

vulnerabilityCVEcisa-kevactively-exploited
/SCW Vulnerability Desk /HIGH /⚑ 1 IOC

CVE-2024-27199 — JetBrains TeamCity: JetBrains TeamCity Relative Path Traversal Vulnerability

CVE-2024-27199 — JetBrains TeamCity contains a relative path traversal vulnerability that could allow limited admin actions to be performed.

vulnerabilityCVEcisa-kevactively-exploited
/SCW Vulnerability Desk /HIGH /⚑ 2 IOCs

CVE-2023-27351 — PaperCut NG/MF: PaperCut NG/MF Improper Authentication Vulnerability

CVE-2023-27351 — PaperCut NG/MF contains an improper authentication vulnerability that could allow remote attackers to bypass authentication on affected installations via the SecurityRequestFilter class.

vulnerabilityCVEcisa-kevactively-exploited
/SCW Vulnerability Desk /HIGH /⚑ 1 IOC

AI Deployments Stall: Reality Bites After the Demo

Many organizations are quickly enamored by AI tools during demonstrations, where prompts land cleanly and impressive outputs are generated in seconds, creating an illusion of...

threat-intelvulnerabilitytools
/SCW Vulnerability Desk /MEDIUM

Tenda Router Vulnerability Exposes Networks to Remote Exploitation

CVE-2026-6632 — A vulnerability was identified in Tenda F451 1.0.0.7_cn_svn7958. The affected element is the function fromSafeClientFilter of the file /goform/SafeClientFilter of the component httpd....

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-120
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 1 IOC /⚙ 2 Sigma

Tenda Router Vulnerability Exposes Networks to Remote Exploitation

CVE-2026-6631 — A vulnerability was determined in Tenda F451 1.0.0.7_cn_svn7958. Impacted is the function fromwebExcptypemanFilter of the file /goform/webExcptypemanFilter of the component httpd. Executing a...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-120
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 1 IOC /⚙ 5 Sigma

Tenda Router Vulnerability: Remote Exploitable Buffer Overflow

CVE-2026-6630 — A vulnerability was found in Tenda F451 1.0.0.7_cn_svn7958. This issue affects the function fromGstDhcpSetSer of the file /goform/GstDhcpSetSer of the component httpd. Performing...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-120
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 5 IOCs /⚙ 1 Sigma

SQL Injection Flaw in MetaCRM Exposes Systems to Remote Attack

CVE-2026-6629 — A vulnerability has been found in Metasoft 美特软件 MetaCRM up to 6.4.0. This vulnerability affects the function Statement.executeUpdate of the file sql.jsp of...

vulnerabilityCVEhigh-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 3 Sigma

MCP Design Flaw Opens Door to RCE, Threatening AI Supply Chain

The Hacker News reports a critical design vulnerability within the Model Context Protocol (MCP) architecture. This flaw enables Arbitrary Command Execution (RCE) on any system...

threat-intelvulnerabilityai-security
/SCW Vulnerability Desk /HIGH /⚑ 1 IOC /⚙ 3 Sigma

CVE-2026-6628 — Phili67 Ecclesia CRM SQL Injection

CVE-2026-6628 — A flaw has been found in phili67 Ecclesia CRM up to 8.0.0. This affects the function ValidateInput of the file /v2/query/view/ of the...

vulnerabilityCVEmedium-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-6626 — Cockpit-HQ Cockpit Vulnerability

CVE-2026-6626 — A vulnerability was detected in Cockpit-HQ Cockpit up to 2.13.5. Affected by this issue is some unknown functionality of the component Asset Handler/Aggregate...

vulnerabilityCVEmedium-severitycwe-20cwe-943
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 2 Sigma

Mogu Blog Vulnerability: SSRF Allows Remote Server Takeover

CVE-2026-6625 — A security vulnerability has been detected in moxi624 Mogu Blog v2 up to 5.2. Affected by this vulnerability is the function LocalFileServiceImpl.uploadPictureByUrl of...

vulnerabilityCVEhigh-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-6621: Prototype Pollution in 1024bit extend-deep

CVE-2026-6621 — A vulnerability was determined in 1024bit extend-deep up to 0.1.6. The impacted element is an unknown function of the file index.js. This manipulation...

vulnerabilityCVEhigh-severitycwe-94cwe-1321
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-6620 — SonicCloudOrg Sonic-Server Path Traversal

CVE-2026-6620 — A vulnerability was found in SonicCloudOrg sonic-server up to 2.0.0. The affected element is the function Upload of the file FileTool.java of the...

vulnerabilityCVEmedium-severitypath-traversalcwe-22
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-6618 — Langgenius Dify Server-Side Request Forgery

CVE-2026-6618 — A flaw has been found in langgenius dify up to 1.13.3. This issue affects the function parse_openai_plugin_json_to_tool_bundle of the file api/core/tools/utils/parser.py of the...

vulnerabilityCVEmedium-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 2 IOCs /⚙ 3 Sigma

Critical Privilege Escalation in ThreatSonar Anti-Ransomware

CVE-2026-5967 — ThreatSonar Anti-Ransomware developed by TeamT5 has an Privilege Escalation vulnerability. Authenticated remote attackers with shell access can inject OS commands and execute them...

vulnerabilityCVEhigh-severityprivilege-escalationcwe-78
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 1 IOC /⚙ 3 Sigma

SKYSEA Client View: Local Privilege Escalation via Improper Permissions (CVE-2026-39454)

CVE-2026-39454 — SKYSEA Client View and SKYMEC IT Manager provided by Sky Co.,LTD. configure the installation folder with improper file access permission settings. A non-administrative...

vulnerabilityCVEhigh-severityarbitrary-file-accesscwe-276
/SCW Vulnerability Desk /HIGH /7.8 /⚑ 3 IOCs /⚙ 3 Sigma

Vercel Confirms Breach, Data Offered for $2 Million

Vercel, the company behind the popular Next.js framework, has confirmed a security breach. A hacker, claiming affiliation with the ShinyHunters group, is reportedly attempting to...

threat-intelvulnerabilitydata-breach
/SCW Vulnerability Desk /MEDIUM /⚙ 3 Sigma

CVE-2026-6617 — Langgenius Dify Server-Side Request Forgery

CVE-2026-6617 — A vulnerability was detected in langgenius dify up to 0.6.9. This vulnerability affects the function get_api_tool_provider_remote_schema of the file api/services/tools/api_tools_manage_service.py of the component...

vulnerabilityCVEmedium-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-6616 — TransformerOptimus SuperAGI Server-Side Request Forgery

CVE-2026-6616 — A security vulnerability has been detected in TransformerOptimus SuperAGI up to 0.0.14. This affects the function extract_with_bs4/extract_with_3k/extract_with_lxml of the file superagi/helper/webpage_extractor.py of the...

vulnerabilityCVEmedium-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 2 IOCs /⚙ 3 Sigma

Path Traversal in SuperAGI Exploitable Remotely

CVE-2026-6615 — A weakness has been identified in TransformerOptimus SuperAGI up to 0.0.14. Affected by this issue is the function Upload of the file superagi/controllers/resources.py...

vulnerabilityCVEhigh-severitypath-traversalcwe-22
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 4 IOCs /⚙ 2 Sigma

TeamT5 Anti-Ransomware Flaw: Path Traversal Exposes File Deletion Risk

CVE-2026-5966 — ThreatSonar Anti-Ransomware developed by TeamT5 has an Arbitrary File Deletion vulnerability. Authenticated remote attackers with web access can exploit Path Traversal to delete...

vulnerabilityCVEhigh-severitypath-traversalcwe-23
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 2 IOCs /⚙ 3 Sigma

Critical SQL Injection in Digiwin EasyFlow .NET: Read, Modify, Delete Database Contents

CVE-2026-5964 — EasyFlow .NET developed by Digiwin has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and...

vulnerabilityCVEcriticalhigh-severitysql-injectioncwe-89
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 1 IOC /⚙ 3 Sigma

Critical SQL Injection in EasyFlow .NET: Unauthenticated Database Access

CVE-2026-5963 — EasyFlow .NET developed by Digiwin has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and...

vulnerabilityCVEcriticalhigh-severitysql-injectioncwe-89
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 1 IOC /⚙ 3 Sigma

CVE-2026-41282 — ProjectDiscovery Nuclei 3 before 3.8.0 allows DSL

CVE-2026-41282 — ProjectDiscovery Nuclei 3 before 3.8.0 allows DSL expression injection. This affects use of -env-vars for multi-step templates against untrusted targets (not the default...

vulnerabilityCVEmedium-severitycwe-94
/SCW Vulnerability Desk /MEDIUM /4 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-6614 — TransformerOptimus SuperAGI Vulnerability

CVE-2026-6614 — A security flaw has been discovered in TransformerOptimus SuperAGI up to 0.0.14. Affected by this vulnerability is the function get_project/update_project/get_projects_organisation of the file...

vulnerabilityCVEmedium-severitycwe-285cwe-639
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-6613 — TransformerOptimus SuperAGI Vulnerability

CVE-2026-6613 — A vulnerability was identified in TransformerOptimus SuperAGI up to 0.0.14. Affected is the function delete_agent/stop_schedule/get_schedule_data of the file superagi/controllers/agent.py. The manipulation of the...

vulnerabilityCVEmedium-severitycwe-285cwe-639
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-6612 — A vulnerability was determined in TransformerOptimus

CVE-2026-6612 — A vulnerability was determined in TransformerOptimus SuperAGI up to 0.0.14. This impacts the function get_agent_execution/update_agent_execution of the file superagi/controllers/agent_execution.py of the component Agent...

vulnerabilityCVEmedium-severitycwe-285cwe-639
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 3 Sigma

Old Scams, New Tricks: From Fake Shipments to Zero-Days

Malwarebytes Blog highlighted a relentless wave of attacks, demonstrating that even 'old-school' scams still net victims. Phishing emails disguised as shipment notifications or iCloud storage...

malwarethreat-intelransomwarevulnerabilitydata-breachcloudmicrosoftai-security
/SCW Vulnerability Desk /HIGH /⚑ 5 IOCs

CVE-2026-6609 — Liangliangyy DjangoBlog Vulnerability

CVE-2026-6609 — A flaw has been found in liangliangyy DjangoBlog up to 2.1.0.0. The affected element is the function form_valid of the file oauth/views.py. This...

vulnerabilityCVEmedium-severitycwe-266cwe-285
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-6608 — Lm-Sys Fastchat Vulnerability

CVE-2026-6608 — A vulnerability was detected in lm-sys fastchat up to 0.2.36. Impacted is the function add_text of the component Arena Side-by-Side View Handler. The...

vulnerabilityCVEmedium-severitycwe-670
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-6607 — Lm-Sys Fastchat Vulnerability

CVE-2026-6607 — A security vulnerability has been detected in lm-sys fastchat up to 0.2.36. This issue affects the function api_generate of the component Worker API...

vulnerabilityCVEmedium-severitycwe-400cwe-404
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 3 IOCs /⚙ 5 Sigma

CVE-2026-6606: SSRF in ModelScope AgentScope Audio Processing

CVE-2026-6606 — A weakness has been identified in modelscope agentscope up to 1.0.18. This vulnerability affects the function _process_audio_block of the file src/agentscope/agent/_agent_base.py. Executing a...

vulnerabilityCVEhigh-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 4 IOCs /⚙ 3 Sigma

ModelScope AgentScope Hit by Critical SSRF Vulnerability

CVE-2026-6605 — A security flaw has been discovered in modelscope agentscope up to 1.0.18. This affects the function _get_bytes_from_web_url of the file src/agentscope/_utils/_common.py of the...

vulnerabilityCVEhigh-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 3 Sigma

Server-Side Request Forgery in ModelScope Agentscope

CVE-2026-6604 — A vulnerability was identified in modelscope agentscope up to 1.0.18. Affected by this issue is the function _parse_url/prepare_image/openai_audio_to_text of the file src/agentscope/tool/_multi_modality/_openai_tools.py of...

vulnerabilityCVEhigh-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 5 IOCs /⚙ 3 Sigma

CVE-2026-6603: Remote Code Injection in ModelScope AgentScope

CVE-2026-6603 — A vulnerability was determined in modelscope agentscope up to 1.0.18. Affected by this vulnerability is the function execute_python_code/execute_shell_command of the file src/AgentScope/tool/_coding/_python.py. This...

vulnerabilityCVEhigh-severitycwe-74cwe-94
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 2 IOCs /⚙ 3 Sigma

Hospital Management System Hit by Remote Unrestricted File Upload

CVE-2026-6602 — A vulnerability was found in rickxy Hospital Management System up to 88a4290d957dc5bdde8a56e5ad451ad14f7f90f4. Affected is an unknown function of the file /backend/admin/his_admin_account.php. The manipulation...

vulnerabilityCVEhigh-severityunrestricted-file-uploadcwe-284cwe-434
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-6601 — Lagom WHMCS Template Vulnerability

CVE-2026-6601 — A vulnerability has been found in Lagom WHMCS Template up to 2.4.2. This impacts an unknown function of the component Datatables. The manipulation...

vulnerabilityCVEmedium-severitycwe-400cwe-404
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-6599 — Langflow-Ai Langflow Vulnerability

CVE-2026-6599 — A vulnerability was detected in langflow-ai langflow up to 1.8.3. The impacted element is the function get_client_ip/install_mcp_config of the file src/backend/base/langflow/api/v1/mcp_projects.py of the...

vulnerabilityCVEmedium-severitycwe-74cwe-707
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-6598 — Langflow-Ai Langflow Vulnerability

CVE-2026-6598 — A security vulnerability has been detected in langflow-ai langflow up to 1.8.3. The affected element is the function create_project/encrypt_auth_settings of the file src/backend/base/Langflow/api/v1/projects.py...

vulnerabilityCVEmedium-severitycwe-312cwe-313
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 3 IOCs /⚙ 3 Sigma

Silex Tech Devices Vulnerable to Insecure Default Passwords

CVE-2026-32965 — Initialization of a resource with an insecure default vulnerability exists in SD-330AC and AMC Manager provided by silex technology, Inc. When the affected...

vulnerabilityCVEhigh-severitycwe-1188
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-32964 — SD-330AC and AMC Manager provided by silex technology, Inc.

CVE-2026-32964 — SD-330AC and AMC Manager provided by silex technology, Inc. contain an improper neutralization of CRLF sequences ('CRLF Injection') vulnerability. Processing some crafted configuration...

vulnerabilityCVEmedium-severitycwe-93
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 6 Sigma

CVE-2026-32963 — Cross-Site Scripting (XSS)

CVE-2026-32963 — SD-330AC and AMC Manager provided by silex technology, Inc. contain a reflected cross-site scripting vulnerability. When a user logs in to the affected...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.1 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-32962 — SD-330AC and AMC Manager provided by silex technology, Inc.

CVE-2026-32962 — SD-330AC and AMC Manager provided by silex technology, Inc. contain a missing authentication for critical function issue. The device configuration may be altered...

vulnerabilityCVEmedium-severitycwe-306
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-32961 — Buffer Overflow

CVE-2026-32961 — SD-330AC and AMC Manager provided by silex technology, Inc. contain a heap-based buffer overflow vulnerability in packet data processing of sx_smpd. Processing a...

vulnerabilityCVEmedium-severitybuffer-overflowcwe-122
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-32960 — SD-330AC and AMC Manager provided by silex technology, Inc.

CVE-2026-32960 — SD-330AC and AMC Manager provided by silex technology, Inc. contain an issue with a sensitive information in resource not removed before reuse. An...

vulnerabilityCVEmedium-severitycwe-226
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-32959 — SD-330AC and AMC Manager provided by silex technology, Inc.

CVE-2026-32959 — SD-330AC and AMC Manager provided by silex technology, Inc. contain an issue with a use of a broken or risky cryptographic algorithm. Information...

vulnerabilityCVEmedium-severitycwe-327
/SCW Vulnerability Desk /MEDIUM /5.9 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-32957 — Arbitrary File Access

CVE-2026-32957 — SD-330AC and AMC Manager provided by silex technology, Inc. contain a missing authentication for critical function issue on firmware maintenance. Arbitrary file may...

vulnerabilityCVEmedium-severityarbitrary-file-accesscwe-306
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 3 Sigma

CRITICAL: Silex Technology Devices Vulnerable to Remote Code Execution

CVE-2026-32956 — SD-330AC and AMC Manager provided by silex technology, Inc. contain a heap-based buffer overflow vulnerability in processing the redirect URLs. Arbitrary code may...

vulnerabilityCVEcriticalhigh-severitybuffer-overflowcwe-122
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 3 IOCs /⚙ 5 Sigma

High-Severity Buffer Overflow Hits Silex SD-330AC and AMC Manager

CVE-2026-32955 — SD-330AC and AMC Manager provided by silex technology, Inc. contain a stack-based buffer overflow vulnerability in processing the redirect URLs. Arbitrary code may...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-121
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 5 Sigma

Vercel Breach: Context.ai Compromise Exposes Customer Credentials

Web infrastructure provider Vercel has disclosed a security breach, allowing unauthorized access to internal systems. The Hacker News reports that the incident originated from the...

threat-intelvulnerabilitydata-breachidentityai-securitytools
/SCW Vulnerability Desk /MEDIUM /⚑ 3 IOCs /⚙ 3 Sigma

High-Severity Unrestricted File Upload in Langflow AI

CVE-2026-6596 — A security flaw has been discovered in langflow-ai langflow up to 1.1.0. This issue affects the function create_upload_file of the file src/backend/base/Langflow/api/v1/endpoints.py of...

vulnerabilityCVEhigh-severityunrestricted-file-uploadcwe-284cwe-434
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 3 Sigma

Unpatched SQLi in School Management System Puts Student Data at Risk

CVE-2026-6595 — A vulnerability was identified in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. This vulnerability affects unknown code of the file buslocation.php of the...

vulnerabilityCVEhigh-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-6594: brikcss merge Prototype Pollution Vulnerability

CVE-2026-6594 — A vulnerability was determined in brikcss merge up to 1.3.0. This affects an unknown part. Executing a manipulation of the argument __proto__/constructor.prototype/prototype can...

vulnerabilityCVEhigh-severitycwe-94cwe-1321
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-6591 — ComfyUI Path Traversal

CVE-2026-6591 — A flaw has been found in ComfyUI up to 0.13.0. Affected is the function folder_paths.get_annotated_filepath of the file folder_paths.py of the component LoadImage...

vulnerabilityCVEmedium-severitypath-traversalcwe-22
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-6590 — ComfyUI Path Traversal

CVE-2026-6590 — A vulnerability was detected in ComfyUI up to 0.13.0. This impacts the function get_model_preview of the file app/model_manager.py of the component Model Preview...

vulnerabilityCVEmedium-severitypath-traversalcwe-22
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-6589 — ComfyUI Vulnerability

CVE-2026-6589 — A security vulnerability has been detected in ComfyUI up to 0.13.0. This affects the function create_origin_only_middleware of the file server.py. The manipulation leads...

vulnerabilityCVEmedium-severitycwe-352cwe-862
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-6588 — A weakness has been identified in serge-chat serge up to

CVE-2026-6588 — A weakness has been identified in serge-chat serge up to 1.4TB. The impacted element is the function download_model/delete_model of the file api/src/serge/routers/model.py of...

vulnerabilityCVEmedium-severitycwe-287cwe-306
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 3 IOCs

CVE-2026-6587 — Vibrantlabsai RAGAS Server-Side Request Forgery

CVE-2026-6587 — A security flaw has been discovered in vibrantlabsai RAGAS up to 0.4.3. The affected element is the function _try_process_local_file/_try_process_url of the file src/ragas/metrics/collections/multi_modal_faithfulness/util.py...

vulnerabilityCVEmedium-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-6586 — TransformerOptimus SuperAGI Vulnerability

CVE-2026-6586 — A vulnerability was identified in TransformerOptimus SuperAGI up to 0.0.14. Impacted is the function get_budget/update_budget of the file superagi/controllers/budget.py of the component Budget...

vulnerabilityCVEmedium-severitycwe-285cwe-639
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-6585 — The Function Update_organisation Of The File Superagi/Contro Vulnerability

CVE-2026-6585 — A vulnerability was determined in TransformerOptimus SuperAGI up to 0.0.14. This issue affects the function update_organisation of the file superagi/controllers/organisation.py of the component...

vulnerabilityCVEmedium-severitycwe-285cwe-639
/SCW Vulnerability Desk /MEDIUM /5.4 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-6584 — TransformerOptimus SuperAGI Vulnerability

CVE-2026-6584 — A vulnerability was found in TransformerOptimus SuperAGI up to 0.0.14. This vulnerability affects the function update_user of the file superagi/controllers/user.py of the component...

vulnerabilityCVEmedium-severitycwe-285cwe-639
/SCW Vulnerability Desk /MEDIUM /5.4 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-6583 — TransformerOptimus SuperAGI Vulnerability

CVE-2026-6583 — A vulnerability has been found in TransformerOptimus SuperAGI up to 0.0.14. This affects the function delete_api_key/edit_api_key of the file superagi/controllers/api_key.py of the component...

vulnerabilityCVEmedium-severitycwe-285cwe-639
/SCW Vulnerability Desk /MEDIUM /5.4 /⚑ 3 IOCs /⚙ 3 Sigma

Unauthenticated Access in TransformerOptimus SuperAGI Vector DB

CVE-2026-6582 — A flaw has been found in TransformerOptimus SuperAGI up to 0.0.14. Affected by this issue is the function get_vector_db_details of the file superagi/controllers/vector_dbs.py...

vulnerabilityCVEhigh-severitycwe-287cwe-306
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 4 IOCs /⚙ 2 Sigma

H3C Magic B1 Routers Exposed: Critical Buffer Overflow Publicly Exploitable

CVE-2026-6581 — A vulnerability was detected in H3C Magic B1 up to 100R004. Affected by this vulnerability is the function SetMobileAPInfoById of the file /goform/aspForm....

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-120
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-6580: Hard-Coded Crypto Key in DjangoBlog

CVE-2026-6580 — A security vulnerability has been detected in liangliangyy DjangoBlog up to 2.1.0.0. Affected is an unknown function of the file owntracks/views.py of the...

vulnerabilityCVEhigh-severitycwe-320cwe-321
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 4 IOCs /⚙ 2 Sigma

CVE-2026-6579 — A weakness has been identified in liangliangyy DjangoBlog

CVE-2026-6579 — A weakness has been identified in liangliangyy DjangoBlog up to 2.1.0.0. This impacts an unknown function of the file blog/views.py of the component...

vulnerabilityCVEmedium-severitycwe-287cwe-306
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-6578 — Liangliangyy DjangoBlog Vulnerability

CVE-2026-6578 — A security flaw has been discovered in liangliangyy DjangoBlog up to 2.1.0.0. This affects an unknown function of the file djangoblog/settings.py of the...

vulnerabilityCVEmedium-severitycwe-259cwe-798
/SCW Vulnerability Desk /MEDIUM /5.6 /⚑ 3 IOCs /⚙ 2 Sigma

DjangoBlog Faces High-Severity Authentication Bypass

CVE-2026-6577 — A vulnerability was identified in liangliangyy DjangoBlog up to 2.1.0.0. The impacted element is an unknown function of the file owntracks/views.py of the...

vulnerabilityCVEhigh-severitycwe-287cwe-306
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-6576 — Command Injection

CVE-2026-6576 — A vulnerability was determined in liangliangyy DjangoBlog up to 2.1.0.0. The affected element is the function CommandHandler of the file servermanager/api/commonapi.py of the...

vulnerabilityCVEmedium-severitycommand-injectioncwe-74cwe-77
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-6574: Hardcoded Credentials in osuuu LightPicture API

CVE-2026-6574 — A vulnerability has been found in osuuu LightPicture up to 1.2.2. This issue affects some unknown processing of the file /public/install/lp.sql of the...

vulnerabilityCVEhigh-severitycwe-259cwe-798
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-6573 — PHPEMS Server-Side Request Forgery

CVE-2026-6573 — A vulnerability was detected in PHPEMS 11.0. This affects the function temppage of the file /app/exam/controller/exams.master.php of the component Instant Exam Creation Handler....

vulnerabilityCVEmedium-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-6572 — Collabora KodExplorer Vulnerability

CVE-2026-6572 — A security vulnerability has been detected in Collabora KodExplorer up to 4.52. Affected by this issue is some unknown functionality of the file...

vulnerabilityCVEmedium-severitycwe-266cwe-285
/SCW Vulnerability Desk /MEDIUM /5.6 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-6571 — A weakness has been identified in kodcloud KodExplorer up

CVE-2026-6571 — A weakness has been identified in kodcloud KodExplorer up to 4.52. Affected by this vulnerability is the function roleGroupAction of the file /app/controller/systemRole.class.php....

vulnerabilityCVEmedium-severitycwe-285cwe-639
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 2 Sigma

KodExplorer Vulnerability Exposes File Access to Unauthenticated Attackers

CVE-2026-6569 — A vulnerability was identified in kodcloud KodExplorer up to 4.52. This impacts the function fileGet of the file /app/controller/share.class.php of the component fileGet...

vulnerabilityCVEhigh-severitycwe-287
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 5 IOCs /⚙ 6 Sigma

KodExplorer Path Traversal: Remote Exploitation Possible

CVE-2026-6568 — A vulnerability was determined in kodcloud KodExplorer up to 4.52. This affects the function share.class.php::initShareOld of the file /app/controller/share.class.php of the component Public...

vulnerabilityCVEhigh-severitypath-traversalcwe-22
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 5 IOCs /⚙ 3 Sigma

CVE-2026-6564 — EMQ EMQX Enterprise Vulnerability

CVE-2026-6564 — A vulnerability was found in EMQ EMQX Enterprise up to 6.1.0. The impacted element is an unknown function of the component Session Handling....

vulnerabilityCVEmedium-severitycwe-266cwe-285
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 3 IOCs /⚙ 2 Sigma

H3C Magic B1 Hit by Remotely Exploitable Buffer Overflow

CVE-2026-6563 — A vulnerability has been found in H3C Magic B1 up to 100R004. The affected element is the function SetAPWifiorLedInfoById of the file /goform/aspForm....

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-120
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 4 IOCs /⚙ 5 Sigma

Unpatched SQLi in dameng100 muucmf 1.9.5.20260309: Remote Exploit Available

CVE-2026-6562 — A flaw has been found in dameng100 muucmf 1.9.5.20260309. Impacted is the function getListByPage of the file /index/Search/index.html. Executing a manipulation of the...

vulnerabilityCVEhigh-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-6561 — EyouCMS Unrestricted File Upload

CVE-2026-6561 — A vulnerability was detected in EyouCMS up to 1.7.1. This issue affects the function edit_adminlogo of the file application/admin/controller/Index.php. Performing a manipulation of...

vulnerabilityCVEmedium-severityunrestricted-file-uploadcwe-284cwe-434
/SCW Vulnerability Desk /MEDIUM /4.7 /⚑ 3 IOCs /⚙ 2 Sigma

H3C Magic B0 Routers Vulnerable to Remote Buffer Overflow

CVE-2026-6560 — A security vulnerability has been detected in H3C Magic B0 up to 100R002. This vulnerability affects the function Edit_BasicSSID of the file /goform/aspForm....

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-120
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-6559 — The Function Sub_401F80 Of The File /Cgi-Bin/Login.Cgi Vulnerability

CVE-2026-6559 — A weakness has been identified in Wavlink WL-WN579A3 220323. This affects the function sub_401F80 of the file /cgi-bin/login.cgi. This manipulation of the argument...

vulnerabilityCVEmedium-severitycwe-79cwe-94
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-0868 — Cross-Site Scripting (XSS)

CVE-2026-0868 — The EMC – Easily Embed Calendly Scheduling Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's calendly shortcode in...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-2986 — Cross-Site Scripting (XSS)

CVE-2026-2986 — The Contextual Related Posts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'other_attributes' parameter in versions up to, and including,...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-2505 — Cross-Site Scripting (XSS)

CVE-2026-2505 — The Categories Images plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 3.3.1, via the 'z_taxonomy_image' shortcode....

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /5.4 /⚑ 2 IOCs

CVE-2026-0894 — Cross-Site Scripting (XSS)

CVE-2026-0894 — The Content Blocks (Custom Post Widget) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's content_block shortcode in all versions...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs /⚙ 2 Sigma

Sanctioned Grinex Exchange Shuts Down After $13.74M Hack

Grinex, a cryptocurrency exchange incorporated in Kyrgyzstan, has suspended operations following a reported $13.74 million cyberattack. The exchange, which was sanctioned by both the U.K....

threat-intelvulnerabilitymicrosoft
/SCW Vulnerability Desk /MEDIUM /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-41254 — Integer Overflow

CVE-2026-41254 — Little CMS (lcms2) through 2.18 has an integer overflow in CubeSize in cmslut.c because the overflow check is performed after the multiplication.

vulnerabilityCVEmedium-severityinteger-overflowcwe-696
/SCW Vulnerability Desk /MEDIUM /4 /⚑ 2 IOCs /⚙ 1 Sigma

CVE-2026-41253 — Code Execution

CVE-2026-41253 — In iTerm2 through 3.6.9, displaying a .txt file can cause code execution via DCS 2000p and OSC 135 data, if the working directory...

vulnerabilityCVEmedium-severitycode-executioncwe-829
/SCW Vulnerability Desk /MEDIUM /6.9 /⚑ 2 IOCs /⚙ 2 Sigma

Mirai Botnet Variants Target TBK DVRs via CVE-2024-3721

Mirai botnet variants, including Nexcorium, are actively exploiting a command injection vulnerability (CVE-2024-3721) in TBK DVR devices. This flaw, rated medium severity, allows attackers to...

threat-intelvulnerabilitymalwarecloud
/SCW Vulnerability Desk /HIGH /⚑ 1 IOC /⚙ 3 Sigma

WordPress Plugin RCE: CMP Coming Soon & Maintenance Vulnerability

CVE-2026-6518 — The CMP – Coming Soon & Maintenance Plugin by NiteoThemes plugin for WordPress is vulnerable to arbitrary file upload and remote code execution...

vulnerabilityCVEhigh-severityremote-code-executioncwe-434
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 5 IOCs /⚙ 3 Sigma

CVE-2026-6048 — Cross-Site Scripting (XSS)

CVE-2026-6048 — The Flipbox Addon for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Flipbox widget's button URL `custom_attributes` field in...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-4801 — Cross-Site Scripting (XSS)

CVE-2026-4801 — The Page Builder Gutenberg Blocks – CoBlocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via external iCal feed data in all...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs /⚙ 3 Sigma

Critical Heap Overflow in SAIL TGA Codec (CVE-2026-40494)

CVE-2026-40494 — SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit 45d48d1f2e8e0d73e80bc1fd5310cb57f4547302, the...

vulnerabilityCVEcriticalhigh-severitycwe-787
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 3 IOCs /⚙ 3 Sigma

Critical Heap Overflow in SAIL Image Library (CVE-2026-40493)

CVE-2026-40493 — SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit c930284445ea3ff94451ccd7a57c999eca3bc979, the...

vulnerabilityCVEcriticalhigh-severitybuffer-overflowcwe-787
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 3 IOCs /⚙ 3 Sigma

Critical SAIL Library Bug: Memory Corruption Threat in Image Processing

CVE-2026-40492 — SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit 36aa5c7ec8a2bb35f6fb867a1177a6f141156b02, the...

vulnerabilityCVEcriticalhigh-severitycwe-787
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-40491 — Remote Code Execution

CVE-2026-40491 — gdown is a Google Drive public file/folder downloader. Versions prior to 5.2.2 are vulnerable to a Path Traversal attack within the extractall functionality....

vulnerabilityCVEmedium-severityremote-code-executioncwe-22
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-40490 — Open Redirect

CVE-2026-40490 — The AsyncHttpClient (AHC) library allows Java applications to easily execute HTTP requests and asynchronously process HTTP responses. When redirect following is enabled (followRedirect(true)),...

vulnerabilityCVEmedium-severityopen-redirectcwe-200
/SCW Vulnerability Desk /MEDIUM /6.8 /⚑ 2 IOCs /⚙ 3 Sigma

Postiz AI Tool Vulnerability Allows Account Takeover via XSS

CVE-2026-40487 — Postiz is an AI social media scheduling tool. Prior to version 2.21.6, a file upload validation bypass allows any authenticated user to upload...

vulnerabilityCVEhigh-severitycross-site-scripting-xsscwe-79cwe-345cwe-434
/SCW Vulnerability Desk /HIGH /8.9 /⚑ 5 IOCs /⚙ 7 Sigma

Emissary Workflow Engine Vulnerable to OS Command Injection

CVE-2026-35582 — Emissary is a P2P based data-driven workflow engine. In versions 8.42.0 and below, Executrix.getCommand() is vulnerable to OS command injection because it interpolates...

vulnerabilityCVEhigh-severitycommand-injectioncwe-78cwe-116
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-1838 — Cross-Site Scripting (XSS)

CVE-2026-1838 — The Hostel plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'shortcode_id' parameter in all versions up to, and including, 1.1.6...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.1 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-1559 — Cross-Site Scripting (XSS)

CVE-2026-1559 — The Youzify plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'checkin_place_id' parameter in all versions up to, and including, 1.3.6...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs /⚙ 3 Sigma

Critical NovumOS Flaw: Kernel Takeover via Memory Mapping

CVE-2026-40572 — NovumOS is a custom 32-bit operating system written in Zig and x86 Assembly. In versions prior to 0.24, Syscall 15 (MemoryMapRange) allows Ring...

vulnerabilityCVEcriticalhigh-severityprivilege-escalationcwe-269
/SCW Vulnerability Desk /CRITICAL /9 /⚑ 4 IOCs /⚙ 2 Sigma

Movary Flaw Allows Admin Account Creation, High-Severity Risk

CVE-2026-40350 — Movary is a self hosted web app to track and rate a user's watched movies. Prior to version 0.71.1, an ordinary authenticated user...

vulnerabilityCVEhigh-severitycwe-863
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 4 IOCs /⚙ 3 Sigma

Critical Flaw in NovumOS Allows Kernel Privilege Escalation

CVE-2026-40317 — NovumOS is a custom 32-bit operating system written in Zig and x86 Assembly. In versions prior to 0.24, Syscall 12 (JumpToUser) accepts an...

vulnerabilityCVEcriticalhigh-severityprivilege-escalationcwe-20cwe-269
/SCW Vulnerability Desk /CRITICAL /9.3 /⚑ 4 IOCs /⚙ 2 Sigma

SecureDrop Client RCE: Server Compromise Leads to VM Takeover

CVE-2026-35465 — SecureDrop Client is a desktop app for journalists to securely communicate with sources and handle submissions on the SecureDrop Workstation. In versions 0.17.4...

vulnerabilityCVEhigh-severitycode-executioncwe-36cwe-73
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 3 IOCs /⚙ 3 Sigma

ChurchCRM Flaw: Data Deletion Via CSRF

CVE-2026-40581 — ChurchCRM is an open-source church management system. In versions prior to 7.2.0, the family record deletion endpoint (SelectDelete.php) performs permanent, irreversible deletion of...

vulnerabilityCVEhigh-severitycwe-352cwe-862
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-40485 — ChurchCRM is an open-source church management system. In

CVE-2026-40485 — ChurchCRM is an open-source church management system. In versions prior to 7.2.0, the public API login endpoint (/api/public/user/login) returns distinguishable HTTP response codes...

vulnerabilityCVEmedium-severitycwe-204cwe-307
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 3 IOCs /⚙ 2 Sigma

ChurchCRM RCE: Unauthenticated Admin Exploit via Backup Restore

CVE-2026-40484 — ChurchCRM is an open-source church management system. In versions prior to 7.2.0, the database backup restore functionality extracts uploaded archive contents and copies...

vulnerabilityCVEcriticalhigh-severityremote-code-executioncwe-269cwe-434cwe-552
/SCW Vulnerability Desk /CRITICAL /9.1 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-40483 — Cross-Site Scripting (XSS)

CVE-2026-40483 — ChurchCRM is an open-source church management system. In versions prior to 7.2.0, the Pledge Editor renders donation comment values directly into HTML input...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79cwe-116
/SCW Vulnerability Desk /MEDIUM /5.4 /⚑ 3 IOCs /⚙ 3 Sigma

Movary Admin Escalation: A Simple Patch, A Critical Flaw

CVE-2026-40349 — Movary is a self hosted web app to track and rate a user's watched movies. Prior to version 0.71.1, an ordinary authenticated user...

vulnerabilityCVEhigh-severitycwe-862
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 4 IOCs /⚙ 3 Sigma

Movary SSRF: Authenticated Users Can Probe Internal Networks

CVE-2026-40348 — Movary is a self hosted web app to track and rate a user's watched movies. Prior to version 0.71.1, an ordinary authenticated user...

vulnerabilityCVEhigh-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /HIGH /7.7 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-40347 — Denial of Service

CVE-2026-40347 — Python-Multipart is a streaming multipart parser for Python. Versions prior to 0.0.26 have a denial of service vulnerability when parsing crafted `multipart/form-data` requests...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-400cwe-834
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 3 IOCs /⚙ 1 Sigma

CVE-2026-40340 — Out-of-Bounds $1

CVE-2026-40340 — libgphoto2 is a camera access and control library. Versions up to and including 2.5.33 have an out-of-bounds read vulnerability in `ptp_unpack_OI()` in `camlibs/ptp2/ptp-pack.c`...

vulnerabilityCVEmedium-severityout-of-bounds-1cwe-125
/SCW Vulnerability Desk /MEDIUM /6.1 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-40339 — Out-of-Bounds $1

CVE-2026-40339 — libgphoto2 is a camera access and control library. Versions up to and including 2.5.33 have an out-of-bounds read in `ptp_unpack_Sony_DPD()` in `camlibs/ptp2/ptp-pack.c` (line...

vulnerabilityCVEmedium-severityout-of-bounds-1cwe-125
/SCW Vulnerability Desk /MEDIUM /5.2 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-40338 — Out-of-Bounds $1

CVE-2026-40338 — libgphoto2 is a camera access and control library. Versions up to and including 2.5.33 have an out-of-bounds read in the PTP_DPFF_Enumeration case of...

vulnerabilityCVEmedium-severityout-of-bounds-1cwe-125
/SCW Vulnerability Desk /MEDIUM /5.2 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-40337 — Denial of Service

CVE-2026-40337 — The Sentry kernel is a high security level micro-kernel implementation made for high security embedded systems. A given task with one of the...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-283
/SCW Vulnerability Desk /MEDIUM /5.1 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-40335 — Out-of-Bounds $1

CVE-2026-40335 — libgphoto2 is a camera access and control library. Versions up to and including 2.5.33 have an out-of-bounds read in `ptp_unpack_DPV()` in `camlibs/ptp2/ptp-pack.c` (lines...

vulnerabilityCVEmedium-severityout-of-bounds-1cwe-125
/SCW Vulnerability Desk /MEDIUM /5.2 /⚑ 2 IOCs /⚙ 1 Sigma

CVE-2026-40333 — libgphoto2 is a camera access and control library. In

CVE-2026-40333 — libgphoto2 is a camera access and control library. In versions up to and including 2.5.33, two functions in camlibs/ptp2/ptp-pack.c accept a data pointer...

vulnerabilityCVEmedium-severitycwe-125
/SCW Vulnerability Desk /MEDIUM /6.1 /⚑ 2 IOCs /⚙ 6 Sigma

Critical Hot Chocolate GraphQL Server DoS Vulnerability

CVE-2026-40324 — Hot Chocolate is an open-source GraphQL server. Prior to versions 12.22.7, 13.9.16, 14.3.1, and 15.1.14, Hot Chocolate's recursive descent parser `Utf8GraphQLParser` has no...

vulnerabilityCVEcriticalhigh-severitycwe-674
/SCW Vulnerability Desk /CRITICAL /9.1 /⚑ 4 IOCs /⚙ 2 Sigma

WordPress Plugin Exposes Sensitive Customer Data

CVE-2026-2262 — The Easy Appointments plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.12.21 via the `/wp-json/wp/v2/eablocks/ea_appointments/`...

vulnerabilityCVEhigh-severitycwe-200
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-40486 — Kimai is an open-source time tracking application. In

CVE-2026-40486 — Kimai is an open-source time tracking application. In versions 2.52.0 and below, the User Preferences API endpoint (PATCH /api/users/{id}/preferences) applies submitted preference values...

vulnerabilityCVEmedium-severitycwe-915
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-40479 — Cross-Site Scripting (XSS)

CVE-2026-40479 — Kimai is an open-source time tracking application. In versions 1.16.3 through 2.52.0, the escapeForHtml() function in KimaiEscape.js does not escape double quote or...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /5.4 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-2434 — Cross-Site Scripting (XSS)

CVE-2026-2434 — The Pz-LinkCard plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'blogcard' shortcode attributes in all versions up to, and including,...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs /⚙ 5 Sigma

Critical Thymeleaf Vulnerability Bypasses Injection Protections

CVE-2026-40478 — Thymeleaf is a server-side Java template engine for web and standalone environments. Versions 3.1.3.RELEASE and prior contain a security bypass vulnerability in the...

vulnerabilityCVEcriticalhigh-severitycwe-917cwe-1336
/SCW Vulnerability Desk /CRITICAL /9 /⚑ 3 IOCs /⚙ 3 Sigma

Critical Thymeleaf Vulnerability Bypasses Injection Protections

CVE-2026-40477 — Thymeleaf is a server-side Java template engine for web and standalone environments. Versions 3.1.3.RELEASE and prior contain a security bypass vulnerability in the...

vulnerabilityCVEcriticalhigh-severitycwe-917cwe-1336
/SCW Vulnerability Desk /CRITICAL /9 /⚑ 3 IOCs /⚙ 3 Sigma

wger Fitness Manager: Auth Bypass Grants Global Config Control

CVE-2026-40474 — wger is a free, open-source workout and fitness manager. In versions 2.5 and below, the GymConfigUpdateView declares permission_required = 'config.change_gymconfig' but inherits WgerFormMixin...

vulnerabilityCVEhigh-severityprivilege-escalationcwe-284cwe-862
/SCW Vulnerability Desk /HIGH /7.6 /⚑ 3 IOCs /⚙ 3 Sigma

FastGPT NoSQL Injection: Account Takeover Risk

CVE-2026-40352 — FastGPT is an AI Agent building platform. In versions prior to 4.14.9.5, the password change endpoint is vulnerable to NoSQL injection. An authenticated...

vulnerabilityCVEhigh-severitysql-injectioncwe-943
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 3 Sigma

Critical NoSQL Injection in FastGPT Allows Root Admin Takeover

CVE-2026-40351 — FastGPT is an AI Agent building platform. In versions prior to 4.14.9.5, the password-based login endpoint uses TypeScript type assertion without runtime validation,...

vulnerabilityCVEcriticalhigh-severitysql-injectioncwe-943
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 3 IOCs

High-Severity XSS in DNN CMS Demands Immediate Patching

CVE-2026-40321 — DNN (formerly DotNetNuke) is an open-source web content management platform (CMS) in the Microsoft ecosystem. Prior to version 10.2.2, a user could upload...

vulnerabilityCVEhigh-severitycwe-87
/SCW Vulnerability Desk /HIGH /8 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-40305 — DNN (formerly DotNetNuke) is an open-source web content

CVE-2026-40305 — DNN (formerly DotNetNuke) is an open-source web content management platform (CMS) in the Microsoft ecosystem. Starting in version 6.0.0 and prior to version...

vulnerabilityCVEmedium-severitycwe-285
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-40304 — zrok is software for sharing web services, files, and

CVE-2026-40304 — zrok is software for sharing web services, files, and network resources. Prior to version 2.0.1, the unaccess handler (controller/unaccess.go) contains a logical error...

vulnerabilityCVEmedium-severitycwe-284cwe-863
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 3 IOCs /⚙ 2 Sigma

Critical Path Traversal in Gramps Web API Puts Data at Risk

CVE-2026-40258 — The Gramps Web API is a Python REST API for the genealogical research software Gramps. Versions 1.6.0 through 3.11.0 have a path traversal...

vulnerabilityCVEcriticalhigh-severitypath-traversalcwe-22
/SCW Vulnerability Desk /CRITICAL /9.1 /⚑ 4 IOCs /⚙ 3 Sigma

Radare2 Command Injection Flaw Exposes Analysis Workflow

CVE-2026-40527 — radare2 prior to commit bc5a890 contains a command injection vulnerability in the afsv/afsvj command path where crafted ELF binaries can embed malicious r2...

vulnerabilityCVEhigh-severitycommand-injectioncwe-78
/SCW Vulnerability Desk /HIGH /7.8 /⚑ 5 IOCs /⚙ 3 Sigma

zrok Heap Overflow: Unauthenticated DoS Risk

CVE-2026-40303 — zrok is software for sharing web services, files, and network resources. Prior to version 2.0.1, endpoints.GetSessionCookie parses an attacker-supplied cookie chunk count and...

vulnerabilityCVEhigh-severitycwe-400cwe-789
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-40302 — zrok is software for sharing web services, files, and

CVE-2026-40302 — zrok is software for sharing web services, files, and network resources. Prior to version 2.0.1, the proxyUi template engine uses Go's text/template (which...

vulnerabilityCVEmedium-severitycwe-79cwe-116
/SCW Vulnerability Desk /MEDIUM /6.1 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-40301 — DOMSanitizer is a DOM/SVG/MathML Sanitizer for PHP 7.3+.

CVE-2026-40301 — DOMSanitizer is a DOM/SVG/MathML Sanitizer for PHP 7.3+. Prior to version 1.0.10, DOMSanitizer::sanitize() allows elements in SVG content but never inspects their text...

vulnerabilityCVEmedium-severitycwe-79
/SCW Vulnerability Desk /MEDIUM /4.7 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-40293 — OpenFGA is an authorization/permission engine built for

CVE-2026-40293 — OpenFGA is an authorization/permission engine built for developers. In versions 0.1.4 through 1.13.1, when OpenFGA is configured to use preshared-key authentication with the...

vulnerabilityCVEmedium-severitycwe-200
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 2 Sigma

WeGIA Web Manager: Stored XSS Puts Charitable Institutions at Risk

CVE-2026-40286 — WeGIA is a web manager for charitable institutions. In versions prior to 3.6.10, a Stored Cross-Site Scripting (XSS) vulnerability was identified in the...

vulnerabilityCVEhigh-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 3 IOCs /⚙ 3 Sigma

WeGIA SQLi: Authenticated Users Can Impersonate Others

CVE-2026-40285 — WeGIA is a web manager for charitable institutions. Versions prior to 3.6.10 contain a SQL injection vulnerability in dao/memorando/UsuarioDAO.php. The cpf_usuario POST parameter...

vulnerabilityCVEhigh-severitysql-injectioncwe-89cwe-302cwe-473
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 4 IOCs /⚙ 2 Sigma

CVE-2026-40284 — Other Users Cross-Site Scripting (XSS)

CVE-2026-40284 — WeGIA is a web manager for charitable institutions. In versions prior to 3.6.10, a Stored Cross-Site Scripting (XSS) vulnerability allows an authenticated user...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.8 /⚑ 2 IOCs /⚙ 3 Sigma

HomeBox API Flaw Bypasses Access Controls

CVE-2026-40196 — HomeBox is a home inventory and organization system. Versions prior to 0.25.0 contain a vulnerability where the defaultGroup ID remained permanently assigned to...

vulnerabilityCVEhigh-severitycwe-708
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-40155 — The Auth0 Next.js SDK is a library for implementing user

CVE-2026-40155 — The Auth0 Next.js SDK is a library for implementing user authentication in Next.js applications. In versions 4.12.0 through 4.17.1, simultaneous requests that trigger...

vulnerabilityCVEmedium-severitycwe-362cwe-863
/SCW Vulnerability Desk /MEDIUM /5.4 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-33145 — xrdp is an open source RDP server. Versions through 0.10.5

CVE-2026-33145 — xrdp is an open source RDP server. Versions through 0.10.5 allow an authenticated remote user to execute arbitrary commands on the server due...

vulnerabilityCVEmedium-severitycwe-78
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 2 IOCs /⚙ 2 Sigma

Anviz CX2/CX7 Vulnerability: Unauthenticated Debug Access

CVE-2026-40461 — Anviz CX2 Lite and CX7 are vulnerable to unauthenticated POST requests that modify debug settings (e.g., enabling SSH), allowing unauthorized state changes that can facilitate...

vulnerabilityCVEhigh-severitycwe-306
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 1 IOC /⚙ 2 Sigma

Anviz CrossChex Vulnerability Allows Network Packet Injection

CVE-2026-40434 — Anviz CrossChex Standard lacks source verification in the client/server channel, enabling TCP packet injection by an attacker on the same network to alter...

vulnerabilityCVEhigh-severitycwe-940
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 1 IOC /⚙ 3 Sigma

Firebird Database Vulnerability Allows RCE via Path Traversal

CVE-2026-40342 — Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, the external engine plugin loader concatenates a...

vulnerabilityCVEcriticalhigh-severitycode-executioncwe-22cwe-73cwe-94cwe-427
/SCW Vulnerability Desk /CRITICAL /9.9 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-40283 — Cross-Site Scripting (XSS)

CVE-2026-40283 — WeGIA is a web manager for charitable institutions. In versions prior to 3.6.10, a Stored Cross-Site Scripting (XSS) vulnerability allows an authenticated user...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.8 /⚑ 2 IOCs /⚙ 1 Sigma

Anviz Devices Leak Remote Code Execution via Unverified Updates

CVE-2026-40066 — Anviz CX2 Lite and CX7 are vulnerable to unverified update packages that can be uploaded. The device unpacks and executes a script resulting in unauthenticated...

vulnerabilityCVEhigh-severitycode-executioncwe-494
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 3 Sigma

Anviz CX2 Lite Vulnerable to Root-Level Command Injection

CVE-2026-35682 — Anviz CX2 Lite is vulnerable to an authenticated command injection via a filename parameter that enables arbitrary command execution (e.g., starting telnetd), resulting in...

vulnerabilityCVEhigh-severitycommand-injectioncwe-77
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 3 Sigma

Anviz Devices Exposed: Critical Firmware Upload Vulnerability Allows Remote Code Execution

CVE-2026-35546 — Anviz CX2 Lite and CX7 are vulnerable to unauthenticated firmware uploads. This causes crafted archives to be accepted, enabling attackers to plant and execute code...

vulnerabilityCVEcriticalhigh-severitycwe-306
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 1 IOC /⚙ 4 Sigma

Firebird DB Division by Zero Vulnerability Crashes Servers

CVE-2026-35215 — Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, the sdl_desc() function does not validate the...

vulnerabilityCVEhigh-severitycwe-369
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 5 IOCs /⚙ 2 Sigma

Firebird Vulnerability: Unauthenticated Crash via Crafted Packet

CVE-2026-34232 — Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, the xdr_status_vector() function does not handle the...

vulnerabilityCVEhigh-severitycwe-228
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 2 IOCs /⚙ 1 Sigma

CVE-2026-33093 — Anviz CX7 Firmware is vulnerable to an unauthenticated POST

CVE-2026-33093 — Anviz CX7 Firmware is vulnerable to an unauthenticated POST to the device that captures a photo with the front facing camera, exposing visual information...

vulnerabilityCVEmedium-severitycwe-862
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 1 Sigma

Anviz CrossChex Standard: Plaintext Credentials Exposed via TDS7 Flaw

CVE-2026-32650 — Anviz CrossChex Standard is vulnerable when an attacker manipulates the TDS7 PreLogin to disable encryption, causing database credentials to be sent in plaintext and...

vulnerabilityCVEhigh-severitycwe-757
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-32648 — Anviz CX2 Lite and CX7 are vulnerable to unauthenticated

CVE-2026-32648 — Anviz CX2 Lite and CX7 are vulnerable to unauthenticated access that discloses debug configuration details (e.g., SSH/RTTY status), assisting attackers in reconnaissance against the device....

vulnerabilityCVEmedium-severitycwe-862
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 2 Sigma

Anviz CX7 Firmware Flaw Exposes Sensitive Device Communications

CVE-2026-32324 — Anviz CX7 Firmware is  vulnerable because the application embeds reusable certificate/key material, enabling decryption of MQTT traffic and potential interaction with device messaging channels...

vulnerabilityCVEhigh-severitycwe-321
/SCW Vulnerability Desk /HIGH /7.7 /⚑ 3 IOCs /⚙ 2 Sigma

xrdp Vulnerability Allows Local Privilege Escalation to Root

CVE-2026-32107 — xrdp is an open source RDP server. In versions through 0.10.5, the session execution component did not properly handle an error during the...

vulnerabilityCVEhigh-severitycwe-273
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-6437 — Improper neutralization of argument delimiters in the

CVE-2026-6437 — Improper neutralization of argument delimiters in the volume handling component in AWS EFS CSI Driver (aws-efs-csi-driver) before v3.0.1 allows remote authenticated users with...

vulnerabilityCVEmedium-severitycwe-88
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 2 Sigma

Critical OpenViking Auth Bypass: Unset API Key Grants Full Bot Control

CVE-2026-40525 — OpenViking prior to commit c7bb167 contains an authentication bypass vulnerability in the VikingBot OpenAPI HTTP route surface where the authentication check fails open when...

vulnerabilityCVEcriticalhigh-severityauthentication-bypasscwe-636
/SCW Vulnerability Desk /CRITICAL /9.1 /⚑ 4 IOCs /⚙ 4 Sigma

Firebird Database Vulnerability Exposes Systems to Remote Crashes

CVE-2026-33337 — Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, when deserializing a slice packet, the xdr_datum()...

vulnerabilityCVEhigh-severitycwe-120cwe-502
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 2 IOCs /⚙ 5 Sigma

Unauthenticated Firebird Crash: Null Pointer Dereference Exposes Databases

CVE-2026-28224 — Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, when the server receives an op_crypt_key_callback packet...

vulnerabilityCVEhigh-severitynull-pointer-dereferencecwe-476
/SCW Vulnerability Desk /HIGH /8.2 /⚑ 2 IOCs /⚙ 5 Sigma

Firebird Null Pointer Dereference: Unauthenticated Remote Crash Risk

CVE-2026-28212 — Firebird is an open-source relational database management system. In versions prior to 6.0.0, 5.0.4, 4.0.7 and 3.0.14, when processing an op_slice network packet,...

vulnerabilityCVEhigh-severitynull-pointer-dereferencecwe-476
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 3 IOCs /⚙ 5 Sigma

Firebird Vulnerability CVE-2026-27890: Unauthenticated Crash Risk

CVE-2026-27890 — Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, when processing CNCT_specific_data segments during authentication, the...

vulnerabilityCVEhigh-severitycwe-119cwe-787
/SCW Vulnerability Desk /HIGH /8.2 /⚑ 5 IOCs /⚙ 5 Sigma

WordPress Plugin RCE: Drag and Drop File Upload Flaw

CVE-2026-5718 — The Drag and Drop Multiple File Upload for Contact Form 7 plugin for WordPress is vulnerable to arbitrary file upload in versions up...

vulnerabilityCVEhigh-severityremote-code-executioncwe-434
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 5 IOCs /⚙ 8 Sigma

Path Traversal in WordPress Plugin Exposes Files

CVE-2026-5710 — The Drag and Drop Multiple File Upload for Contact Form 7 plugin for WordPress is vulnerable to Path Traversal leading to Arbitrary File...

vulnerabilityCVEhigh-severitypath-traversalcwe-22
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 4 IOCs /⚙ 4 Sigma

Firebird Client Flaw Leaks Data with Newer Servers

CVE-2025-65104 — Firebird is an open-source relational database management system. In versions FB3 of the client library placed incorrect data length values into XSQLDA fields...

vulnerabilityCVEhigh-severitycwe-200
/SCW Vulnerability Desk /HIGH /7.9 /⚑ 3 IOCs /⚙ 1 Sigma

ByteDance DeerFlow Path Traversal Allows Arbitrary File Writes

CVE-2026-40518 — ByteDance DeerFlow before commit 2176b2b contains a path traversal and arbitrary file write vulnerability in bootstrap-mode custom-agent creation where the agent name validation is...

vulnerabilityCVEhigh-severitypath-traversalcwe-22
/SCW Vulnerability Desk /HIGH /7.1 /⚑ 4 IOCs /⚙ 7 Sigma

OpenHarness SSRF Exposes Private Services, Cloud Metadata

CVE-2026-40516 — OpenHarness before commit bd4df81 contains a server-side request forgery vulnerability in the web_fetch and web_search tools that allows attackers to access private and localhost...

vulnerabilityCVEhigh-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /HIGH /8.3 /⚑ 3 IOCs /⚙ 6 Sigma

OpenHarness Flaw Exposes Sensitive Files via Path Normalization Bypass

CVE-2026-40515 — OpenHarness before commit bd4df81 contains a permission bypass vulnerability that allows attackers to read sensitive files by exploiting incomplete path normalization in the permission...

vulnerabilityCVEhigh-severitycwe-863
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 3 IOCs /⚙ 2 Sigma

WP Customer Area Plugin: Arbitrary File Read/Delete Exposes WordPress

CVE-2026-3464 — The WP Customer Area plugin for WordPress is vulnerable to arbitrary file read and deletion due to insufficient file path validation in the...

vulnerabilityCVEhigh-severityremote-code-executioncwe-22
/SCW Vulnerability Desk /HIGH /8.8 /⚑ 3 IOCs /⚙ 4 Sigma

CVE-2026-6497 — Server-Side Request Forgery

CVE-2026-6497 — A vulnerability was determined in prasathmani TinyFileManager up to 2.6. Affected by this vulnerability is an unknown functionality of the file /filemanager.php?p= ajax=true&type=upload...

vulnerabilityCVEmedium-severityserver-side-request-forgerycwe-918
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 2 IOCs /⚙ 4 Sigma

Critical PLC Flaw Allows Network-Based Password Brute-Force

CVE-2026-6284 — An attacker with network access to the PLC is able to brute force discover passwords to gain unauthorized access to systems and services....

vulnerabilityCVEcriticalhigh-severitycwe-521
/SCW Vulnerability Desk /CRITICAL /9.1 /⚑ 1 IOC /⚙ 1 Sigma

CVE-2026-6496 — Prasathmani TinyFileManager Path Traversal

CVE-2026-6496 — A vulnerability was found in prasathmani TinyFileManager up to 2.6. Affected is an unknown function of the file /filemanager.php of the component POST...

vulnerabilityCVEmedium-severitypath-traversalcwe-22
/SCW Vulnerability Desk /MEDIUM /5.4 /⚑ 2 IOCs /⚙ 7 Sigma

CVE-2026-6492 — Arnobt78 Hotel Booking Management System Information Disclosure

CVE-2026-6492 — A vulnerability was detected in arnobt78 Hotel Booking Management System up to f8922d0e0f6ac1cc761974c7616f44c2bbc04bea. The impacted element is an unknown function of the file...

vulnerabilityCVEmedium-severityinformation-disclosurecwe-200cwe-284
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 3 IOCs /⚙ 4 Sigma

CVE-2026-6491 — Libvips Buffer Overflow

CVE-2026-6491 — A security vulnerability has been detected in libvips up to 8.18.2. The affected element is the function im_minpos_vec of the file libvips/deprecated/vips7compat.c of...

vulnerabilityCVEmedium-severitybuffer-overflowcwe-119cwe-122
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 3 IOCs /⚙ 6 Sigma

SQL Injection Flaw in QueryMine SMS: Remote Exploitation Possible

CVE-2026-6490 — A weakness has been identified in QueryMine sms up to 7ab5a9ea196209611134525ffc18de25c57d9593. Impacted is an unknown function of the file admin/deletecourse.php of the component...

vulnerabilityCVEhigh-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 2 IOCs /⚙ 7 Sigma

APT28 Exploits Roundcube for Ukraine Cyber Espionage

The Record by Recorded Future reports that Ukraine has confirmed a campaign by the threat actor APT28 targeting its prosecutors and anti-corruption agencies. This operation...

threat-inteldata-breachgovernmentvulnerability
/SCW Vulnerability Desk /HIGH /⚑ 1 IOC /⚙ 1 Sigma

Dnsmasq Vulnerability Allows Remote DoS via Crafted BOOTREPLY

CVE-2026-6507 — A flaw was found in dnsmasq. A remote attacker could exploit an out-of-bounds write vulnerability by sending a specially crafted BOOTREPLY (Bootstrap Protocol...

vulnerabilityCVEhigh-severitydenial-of-servicecwe-787
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 4 IOCs /⚙ 2 Sigma

CVE-2026-6489 — QueryMine Sms Unrestricted File Upload

CVE-2026-6489 — A security flaw has been discovered in QueryMine sms up to 7ab5a9ea196209611134525ffc18de25c57d9593. This issue affects some unknown processing of the file admin/addteacher.php of...

vulnerabilityCVEmedium-severityunrestricted-file-uploadcwe-284cwe-434
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 6 Sigma

CVE-2026-6488 — QueryMine Sms SQL Injection

CVE-2026-6488 — A vulnerability was identified in QueryMine sms up to 7ab5a9ea196209611134525ffc18de25c57d9593. This vulnerability affects unknown code of the file admin/editcourse.php of the component GET...

vulnerabilityCVEmedium-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 7 Sigma

CVE-2026-6487 — Qihui Jtbc5 CMS Path Traversal

CVE-2026-6487 — A flaw has been found in Qihui jtbc5 CMS 5.0.3.6. Affected is an unknown function of the file /dev/code/common/diplomat/manage.php of the component Code...

vulnerabilityCVEmedium-severitypath-traversalcwe-22
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 4 Sigma

CVE-2026-28263 — Cross-Site Scripting (XSS)

CVE-2026-28263 — Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.5, LTS2025 release version 8.3.1.0 through...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /5.9 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-23777 — Dell PowerProtect Data Domain with Data Domain Operating

CVE-2026-23777 — Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.5, LTS2025 release version 8.3.1.0 through...

vulnerabilityCVEmedium-severitycwe-200
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 4 Sigma

CVE-2025-46641 — Dell PowerProtect Data Domain with Data Domain Operating

CVE-2025-46641 — Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 8.4 through 8.5 contain an improper authentication vulnerability....

vulnerabilityCVEmedium-severitycwe-287
/SCW Vulnerability Desk /MEDIUM /6.6 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2025-46607 — Dell PowerProtect Data Domain with Data Domain Operating

CVE-2025-46607 — Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 8.4 through 8.5 contain an improper authentication vulnerability....

vulnerabilityCVEmedium-severitycwe-287
/SCW Vulnerability Desk /MEDIUM /6.6 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2025-46606 — Dell PowerProtect Data Domain with Data Domain Operating

CVE-2025-46606 — Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 8.4 through 8.5 contain an improper restriction of...

vulnerabilityCVEmedium-severitycwe-307
/SCW Vulnerability Desk /MEDIUM /6.2 /⚑ 2 IOCs /⚙ 4 Sigma

CVE-2025-46605 — Dell PowerProtect Data Domain with Data Domain Operating

CVE-2025-46605 — Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 8.4 through 8.5 contain a session fixation vulnerability....

vulnerabilityCVEmedium-severitycwe-384
/SCW Vulnerability Desk /MEDIUM /6.2 /⚑ 2 IOCs /⚙ 2 Sigma

Microsoft April 2024 Security Updates: Zero-Day Exploited, Critical Vulnerabilities Addressed

The Israel National Cyber Directorate (INCD) has issued a critical alert regarding Microsoft's April 2024 security updates. On April 14th, Microsoft released approximately 163 security...

INCDisraelvulnerabilityadvisoryalert
/HIGH /⚑ 5 IOCs /⚙ 3 Sigma

ShowDoc Exploit and Growing Satellite Security Concerns Emerge

SecurityWeek reports that the ShowDoc vulnerability is being actively exploited in the wild. While details on the specific exploit are scarce, this highlights a critical...

threat-intelvulnerability
/SCW Vulnerability Desk /MEDIUM /⚑ 3 IOCs /⚙ 3 Sigma

Wavlink Router OS Command Injection: Public Exploit Available

CVE-2026-6483 — A vulnerability was found in Wavlink WL-WN530H4 20220721. This vulnerability affects the function strcat/snprintf of the file /cgi-bin/internet.cgi. The manipulation results in os...

vulnerabilityCVEhigh-severitycommand-injectioncwe-77cwe-78
/SCW Vulnerability Desk /HIGH /7.2 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-35153 — Dell PowerProtect Data Domain, versions 7.7.1.0 through

CVE-2026-35153 — Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7.0.0, LTS2025 release versions 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain an improper...

vulnerabilityCVEmedium-severitycwe-88
/SCW Vulnerability Desk /MEDIUM /6.7 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-35074 — Command Injection

CVE-2026-35074 — Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7.0.0, LTS2025 release versions 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain an improper...

vulnerabilityCVEmedium-severitycommand-injectioncwe-78
/SCW Vulnerability Desk /MEDIUM /6.7 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-35073 — Command Injection

CVE-2026-35073 — Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7.0.0, LTS2025 release versions 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain an improper...

vulnerabilityCVEmedium-severitycommand-injectioncwe-78
/SCW Vulnerability Desk /MEDIUM /6.7 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-35072 — Command Injection

CVE-2026-35072 — Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7.0.0, LTS2025 release versions 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain an improper...

vulnerabilityCVEmedium-severitycommand-injectioncwe-78
/SCW Vulnerability Desk /MEDIUM /6.7 /⚑ 2 IOCs /⚙ 3 Sigma

Google Cracks Down on Malicious Ads, Tightens Android Privacy

Google is intensifying its fight against policy-violating ads, announcing it blocked or removed over 8.3 billion such ads globally in 2025. The tech giant also...

threat-intelvulnerability
/SCW Vulnerability Desk /MEDIUM /⚙ 3 Sigma

CVE-2026-23779 — Command Injection

CVE-2026-23779 — Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.5, LTS2025 release version 8.3.1.0 through...

vulnerabilityCVEmedium-severitycommand-injectioncwe-77
/SCW Vulnerability Desk /MEDIUM /6.7 /⚑ 2 IOCs /⚙ 3 Sigma

Dell DD OS Vulnerability: Certificate Login Elevation of Privilege

CVE-2026-23776 — Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.5, LTS2025 release version 8.3.1.0 through...

vulnerabilityCVEhigh-severitycwe-295
/SCW Vulnerability Desk /HIGH /7.2 /⚑ 5 IOCs /⚙ 3 Sigma

CISA Warns: Active Exploitation of 13-Year-Old Apache ActiveMQ Flaw

CISA has issued a critical alert: a high-severity vulnerability in Apache ActiveMQ, dormant for thirteen years, is now actively being exploited in the wild. This...

threat-inteldata-breachmalwarevulnerability
/SCW Vulnerability Desk /HIGH /⚑ 1 IOC /⚙ 3 Sigma

North Korean IT Scheme Facilitators Jailed in US Court

Two individuals, Kejia Wang and Zhenxing Wang, have been sentenced in the U.S. for their roles in a scheme that facilitated North Korean IT workers...

threat-intelvulnerability
/SCW Vulnerability Desk /MEDIUM /⚙ 3 Sigma

CVE-2026-6494 — The AAP MCP Server Vulnerability

CVE-2026-6494 — A flaw was found in the AAP MCP server. An unauthenticated remote attacker can exploit a log injection vulnerability by sending specially crafted...

vulnerabilityCVEmedium-severitycwe-117
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-6439 — Cross-Site Scripting (XSS)

CVE-2026-6439 — The VideoZen plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to and including 1.0.1. This is due to insufficient...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /4.4 /⚑ 2 IOCs /⚙ 2 Sigma

Dell PowerProtect Zero-Day: Command Injection Flaw Exposes Data Domain Systems

CVE-2026-23778 — Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.5, LTS2025 release version 8.3.1.0 through...

vulnerabilityCVEhigh-severitycommand-injectioncwe-77
/SCW Vulnerability Desk /HIGH /7.2 /⚑ 5 IOCs /⚙ 3 Sigma

Dell DD OS Log File Vulnerability Exposes Credentials

CVE-2026-23775 — Dell PowerProtect Data Domain appliances with Data Domain Operating System (DD OS) of Feature Release versions 8.0 through 8.5, LTS2025 release version 8.3.1.0...

vulnerabilityCVEhigh-severitycwe-532
/SCW Vulnerability Desk /HIGH /7.6 /⚑ 5 IOCs /⚙ 3 Sigma

Dell PowerProtect BoostFS Credential Exposure Vulnerability

CVE-2025-36568 — Dell PowerProtect Data Domain BoostFS for client of Feature Release versions 7.7.1.0 through 8.5, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions...

vulnerabilityCVEhigh-severitycwe-522
/SCW Vulnerability Desk /HIGH /7.8 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-6451 — The cms-fuer-motorrad-werkstaetten plugin for WordPress is

CVE-2026-6451 — The cms-fuer-motorrad-werkstaetten plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to and including 1.0.0. This is due to missing...

vulnerabilityCVEmedium-severitycwe-352
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-40002 — Red Magic 11 Pro (NX809J) contains a vulnerability that

CVE-2026-40002 — Red Magic 11 Pro (NX809J) contains a vulnerability that allows non-privileged applications to trigger sensitive operations. The vulnerability stems from the lack of validation...

vulnerabilityCVEmedium-severitycwe-269
/SCW Vulnerability Desk /MEDIUM /5 /⚑ 2 IOCs /⚙ 3 Sigma

JetBrains YouTrack RCE Flaw: High Privileges, Sandbox Bypass

CVE-2026-33392 — In JetBrains YouTrack before 2025.3.131383 high privileged user can achieve RCE via sandbox bypass

vulnerabilityCVEhigh-severitycwe-1336
/SCW Vulnerability Desk /HIGH /7.2 /⚑ 2 IOCs /⚙ 3 Sigma

Dell PowerProtect Data Domain: Critical Weak Credentials Vulnerability

CVE-2026-23853 — Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.5, LTS2025 release version 8.3.1.0 through...

vulnerabilityCVEhigh-severitycwe-1391
/SCW Vulnerability Desk /HIGH /8.4 /⚑ 1 IOC

Microsoft Servers Hit by April Patch Causing Domain Controller Reboot Loops

Microsoft has issued a warning that recent April security updates have caused critical Windows domain controllers to enter persistent reboot loops. This issue primarily affects...

threat-inteldata-breachmalwarevulnerabilitymicrosoft
/SCW Vulnerability Desk /MEDIUM /⚑ 1 IOC /⚙ 3 Sigma

Malicious Takeover of WordPress Plugin: CVE-2026-6443 Backdoor Injected

CVE-2026-6443 — The Accordion and Accordion Slider plugin for WordPress is vulnerable to an injected backdoor in version 1.4.6. This is due to the plugin...

vulnerabilityCVEcriticalhigh-severitycwe-506
/SCW Vulnerability Desk /CRITICAL /9.8 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-6441 — The Canto plugin for WordPress is vulnerable to Missing

CVE-2026-6441 — The Canto plugin for WordPress is vulnerable to Missing Authorization in versions up to and including 3.1.1. This is due to the absence...

vulnerabilityCVEmedium-severitycwe-862
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 3 Sigma

Elementor Plugin Flaw Exposes WordPress to Arbitrary File Read

CVE-2026-4659 — The Unlimited Elements for Elementor plugin for WordPress is vulnerable to Arbitrary File Read via the Repeater JSON/CSV URL parameter in versions up...

vulnerabilityCVEhigh-severitypath-traversalcwe-22
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 4 IOCs /⚙ 3 Sigma

NIST NVD Overload: CVE Enrichment Limited After Massive Surge

NIST has announced significant changes to how it manages the National Vulnerability Database (NVD), specifically limiting the enrichment of new CVEs. According to The Hacker...

threat-intelvulnerability
/SCW Vulnerability Desk /MEDIUM /⚑ 1 IOC /⚙ 3 Sigma

Law Enforcement Dismantles 53 DDoS-for-Hire Domains

Law enforcement agencies from 21 countries have executed a coordinated takedown, targeting 53 domains associated with DDoS-for-hire services. This significant operation, reported by SecurityWeek, underscores...

threat-intelvulnerability
/SCW Vulnerability Desk /MEDIUM /⚑ 1 IOC /⚙ 3 Sigma

MobaXterm Vulnerability: Local Privilege Escalation Risk

CVE-2026-6421 — A vulnerability has been found in Mobatek MobaXterm Home Edition up to 26.1. This affects an unknown part in the library msimg32.dll. The...

vulnerabilityCVEhigh-severitycwe-426cwe-427
/SCW Vulnerability Desk /HIGH /7 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-5797 — Code Execution

CVE-2026-5797 — The Quiz And Survey Master plugin for WordPress is vulnerable to Arbitrary Shortcode Execution in versions up to and including 11.1.0. This is...

vulnerabilityCVEmedium-severitycode-executioncwe-74
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 2 Sigma

CubeCart Admin Command Injection: A High-Risk Vulnerability for E-commerce

CVE-2026-21719 — An OS command injection vulnerability exists in CubeCart prior to 6.6.0, which may allow a user with an administrative privilege to execute an...

vulnerabilityCVEhigh-severitycommand-injectioncwe-78
/SCW Vulnerability Desk /HIGH /7.2 /⚑ 2 IOCs /⚙ 3 Sigma

Windows Zero-Days Under Active Exploitation: Escalating Privileges Now

BleepingComputer reports that three recently disclosed Windows security vulnerabilities are now being actively exploited in attacks. This isn't theoretical; we're talking about real-world campaigns aiming...

threat-inteldata-breachmalwarevulnerabilitymicrosoft
/SCW Vulnerability Desk /HIGH /⚑ 3 IOCs /⚙ 3 Sigma

Operation PowerOFF Dismantles DDoS-for-Hire Infrastructure

Law enforcement agencies globally have struck a significant blow against the commercial distributed denial-of-service (DDoS)-for-hire market with Operation PowerOFF. This coordinated effort successfully took down...

threat-intelvulnerability
/SCW Vulnerability Desk /MEDIUM /⚑ 2 IOCs

CVE-2026-6080 — SQL Injection

CVE-2026-6080 — The Tutor LMS plugin for WordPress is vulnerable to SQL Injection in versions up to and including 3.9.8. This is due to insufficient...

vulnerabilityCVEmedium-severitysql-injectioncwe-89
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 3 Sigma

Vault DoS: Unauthenticated Attackers Can Block Critical Operations

CVE-2026-5807 — Vault is vulnerable to a denial-of-service condition where an unauthenticated attacker can repeatedly initiate or cancel root token generation or rekey operations, occupying...

vulnerabilityCVEhigh-severitycwe-770
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-5502 — The Tutor LMS – eLearning and online course solution plugin

CVE-2026-5502 — The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to unauthorized course content manipulation in versions up to...

vulnerabilityCVEmedium-severitycwe-862
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 1 Sigma

CVE-2026-5427 — Arbitrary File Access

CVE-2026-5427 — The Kubio plugin for WordPress is vulnerable to Arbitrary File Upload in versions up to and including 2.7.2. This is due to insufficient...

vulnerabilityCVEmedium-severityarbitrary-file-accesscwe-862
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-5234 — The LatePoint plugin for WordPress is vulnerable to

CVE-2026-5234 — The LatePoint plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.3.2. The vulnerability exists...

vulnerabilityCVEmedium-severitycwe-639
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-4853 — Path Traversal

CVE-2026-4853 — The JetBackup – Backup, Restore & Migrate plugin for WordPress is vulnerable to Path Traversal leading to Arbitrary Directory Deletion in versions up...

vulnerabilityCVEmedium-severitypath-traversalcwe-22
/SCW Vulnerability Desk /MEDIUM /4.9 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-3330 — SQL Injection

CVE-2026-3330 — The Form Maker by 10Web plugin for WordPress is vulnerable to SQL Injection via the 'ip_search', 'startdate', 'enddate', 'username_search', and 'useremail_search' parameters in...

vulnerabilityCVEmedium-severitysql-injectioncwe-89
/SCW Vulnerability Desk /MEDIUM /4.9 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-5052 — Information Disclosure

CVE-2026-5052 — Vault’s PKI engine’s ACME validation did not reject local targets when issuing http-01 and tls-alpn-01 challenges. This may lead to these requests being...

vulnerabilityCVEmedium-severityinformation-disclosurecwe-918
/SCW Vulnerability Desk /MEDIUM /5.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-4666 — The wpForo Forum plugin for WordPress is vulnerable to

CVE-2026-4666 — The wpForo Forum plugin for WordPress is vulnerable to unauthorized modification of data due to the use of `extract($args, EXTR_OVERWRITE)` on user-controlled input...

vulnerabilityCVEmedium-severitycwe-862
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 3 Sigma

Vault Token Forwarding Flaw Exposes Auth Backends

CVE-2026-4525 — If a Vault auth mount is configured to pass through the "Authorization" header, and the "Authorization" header is used to authenticate to Vault,...

vulnerabilityCVEhigh-severitycwe-201
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 3 IOCs /⚙ 3 Sigma

Vault Vulnerability: Authenticated Users Can Trigger DoS via Path Glob Policy

CVE-2026-3605 — An authenticated user with access to a kvv2 path through a policy containing a glob may be able to delete secrets they were...

vulnerabilityCVEhigh-severitycwe-288
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 5 IOCs /⚙ 3 Sigma

WordPress WP Statistics XSS: A Silent Admin Page Threat

CVE-2026-5231 — The WP Statistics plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'utm_source' parameter in all versions up to, and including,...

vulnerabilityCVEhigh-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /HIGH /7.2 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-5162 — Cross-Site Scripting (XSS)

CVE-2026-5162 — The Royal Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Instagram Feed widget's 'instagram_follow_text' setting in all...

vulnerabilityCVEmedium-severitycross-site-scripting-xsscwe-79
/SCW Vulnerability Desk /MEDIUM /6.4 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-4817 — SQL Injection

CVE-2026-4817 — The MasterStudy LMS WordPress Plugin for Online Courses and Education plugin for WordPress is vulnerable to Time-based Blind SQL Injection via the 'order'...

vulnerabilityCVEmedium-severitysql-injectioncwe-89
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-3488 — The WP Statistics plugin for WordPress is vulnerable to

CVE-2026-3488 — The WP Statistics plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 14.16.4. This is due to...

vulnerabilityCVEmedium-severitycwe-862
/SCW Vulnerability Desk /MEDIUM /6.5 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-40265 — Note Mark is an open-source note-taking application. In

CVE-2026-40265 — Note Mark is an open-source note-taking application. In versions 0.19.1 and prior, the asset download endpoint at /api/notes/{noteID}/assets/{assetID} is registered without authentication middleware,...

vulnerabilityCVEmedium-severitycwe-862
/SCW Vulnerability Desk /MEDIUM /5.9 /⚑ 2 IOCs /⚙ 2 Sigma

Note Mark XSS: Magic Bytes Fail, Sessions Exposed

CVE-2026-40262 — Note Mark is an open-source note-taking application. In versions 0.19.1 and prior, the asset delivery handler serves uploaded files inline and relies on...

vulnerabilityCVEhigh-severitycwe-79cwe-434
/SCW Vulnerability Desk /HIGH /8.7 /⚑ 4 IOCs /⚙ 3 Sigma

Cloud Foundry UAA Bypass: Unsigned SAML Exposes Identity Tokens

CVE-2026-22734 — Cloud Foundry UUA is vulnerable to a bypass that allows an attacker to obtain a token for any user and gain access to UAA-protected...

vulnerabilityCVEhigh-severitycwe-290
/SCW Vulnerability Desk /HIGH /8.6 /⚑ 4 IOCs /⚙ 3 Sigma

Critical RCE in SiYuan PKM: XSS to Arbitrary Code Execution

CVE-2026-40322 — SiYuan is an open-source personal knowledge management system. In versions 3.6.3 and below, Mermaid diagrams are rendered with securityLevel set to "loose", and...

vulnerabilityCVEcriticalhigh-severitycode-executioncwe-79cwe-94
/SCW Vulnerability Desk /CRITICAL /9 /⚑ 3 IOCs /⚙ 3 Sigma

SiYuan Path Traversal: Arbitrary File Deletion Exposes Core Configuration

CVE-2026-40318 — SiYuan is an open-source personal knowledge management system. In versions 3.6.3 and prior, the /api/av/removeUnusedAttributeView endpoint constructs a filesystem path using the user-controlled...

vulnerabilityCVEhigh-severitypath-traversalcwe-24
/SCW Vulnerability Desk /HIGH /8.5 /⚑ 4 IOCs /⚙ 3 Sigma

SiYuan Vulnerability: Reader Role Can Wipe Attribute Views

CVE-2026-40259 — SiYuan is an open-source personal knowledge management system. In versions 3.6.3 and below, the /api/av/removeUnusedAttributeView endpoint is protected only by generic authentication that...

vulnerabilityCVEhigh-severitycwe-285
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 5 IOCs /⚙ 3 Sigma

CVE-2026-40255 — All AdonisJS Applications That Use Response.Redirect().Back( Vulnerability

CVE-2026-40255 — AdonisJS HTTP Server is a package for handling HTTP requests in the AdonisJS framework. In @adonisjs/http-server versions prior to 7.8.1 and 8.0.0-next.0 through...

vulnerabilityCVEmedium-severitycwe-601
/SCW Vulnerability Desk /MEDIUM /6.1 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-40253 — All Token Backends (Soft, ICA, CCA, TPM, EP11, ICSF) Since T Out-of-Bounds $1

CVE-2026-40253 — openCryptoki is a PKCS#11 library and provides tooling for Linux and AIX. In versions 3.26.0 and below, the BER/DER decoding functions in the...

vulnerabilityCVEmedium-severityout-of-bounds-1cwe-125
/SCW Vulnerability Desk /MEDIUM /6.8 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2024-58343 — Vision Helpdesk before 5.7.0 (patched in 5.6.10) allows

CVE-2024-58343 — Vision Helpdesk before 5.7.0 (patched in 5.6.10) allows attackers to read user profiles via modified serialized cookie data to vis_client_id.

vulnerabilityCVEmedium-severitycwe-425
/SCW Vulnerability Desk /MEDIUM /4.3 /⚑ 2 IOCs /⚙ 2 Sigma

Qmail RCE: A Legacy Mailer's Critical Flaw

CVE-2026-41113 — sagredo qmail before 2026.04.07 allows tls_quit remote code execution because of popen in notlshosts_auto in qmail-remote.c.

vulnerabilityCVEhigh-severityremote-code-executioncwe-78
/SCW Vulnerability Desk /HIGH /8.1 /⚑ 3 IOCs /⚙ 3 Sigma

ngtcp2 QUIC Stack Overflow: A Critical Vulnerability for Qlog Deployments

CVE-2026-40170 — ngtcp2 is a C implementation of the IETF QUIC protocol. In versions prior to 1.22.1, ngtcp2_qlog_parameters_set_transport_params() serializes peer transport parameters into a fixed...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-121
/SCW Vulnerability Desk /HIGH /7.5 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-34164 — Valtimo is an open-source business process automation

CVE-2026-34164 — Valtimo is an open-source business process automation platform. In versions 13.0.0 through 13.21.0, the InboxHandlingService logs the full content of every incoming inbox...

vulnerabilityCVEmedium-severitycwe-532
/SCW Vulnerability Desk /MEDIUM /4.9 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-33472 — Cryptomator is an open-source client-side encryption

CVE-2026-33472 — Cryptomator is an open-source client-side encryption application for cloud storage. Version 1.19.1 contains a logic flaw in CheckHostTrustController.getAuthority() that allows an attacker to...

vulnerabilityCVEmedium-severitycwe-305cwe-319
/SCW Vulnerability Desk /MEDIUM /4.8 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2023-33538: Mirai Botnet Targets TP-Link Routers

Palo Alto Unit 42 has detailed active exploitation attempts targeting CVE-2023-33538, a command injection vulnerability in TP-Link routers. This isn't just another router vulnerability; it's...

threat-intelAPTmalwareresearchvulnerability
/SCW Vulnerability Desk /MEDIUM /⚑ 2 IOCs /⚙ 3 Sigma

NIST Overhauls CVE Framework for High-Impact Vulnerability Prioritization

The National Institute of Standards and Technology (NIST) is shifting its approach to vulnerability management. Dark Reading reports that NIST has revamped its Common Vulnerabilities...

threat-inteltoolsvulnerabilitycloud
/SCW Vulnerability Desk /MEDIUM /⚑ 1 IOC /⚙ 1 Sigma

Snowflake Cortex Code CLI Sandbox Escape Vulnerability

CVE-2026-6442 — Improper validation of bash commands in Snowflake Cortex Code CLI versions prior to 1.0.25 allowed subsequent commands to execute outside the sandbox. An...

vulnerabilityCVEhigh-severitycwe-1286
/SCW Vulnerability Desk /HIGH /8.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2025-43937 — Dell PowerScale OneFS, versions prior to 9.12.0.0, contains

CVE-2025-43937 — Dell PowerScale OneFS, versions prior to 9.12.0.0, contains an insertion of sensitive information into log file vulnerability. A low privileged attacker with local...

vulnerabilityCVEmedium-severitycwe-532
/SCW Vulnerability Desk /MEDIUM /6.6 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2025-43935 — Denial of Service

CVE-2025-43935 — Dell PowerScale OneFS, versions prior to 9.12.0.0, contains an improper resource shutdown or release vulnerability. A high privileged attacker with local access could...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-404
/SCW Vulnerability Desk /MEDIUM /4.4 /⚑ 2 IOCs /⚙ 1 Sigma

OCaml opam Path Traversal: A Nasty CVE-2026-41082

CVE-2026-41082 — In OCaml opam before 2.5.1, a .install field containing a destination filepath can use ../ to reach a parent directory.

vulnerabilityCVEhigh-severitycwe-24
/HIGH /7.3 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-24749 — The Silverstripe Assets Module is a required component of

CVE-2026-24749 — The Silverstripe Assets Module is a required component of Silverstripe Framework. In versions prior to 2.4.5 and 3.0.0-rc1 through 3.1.2, images rendered in...

vulnerabilityCVEmedium-severitycwe-863
/MEDIUM /5.3 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2025-43883 — Denial of Service

CVE-2025-43883 — Dell PowerScale OneFS, versions prior to 9.12.0.0, contains an improper check for unusual or exceptional conditions vulnerability. A high privileged attacker with local...

vulnerabilityCVEmedium-severitydenial-of-servicecwe-754
/MEDIUM /4.1 /⚑ 2 IOCs /⚙ 1 Sigma

PowMix Botnet Targets Czech Workforce with Evasive C2

A previously undocumented botnet, dubbed PowMix, has been actively targeting the Czech Republic's workforce since at least December 2025, as reported by The Hacker News....

threat-intelvulnerabilitymalware
/SCW Vulnerability Desk /HIGH /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2025-36579 — Dell Client Platform BIOS contains a Weak Password Recovery

CVE-2025-36579 — Dell Client Platform BIOS contains a Weak Password Recovery Mechanism vulnerability. An unauthenticated attacker with physical access to the system could potentially exploit...

vulnerabilityCVEmedium-severitycwe-640
/MEDIUM /5.1 /⚑ 2 IOCs /⚙ 2 Sigma

Hackers Exploit Marimo Flaw, Deploy NKAbuse via Hugging Face

BleepingComputer recently reported that threat actors are actively exploiting a critical vulnerability within Marimo, the reactive Python notebook environment. This exploitation serves as a vector...

threat-inteldata-breachmalwarevulnerability
/MEDIUM /⚑ 3 IOCs /⚙ 3 Sigma

Zoho ManageEngine Log360 Hit by Auth Bypass

CVE-2026-3324 — Zohocorp ManageEngine Log360 versions 13000 through 13013 are vulnerable to authentication bypass on certain actions due to improper filter configuration.

vulnerabilityCVEhigh-severityauthentication-bypasscwe-288
/HIGH /8.2 /⚑ 2 IOCs /⚙ 3 Sigma

Fastify Middie Bypass: Double Slashes, Double Trouble

CVE-2026-33804 — @fastify/middie versions 9.3.1 and earlier are vulnerable to middleware bypass when the deprecated Fastify ignoreDuplicateSlashes option is enabled. The middleware path matching logic...

vulnerabilityCVEhigh-severitycwe-436
/HIGH /7.4 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-2840 — Cross-Site Scripting (XSS)

CVE-2026-2840 — The Email Encoder – Protect Email Addresses and Phone Numbers plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'eeb_mailto' shortcode...

vulnerabilityCVEcross-site-scripting-xss-cwe-79
/MEDIUM /6.4 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-6410 — Path Traversal

CVE-2026-6410 — @fastify/static versions 8.0.0 through 9.1.0 allow path traversal when directory listing is enabled via the list option. The dirList.path() function resolves directories outside...

vulnerabilityCVEpath-traversalcwe-22
/MEDIUM /5.3 /⚑ 2 IOCs /⚙ 3 Sigma

Fastify Middleware Flaw Exposes Apps to Auth Bypass

CVE-2026-6270 — @fastify/middie versions 9.3.1 and earlier do not register inherited middleware directly on child plugin engine instances. When a Fastify application registers authentication middleware...

vulnerabilityCVEcriticalhigh-severitycwe-436
/CRITICAL /9.1 /⚑ 3 IOCs /⚙ 3 Sigma

SQL Injection Flaw Found in Zoho ManageEngine PAM/PMP

CVE-2026-5785 — Zohocorp ManageEngine PAM360 versions before 8531 and ManageEngine Password Manager Pro versions from 8600 to 13230 are vulnerable to Authenticated SQL injection in...

vulnerabilityCVEhigh-severitysql-injectioncwe-89
/HIGH /8.1 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-4160 — The Fluent Forms – Customizable Contact Forms, Survey,

CVE-2026-4160 — The Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder plugin for WordPress is vulnerable to Insecure Direct Object Reference...

vulnerabilityCVEcwe-639
/MEDIUM /5.3 /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-6414 — @fastify/static versions 8.0.0 through 9.1.0 decode

CVE-2026-6414 — @fastify/static versions 8.0.0 through 9.1.0 decode percent-encoded path separators (%2F) before filesystem resolution, while Fastify's router treats them as literal characters. This mismatch...

vulnerabilityCVEcwe-177
/MEDIUM /5.9 /⚑ 2 IOCs /⚙ 2 Sigma

Critical RCE in Laravel Payment Package

CVE-2026-31843 — The goodoneuz/pay-uz Laravel package (<= 2.2.24) contains a critical vulnerability in the /payment/api/editable/update endpoint that allows unauthenticated attackers to overwrite existing PHP payment...

vulnerabilityCVEcriticalhigh-severityremote-code-executioncwe-284
/CRITICAL /9.8 /⚑ 4 IOCs /⚙ 3 Sigma

Defender 0-Day & Excel RCE Among Week's Top Threats

This week's cybersecurity landscape was, to put it mildly, a dumpster fire, according to The Hacker News. Their latest 'ThreatsDay Bulletin' highlighted a particularly nasty...

threat-intelvulnerability
/MEDIUM /⚑ 3 IOCs /⚙ 3 Sigma

Rhysida Ransomware Hits Tennessee Hospital, Leaks 500GB Data

Cookeville Regional Medical Center, a Tennessee-based hospital, fell victim to a significant data breach last year, as reported by SecurityWeek. The notorious Rhysida ransomware group...

threat-intelvulnerabilitymalwareransomwaredata-breach
/MEDIUM /⚑ 3 IOCs /⚙ 3 Sigma

DirectoryPress Plugin Flaw Exposes WordPress Sites to SQL Injection

CVE-2026-3489 — The DirectoryPress – Business Directory And Classified Ad Listing plugin for WordPress is vulnerable to SQL Injection via the 'packages' parameter in versions...

vulnerabilityCVEhigh-severitysql-injectioncwe-89
/HIGH /7.5 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-3369 — Cross-Site Scripting (XSS)

CVE-2026-3369 — The Better Find and Replace – AI-Powered Suggestions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via uploaded image title in versions...

vulnerabilityCVEcross-site-scripting-xss-cwe-79
/MEDIUM /5.4 /⚑ 2 IOCs /⚙ 3 Sigma

Cisco Webex Flaw Demands Immediate Customer Action

Cisco has rolled out critical security updates to address four significant vulnerabilities, according to BleepingComputer. Among these is a particularly nasty improper certificate validation flaw...

threat-inteldata-breachmalwarevulnerabilitycloudtools
/MEDIUM /⚑ 1 IOC /⚙ 2 Sigma

Orphaned Identities Fueling Cloud Breaches: The Unseen Threat

Forget phishing and weak passwords for a moment. According to The Hacker News, a staggering 68% of cloud breaches in 2024 were directly linked to...

threat-intelvulnerabilitydata-breachcloudidentityphishingai-security
/MEDIUM /⚙ 3 Sigma

Cisco Patches Critical Flaws in Identity Services and Webex

Cisco has rolled out patches for four critical vulnerabilities affecting its Identity Services and Webex Services. According to The Hacker News, these flaws could allow...

threat-intelvulnerabilitycloudidentity
/MEDIUM /⚑ 1 IOC /⚙ 2 Sigma

CVE-2025-12624 — Active access tokens are not revoked or invalidated when a

CVE-2025-12624 — Active access tokens are not revoked or invalidated when a user account is locked within WSO2 Identity Server. This failure to enforce revocation...

vulnerabilityCVEcwe-613
/MEDIUM /6 /⚑ 2 IOCs

Obsidian Plugin Abuse Unleashes Novel PHANTOMPULSE RAT

The Hacker News is flagging a sophisticated social engineering campaign that's weaponizing Obsidian, the popular note-taking app, as an entry point. Attackers are exploiting Obsidian...

threat-intelvulnerabilitymalwaremicrosoftphishing
/MEDIUM /⚙ 3 Sigma

NIST NVD Prioritizes CISA KEV and Critical Software CVEs

NIST is refining its National Vulnerability Database (NVD) enrichment process, a move that SecurityWeek reports is aimed at optimizing the management of the sheer volume...

threat-intelvulnerability
/MEDIUM /⚙ 1 Sigma

CVE-2025-6024 — The authentication endpoint fails to encode user-supplied

CVE-2025-6024 — The authentication endpoint fails to encode user-supplied input before rendering it in the web page, allowing for script injection. An attacker can leverage...

vulnerabilityCVEcwe-79
/MEDIUM /6.1 /⚑ 2 IOCs

CVE-2024-4867 — Cross-Site Scripting (XSS)

CVE-2024-4867 — The WSO2 API Manager developer portal accepts user-supplied input without enforcing expected validation constraints or proper output encoding. This deficiency allows a malicious...

vulnerabilityCVEcross-site-scripting-xss-cwe-79
/MEDIUM /5.4 /⚑ 2 IOCs

CVE-2024-10242 — The authentication endpoint fails to adequately validate

CVE-2024-10242 — The authentication endpoint fails to adequately validate user-supplied input before reflecting it back in the response. This allows an attacker to inject malicious...

vulnerabilityCVEcwe-79
/MEDIUM /6.1 /⚑ 2 IOCs

Dell Storage Manager Flaw: Local Privilege Escalation Risk

CVE-2026-23772 — Dell Storage Manager - Replay Manager for Microsoft Servers, version(s) 8.0, contain(s) an Improper Privilege Management vulnerability. A low privileged attacker with local...

vulnerabilityCVEhigh-severitycwe-269
/HIGH /7.3 /⚑ 3 IOCs /⚙ 3 Sigma

WSO2 XML Parsers Vulnerable to External Entity Attacks

CVE-2024-2374 — The XML parsers within multiple WSO2 products accept user-supplied XML data without properly configuring to prevent the resolution of external entities. This omission...

vulnerabilityCVEhigh-severitydenial-of-servicecwe-611
/HIGH /7.5 /⚑ 5 IOCs /⚙ 4 Sigma

AI Agents Vulnerable to 'Comment and Control' Prompt Injection

A new AI attack method, dubbed 'Comment and Control,' has been detailed by a researcher, according to SecurityWeek. This technique exploits vulnerabilities in leading AI...

threat-intelvulnerabilityai-securitytools
/MEDIUM /⚑ 4 IOCs /⚙ 4 Sigma

CVE-2026-0718 — The Post Grid Gutenberg Blocks for News, Magazines, Blog

CVE-2026-0718 — The Post Grid Gutenberg Blocks for News, Magazines, Blog Websites – PostX plugin for WordPress is vulnerable to unauthorized modification of data due...

vulnerabilityCVEcwe-862
/MEDIUM /5.3 /⚑ 2 IOCs

WordPress Plugin Zero-Day: CSRF to Arbitrary File Deletion

CVE-2025-14868 — The Career Section plugin for WordPress is vulnerable to Cross-Site Request Forgery leading to Path Traversal and Arbitrary File Deletion in all versions...

vulnerabilityCVEhigh-severitypath-traversalcwe-22
/HIGH /8.8 /⚑ 5 IOCs /⚙ 3 Sigma

Rsync Vulnerability Exposes Users to Use-After-Free Flaw

CVE-2026-41035 — In rsync 3.0.1 through 3.4.1, receive_xattr relies on an untrusted length value during a qsort call, leading to a receiver use-after-free. The victim...

vulnerabilityCVEhigh-severityuse-after-freecwe-130
/HIGH /7.4 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-41034 — ONLYOFFICE DocumentServer before 9.3.0 has an untrusted

CVE-2026-41034 — ONLYOFFICE DocumentServer before 9.3.0 has an untrusted pointer dereference in XLS processing/conversion (via pictFmla.cbBufInCtlStm and other vectors), leading to an information leak and...

vulnerabilityCVEcwe-125
/MEDIUM /5 /⚑ 2 IOCs

CVE-2026-3995 — Cross-Site Scripting (XSS)

CVE-2026-3995 — The OPEN-BRAIN plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'API Key' settings field in all versions up to, and...

vulnerabilityCVEcross-site-scripting-xss-cwe-79
/MEDIUM /4.4 /⚑ 2 IOCs

Prismatic Plugin Flaw Exposes WordPress Sites to XSS Attacks

CVE-2026-3876 — The Prismatic plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'prismatic_encoded' pseudo-shortcode in all versions up to, and including, 3.7.3....

vulnerabilityCVEhigh-severitycross-site-scripting-xss-cwe-79
/HIGH /7.2 /⚑ 4 IOCs /⚙ 2 Sigma

CVE-2026-3875 — Cross-Site Scripting (XSS)

CVE-2026-3875 — The BetterDocs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'betterdocs_feedback_form' shortcode in all versions up to, and including, 4.3.8....

vulnerabilityCVEcross-site-scripting-xss-cwe-79
/MEDIUM /6.4 /⚑ 2 IOCs

CVE-2026-3861 — LINE client for iOS versions prior to 26.3.0 contains a

CVE-2026-3861 — LINE client for iOS versions prior to 26.3.0 contains a vulnerability in the in-app browser where opening a crafted web page can repeatedly...

vulnerabilityCVE
/MEDIUM /6.5 /⚑ 1 IOC

CVE-2026-3355 — Cross-Site Scripting (XSS)

CVE-2026-3355 — The Customer Reviews for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘crsearch’ parameter in all versions up to,...

vulnerabilityCVEcross-site-scripting-xss-cwe-79
/MEDIUM /6.1 /⚑ 2 IOCs

Elementor Addon Vulnerability Exposes WordPress Sites to RCE

CVE-2026-1620 — The Livemesh Addons for Elementor plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 9.0. This...

vulnerabilityCVEhigh-severitypath-traversalcwe-98
/HIGH /8.8 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-1572 — Cross-Site Scripting (XSS)

CVE-2026-1572 — The Livemesh Addons for Elementor plugin for WordPress is vulnerable to unauthorized modification of data and Stored Cross-Site Scripting via plugin settings in...

vulnerabilityCVEcross-site-scripting-xss-cwe-79
/MEDIUM /6.4 /⚑ 2 IOCs

CVE-2025-13364 — Cross-Site Scripting (XSS)

CVE-2025-13364 — The WP Maps – Store Locator,Google Maps,OpenStreetMap,Mapbox,Listing,Directory & Filters plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'put_wpgm' shortcode in...

vulnerabilityCVEcross-site-scripting-xss-cwe-79
/MEDIUM /6.4 /⚑ 2 IOCs

Malware Campaign Hits Ukrainian Clinics, Government Agencies

Cybersecurity researchers are sounding the alarm on a new malware campaign, dubbed UAC-0247, that has been actively targeting Ukrainian government entities and critical healthcare infrastructure....

threat-intelvulnerabilitymalware
/MEDIUM /⚑ 4 IOCs /⚙ 3 Sigma

Redsys & WooCommerce Flaw Allows Payment Forgery

CVE-2026-5050 — The Payment Gateway for Redsys & WooCommerce Lite plugin for WordPress is vulnerable to Improper Verification of Cryptographic Signature in versions up to,...

vulnerabilityCVEhigh-severitycwe-347
/HIGH /7.5 /⚑ 3 IOCs /⚙ 1 Sigma

CVE-2026-3773 — SQL Injection

CVE-2026-3773 — The Accessibility Suite by Ability, Inc plugin for WordPress is vulnerable to SQL Injection via the 'scan_id' parameter in all versions up to,...

vulnerabilityCVEsql-injectioncwe-89
/MEDIUM /6.5 /⚑ 2 IOCs

WordPress Plugin Flaw Lets Subscribers Hijack Admin Accounts

CVE-2026-3614 — The AcyMailing plugin for WordPress is vulnerable to privilege escalation in all versions From 9.11.0 up to, and including, 10.8.1 due to a...

vulnerabilityCVEhigh-severityprivilege-escalationcwe-862
/HIGH /8.8 /⚑ 4 IOCs /⚙ 3 Sigma

WordPress Riaxe Plugin Rife with SQLi Vulnerability

CVE-2026-3599 — The Riaxe Product Customizer plugin for WordPress is vulnerable to SQL Injection via the 'options' parameter keys within 'product_data' of the /wp-json/InkXEProductDesignerLite/add-item-to-cart REST...

vulnerabilityCVEhigh-severitysql-injectioncwe-89
/HIGH /7.5 /⚑ 3 IOCs /⚙ 2 Sigma

Critical WordPress Plugin Flaw: Riaxe Product Customizer Privilege Escalation

CVE-2026-3596 — The Riaxe Product Customizer plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.1.2. The plugin registers...

vulnerabilityCVEcriticalhigh-severityprivilege-escalationcwe-862
/CRITICAL /9.8 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-3595 — The Riaxe Product Customizer plugin for WordPress is

CVE-2026-3595 — The Riaxe Product Customizer plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 2.1.2. This is due...

vulnerabilityCVEcwe-862
/MEDIUM /5.3 /⚑ 2 IOCs

CVE-2026-3581 — The Basic Google Maps Placemarks plugin for WordPress is

CVE-2026-3581 — The Basic Google Maps Placemarks plugin for WordPress is vulnerable to authorization bypass in versions up to, and including, 1.10.7. This is due...

vulnerabilityCVEcwe-862
/MEDIUM /5.3 /⚑ 2 IOCs

CVE-2026-3551 — Cross-Site Scripting (XSS)

CVE-2026-3551 — The Custom New User Notification plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's admin settings in all versions up...

vulnerabilityCVEcross-site-scripting-xss-cwe-79
/MEDIUM /4.4 /⚑ 2 IOCs

Eaton IPP Vulnerability Opens Door for Code Execution

CVE-2026-22619 — Eaton Intelligent Power Protector (IPP) is affected by insecure library loading in its executable, which could lead to arbitrary code execution by an...

vulnerabilityCVEhigh-severitycode-execution
/HIGH /7.8 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-22618 — A security misconfiguration was identified in Eaton

CVE-2026-22618 — A security misconfiguration was identified in Eaton Intelligent Power Protector (IPP), where an HTTP response header was set with an insecure attribute, potentially...

vulnerabilityCVEcwe-358
/MEDIUM /5.9 /⚑ 2 IOCs

CVE-2026-22617 — Eaton Intelligent Power Protector (IPP) uses an insecure

CVE-2026-22617 — Eaton Intelligent Power Protector (IPP) uses an insecure cookie configuration, which could allow a network‑based attacker to intercept the cookie and exploit it...

vulnerabilityCVEcwe-614
/MEDIUM /5.7 /⚑ 2 IOCs

CVE-2026-40118 — Information Disclosure

CVE-2026-40118 — UDP Console provided by Arcserve contains an incorrectly specified destination in a communication channel vulnerability. When a user configures an activation server hostname...

vulnerabilityCVEinformation-disclosurecwe-941
/MEDIUM /6.3 /⚑ 2 IOCs

CVE-2026-22616 — Eaton Intelligent Power Protector (IPP) software allows

CVE-2026-22616 — Eaton Intelligent Power Protector (IPP) software allows repeated authentication attempts against the web interface login page due to insufficient rate‑limiting controls. This security issue has been fixed...

vulnerabilityCVEcwe-307
/MEDIUM /6.5 /⚑ 2 IOCs

CVE-2026-22615 — Due to improper input validation in one of the Eaton

CVE-2026-22615 — Due to improper input validation in one of the Eaton Intelligent Power Protector (IPP) XML, it is possible for an attacker with admin...

vulnerabilityCVEcwe-20
/MEDIUM /6 /⚑ 2 IOCs

Festo MSE6 Products Vulnerable to High-Severity Remote Exploit

CVE-2023-3634 — In products of the MSE6 product-family by Festo a remote authenticated, low privileged attacker could use functions of undocumented test mode which could...

vulnerabilityCVEhigh-severitycwe-1242
/HIGH /8.8 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-5070 — Cross-Site Scripting (XSS)

CVE-2026-5070 — The Vantage theme for WordPress is vulnerable to Stored Cross-Site Scripting via Gallery block text content in versions up to, and including, 1.20.32...

vulnerabilityCVEcross-site-scripting-xss-cwe-79
/MEDIUM /6.4 /⚑ 2 IOCs

CVE-2026-4032 — Cross-Site Scripting (XSS)

CVE-2026-4032 — The CodeColorer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'class' parameter in 'cc' comment shortcode in versions up to,...

vulnerabilityCVEcross-site-scripting-xss-cwe-79
/MEDIUM /6.1 /⚑ 2 IOCs

CVE-2026-3878 — Cross-Site Scripting (XSS)

CVE-2026-3878 — The WP Docs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'wpdocs_options[icon_size]' parameter in all versions up to, and including,...

vulnerabilityCVEcross-site-scripting-xss-cwe-79
/MEDIUM /6.4 /⚑ 2 IOCs

MailGates/MailAudit CRLF Injection Exposes System Files

CVE-2026-6351 — MailGates/MailAudit developed by Openfind has a CRLF Injection vulnerability, allowing unauthenticated remote attackers to exploit this vulnerability to read system files.

vulnerabilityCVEhigh-severitycwe-93
/HIGH /7.5 /⚑ 3 IOCs /⚙ 3 Sigma

Critical MailGates Flaw Lets Attackers Run Wild

CVE-2026-6350 — MailGates/MailAudit developed by Openfind has a Stack-based Buffer Overflow vulnerability, allowing unauthenticated remote attackers to control the program's execution flow and execute arbitrary...

vulnerabilityCVEcriticalhigh-severitybuffer-overflowcwe-121
/CRITICAL /9.8 /⚑ 3 IOCs /⚙ 3 Sigma

WinMatrix Agent: Local Auth Bypass to SYSTEM Privileges

CVE-2026-6348 — WinMatrix agent developed by Simopro Technology has a Missing Authentication vulnerability, allowing authenticated local attackers to execute arbitrary code with SYSTEM privileges on...

vulnerabilityCVEhigh-severitycwe-306
/HIGH /8.8 /⚑ 3 IOCs /⚙ 4 Sigma

Radare2 Vulnerability: Command Injection via PDB Name

CVE-2026-41015 — radare2 before 9236f44, when configured on UNIX without SSL, allows command injection via a PDB name to rabin2 -PP. NOTE: although users are...

vulnerabilityCVEhigh-severitycommand-injectioncwe-78
/HIGH /7.4 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-3885 — Cross-Site Scripting (XSS)

CVE-2026-3885 — The WP Shortcodes Plugin — Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'su_box' shortcode in all...

vulnerabilityCVEcross-site-scripting-xss-cwe-79
/MEDIUM /6.4 /⚑ 2 IOCs

Critical Heap Overflow in Creolabs Gravity Exposes Arbitrary Code Execution

CVE-2026-40504 — Creolabs Gravity before 0.9.6 contains a heap buffer overflow vulnerability in the gravity_vm_exec function that allows attackers to write out-of-bounds memory by crafting...

vulnerabilityCVEcriticalhigh-severitycode-executioncwe-122
/CRITICAL /9.8 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-3299 — Cross-Site Scripting (XSS)

CVE-2026-3299 — The WP YouTube Lyte plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'lyte' shortcode in all versions up to,...

vulnerabilityCVEcross-site-scripting-xss-cwe-79
/MEDIUM /6.4 /⚑ 2 IOCs

Luanti Vulnerability Exposes Insecure Environments via Crafted Mods

CVE-2026-40960 — Luanti 5 before 5.15.2 sometimes allows unintended access to an insecure environment. If at least one mod is listed as secure.trusted_mods or secure.http_mods,...

vulnerabilityCVEhigh-severitycwe-670
/HIGH /8.1 /⚑ 3 IOCs /⚙ 3 Sigma

Critical LuaJIT Sandbox Escape in Luanti 5

CVE-2026-40959 — Luanti 5 before 5.15.2, when LuaJIT is used, allows a Lua sandbox escape via a crafted mod.

vulnerabilityCVEcriticalhigh-severitycwe-829
/CRITICAL /9.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-40503 — Path Traversal

CVE-2026-40503 — OpenHarness prior to commit dd1d235 contains a path traversal vulnerability that allows remote gateway users with chat access to read arbitrary files by...

vulnerabilityCVEpath-traversalcwe-22
/MEDIUM /6.5 /⚑ 2 IOCs

OpenHarness Command Injection: Remote Admin Control Via Chat

CVE-2026-40502 — OpenHarness prior to commit dd1d235 contains a command injection vulnerability that allows remote gateway users with chat access to invoke sensitive administrative commands...

vulnerabilityCVEhigh-severitycommand-injectioncwe-862
/HIGH /8.8 /⚑ 4 IOCs /⚙ 3 Sigma

Critical WordPress Plugin Flaw Grants Admin Privileges

CVE-2026-4880 — The Barcode Scanner (+Mobile App) – Inventory manager, Order fulfillment system, POS (Point of Sale) plugin for WordPress is vulnerable to privilege escalation...

vulnerabilityCVEcriticalhigh-severityprivilege-escalationcwe-269
/CRITICAL /9.8 /⚑ 4 IOCs /⚙ 3 Sigma

Free5GC UDR Service Leaks 5G Subscriber Identifiers

CVE-2026-40245 — Free5GC is an open-source Linux Foundation project for 5th generation (5G) mobile core networks. Versions 4.2.1 and below contain an information disclosure vulnerability...

vulnerabilityCVEhigh-severityinformation-disclosurecwe-200cwe-202cwe-209
/HIGH /7.5 /⚑ 3 IOCs /⚙ 2 Sigma

Maddy Mail Server Hit by Critical LDAP Injection Flaw

CVE-2026-40193 — maddy is a composable, all-in-one mail server. Versions prior to 0.9.3 contain an LDAP injection vulnerability in the auth.ldap module where user-supplied usernames...

vulnerabilityCVEhigh-severitycwe-90
/HIGH /8.2 /⚑ 5 IOCs /⚙ 3 Sigma

CVE-2026-4949 — The Paid Membership Plugin, Ecommerce, User Registration

CVE-2026-4949 — The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress plugin for WordPress is vulnerable to...

vulnerabilityCVEcwe-862
/MEDIUM /4.3 /⚑ 2 IOCs

OWASP BLT RCE: GitHub Workflow Flaw Exposes Secrets

CVE-2026-40316 — OWASP BLT is a QA testing and vulnerability disclosure platform that encompasses websites, apps, git repositories, and more. Versions prior to 2.1.1 contain...

vulnerabilityCVEhigh-severitycode-executioncwe-94cwe-95
/HIGH /8.8 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-39350 — Istio is an open platform to connect, manage, and secure

CVE-2026-39350 — Istio is an open platform to connect, manage, and secure microservices. In versions 1.25.0 through 1.27.8, 1.28.0 through 1.28.5, 1.29.0, and 1.29.1, the...

vulnerabilityCVEcwe-185cwe-863
/MEDIUM /5.4 /⚑ 3 IOCs

ArgoCD Image Updater Flaw Bypasses Namespace Boundaries

CVE-2026-6388 — A flaw was found in ArgoCD Image Updater. This vulnerability allows an attacker, with permissions to create or modify an ImageUpdater resource in...

vulnerabilityCVEcriticalhigh-severityprivilege-escalationcwe-1220
/CRITICAL /9.1 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-40500 — The Admin Panel'S 'Add Module From URL' Feature That Server-Side Request Forgery

CVE-2026-40500 — ProcessWire CMS version 3.0.255 and prior contain a server-side request forgery vulnerability in the admin panel's 'Add Module From URL' feature that allows...

vulnerabilityCVEserver-side-request-forgerycwe-918
/MEDIUM /6.8 /⚑ 2 IOCs

Composer Command Injection: Malicious Repositories are a New Vector

CVE-2026-40261 — Composer is a dependency manager for PHP. Versions 1.0 through 2.2.26 and 2.3 through 2.9.5 contain a command injection vulnerability in the Perforce::syncCodeBase()...

vulnerabilityCVEhigh-severitycommand-injectioncwe-20cwe-78
/HIGH /8.8 /⚑ 5 IOCs /⚙ 3 Sigma

CVE-2026-40186 — Non-Default Configurations Where Option Or Textarea Are Incl Cross-Site Scripting (XSS)

CVE-2026-40186 — ApostropheCMS is an open-source Node.js content management system. A regression introduced in commit 49d0bb7, included in versions 2.17.1 of the ApostropheCMS-maintained sanitize-html package...

vulnerabilityCVEcross-site-scripting-xss-cwe-79
/MEDIUM /6.1 /⚑ 2 IOCs

Critical Dgraph Flaw Leaks Admin Tokens, Bypassing Authentication

CVE-2026-40173 — Dgraph is an open source distributed GraphQL database. Versions 25.3.1 and prior contain an unauthenticated credential disclosure vulnerability where the /debug/pprof/cmdline endpoint is...

vulnerabilityCVEcriticalhigh-severitycwe-200cwe-215
/CRITICAL /9.4 /⚑ 4 IOCs /⚙ 3 Sigma

Barracuda RMM Flaw Grants SYSTEM Privileges

CVE-2026-22676 — Barracuda RMM versions prior to 2025.2.2 contain a privilege escalation vulnerability that allows local attackers to gain SYSTEM-level privileges by exploiting overly permissive filesystem...

vulnerabilityCVEhigh-severityprivilege-escalationcwe-732
/HIGH /7.8 /⚑ 3 IOCs /⚙ 3 Sigma

Chrome V8 Type Confusion: Remote OOB Access Risk

CVE-2026-6363 — Type Confusion in V8 in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to potentially perform out of bounds memory access via...

vulnerabilityCVEhigh-severitycwe-843
/HIGH /8.8 /⚑ 2 IOCs /⚙ 3 Sigma

Chrome 'Use-After-Free' Bug: High Severity RCE Risk

CVE-2026-6360 — Use after free in FileSystem in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to potentially exploit object corruption via a crafted...

vulnerabilityCVEhigh-severityuse-after-freecwe-416
/HIGH /8.8 /⚑ 3 IOCs /⚙ 3 Sigma

Chrome Video Bug: Renderer Compromise Leads to High-Severity RCE

CVE-2026-6359 — Use after free in Video in Google Chrome on Windows prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process...

vulnerabilityCVEhigh-severityuse-after-freecwe-416
/HIGH /8.8 /⚑ 3 IOCs /⚙ 3 Sigma

Critical Use-After-Free Bug Hits Chrome on Android

CVE-2026-6358 — Use after free in XR in Google Chrome on Android prior to 147.0.7727.101 allowed a remote attacker to perform an out of bounds...

vulnerabilityCVEhigh-severityuse-after-freecwe-416
/HIGH /8.8 /⚑ 3 IOCs /⚙ 3 Sigma

Chrome 'Use-After-Free' Bug: Remote Code Execution Risk

CVE-2026-6317 — Use after free in Cast in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code via a crafted HTML...

vulnerabilityCVEhigh-severityuse-after-freecwe-416
/HIGH /8.8 /⚑ 3 IOCs /⚙ 3 Sigma

Chrome Zero-Day: Use-After-Free Flaw Exposes Users to RCE

CVE-2026-6316 — Use after free in Forms in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via...

vulnerabilityCVEhigh-severityuse-after-freecwe-416
/HIGH /8.8 /⚑ 3 IOCs /⚙ 3 Sigma

Chrome Android Bug: High-Severity Use-After-Free Exploit

CVE-2026-6315 — Use after free in Permissions in Google Chrome on Android prior to 147.0.7727.101 allowed a remote attacker who convinced a user to engage...

vulnerabilityCVEhigh-severityuse-after-freecwe-416
/HIGH /8.8 /⚑ 3 IOCs /⚙ 3 Sigma

Chrome Turbofan Bug Allows Remote Code Execution in Sandbox

CVE-2026-6307 — Type Confusion in Turbofan in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a...

vulnerabilityCVEhigh-severitycwe-843
/HIGH /8.8 /⚑ 3 IOCs /⚙ 3 Sigma

Chrome's 'Use-After-Free' Bug: Remote Code Execution Risk

CVE-2026-6302 — Use after free in Video in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via...

vulnerabilityCVEhigh-severityuse-after-freecwe-416
/HIGH /8.8 /⚑ 3 IOCs /⚙ 3 Sigma

Chrome Turbofan Bug: Remote Code Execution Threat

CVE-2026-6301 — Type Confusion in Turbofan in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a...

vulnerabilityCVEhigh-severitycwe-843
/HIGH /8.8 /⚑ 3 IOCs /⚙ 3 Sigma

Chrome Zero-Day: Use-After-Free in CSS Poses High Risk

CVE-2026-6300 — Use after free in CSS in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via...

vulnerabilityCVEhigh-severityuse-after-freecwe-416
/HIGH /8.8 /⚑ 3 IOCs /⚙ 3 Sigma

Critical Chrome 'Use-After-Free' Vulnerability Uncovered

CVE-2026-6299 — Use after free in Prerender in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code via a crafted HTML...

vulnerabilityCVEhigh-severityuse-after-freecwe-416
/HIGH /8.8 /⚑ 3 IOCs /⚙ 3 Sigma

Critical Chrome Proxy Bug Allows Sandbox Escape

CVE-2026-6297 — Use after free in Proxy in Google Chrome prior to 147.0.7727.101 allowed an attacker in a privileged network position to potentially perform a...

vulnerabilityCVEhigh-severityuse-after-freecwe-416
/HIGH /8.3 /⚑ 3 IOCs /⚙ 3 Sigma

ApostropheCMS Flaw: Stored XSS Puts User Data at Risk

CVE-2026-35569 — ApostropheCMS is an open-source Node.js content management system. Versions 4.28.0 and prior contain a stored cross-site scripting vulnerability in SEO-related fields (SEO Title...

vulnerabilityCVEhigh-severitycross-site-scripting-xss-cwe-79cwe-116
/HIGH /8.7 /⚑ 4 IOCs /⚙ 3 Sigma

Critical RCE in Pyroscope's Tencent COS Backend

CVE-2025-41118 — Pyroscope is an open-source continuous profiling database. The database supports various storage backends, including Tencent Cloud Object Storage (COS). If the database is...

vulnerabilityCVEcriticalhigh-severity
/CRITICAL /9.1 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-6383 — KubeVirt'S Role-Based Access Control (RBAC) Evaluation Logic Vulnerability

CVE-2026-6383 — A flaw was found in KubeVirt's Role-Based Access Control (RBAC) evaluation logic. The authorization mechanism improperly truncates subresource names, leading to incorrect permission...

vulnerabilityCVEcwe-863
/MEDIUM /5.4 /⚑ 2 IOCs

CVE-2026-6245 — The System Security Services Daemon (SSSD) Denial of Service

CVE-2026-6245 — A flaw was found in the System Security Services Daemon (SSSD). The pam_passkey_child_read_data() function within the PAM passkey responder fails to properly handle...

vulnerabilityCVEdenial-of-servicecwe-805
/MEDIUM /5.5 /⚑ 2 IOCs

IdentityIQ Flaw Allows Unauthorized Object Creation

CVE-2026-4857 — IdentityIQ 8.5, all IdentityIQ 8.5 patch levels prior to 8.5p2, IdentityIQ 8.4, and all IdentityIQ 8.4 patch levels prior to 8.4p4 allow authenticated...

vulnerabilityCVEhigh-severitycwe-863
/HIGH /8.4 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-40256 — Weblate is a web based localization tool. In versions prior

CVE-2026-40256 — Weblate is a web based localization tool. In versions prior to 5.17, repository-boundary validation relies on string prefix checks on resolved absolute paths....

vulnerabilityCVEcwe-22
/MEDIUM /5 /⚑ 2 IOCs

CVE-2026-39845 — Server-Side Request Forgery

CVE-2026-39845 — Weblate is a web based localization tool. In versions prior to 5.17, the webhook add-on did not utilize existing SSRF protections. This issue...

vulnerabilityCVEserver-side-request-forgerycwe-918
/MEDIUM /4.1 /⚑ 2 IOCs

Photoshop Installer Vulnerability Allows Arbitrary Code Execution

CVE-2026-34632 — Adobe Photoshop Installer was affected by an Uncontrolled Search Path Element vulnerability that could have resulted in arbitrary code execution in the context...

vulnerabilityCVEhigh-severitycode-executioncwe-427
/HIGH /8.2 /⚑ 2 IOCs /⚙ 3 Sigma

Weblate Flaw Exposes User Data, High-Severity Patch Issued

CVE-2026-34393 — Weblate is a web based localization tool. In versions prior to 5.17, the user patching API endpoint didn't properly limit the scope of...

vulnerabilityCVEhigh-severitycwe-269
/HIGH /8.8 /⚑ 2 IOCs /⚙ 3 Sigma

CVE-2026-34244 — Server-Side Request Forgery

CVE-2026-34244 — Weblate is a web based localization tool. In versions prior to 5.17, a user with the project.edit permission (granted by the per-project "Administration"...

vulnerabilityCVEserver-side-request-forgerycwe-200cwe-918
/MEDIUM /5 /⚑ 3 IOCs

Weblate ZIP Feature Exposes Systems to Symlink Traversal

CVE-2026-34242 — Weblate is a web based localization tool. In versions prior to 5.17, the ZIP download feature didn't verify downloaded files, potentially following symlinks...

vulnerabilityCVEhigh-severitycwe-22cwe-59cwe-200
/HIGH /7.7 /⚑ 2 IOCs /⚙ 3 Sigma

OpenProject 2FA Bypass: Brute-Force Vulnerability Uncovered

CVE-2026-33667 — OpenProject is an open-source project management application. In versions prior to 17.3.0, 2FA OTP verification in the confirm_otp action of the two_factor_authentication module...

vulnerabilityCVEhigh-severitycwe-307
/HIGH /7.4 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-33440 — Weblate is a web based localization tool. In versions prior

CVE-2026-33440 — Weblate is a web based localization tool. In versions prior to 5.17, the ALLOWED_ASSET_DOMAINS setting applied only to the first issued requests and...

vulnerabilityCVEcwe-918
/MEDIUM /5 /⚑ 2 IOCs

Weblate Vulnerability Allows RCE via Project Backups

CVE-2026-33435 — Weblate is a web based localization tool. In versions prior to 5.17, the project backup didn't filter Git and Mercurial configuration files which...

vulnerabilityCVEhigh-severityremote-code-executioncwe-23cwe-94cwe-434
/HIGH /8 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-33220 — Weblate is a web based localization tool. In versions prior

CVE-2026-33220 — Weblate is a web based localization tool. In versions prior to 5.17, the translation memory API exposed unintended endpoints, which in turn didn't...

vulnerabilityCVEcwe-22cwe-200
/MEDIUM /6.8 /⚑ 3 IOCs

Velociraptor Vulnerability Exposes Multi-Org Data

CVE-2026-6290 — Velociraptor versions prior to 0.76.3 contain a vulnerability in the query() plugin which allows access to all orgs with the user's current ACL...

vulnerabilityCVEhigh-severitycwe-863
/HIGH /8 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-33214 — Weblate is a web based localization tool. In versions prior

CVE-2026-33214 — Weblate is a web based localization tool. In versions prior to 5.17, the translation memory API exposed unintended endpoints, which in turn didn't...

vulnerabilityCVEcwe-862
/MEDIUM /4.3 /⚑ 2 IOCs

Git for Windows NTLM Hash Leak Poses Credential Risk

CVE-2026-32631 — Git for Windows is the Windows port of Git. Versions prior to 2.53.0.windows.3 do not have protections that prevent attackers from obtaining a...

vulnerabilityCVEhigh-severitycwe-200
/HIGH /7.4 /⚑ 2 IOCs /⚙ 2 Sigma

Plisio Plugin Flaw: Unauthenticated Access Control Bypass

CVE-2026-6372 — Missing Authorization vulnerability in Plisio Accept Cryptocurrencies with Plisio allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Accept Cryptocurrencies with Plisio:...

vulnerabilityCVEhigh-severitycwe-862
/HIGH /7.5 /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-6370 — HashThemes Mini Ajax Cart For WooCommerce Cross-Site Scripting (XSS)

CVE-2026-6370 — Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HashThemes Mini Ajax Cart for WooCommerce allows Stored XSS.This issue affects...

vulnerabilityCVEcross-site-scripting-xss-cwe-79
/MEDIUM /5.9 /⚑ 2 IOCs

Critical Cisco ISE RCE: Authenticated Attackers Can Gain Root

CVE-2026-20186 — A vulnerability in Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system...

vulnerabilityCVEcriticalhigh-severitydenial-of-servicecwe-77
/CRITICAL /9.9 /⚑ 4 IOCs /⚙ 3 Sigma

Cisco Webex SSO Flaw: Critical Impersonation Risk

CVE-2026-20184 — A vulnerability in the integration of single sign-on (SSO) with Control Hub in Cisco Webex Services could have allowed an unauthenticated, remote attacker...

vulnerabilityCVEcriticalhigh-severitycwe-295
/CRITICAL /9.8 /⚑ 3 IOCs /⚙ 3 Sigma

Critical Cisco ISE RCE: Authenticated Attackers Can Gain Root

CVE-2026-20180 — A vulnerability in Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system...

vulnerabilityCVEcriticalhigh-severitydenial-of-servicecwe-22
/CRITICAL /9.9 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-20170 — The Desktop Agent Functionality Of Cisco Webex Contact Cente Cross-Site Scripting (XSS)

CVE-2026-20170 — A vulnerability in the Desktop Agent functionality of Cisco Webex Contact Center could have allowed an unauthenticated, remote attacker to conduct cross-site scripting...

vulnerabilityCVEcross-site-scripting-xss-cwe-80
/MEDIUM /6.1 /⚑ 2 IOCs

CVE-2026-20161 — The CLI Of Cisco ThousandEyes Enterprise Agent Improper Access Control

CVE-2026-20161 — A vulnerability in the CLI of Cisco ThousandEyes Enterprise Agent could allow an authenticated, local attacker with low privileges to overwrite arbitrary files...

vulnerabilityCVEimproper-access-controlcwe-59
/MEDIUM /5.5 /⚑ 2 IOCs

CVE-2026-20152 — The Authentication Service Feature Of Cisco AsyncOS Software Vulnerability

CVE-2026-20152 — A vulnerability in the authentication service feature of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to...

vulnerabilityCVEcwe-305
/MEDIUM /5.3 /⚑ 2 IOCs

Critical Cisco ISE RCE: Authenticated Admin Can Achieve Root

CVE-2026-20147 — A vulnerability in Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system...

vulnerabilityCVEcriticalhigh-severitydenial-of-servicecwe-77
/CRITICAL /9.9 /⚑ 5 IOCs /⚙ 3 Sigma

CVE-2026-20136 — The&Nbsp;CLI Of Cisco Identity Services Engine (ISE) And Cis Command Injection

CVE-2026-20136 — A vulnerability in the CLI of Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) could allow an authenticated, local attacker...

vulnerabilityCVEcommand-injectioncwe-116
/MEDIUM /6 /⚑ 2 IOCs

CVE-2026-20081 — Arbitrary File Access

CVE-2026-20081 — Multiple vulnerabilities in Cisco Unity Connection could allow an authenticated, remote attacker to download arbitrary files from an affected system. To exploit these vulnerabilities,...

vulnerabilityCVEarbitrary-file-accesscwe-23
/MEDIUM /6.5 /⚑ 2 IOCs

CVE-2026-20078 — Arbitrary File Access

CVE-2026-20078 — Multiple vulnerabilities in Cisco Unity Connection could allow an authenticated, remote attacker to download arbitrary files from an affected system. To exploit these vulnerabilities,...

vulnerabilityCVEarbitrary-file-accesscwe-23
/MEDIUM /6.5 /⚑ 2 IOCs

CVE-2026-20059 — The Web-Based Management Interface Of Cisco Unity Connection Cross-Site Scripting (XSS)

CVE-2026-20059 — A vulnerability in the web-based management interface of Cisco Unity Connection could allow an unauthenticated, remote attacker to conduct a reflected XSS attack...

vulnerabilityCVEcross-site-scripting-xss-cwe-79
/MEDIUM /6.1 /⚑ 2 IOCs

WCFM Marketplace SQLi: High-Severity Flaw Patched

CVE-2025-63029 — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WC Lovers WCFM Marketplace allows SQL Injection.This issue affects...

vulnerabilityCVEhigh-severitysql-injectioncwe-89
/HIGH /7.6 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2025-15636 — Emarket-Design YouTube Showcase Cross-Site Scripting (XSS)

CVE-2025-15636 — Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Emarket-design YouTube Showcase allows Stored XSS.This issue affects YouTube Showcase: from...

vulnerabilityCVEcross-site-scripting-xss-cwe-79
/MEDIUM /6.5 /⚑ 2 IOCs

n8n Webhooks Abused for Malware Delivery via Phishing

Shimi's Cyber World is tracking reports from The Hacker News indicating that threat actors have been weaponizing n8n, a popular AI workflow automation platform, to...

threat-intelvulnerabilitymalwarephishingai-securitytools
/MEDIUM /⚑ 3 IOCs /⚙ 3 Sigma

Splunk MCP Server Bug Exposes Session Tokens

CVE-2026-20205 — In Splunk MCP Server app versions below 1.0.3 , a user who holds a role with access to the Splunk `_internal` index or...

vulnerabilityCVEhigh-severitycwe-532
/HIGH /7.2 /⚑ 4 IOCs /⚙ 3 Sigma

Splunk RCE: Low-Privilege Users Could Gain Remote Code Execution

CVE-2026-20204 — In Splunk Enterprise versions below 10.2.1, 10.0.5, 9.4.10, and 9.3.11, and Splunk Cloud Platform versions below 10.4.2603.0, 10.3.2512.5, 10.2.2510.9, 10.1.2507.19, 10.0.2503.13, and 9.3.2411.127,...

vulnerabilityCVEhigh-severityremote-code-executioncwe-377
/HIGH /7.1 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-20203 — Improper Access Control

CVE-2026-20203 — In Splunk Enterprise versions below 10.2.2, 10.0.5, 9.4.10, and 9.3.11, and Splunk Cloud Platform versions below 10.4.2603.0, 10.3.2512.6, 10.2.2510.10, 10.1.2507.19, 10.0.2503.13, and 9.3.2411.127,...

vulnerabilityCVEimproper-access-controlcwe-284
/MEDIUM /4.3 /⚑ 2 IOCs

CVE-2026-20202 — In Splunk Enterprise versions below 10.2.2, 10.0.5, 9.4.10,

CVE-2026-20202 — In Splunk Enterprise versions below 10.2.2, 10.0.5, 9.4.10, and 9.3.11, and Splunk Cloud Platform versions below 10.4.2603.0, 10.3.2512.6, 10.2.2510.10, 10.1.2507.20, 10.0.2503.13, and 9.3.2411.127,...

vulnerabilityCVEcwe-176
/MEDIUM /6.6 /⚑ 2 IOCs

CISA Flags Exploited Windows Task Host Vulnerability

CISA has issued a stern warning to U.S. government agencies regarding an actively exploited privilege escalation vulnerability within Windows Task Host. According to BleepingComputer, this...

threat-inteldata-breachmalwarevulnerabilitymicrosoft
/MEDIUM /⚑ 2 IOCs /⚙ 3 Sigma

Capsule Security Raises $7M to Defend AI Agents

A new player has emerged from the shadows in the AI security space: Capsule Security. According to SecurityWeek, the Israeli startup recently closed a $7...

threat-intelvulnerabilityai-security
/MEDIUM

Anthropic's AI Protocol Has Design Flaw Enabling Supply Chain Attacks

SecurityWeek is flagging a critical design flaw within Anthropic's Model Context Protocol (MCP). Researchers are warning that this vulnerability, inherent in the protocol's design, could...

threat-intelvulnerability
/HIGH /⚑ 2 IOCs /⚙ 3 Sigma

Nginx-UI Flaw CVE-2026-33032 Actively Exploited for Server Takeover

A critical authentication bypass vulnerability, CVE-2026-33032, impacting nginx-ui, an open-source web-based Nginx management tool, is now under active exploitation in the wild. The Hacker News...

threat-intelvulnerabilityidentitytools
/HIGH /⚑ 2 IOCs /⚙ 3 Sigma

AI Agents Prone to Data Leaks, Microsoft and Salesforce Patch Flaws

Dark Reading is flagging critical vulnerabilities in AI agents from major tech players. Two recently patched prompt injection flaws in Salesforce Agentforce and Microsoft Copilot...

threat-inteltoolsvulnerabilitydata-breachcloudmicrosoftai-security
/HIGH /⚑ 2 IOCs /⚙ 3 Sigma

AI Security Exposure: Boardroom Mandate Meets Reality Check

Artificial intelligence has rapidly transitioned from an experimental concept to a top-tier boardroom priority. Across all sectors, leadership is keen to leverage AI's extensive potential,...

threat-intelvulnerabilityai-security
/MEDIUM

ICS Patch Tuesday: Industrial Giants Issue Critical Advisories

It's that time again: ICS Patch Tuesday has rolled around, and SecurityWeek reports that eight major industrial players have dropped new security advisories. This isn't...

threat-intelvulnerability
/MEDIUM /⚑ 5 IOCs /⚙ 3 Sigma

OpenAI Unleashes GPT-5.4-Cyber for Defensive Security

OpenAI has officially rolled out GPT-5.4-Cyber, a specialized variant of its latest flagship model, GPT-5.4. According to The Hacker News, this iteration is specifically fine-tuned...

threat-intelvulnerability
/MEDIUM /⚙ 3 Sigma

Critical RCE Flaw Hits NuGet Gallery Backend

CVE-2026-39399 — NuGet Gallery is a package repository that powers nuget.org. A security vulnerability exists in the NuGetGallery backend job’s handling of .nuspec files within...

vulnerabilityCVEcriticalhigh-severityremote-code-executioncwe-20cwe-22
/CRITICAL /9.6 /⚑ 4 IOCs /⚙ 6 Sigma

BoidCMS LFI to RCE: A Critical Template Flaw

CVE-2026-39387 — BoidCMS is an open-source, PHP-based flat-file CMS for building simple websites and blogs, using JSON as its database. Versions prior to 2.1.3 are...

vulnerabilityCVEhigh-severityremote-code-executioncwe-98
/HIGH /7.2 /⚑ 4 IOCs /⚙ 7 Sigma

Nanobot AI: WebSocket Hijack Puts WhatsApp Sessions at Risk

CVE-2026-35589 — nanobot is a personal AI assistant. Versions prior to 0.1.5 contain a Cross-Site WebSocket Hijacking (CSWSH) vulnerability exists in the bridge's WebSocket server...

vulnerabilityCVEhigh-severitycwe-1385
/HIGH /8 /⚑ 5 IOCs /⚙ 5 Sigma

Jellyfin RCE: Critical Flaw Chains Arbitrary File Write to Root

CVE-2026-35031 — Jellyfin is an open source self hosted media server. Versions prior to 10.11.7 contain a vulnerability chain in the subtitle upload endpoint (POST...

vulnerabilityCVEcriticalhigh-severityremote-code-executioncwe-20cwe-22cwe-187
/CRITICAL /9.9 /⚑ 5 IOCs /⚙ 5 Sigma

OAuth2 Proxy Auth Bypass Critical Vulnerability (CVE-2026-34457)

CVE-2026-34457 — OAuth2 Proxy is a reverse proxy that provides authentication using OAuth2 providers. Versions prior to 7.15.2 contain a configuration-dependent authentication bypass in deployments...

vulnerabilityCVEcriticalhigh-severityauthentication-bypasscwe-290
/CRITICAL /9.1 /⚑ 5 IOCs /⚙ 6 Sigma

Libsixel Use-After-Free: Crafted Images Lead to RCE

CVE-2026-33023 — libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. In versions 1.8.7 and prior, when built with the --with-gdk-pixbuf2 option, a use-after-free...

vulnerabilityCVEhigh-severitycode-executioncwe-416
/HIGH /7.8 /⚑ 5 IOCs /⚙ 5 Sigma

libsixel Use-After-Free: High-Severity Bug in Image Handling

CVE-2026-33021 — libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. Versions 1.8.7 and prior contain a use-after-free vulnerability in sixel_encoder_encode_bytes() because sixel_frame_init() stores...

vulnerabilityCVEhigh-severitycode-executioncwe-416
/HIGH /7.3 /⚑ 5 IOCs /⚙ 5 Sigma

Adobe FrameMaker Type Confusion Opens Door to RCE

CVE-2026-27298 — Adobe Framemaker versions 2022.8 and earlier are affected by an Access of Resource Using Incompatible Type ('Type Confusion') vulnerability that could result in...

vulnerabilityCVEhigh-severitycode-executioncwe-843
/HIGH /7.8 /⚑ 2 IOCs /⚙ 6 Sigma

Adobe FrameMaker Integer Underflow Could Lead to RCE

CVE-2026-27297 — Adobe Framemaker versions 2022.8 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution...

vulnerabilityCVEhigh-severitycode-executioncwe-191
/HIGH /7.8 /⚑ 2 IOCs /⚙ 5 Sigma

Adobe FrameMaker Hit by High-Severity Integer Underflow

CVE-2026-27296 — Adobe Framemaker versions 2022.8 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution...

vulnerabilityCVEhigh-severitycode-executioncwe-191
/HIGH /7.8 /⚑ 2 IOCs /⚙ 2 Sigma

Adobe Framemaker Vulnerability: Arbitrary Code Execution Risk

CVE-2026-27295 — Adobe Framemaker versions 2022.8 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context...

vulnerabilityCVEhigh-severitycode-executioncwe-787
/HIGH /7.8 /⚑ 2 IOCs /⚙ 4 Sigma

Adobe Framemaker Vulnerability: Code Execution Risk

CVE-2026-27294 — Adobe Framemaker versions 2022.8 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a...

vulnerabilityCVEhigh-severityout-of-bounds-1cwe-125
/HIGH /7.8 /⚑ 2 IOCs /⚙ 6 Sigma

Adobe FrameMaker Heap Overflow: Arbitrary Code Execution Risk

CVE-2026-27293 — Adobe Framemaker versions 2022.8 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the...

vulnerabilityCVEhigh-severitycode-executioncwe-122
/HIGH /7.8 /⚑ 2 IOCs /⚙ 4 Sigma

Adobe Framemaker Use-After-Free Flaw Allows Arbitrary Code Execution

CVE-2026-27292 — Adobe Framemaker versions 2022.8 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the...

vulnerabilityCVEhigh-severitycode-executioncwe-416
/HIGH /7.8 /⚑ 3 IOCs /⚙ 5 Sigma

Adobe FrameMaker Hit by Untrusted Search Path Flaw

CVE-2026-27290 — Adobe Framemaker versions 2022.8 and earlier are affected by an Untrusted Search Path vulnerability that might allow attackers to execute arbitrary code in...

vulnerabilityCVEhigh-severitycwe-426
/HIGH /8.6 /⚑ 2 IOCs /⚙ 7 Sigma

Chamilo LMS Privilege Escalation: Student to Admin in a Snap

CVE-2026-40291 — Chamilo LMS is an open-source learning management system. In versions prior to 2.0.0-RC.3, an insecure direct object modification vulnerability in the PUT /api/users/{id}...

vulnerabilityCVEhigh-severitycwe-269cwe-863
/HIGH /8.8 /⚑ 4 IOCs /⚙ 3 Sigma

Chamilo LMS OS Command Injection: A Session Poisoning Nightmare

CVE-2026-35196 — Chamilo LMS is an open-source learning management system. In versions prior to 2.0.0-RC.3, an OS Command Injection vulnerability exists in the main/inc/ajax/gradebook.ajax.php endpoint...

vulnerabilityCVEhigh-severitycommand-injectioncwe-78
/HIGH /8.8 /⚑ 4 IOCs /⚙ 5 Sigma

Adobe InCopy Zero-Day: Arbitrary Code Execution Risk

CVE-2026-34631 — InCopy versions 20.5.2, 21.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context...

vulnerabilityCVEhigh-severitycode-executioncwe-787
/HIGH /7.8 /⚑ 3 IOCs /⚙ 2 Sigma

ColdFusion Path Traversal Poses High Risk

CVE-2026-34619 — ColdFusion versions 2023.18, 2025.6 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that...

vulnerabilityCVEhigh-severitypath-traversalcwe-22
/HIGH /7.7 /⚑ 3 IOCs /⚙ 5 Sigma

Chamilo LMS IDOR Flaw Exposes User-Course Enrollments

CVE-2026-34602 — Chamilo LMS is an open-source learning management system. In versions prior to 2.0.0-RC.3, the /api/course_rel_users endpoint is vulnerable to Insecure Direct Object Reference...

vulnerabilityCVEhigh-severitycwe-639
/HIGH /7.1 /⚑ 3 IOCs /⚙ 6 Sigma

CVE-2026-34370 — Chamilo LMS is an open-source learning management system.

CVE-2026-34370 — Chamilo LMS is an open-source learning management system. In versions prior to 2.0.0-RC.3, the notebook module contains an Insecure Direct Object Reference (IDOR)...

vulnerabilityCVEcwe-285cwe-639
/MEDIUM /6.5 /⚑ 3 IOCs

CVE-2026-34213 — Docmost is open-source collaborative wiki and documentation

CVE-2026-34213 — Docmost is open-source collaborative wiki and documentation software. Starting in version 0.3.0 and prior to version 0.71.0, improper authorization in Docmost allows a...

vulnerabilityCVEcwe-639
/MEDIUM /5.4 /⚑ 2 IOCs

CVE-2026-34212 — Docmost is open-source collaborative wiki and documentation

CVE-2026-34212 — Docmost is open-source collaborative wiki and documentation software. In versions prior to 0.71.0, improper neutralization of attachment URLs in Docmost allows a low-privileged...

vulnerabilityCVEcwe-79
/MEDIUM /5.4 /⚑ 2 IOCs

Libsixel Integer Overflow Leads to Heap Corruption

CVE-2026-33020 — libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. Versions 1.8.7 and prior contain an integer overflow which leads to a heap...

vulnerabilityCVEhigh-severitycode-executioncwe-122cwe-190
/HIGH /7.1 /⚑ 3 IOCs /⚙ 7 Sigma

libsixel Integer Overflow Leads to Heap OOB Read, Info Disclosure

CVE-2026-33019 — libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. Versions 1.8.7 and prior contain an integer overflow leading to an out-of-bounds heap...

vulnerabilityCVEhigh-severityinformation-disclosurecwe-125cwe-190
/HIGH /7.1 /⚑ 5 IOCs /⚙ 5 Sigma

libsixel Use-After-Free: Critical Flaw in GIF Processing

CVE-2026-33018 — libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. Versions 1.8.7 and prior contain a Use-After-Free vulnerability via the load_gif() function in...

vulnerabilityCVEhigh-severitycode-executioncwe-416
/HIGH /7 /⚑ 5 IOCs /⚙ 6 Sigma

ColdFusion Code Execution Flaw: CVE-2026-27306 Requires Elevated Privileges

CVE-2026-27306 — ColdFusion versions 2023.18, 2025.6 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the...

vulnerabilityCVEhigh-severitycode-executioncwe-20
/HIGH /8.4 /⚑ 3 IOCs /⚙ 5 Sigma

ColdFusion Path Traversal Exposes Arbitrary File Reads

CVE-2026-27305 — ColdFusion versions 2023.18, 2025.6 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that...

vulnerabilityCVEhigh-severitypath-traversalcwe-22
/HIGH /8.6 /⚑ 3 IOCs /⚙ 4 Sigma

ColdFusion Flaw: Critical RCE Threat Looms Large

CVE-2026-27304 — ColdFusion versions 2023.18, 2025.6 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the...

vulnerabilityCVEcriticalhigh-severitycode-executioncwe-20
/CRITICAL /9.3 /⚑ 3 IOCs /⚙ 6 Sigma

ColdFusion Flaw Allows Security Bypass

CVE-2026-27282 — ColdFusion versions 2023.18, 2025.6 and earlier are affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. An...

vulnerabilityCVEhigh-severitycwe-20
/HIGH /7.5 /⚑ 3 IOCs /⚙ 5 Sigma

Chamilo LMS SSRF: Unauthenticated Attack Poses High Risk

CVE-2026-34160 — Chamilo LMS is an open-source learning management system. In versions prior to 2.0.0-RC.3, the PENS (Package Exchange Notification Services) plugin endpoint at public/plugin/Pens/pens.php...

vulnerabilityCVEhigh-severityserver-side-request-forgerycwe-306cwe-918
/HIGH /8.6 /⚑ 5 IOCs /⚙ 4 Sigma

Chamilo LMS SSRF Flaw: Unauthenticated Email Relay Risk

CVE-2026-33715 — Chamilo LMS is an open-source learning management system. In version 2.0-RC.2, the file public/main/inc/ajax/install.ajax.php is accessible without authentication on fully installed instances because,...

vulnerabilityCVEhigh-severityserver-side-request-forgerycwe-306cwe-918
/HIGH /7.2 /⚑ 4 IOCs /⚙ 4 Sigma

Adobe InCopy Zero-Day: Out-of-Bounds Read Poses High Risk

CVE-2026-27287 — InCopy versions 20.5.2, 21.2 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a...

vulnerabilityCVEhigh-severityout-of-bounds-1cwe-125
/HIGH /7.8 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-25125 — The INI Settings Parser. Because PHP'S Parse_ini_string() Fu Information Disclosure

CVE-2026-25125 — October is a Content Management System (CMS) and web platform. Versions prior to 3.7.14 and 4.1.10 contain a server-side information disclosure vulnerability in...

vulnerabilityCVEinformation-disclosurecwe-94cwe-200
/MEDIUM /4.9 /⚑ 3 IOCs

openITCOCKPIT Command Injection: RCE for Authenticated Users

CVE-2026-24893 — openITCOCKPIT is an open source monitoring tool built for different monitoring engines. openITCOCKPIT Community Edition prior to version 5.5.2 contains a command injection...

vulnerabilityCVEhigh-severityremote-code-executioncwe-20cwe-78
/HIGH /8.8 /⚑ 3 IOCs /⚙ 6 Sigma

OpenStack Keystone LDAP Flaw Exposes Disabled Users

CVE-2026-40683 — In OpenStack Keystone before 28.0.1, the LDAP identity backend does not convert the user enabled attribute to a boolean when the user_enabled_invert configuration...

vulnerabilityCVEhigh-severitycwe-843
/HIGH /7.7 /⚑ 4 IOCs /⚙ 4 Sigma

Bridge Software Hit by High-Severity Heap Overflow

CVE-2026-34630 — Bridge versions 16.0.2, 15.1.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the...

vulnerabilityCVEhigh-severitycode-executioncwe-122
/HIGH /7.8 /⚑ 3 IOCs /⚙ 5 Sigma

Illustrator Bug: Arbitrary Code Execution via Malicious Files

CVE-2026-34618 — Illustrator versions 30.2, 29.8.5 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context...

vulnerabilityCVEhigh-severitycode-executioncwe-787
/HIGH /7.8 /⚑ 3 IOCs /⚙ 4 Sigma

Bridge Software Hit by Heap Buffer Overflow: RCE Risk

CVE-2026-27313 — Bridge versions 16.0.2, 15.1.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the...

vulnerabilityCVEhigh-severitycode-executioncwe-122
/HIGH /7.8 /⚑ 3 IOCs /⚙ 5 Sigma

Bridge Heap Buffer Overflow: Arbitrary Code Execution Risk

CVE-2026-27312 — Bridge versions 16.0.2, 15.1.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the...

vulnerabilityCVEhigh-severitycode-executioncwe-122
/HIGH /7.8 /⚑ 3 IOCs /⚙ 4 Sigma

Bridge Heap-based Buffer Overflow Exploitable Via Malicious Files

CVE-2026-27311 — Bridge versions 16.0.2, 15.1.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the...

vulnerabilityCVEhigh-severitycode-executioncwe-122
/HIGH /7.8 /⚑ 3 IOCs /⚙ 5 Sigma

Bridge Software Hit by High-Severity Heap Overflow

CVE-2026-27310 — Bridge versions 16.0.2, 15.1.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the...

vulnerabilityCVEhigh-severitycode-executioncwe-122
/HIGH /7.8 /⚑ 3 IOCs /⚙ 5 Sigma

Photoshop Out-of-Bounds Read: RCE Risk for Desktop Users

CVE-2026-27289 — Photoshop Desktop versions 27.4 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a...

vulnerabilityCVEhigh-severityout-of-bounds-1cwe-125
/HIGH /7.8 /⚑ 2 IOCs /⚙ 6 Sigma

CVE-2026-27222 — Bridge versions 16.0.2, 15.1.4 and earlier are affected by

CVE-2026-27222 — Bridge versions 16.0.2, 15.1.4 and earlier are affected by a Divide By Zero vulnerability that could lead to application denial-of-service. An attacker could...

vulnerabilityCVEcwe-369
/MEDIUM /5.5 /⚑ 2 IOCs

CVE-2026-34625 — Cross-Site Scripting (XSS)

CVE-2026-34625 — Adobe Experience Manager versions 6.5.24, FP11.7 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this issue...

vulnerabilityCVEcross-site-scripting-xss-cwe-79
/MEDIUM /5.4 /⚑ 2 IOCs

CVE-2026-34624 — Cross-Site Scripting (XSS)

CVE-2026-34624 — Adobe Experience Manager versions 6.5.24, FP11.7 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this issue...

vulnerabilityCVEcross-site-scripting-xss-cwe-79
/MEDIUM /5.4 /⚑ 2 IOCs

CVE-2026-34623 — Cross-Site Scripting (XSS)

CVE-2026-34623 — Adobe Experience Manager versions 6.5.24, FP11.7 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this issue...

vulnerabilityCVEcross-site-scripting-xss-cwe-79
/MEDIUM /5.4 /⚑ 2 IOCs

Adobe Connect XSS Flaw: Privilege Escalation Risk

CVE-2026-34617 — Adobe Connect versions 2025.3, 12.10 and earlier are affected by a Cross-Site Scripting (XSS) vulnerability that could result in privilege escalation. A low-privileged...

vulnerabilityCVEhigh-severitycross-site-scripting-xss-cwe-79
/HIGH /8.7 /⚑ 3 IOCs /⚙ 6 Sigma

Critical Adobe Connect RCE: Deserialization Flaw Puts Users at Risk

CVE-2026-34615 — Adobe Connect versions 2025.3, 12.10 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could result in arbitrary code execution...

vulnerabilityCVEcriticalhigh-severitycode-executioncwe-502
/CRITICAL /9.3 /⚑ 3 IOCs /⚙ 7 Sigma

Critical Windows IKE Flaw: Network Code Execution Risk

CVE-2026-33824 — Double free in Windows IKE Extension allows an unauthorized attacker to execute code over a network.

vulnerabilityCVEcriticalhigh-severitycwe-415
/CRITICAL /9.8 /⚑ 2 IOCs /⚙ 4 Sigma

SQL Server RCE: Untrusted Pointer Dereference

CVE-2026-33120 — Untrusted pointer dereference in SQL Server allows an authorized attacker to execute code over a network.

vulnerabilityCVEhigh-severitycwe-822
/HIGH /8.8 /⚑ 2 IOCs /⚙ 4 Sigma

Windows Shell Flaw Bypasses Core Security

CVE-2026-32225 — Protection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a security feature over a network.

vulnerabilityCVEhigh-severitycwe-693
/HIGH /8.8 /⚑ 2 IOCs /⚙ 4 Sigma

Azure Logic Apps Flaw: Privilege Escalation Risk

CVE-2026-32171 — Insufficiently protected credentials in Azure Logic Apps allows an authorized attacker to elevate privileges over a network.

vulnerabilityCVEhigh-severitycwe-522
/HIGH /8.8 /⚑ 2 IOCs /⚙ 4 Sigma

RDP Client Vulnerability: Remote Code Execution via Use-After-Free

CVE-2026-32157 — Use after free in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

vulnerabilityCVEhigh-severityuse-after-freecwe-416
/HIGH /8.8 /⚑ 2 IOCs /⚙ 4 Sigma

Windows Hello Flaw: Network Bypass Possible

CVE-2026-27928 — Improper input validation in Windows Hello allows an unauthorized attacker to bypass a security feature over a network.

vulnerabilityCVEhigh-severitycwe-20
/HIGH /8.7 /⚑ 2 IOCs /⚙ 4 Sigma

Adobe Connect RCE Flaw: Critical Deserialization Bug Exposed

CVE-2026-27303 — Adobe Connect versions 2025.3, 12.10 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could result in arbitrary code execution...

vulnerabilityCVEcriticalhigh-severitycode-executioncwe-502
/CRITICAL /9.6 /⚑ 3 IOCs /⚙ 7 Sigma

Critical XSS Hits Adobe Connect: Patch Now!

CVE-2026-27246 — Adobe Connect versions 2025.3, 12.10 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this issue by...

vulnerabilityCVEcriticalhigh-severitycross-site-scripting-xss-cwe-79
/CRITICAL /9.3 /⚑ 3 IOCs /⚙ 6 Sigma

Critical XSS Hits Adobe Connect: Patch Now!

CVE-2026-27245 — Adobe Connect versions 2025.3, 12.10 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince...

vulnerabilityCVEcriticalhigh-severitycross-site-scripting-xss-cwe-79
/CRITICAL /9.3 /⚑ 3 IOCs /⚙ 6 Sigma

Adobe Connect XSS Flaw: Critical Remote Code Execution Risk

CVE-2026-27243 — Adobe Connect versions 2025.3, 12.10 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince...

vulnerabilityCVEcriticalhigh-severitycross-site-scripting-xss-cwe-79
/CRITICAL /9.3 /⚑ 3 IOCs /⚙ 6 Sigma

WARP Vulnerability Offers Local Privilege Escalation in Windows

CVE-2026-26178 — Integer size truncation in Windows Advanced Rasterization Platform (WARP) allows an unauthorized attacker to elevate privileges locally.

vulnerabilityCVEhigh-severitycwe-190cwe-681
/HIGH /8.8 /⚑ 2 IOCs /⚙ 2 Sigma

Windows Push Notifications Vulnerability: Local Privilege Escalation Risk

CVE-2026-26167 — Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.

vulnerabilityCVEhigh-severityrace-conditioncwe-362cwe-416
/HIGH /8.8 /⚑ 2 IOCs /⚙ 2 Sigma

Microsoft Power Apps Flaw: Critical Remote Attack Vector Exposed

CVE-2026-26149 — Improper neutralization of escape, meta, or control sequences in Microsoft Power Apps allows an authorized attacker to bypass a security feature over a...

vulnerabilityCVEcriticalhigh-severitycwe-150
/CRITICAL /9 /⚑ 2 IOCs /⚙ 4 Sigma

Microsoft Patches SharePoint Zero-Day, 160 Vulnerabilities

Microsoft's latest Patch Tuesday was a big one, addressing a staggering 161 vulnerabilities. According to SecurityWeek, this makes it the second-largest Patch Tuesday ever, based...

threat-intelvulnerabilitymicrosoft
/MEDIUM /⚑ 2 IOCs /⚙ 1 Sigma

Microsoft Drops Windows 10 Extended Security Update

Microsoft has rolled out the Windows 10 KB5082200 extended security update, a critical patch addressing vulnerabilities initially slated for the April 2026 Patch Tuesday. According...

threat-inteldata-breachmalwarevulnerabilitymicrosofttools
/HIGH /⚑ 1 IOC /⚙ 1 Sigma

McGraw-Hill Confirms Breach via Salesforce Misconfig

Education giant McGraw-Hill has confirmed a data breach following an extortion attempt, as reported by BleepingComputer. The incident, which saw hackers gain access to internal...

threat-inteldata-breachmalwarevulnerability
/HIGH /⚑ 2 IOCs /⚙ 2 Sigma

Microsoft's April Patch Tuesday: 167 Fixes, Two Zero-Days Squashed

Microsoft's April 2026 Patch Tuesday has landed, and it's a significant one, addressing a hefty 167 security flaws. According to BleepingComputer, this update round includes...

threat-inteldata-breachmalwarevulnerabilitycloudmicrosoft
/HIGH /⚑ 3 IOCs /⚙ 1 Sigma

CVE-2026-34626 — Arbitrary File Access

CVE-2026-34626 — Acrobat Reader versions 26.001.21411, 24.001.30360, 24.001.30362 and earlier are affected by an Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') vulnerability that...

vulnerabilityCVEarbitrary-file-accesscwe-1321
/MEDIUM /6.3 /⚑ 2 IOCs

Acrobat Reader Flaw Could Lead to Code Execution

CVE-2026-34622 — Acrobat Reader versions 26.001.21411, 24.001.30360, 24.001.30362 and earlier are affected by an Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') vulnerability that...

vulnerabilityCVEhigh-severitycode-executioncwe-1321
/HIGH /8.6 /⚑ 1 IOC /⚙ 4 Sigma

InDesign Flaw: Out-of-Bounds Write Allows Code Execution

CVE-2026-27291 — InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the...

vulnerabilityCVEhigh-severitycode-executioncwe-787
/HIGH /7.8 /⚑ 3 IOCs /⚙ 5 Sigma

CVE-2026-27286 — Buffer Overflow

CVE-2026-27286 — InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could lead to memory exposure. An attacker...

vulnerabilityCVEbuffer-overflowcwe-122
/MEDIUM /5.5 /⚑ 2 IOCs

CVE-2026-27285 — Buffer Overflow

CVE-2026-27285 — InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could lead to application denial-of-service. An attacker...

vulnerabilityCVEbuffer-overflowcwe-122
/MEDIUM /5.5 /⚑ 2 IOCs

InDesign Flaw Opens Door for Remote Code Execution

CVE-2026-27284 — InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in...

vulnerabilityCVEhigh-severityout-of-bounds-1cwe-125
/HIGH /7.8 /⚑ 1 IOC /⚙ 3 Sigma

Adobe InDesign Flaw Lets Attackers Execute Code via Malicious Files

CVE-2026-27283 — InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in...

vulnerabilityCVEhigh-severitycode-executioncwe-416
/HIGH /7.8 /⚑ 1 IOC /⚙ 4 Sigma

Adobe InDesign Vulnerability: Arbitrary Code Execution Risk

CVE-2026-27238 — InDesign Desktop versions 20.5.2, 21.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in...

vulnerabilityCVEhigh-severitycode-executioncwe-122
/HIGH /7.8 /⚑ 3 IOCs /⚙ 5 Sigma

CVE-2026-22692 — Installations With CMS_SAFE_MODE Enabled (Disabled By Defaul Vulnerability

CVE-2026-22692 — October is a Content Management System (CMS) and web platform. Versions prior to 3.7.13 and versions 4.0.0 through 4.1.4 contain a sandbox bypass...

vulnerabilityCVEcwe-284cwe-693
/MEDIUM /4.9 /⚑ 3 IOCs

SAP Patches Critical SQLi and High-Severity ERP Flaws

SAP has dropped a hefty security update for April 2026, patching a total of 20 vulnerabilities. According to Cyber Updates - Asher Tamam, the standout...

israelvulnerability
/MEDIUM /⚑ 3 IOCs /⚙ 1 Sigma

Fortinet FortiDDoS-F SQLi: High-Severity RCE Risk

CVE-2026-39815 — A improper neutralization of special elements used in an sql command ('sql injection') vulnerability in Fortinet FortiDDoS-F 7.2.1 through 7.2.2 may allow attacker...

vulnerabilityCVEhigh-severitysql-injectioncwe-89
/HIGH /8.8 /⚑ 3 IOCs /⚙ 6 Sigma

Fortinet Path Traversal Flaw: Critical Privilege Escalation Risk

CVE-2026-39813 — A path traversal: '../filedir' vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4.0 through 4.4.8 may allow attacker to escalation of privilege via...

vulnerabilityCVEcriticalhigh-severitypath-traversalcwe-24
/CRITICAL /9.8 /⚑ 3 IOCs /⚙ 1 Sigma

Fortinet FortiSandbox Faces Critical Command Injection Flaw

CVE-2026-39808 — A improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet FortiSandbox 4.4.0 through 4.4.8 may allow...

vulnerabilityCVEcriticalhigh-severitycommand-injectioncwe-78
/CRITICAL /9.8 /⚑ 2 IOCs /⚙ 1 Sigma

CRM Vulnerability Lets Attackers Steal and Delete User Contacts

CVE-2026-38532 — A Broken Object-Level Authorization (BOLA) in the /Contact/Persons/PersonController.php endpoint of Webkul Krayin CRM v2.2.x allows authenticated attackers to arbitrarily read, modify, and permanently...

vulnerabilityCVEhigh-severity
/HIGH /8.1 /⚑ 4 IOCs /⚙ 5 Sigma

Webkul Krayin CRM: Critical Auth Flaw Lets Attackers Steal Leads

CVE-2026-38530 — A Broken Object-Level Authorization (BOLA) in the /Controllers/Lead/LeadController.php endpoint of Webkul Krayin CRM v2.2.x allows authenticated attackers to arbitrarily read, modify, and permanently...

vulnerabilityCVEhigh-severity
/HIGH /8.1 /⚑ 3 IOCs /⚙ 2 Sigma

Critical BOLA Flaw Lets Attackers Hijack Webkul Krayin CRM Accounts

CVE-2026-38529 — A Broken Object-Level Authorization (BOLA) in the /Settings/UserController.php endpoint of Webkul Krayin CRM v2.2.x allows authenticated attackers to arbitrarily reset user passwords and...

vulnerabilityCVEhigh-severity
/HIGH /8.8 /⚑ 4 IOCs /⚙ 3 Sigma

Krayin CRM SQL Injection: High-Severity Flaw Exposes Data

CVE-2026-38528 — Krayin CRM v2.2.x was discovered to contain a SQL injection vulnerability via the rotten_lead parameter at /Lead/LeadDataGrid.php.

vulnerabilityCVEhigh-severitysql-injection
/HIGH /7.1 /⚑ 3 IOCs /⚙ 5 Sigma

Krayin CRM SSRF Exposes Internal Resources

CVE-2026-38527 — A Server-Side Request Forgery (SSRF) in the /settings/webhooks/create component of Webkul Krayin CRM v2.2.x allows attackers to scan internal resources via supplying a...

vulnerabilityCVEhigh-severityserver-side-request-forgery
/HIGH /8.5 /⚑ 3 IOCs /⚙ 5 Sigma

Critical File Upload Flaw Found in Webkul Krayin CRM

CVE-2026-38526 — An authenticated arbitrary file upload vulnerability in the /admin/tinymce/upload endpoint of Webkul Krayin CRM v2.2.x allows attackers to execute arbitrary code via uploading...

vulnerabilityCVEcriticalhigh-severityarbitrary-file-access
/CRITICAL /9.9 /⚑ 3 IOCs /⚙ 6 Sigma

CVE-2026-25691 — Path Traversal

CVE-2026-25691 — A improper limitation of a pathname to a restricted directory ('path traversal') vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4.0 through 4.4.8,...

vulnerabilityCVEpath-traversalcwe-22
/MEDIUM /6.7 /⚑ 2 IOCs

FortiSOAR 2FA Bypass: Replay Attack Raises Authentication Concerns

CVE-2026-23708 — A improper authentication vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.3, FortiSOAR PaaS 7.5.0 through 7.5.2, FortiSOAR on-premise 7.6.0 through 7.6.3, FortiSOAR on-premise...

vulnerabilityCVEhigh-severitycwe-287
/HIGH /7.5 /⚑ 5 IOCs /⚙ 3 Sigma

Fortinet FortiAnalyzer/FortiManager Cloud: Heap Overflow Exploit

CVE-2026-22828 — A heap-based buffer overflow vulnerability in Fortinet FortiAnalyzer Cloud 7.6.2 through 7.6.4, FortiManager Cloud 7.6.2 through 7.6.4 may allow a remote unauthenticated attacker...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-122
/HIGH /8.1 /⚑ 3 IOCs

Critical SQLi Hits School Management System

CVE-2025-65135 — In manikandan580 School-management-system 1.0, a time-based blind SQL injection vulnerability exists in /studentms/admin/between-date-reprtsdetails.php through the fromdate POST parameter.

vulnerabilityCVEcriticalhigh-severitysql-injection
/CRITICAL /9.8 /⚑ 3 IOCs /⚙ 4 Sigma

Critical SQLi Hits Grocery Store Management System

CVE-2025-63939 — Improper input handling in /Grocery/search_products_itname.php, in anirudhkannan Grocery Store Management System 1.0, allows SQL injection via the sitem_name POST parameter.

vulnerabilityCVEcriticalhigh-severitysql-injection
/CRITICAL /9.8 /⚑ 4 IOCs /⚙ 6 Sigma

Fortinet SQLi Hits FortiAnalyzer, FortiManager

CVE-2025-61848 — An improper neutralization of special elements used in an sql command ('sql injection') vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4.0 through...

vulnerabilityCVEhigh-severitysql-injectioncwe-89
/HIGH /7.2 /⚑ 5 IOCs /⚙ 6 Sigma

PHP Composer Vulnerabilities Open Door for Command Execution

The Hacker News is flagging two critical vulnerabilities discovered in Composer, the go-to package manager for PHP projects. These flaws, tagged as command injection vulnerabilities...

threat-intelvulnerabilitycloudtools
/HIGH /⚑ 1 IOC /⚙ 1 Sigma

Autodesk Fusion XSS: Local File Read, Code Execution Risk

CVE-2026-4369 — A maliciously crafted HTML payload in an assembly variant name, when displayed during the delete confirmation dialog and clicked by a user, can...

vulnerabilityCVEhigh-severitycross-site-scripting-xss-cwe-79
/HIGH /7.1 /⚑ 4 IOCs /⚙ 3 Sigma

Autodesk Fusion XSS Flaw Puts Local Files, Code at Risk

CVE-2026-4345 — A maliciously crafted HTML payload, stored in a design name and exported to CSV, can trigger a Stored Cross-site Scripting (XSS) vulnerability in...

vulnerabilityCVEhigh-severitycross-site-scripting-xss-cwe-79
/HIGH /7.1 /⚑ 5 IOCs /⚙ 3 Sigma

Autodesk Fusion XSS Flaw Lets Attackers Steal Local Files

CVE-2026-4344 — A maliciously crafted HTML payload in a component name, when displayed during the delete confirmation dialog and clicked by a user, can trigger...

vulnerabilityCVEhigh-severitycross-site-scripting-xss-cwe-79
/HIGH /7.1 /⚑ 4 IOCs /⚙ 3 Sigma

CVE-2026-37980 — Keycloak, Specifically In The Organization Selection Login P Cross-Site Scripting (XSS)

CVE-2026-37980 — A flaw was found in Keycloak, specifically in the organization selection login page. A remote attacker with `manage-realm` or `manage-organizations` administrative privileges can...

vulnerabilityCVEcross-site-scripting-xss-cwe-79
/MEDIUM /6.9 /⚑ 2 IOCs

CVE-2025-69993 — Cross-Site Scripting (XSS)

CVE-2025-69993 — Leaflet versions up to and including 1.9.4 are vulnerable to Cross-Site Scripting (XSS) via the bindPopup() method. This method renders user-supplied input as...

vulnerabilityCVEcross-site-scripting-xss-
/MEDIUM /6.1 /⚑ 1 IOC

AI Fuels Google Discover Scams with Scareware and Ad Fraud

The Hacker News is flagging a sophisticated ad fraud scheme that's weaponizing AI and SEO tactics to infiltrate Google Discover. This campaign crafts deceptive news...

threat-intelvulnerabilityai-security
/MEDIUM /⚑ 3 IOCs /⚙ 2 Sigma

Google Hardens Pixel 10 Modem with Rust DNS Parser

Google is stepping up its security game on Pixel devices, integrating a Rust-based Domain Name System (DNS) parser directly into the modem firmware. This move,...

threat-intelvulnerability
/MEDIUM /⚑ 5 IOCs /⚙ 1 Sigma

Jetty HTTP/1.1 Parser Vulnerable to Request Smuggling via Funky Chunks

CVE-2026-2332 — In Eclipse Jetty, the HTTP/1.1 parser is vulnerable to request smuggling when chunk extensions are used, similar to the "funky chunks" techniques outlined...

vulnerabilityCVEhigh-severitycwe-444
/HIGH /7.4 /⚑ 1 IOC /⚙ 3 Sigma

CVE-2026-32201 — Microsoft SharePoint Server: Microsoft SharePoint Server Improper Input Validation Vulnerability

CVE-2026-32201 — Microsoft SharePoint Server contains an improper input validation vulnerability that allows an unauthorized attacker to perform spoofing over a network.

vulnerabilityCVEcisa-kevactively-exploited
/HIGH /⚑ 2 IOCs /⚙ 4 Sigma

CVE-2009-0238 — Microsoft Office: Microsoft Office Remote Code Execution

CVE-2009-0238 — Microsoft Office Excel contains a remote code execution vulnerability that could allow an attacker to take complete control of an affected system if...

vulnerabilityCVEcisa-kevactively-exploited
/HIGH /⚑ 3 IOCs /⚙ 3 Sigma

SAP Patches Critical ABAP Vulnerability

SAP has dropped a hefty patch Tuesday, releasing 19 new security notes to address vulnerabilities across more than a dozen of its enterprise products. According...

vulnerabilitycloudtools
/MEDIUM /⚑ 2 IOCs /⚙ 4 Sigma

CISA Needs Confirmed Leadership Amid Escalating Cyber Threats

The Cybersecurity and Infrastructure Security Agency (CISA), the U.S. government's primary civilian cyber defense arm, is operating without a Senate-confirmed director. This leadership vacuum, reported...

vulnerabilitymicrosoftthreat-intel
/HIGH

Goldman Sachs Sounds Alarm on Anthropic's AI Model 'Mythos'

Goldman Sachs is voicing serious concerns about the cybersecurity implications of Anthropic's new AI model, dubbed 'Mythos.' According to The Cyber Express, Goldman's CEO David...

vulnerabilitymicrosoftidentityai-securitytools
/HIGH /⚑ 1 IOC /⚙ 1 Sigma

Nightclub Giant RCI Hospitality Hit by Data Breach

Nightclub conglomerate RCI Hospitality recently disclosed a data breach stemming from an Insecure Direct Object Reference (IDOR) vulnerability. According to SecurityWeek, the company detailed the...

vulnerabilitydata-breachthreat-intel
/HIGH /⚑ 2 IOCs /⚙ 2 Sigma

CVE-2026-4109 — The Eventin – Events Calendar, Event Booking, Ticket &

CVE-2026-4109 — The Eventin – Events Calendar, Event Booking, Ticket & Registration (AI Powered) plugin for WordPress is vulnerable to unauthorized access of data due...

vulnerabilityCVEcwe-862
/MEDIUM /4.3 /⚑ 2 IOCs

CVE-2026-33892: Unauthenticated Remote Access to Siemens Industrial Edge Systems

CVE-2026-33892 — A vulnerability has been identified in Industrial Edge Management Pro V1 (All versions >= V1.7.6 = V2.0.0 = V2.2.0 < V2.8.0). Affected management...

vulnerabilityCVEhigh-severitycwe-305
/HIGH /7.1 /⚑ 4 IOCs /⚙ 6 Sigma

RUGGEDCOM CROSSBOW SAM-P Privilege Escalation Identified

CVE-2026-27668 — A vulnerability has been identified in RUGGEDCOM CROSSBOW Secure Access Manager Primary (SAM-P) (All versions < V5.8). User Administrators are allowed to administer...

vulnerabilityCVEhigh-severitycwe-266
/HIGH /8.8 /⚑ 2 IOCs

Siemens SINEC NMS Flaw Allows Arbitrary Password Resets

CVE-2026-25654 — A vulnerability has been identified in SINEC NMS (All versions < V4.0 SP3). Affected products do not properly validate user authorization when processing...

vulnerabilityCVEhigh-severitycwe-639
/HIGH /8.8 /⚑ 3 IOCs

Authentication Bypass Hits Siemens SINEC NMS

CVE-2026-24032 — A vulnerability has been identified in SINEC NMS (All versions < V4.0 SP3 with UMC). The affected application contains an authentication weakness due...

vulnerabilityCVEhigh-severitycwe-347
/HIGH /7.3 /⚑ 2 IOCs /⚙ 4 Sigma

Kali Forms RCE: WordPress Sites Under Attack

A critical Remote Code Execution (RCE) vulnerability in the Kali Forms WordPress plugin has escalated into an active threat, allowing unauthenticated attackers to compromise sites....

vulnerabilityidentitythreat-inteltools
/HIGH /⚑ 3 IOCs /⚙ 6 Sigma

Fake Claude AI Installer Delivers PlugX via DLL Sideloading

Cybercriminals are leveraging the buzz around AI chatbots to lure unsuspecting users into malware traps. Security Affairs reports that a fake website, masquerading as Anthropic's...

malwarevulnerabilitycloudmicrosoftidentityphishing
/HIGH /⚑ 4 IOCs /⚙ 2 Sigma

CVE-2026-2582 — Code Execution

CVE-2026-2582 — The The Germanized for WooCommerce plugin for WordPress is vulnerable to arbitrary shortcode execution via 'account_holder' parameter in all versions up to, and...

vulnerabilityCVEcode-executioncwe-94
/MEDIUM /6.5 /⚑ 2 IOCs

WordPress PHP Object Injection Hits Smart Post Show Plugin

CVE-2026-3017 — The Smart Post Show – Post Grid, Post Carousel & Slider, and List Category Posts plugin for WordPress is vulnerable to PHP Object...

vulnerabilityCVEhigh-severityinsecure-deserializationcwe-502
/HIGH /7.2 /⚑ 3 IOCs /⚙ 6 Sigma

ShowDoc RCE Flaw CVE-2025-0520 Under Active Exploitation

A critical remote code execution (RCE) vulnerability in ShowDoc, a document management and collaboration service widely used in China, is currently under active exploitation. The...

vulnerability
/HIGH /⚑ 3 IOCs /⚙ 6 Sigma

CVE-2026-4479 — Cross-Site Scripting (XSS)

CVE-2026-4479 — The WholeSale Products Dynamic Pricing Management WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up...

vulnerabilityCVEcross-site-scripting-xss-cwe-79
/MEDIUM /4.4 /⚑ 2 IOCs

CVE-2026-4059 — Cross-Site Scripting (XSS)

CVE-2026-4059 — The ShopLentor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the woolentor_quickview_button shortcode's button_text attribute in all versions up to, and...

vulnerabilityCVEcross-site-scripting-xss-cwe-79
/MEDIUM /6.4 /⚑ 2 IOCs

PraisonAI GitHub Actions Vulnerable to Critical Token Leak

CVE-2026-40313 — PraisonAI is a multi-agent teams system. In versions 4.5.139 and below, the GitHub Actions workflows are vulnerable to ArtiPACKED attack, a known credential...

vulnerabilityCVEcriticalhigh-severitycwe-829
/CRITICAL /9.1 /⚑ 4 IOCs /⚙ 2 Sigma

PraisonAI Browser Bridge Critical Session Hijacking

CVE-2026-40289 — PraisonAI is a multi-agent teams system. In versions below 4.5.139 of PraisonAI and 1.5.140 of praisonaiagents, the browser bridge (praisonai browser start) is...

vulnerabilityCVEcriticalhigh-severitycwe-306
/CRITICAL /9.1 /⚑ 5 IOCs /⚙ 5 Sigma

PraisonAI Flaw: Untrusted YAML Leads to RCE

CVE-2026-40288 — PraisonAI is a multi-agent teams system. In versions below 4.5.139 of PraisonAI and 1.5.140 of praisonaiagents, the workflow engine is vulnerable to arbitrary...

vulnerabilityCVEcriticalhigh-severitycode-executioncwe-78cwe-94
/CRITICAL /9.8 /⚑ 5 IOCs /⚙ 5 Sigma

PraisonAI Flaw: Arbitrary Code Execution via Unsanitized Tool Imports

CVE-2026-40287 — PraisonAI is a multi-agent teams system. Versions 4.5.138 and below are vulnerable to arbitrary code execution through automatic, unsanitized import of a tools.py...

vulnerabilityCVEhigh-severitycode-executioncwe-94cwe-426
/HIGH /8.4 /⚑ 4 IOCs /⚙ 1 Sigma

CVE-2026-1607 — Cross-Site Scripting (XSS)

CVE-2026-1607 — The Surbma | Booking.com Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's `surbma-bookingcom` shortcode in all versions up...

vulnerabilityCVEcross-site-scripting-xss-cwe-79
/MEDIUM /6.4 /⚑ 2 IOCs

Critical RCE in Talend JobServer & Runtime (CVE-2026-6264)

CVE-2026-6264 — A critical vulnerability in the Talend JobServer and Talend Runtime allows unauthenticated remote code execution via the JMX monitoring port. The attack vector...

vulnerabilityCVEcriticalhigh-severityremote-code-execution
/CRITICAL /9.8 /⚑ 4 IOCs /⚙ 3 Sigma

BackWPup Plugin RCE Via Local File Inclusion

CVE-2026-6227 — The BackWPup plugin for WordPress is vulnerable to Local File Inclusion via the `block_name` parameter of the `/wp-json/backwpup/v1/getblock` REST endpoint in all versions...

vulnerabilityCVEhigh-severityremote-code-executioncwe-22
/HIGH /7.2 /⚑ 5 IOCs /⚙ 1 Sigma

WordPress Form Maker Plugin Hit by Stored XSS

CVE-2026-4388 — The Form Maker by 10Web plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Matrix field (Text Box input type) in...

vulnerabilityCVEhigh-severitycross-site-scripting-xss-cwe-79
/HIGH /7.2 /⚑ 4 IOCs /⚙ 4 Sigma

Critical WordPress LearnPress Flaw Allows Unauth Data Deletion

CVE-2026-4365 — The LearnPress plugin for WordPress is vulnerable to unauthorized data deletion due to a missing capability check on the `delete_question_answer()` function in all...

vulnerabilityCVEcriticalhigh-severitycwe-862
/CRITICAL /9.1 /⚑ 5 IOCs /⚙ 5 Sigma

JetEngine Plugin SQLi Puts WordPress Sites at Risk

CVE-2026-4352 — The JetEngine plugin for WordPress is vulnerable to SQL Injection via the Custom Content Type (CCT) REST API search endpoint in all versions...

vulnerabilityCVEhigh-severitysql-injectioncwe-89
/HIGH /7.5 /⚑ 5 IOCs /⚙ 5 Sigma

CVE-2026-34225 — Server-Side Request Forgery

CVE-2026-34225 — Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Versions 0.7.2 and below contain a Blind Server Side Request...

vulnerabilityCVEserver-side-request-forgerycwe-918
/MEDIUM /4.3 /⚑ 2 IOCs

CVE-2026-39421 — Code Execution

CVE-2026-39421 — MaxKB is an open-source AI assistant for enterprise. Versions 2.7.1 and below contain a sandbox escape vulnerability in the ToolExecutor component. By leveraging...

vulnerabilityCVEcode-executioncwe-94cwe-693
/MEDIUM /6.3 /⚑ 3 IOCs

CVE-2026-39420 — Remote Code Execution

CVE-2026-39420 — MaxKB is an open-source AI assistant for enterprise. In versions 2.7.1 and below, an incomplete sandbox protection mechanism allows an authenticated user with...

vulnerabilityCVEremote-code-executioncwe-78cwe-693
/MEDIUM /6.3 /⚑ 3 IOCs

CVE-2026-39418 — MaxKB is an open-source AI assistant for enterprise. In

CVE-2026-39418 — MaxKB is an open-source AI assistant for enterprise. In versions 2.7.1 and below, sandbox network protection can be bypassed by using socket.sendto() with...

vulnerabilityCVEcwe-918
/MEDIUM /5 /⚑ 2 IOCs

CVE-2026-34264 — During authorization checks in SAP Human Capital Management

CVE-2026-34264 — During authorization checks in SAP Human Capital Management for SAP S/4HANA, the system returns specific messages. Due to this, an authenticated user with...

vulnerabilityCVEcwe-204
/MEDIUM /6.5 /⚑ 2 IOCs

CVE-2026-34261 — Due to a missing authorization check in SAP Business

CVE-2026-34261 — Due to a missing authorization check in SAP Business Analytics and SAP Content Management, an authenticated user could make unauthorized calls to certain...

vulnerabilityCVEcwe-862
/MEDIUM /6.5 /⚑ 2 IOCs

CVE-2026-34257 — SAP NetWeaver Application Server ABAP, An Unauthenticated At Open Redirect

CVE-2026-34257 — Due to an Open Redirect vulnerability in SAP NetWeaver Application Server ABAP, an unauthenticated attacker could craft malicious URL that, if accessed by...

vulnerabilityCVEopen-redirectcwe-601
/MEDIUM /6.1 /⚑ 2 IOCs

SAP ERP/S/4HANA Flaw Exposes ABAP Reports to Unauthorized Overwrites

CVE-2026-34256 — Due to a missing authorization check in SAP ERP and SAP S/4HANA (Private Cloud and On-Premise), an authenticated attacker could execute a particular...

vulnerabilityCVEhigh-severitycwe-862
/HIGH /7.1 /⚑ 3 IOCs /⚙ 5 Sigma

jq Hash Collision Vulnerability: CPU Exhaustion via Crafted JSON

CVE-2026-40164 — jq is a command-line JSON processor. Before commit 0c7d133c3c7e37c00b6d46b658a02244fdd3c784, jq used MurmurHash3 with a hardcoded, publicly visible seed (0x432A9843) for all JSON object...

vulnerabilityCVEhigh-severitycwe-328cwe-407
/HIGH /7.5 /⚑ 3 IOCs /⚙ 4 Sigma

CVE-2026-39417 — Remote Code Execution

CVE-2026-39417 — MaxKB is an open-source AI assistant for enterprise. Versions 2.7.1 and below contain an incomplete fix for CVE-2025-53928, where a Remote Code Execution...

vulnerabilityCVEremote-code-executioncwe-20cwe-78
/MEDIUM /4.6 /⚑ 3 IOCs

CVE-2026-34069 — nimiq/core-rs-albatross is a Rust implementation of the

CVE-2026-34069 — nimiq/core-rs-albatross is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. In versions 1.2.2 and below, an unauthenticated...

vulnerabilityCVEcwe-617
/MEDIUM /5.3 /⚑ 2 IOCs

CVE-2026-27683 — SAP BusinessObjects Business Intelligence application

CVE-2026-27683 — SAP BusinessObjects Business Intelligence application allows an authenticated attacker to inject malicious JavaScript payloads through crafted URLs. When a victim accesses the URL,...

vulnerabilityCVEcwe-79
/MEDIUM /4.1 /⚑ 2 IOCs

Critical SQLi Hits SAP Business Planning & BW

CVE-2026-27681 — Due to insufficient authorization checks in SAP Business Planning and Consolidation and SAP Business Warehouse, an authenticated user can execute crafted SQL statements...

vulnerabilityCVEcriticalhigh-severitycwe-89
/CRITICAL /9.9 /⚑ 3 IOCs /⚙ 4 Sigma

CVE-2026-27679 — Due to missing authorization checks in the SAP S/4HANA

CVE-2026-27679 — Due to missing authorization checks in the SAP S/4HANA frontend OData Service (Manage Reference Structures), an attacker could update and delete child entities...

vulnerabilityCVEcwe-862
/MEDIUM /6.5 /⚑ 2 IOCs

CVE-2026-27678 — Due to missing authorization checks in the SAP S/4HANA

CVE-2026-27678 — Due to missing authorization checks in the SAP S/4HANA backend OData Service (Manage Reference Structures), an attacker could update and delete child entities...

vulnerabilityCVEcwe-862
/MEDIUM /6.5 /⚑ 2 IOCs

CVE-2026-27677 — Due to missing authorization checks in the SAP S/4HANA

CVE-2026-27677 — Due to missing authorization checks in the SAP S/4HANA OData Service (Manage Reference Equipment), an attacker could update and delete child entities via...

vulnerabilityCVEcwe-862
/MEDIUM /6.5 /⚑ 2 IOCs

CVE-2026-27676 — Due to missing authorization checks in the SAP S/4HANA

CVE-2026-27676 — Due to missing authorization checks in the SAP S/4HANA OData Service (Manage Technical Object Structures), an attacker could update and delete child entities...

vulnerabilityCVEcwe-862
/MEDIUM /4.3 /⚑ 2 IOCs

CVE-2026-27674 — SAP NetWeaver Application Server Java (Web Dynpro Java), An Vulnerability

CVE-2026-27674 — Due to a Code Injection vulnerability in SAP NetWeaver Application Server Java (Web Dynpro Java), an unauthenticated attacker could supply crafted input that...

vulnerabilityCVEcwe-94
/MEDIUM /6.1 /⚑ 2 IOCs

CVE-2026-27673 — Due to a missing authorization check, SAP S/4HANA (Private

CVE-2026-27673 — Due to a missing authorization check, SAP S/4HANA (Private Cloud and On-Premise) allows an authenticated user to delete files on the operating system...

vulnerabilityCVEcwe-862
/MEDIUM /4.9 /⚑ 2 IOCs

CVE-2026-27672 — The Material Master application does not enforce

CVE-2026-27672 — The Material Master application does not enforce authorization checks for authenticated users when executing reports, resulting in the disclosure of sensitive information. This...

vulnerabilityCVEcwe-862
/MEDIUM /4.3 /⚑ 2 IOCs

CVE-2026-24318 — SAP Business Objects Business Intelligence Platform, An Unau Vulnerability

CVE-2026-24318 — Due to an Insecure session management vulnerability in SAP Business Objects Business Intelligence Platform, an unauthenticated attacker could obtain valid session tokens and...

vulnerabilityCVEcwe-539
/MEDIUM /4.2 /⚑ 2 IOCs

CVE-2026-0512 — The SAP Supplier Relationship Management (SICF Handler In SR Cross-Site Scripting (XSS)

CVE-2026-0512 — Due to a Cross-Site Scripting (XSS) vulnerability in the SAP Supplier Relationship Management (SICF Handler in SRM Catalog), an unauthenticated attacker could craft...

vulnerabilityCVEcross-site-scripting-xss-cwe-79
/MEDIUM /6.1 /⚑ 2 IOCs

CVE-2026-6203 — Open Redirect

CVE-2026-6203 — The User Registration & Membership plugin for WordPress is vulnerable to Open Redirect in versions up to and including 5.1.4. This is due...

vulnerabilityCVEopen-redirectcwe-601
/MEDIUM /6.1 /⚑ 2 IOCs

CVE-2026-39956 — jq is a command-line JSON processor. In commits after

CVE-2026-39956 — jq is a command-line JSON processor. In commits after 69785bf77f86e2ea1b4a20ca86775916889e91c9, the _strindices builtin in jq's src/builtin.c passes its arguments directly to jv_string_indexes() without...

vulnerabilityCVEcwe-125cwe-476cwe-843
/MEDIUM /6.1 /⚑ 4 IOCs

Nocobase Plugin Sandbox Bypass: Remote Exploit Publicly Available

CVE-2026-6224 — A security flaw has been discovered in nocobase plugin-workflow-javascript up to 2.0.23. This issue affects the function createSafeConsole of the file packages/plugins/@nocobase/plugin-workflow-javascript/src/server/Vm.js. Performing...

vulnerabilityCVEhigh-severitycwe-264cwe-265
/HIGH /7.3 /⚑ 2 IOCs /⚙ 5 Sigma

CVE-2026-40312 — ImageMagick is free and open-source software used for

CVE-2026-40312 — ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below 7.1.2-19, an off by one error in...

vulnerabilityCVEcwe-193
/MEDIUM /6.2 /⚑ 2 IOCs

CVE-2026-40311 — Use-After-Free

CVE-2026-40311 — ImageMagick is free and open-source software used for editing and manipulating digital images. Versions below 7.1.2-19 and 6.9.13-44 contain a heap use-after-free vulnerability...

vulnerabilityCVEuse-after-freecwe-416cwe-693
/MEDIUM /5.5 /⚑ 3 IOCs

CVE-2026-40310 — Out-of-Bounds $1

CVE-2026-40310 — ImageMagick is free and open-source software used for editing and manipulating digital images. Versions below both 7.1.2-19 and 6.9.13-44, contain a heap out-of-bounds...

vulnerabilityCVEout-of-bounds-1cwe-122cwe-787
/MEDIUM /5.5 /⚑ 3 IOCs

CVE-2026-40183 — ImageMagick is free and open-source software used for

CVE-2026-40183 — ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below 7.1.2-19, the JXL encoder has an heap...

vulnerabilityCVEcwe-122
/MEDIUM /5.5 /⚑ 2 IOCs

CVE-2026-40169 — ImageMagick is free and open-source software used for

CVE-2026-40169 — ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below 7.1.2-19, a crafted image could result in...

vulnerabilityCVEcwe-122cwe-787
/MEDIUM /6.2 /⚑ 3 IOCs

CVE-2026-34238 — Buffer Overflow

CVE-2026-34238 — ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below both 7.1.2-19 and 6.9.13-44, an integer overflow...

vulnerabilityCVEbuffer-overflowcwe-190cwe-787
/MEDIUM /5.1 /⚑ 3 IOCs

CVE-2026-33947 — Denial of Service

CVE-2026-33947 — jq is a command-line JSON processor. In versions 1.8.1 and below, functions jv_setpath(), jv_getpath(), and delpaths_sorted() in jq's src/jv_aux.c use unbounded recursion whose...

vulnerabilityCVEdenial-of-servicecwe-674
/MEDIUM /6.2 /⚑ 2 IOCs

ImageMagick DoS: Deep XML Parsing Exhausts Stack

CVE-2026-33908 — ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below both 7.1.2-19 and 6.9.13-44, Magick frees the...

vulnerabilityCVEhigh-severitydenial-of-servicecwe-674
/HIGH /7.5 /⚑ 4 IOCs /⚙ 1 Sigma

CVE-2026-33905 — Out-of-Bounds $1

CVE-2026-33905 — ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below both 7.1.2-19 and 6.9.13-44, the -sample operation...

vulnerabilityCVEout-of-bounds-1cwe-125
/MEDIUM /5.5 /⚑ 2 IOCs

CVE-2026-33902 — ImageMagick'S FX Expression Parser Vulnerability

CVE-2026-33902 — ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below both 7.1.2-19 and 6.9.13-44, a stack overflow...

vulnerabilityCVEcwe-674
/MEDIUM /5.5 /⚑ 2 IOCs

UniFi Play WiFi Credentials Exposed by Access Control Flaw

CVE-2026-22566 — An Improper Access Control vulnerability could allow a malicious actor with access to the UniFi Play network to obtain UniFi Play WiFi credentials.
Affected...

vulnerabilityCVEhigh-severityimproper-access-controlcwe-284
/HIGH /7.5 /⚑ 3 IOCs /⚙ 1 Sigma

Critical UniFi Play Flaw: SSH Access Hijack Risk

CVE-2026-22564 — An Improper Access Control vulnerability could allow a malicious actor with access to the UniFi Play network to enable SSH to make unauthorized...

vulnerabilityCVEcriticalhigh-severityimproper-access-controlcwe-284
/CRITICAL /9.8 /⚑ 3 IOCs

UniFi Play Devices Face Critical Command Injection Vulnerabilities

CVE-2026-22563 — A series of Improper Input Validation vulnerabilities could allow a Command Injection by a malicious actor with access to the UniFi Play network....

vulnerabilityCVEcriticalhigh-severitycommand-injectioncwe-20
/CRITICAL /9.8 /⚑ 3 IOCs /⚙ 4 Sigma

Critical RCE Found in UniFi Play Devices

CVE-2026-22562 — A malicious actor with access to the UniFi Play network could exploit a Path Traversal vulnerability found in the device firmware to write...

vulnerabilityCVEcriticalhigh-severityremote-code-executioncwe-22
/CRITICAL /9.8 /⚑ 4 IOCs /⚙ 5 Sigma

CVE-2026-6219 — The Function Child_process.Exec Of The File Src/Compressor.J Command Injection

CVE-2026-6219 — A vulnerability was determined in aandrew-me ytDownloader up to 3.20.2. This affects the function child_process.exec of the file src/compressor.js of the component Compressor...

vulnerabilityCVEcommand-injectioncwe-74cwe-77
/MEDIUM /5.3 /⚑ 3 IOCs

CVE-2026-6218 — Aandrew-Me YtDownloader Vulnerability

CVE-2026-6218 — A vulnerability was found in aandrew-me ytDownloader up to 3.20.2. Affected by this issue is the function createTextNode of the component Error Details...

vulnerabilityCVEcwe-79cwe-94
/MEDIUM /4.3 /⚑ 3 IOCs

ImageMagick Heap Overflow Vulnerability Exposed

CVE-2026-33901 — ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below both 7.1.2-19 and 6.9.13-44, a heap buffer...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-122cwe-787
/HIGH /7.5 /⚑ 1 IOC /⚙ 4 Sigma

CVE-2026-33900 — ImageMagick is free and open-source software used for

CVE-2026-33900 — ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below both 7.1.2-189 and 6.9.13-44, the viff encoder...

vulnerabilityCVEcwe-190
/MEDIUM /5.9 /⚑ 2 IOCs

CVE-2026-33899 — ImageMagick is free and open-source software used for

CVE-2026-33899 — ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below 7.1.2-189 and 6.9.13-44, when `Magick` parses an...

vulnerabilityCVEcwe-122cwe-191
/MEDIUM /5.3 /⚑ 3 IOCs

CVE-2026-33740 — EspoCRM is an open source customer relationship management

CVE-2026-33740 — EspoCRM is an open source customer relationship management application. In versions 9.3.3 and below, the POST /api/v1/Email/importEml endpoint contains an Insecure Direct Object...

vulnerabilityCVEcwe-639
/MEDIUM /5.4 /⚑ 2 IOCs

CVE-2026-6215 — Server-Side Request Forgery

CVE-2026-6215 — A weakness has been identified in DbGate up to 7.1.4. The impacted element is the function apiServerUrl1 of the file packages/rest/src/openApiDriver.ts of the...

vulnerabilityCVEserver-side-request-forgerycwe-918
/MEDIUM /6.3 /⚑ 2 IOCs

CVE-2026-6202 — Code-Projects Easy Blog Site SQL Injection

CVE-2026-6202 — A security flaw has been discovered in code-projects Easy Blog Site 1.0. This affects an unknown function of the file post.php. Performing a...

vulnerabilityCVEsql-injectioncwe-74cwe-89
/MEDIUM /6.3 /⚑ 3 IOCs

CVE-2026-6201 — CodeAstro Online Job Portal Improper Access Control

CVE-2026-6201 — A vulnerability was identified in CodeAstro Online Job Portal 1.0. The impacted element is an unknown function of the file /jobs/job-delete.php of the...

vulnerabilityCVEimproper-access-controlcwe-266cwe-284
/MEDIUM /5.4 /⚑ 3 IOCs

CVE-2026-33657 — EspoCRM is an open source customer relationship management

CVE-2026-33657 — EspoCRM is an open source customer relationship management application. Versions 9.3.3 and below have a stored HTML injection vulnerability that allows any authenticated...

vulnerabilityCVEcwe-80cwe-116
/MEDIUM /4.6 /⚑ 3 IOCs

CVE-2026-33534 — Server-Side Request Forgery

CVE-2026-33534 — EspoCRM is an open source customer relationship management application. Versions 9.3.3 and below have an authenticated Server-Side Request Forgery (SSRF) vulnerability that allows...

vulnerabilityCVEserver-side-request-forgerycwe-918
/MEDIUM /4.3 /⚑ 2 IOCs

Nimiq Albatross Vulnerability: Validator Crash via Malformed Proposal

CVE-2026-32605 — nimiq/core-rs-albatross is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Prior to version 1.3.0, an untrusted peer...

vulnerabilityCVEhigh-severitycwe-125cwe-193
/HIGH /7.5 /⚑ 3 IOCs /⚙ 3 Sigma

Tenda F456 Router Faces High-Severity Stack Buffer Overflow

CVE-2026-6200 — A vulnerability was determined in Tenda F456 1.0.0.5. The affected element is the function formwebtypelibrary of the file /goform/webtypelibrary. This manipulation of the...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-121
/HIGH /8.8 /⚑ 4 IOCs /⚙ 4 Sigma

Tenda F456 Router Hit by Critical Stack-Based Buffer Overflow

CVE-2026-6199 — A vulnerability was found in Tenda F456 1.0.0.5. Impacted is the function fromqossetting of the file /goform/qossetting. The manipulation of the argument page...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-121
/HIGH /8.8 /⚑ 3 IOCs /⚙ 4 Sigma

Tenda F456 Routers Hit by Critical Buffer Overflow

CVE-2026-6198 — A vulnerability has been found in Tenda F456 1.0.0.5. This issue affects the function fromNatStaticSetting of the file /goform/NatStaticSetting. The manipulation of the...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-121
/HIGH /8.8 /⚑ 1 IOC /⚙ 3 Sigma

Tenda Router Vulnerability Exposes Networks to Remote Attacks

CVE-2026-6197 — A flaw has been found in Tenda F456 1.0.0.5. This vulnerability affects the function formWrlsafeset of the file /goform/AdvSetWrlsafeset. Executing a manipulation of...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-121
/HIGH /8.8 /⚑ 1 IOC /⚙ 4 Sigma

Pachno Framework Critical Deserialization Flaw Allows RCE

CVE-2026-40044 — Pachno 1.0.6 contains a deserialization vulnerability that allows unauthenticated attackers to execute arbitrary code by injecting malicious serialized objects into cache files. Attackers...

vulnerabilityCVEcriticalhigh-severityinsecure-deserializationcwe-502
/CRITICAL /9.8 /⚑ 1 IOC /⚙ 5 Sigma

CVE-2026-40043 — The RunSwitchUser() Action That Authentication Bypass

CVE-2026-40043 — Pachno 1.0.6 contains an authentication bypass vulnerability in the runSwitchUser() action that allows authenticated low-privilege users to escalate privileges by manipulating the original_username...

vulnerabilityCVEauthentication-bypasscwe-639
/MEDIUM /6.5 /⚑ 2 IOCs

Pachno Suffers Critical XML Injection Vulnerability (CVE-2026-40042)

CVE-2026-40042 — Pachno 1.0.6 contains an XML external entity injection vulnerability that allows unauthenticated attackers to read arbitrary files by exploiting unsafe XML parsing in...

vulnerabilityCVEcriticalhigh-severityarbitrary-file-accesscwe-403
/CRITICAL /9.8 /⚑ 5 IOCs /⚙ 3 Sigma

CVE-2026-40041 — Pachno 1.0.6 contains a cross-site request forgery

CVE-2026-40041 — Pachno 1.0.6 contains a cross-site request forgery vulnerability that allows attackers to perform arbitrary actions in authenticated user context by exploiting missing CSRF...

vulnerabilityCVEcwe-352
/MEDIUM /4.3 /⚑ 2 IOCs

Pachno RCE: Unrestricted File Upload Bypasses Filters

CVE-2026-40040 — Pachno 1.0.6 contains an unrestricted file upload vulnerability that allows authenticated users to upload arbitrary file types by bypassing ineffective extension filtering to...

vulnerabilityCVEhigh-severityremote-code-executioncwe-434
/HIGH /8.8 /⚑ 3 IOCs /⚙ 5 Sigma

CVE-2026-40039 — Open Redirect

CVE-2026-40039 — Pachno 1.0.6 contains an open redirection vulnerability that allows attackers to redirect users to arbitrary external websites by manipulating the return_to parameter. Attackers...

vulnerabilityCVEopen-redirectcwe-305
/MEDIUM /6.5 /⚑ 2 IOCs

Pachno 1.0.6 Plagued by Stored XSS

CVE-2026-40038 — Pachno 1.0.6 contains a stored cross-site scripting vulnerability that allows attackers to execute arbitrary HTML and script code by injecting malicious payloads into...

vulnerabilityCVEhigh-severitycross-site-scripting-xss-cwe-79
/HIGH /7.2 /⚑ 3 IOCs /⚙ 4 Sigma

Tenda F456 Routers Hit by Critical Remote Buffer Overflow

CVE-2026-6196 — A vulnerability was detected in Tenda F456 1.0.0.5. This affects the function fromexeCommand of the file /goform/exeCommand. Performing a manipulation of the argument...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-121
/HIGH /8.8 /⚑ 4 IOCs /⚙ 4 Sigma

Critical RCE Hits Totolink Routers: Patch Your A7100RU Now

CVE-2026-6195 — A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313_b20191024. Affected by this issue is the function setPasswordCfg of the file /cgi-bin/cstecgi.cgi of...

vulnerabilityCVEcriticalhigh-severitycommand-injectioncwe-77cwe-78
/CRITICAL /9.8 /⚑ 5 IOCs /⚙ 4 Sigma

Totolink A3002MU B20211125.1046 Router Faces High-Severity RCE

CVE-2026-6194 — A weakness has been identified in Totolink A3002MU B20211125.1046. Affected by this vulnerability is the function sub_410188 of the file /boafrm/formWlanSetup of the...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-121
/HIGH /8.8 /⚑ 5 IOCs /⚙ 5 Sigma

jq Integer Overflow: Heap Buffer Overflow Risks Untrusted Queries

CVE-2026-32316 — jq is a command-line JSON processor. An integer overflow vulnerability exists through version 1.8.1 within the jvp_string_append() and jvp_string_copy_replace_bad functions, where concatenating strings...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-122cwe-190
/HIGH /8.2 /⚑ 5 IOCs /⚙ 4 Sigma

Git Option Manipulation Flaw Bypasses Safety Checks

CVE-2026-28291 — simple-git enables running native Git commands from JavaScript. Versions up to and including 3.31.1 allow execution of arbitrary commands through Git option manipulation,...

vulnerabilityCVEhigh-severitycwe-78
/HIGH /8.1 /⚑ 5 IOCs /⚙ 5 Sigma

CVE-2025-3756 — AC800M (System 800xA): From 6.0.0x Vulnerability

CVE-2025-3756 — A vulnerability exists in the command handling of the IEC 61850 communication stack included in the product revisions listed as affected in this...

vulnerabilityCVEcwe-1284
/MEDIUM /6.5 /⚑ 2 IOCs

PHPGurukul Daily Expense System Hit by SQLi Vulnerability

CVE-2026-6193 — A security flaw has been discovered in PHPGurukul Daily Expense Tracking System 1.1. Affected is an unknown function of the file /register.php. The...

vulnerabilityCVEhigh-severitysql-injectioncwe-74cwe-89
/HIGH /7.3 /⚑ 1 IOC /⚙ 6 Sigma

CVE-2026-6191 — An Unknown Function Of The File /Equipments.Php SQL Injection

CVE-2026-6191 — A vulnerability was determined in itsourcecode Construction Management System 1.0. This affects an unknown function of the file /equipments.php. Executing a manipulation of...

vulnerabilityCVEsql-injectioncwe-74cwe-89
/MEDIUM /6.3 /⚑ 3 IOCs

CVE-2026-6190 — Itsourcecode Construction Management System SQL Injection

CVE-2026-6190 — A vulnerability was found in itsourcecode Construction Management System 1.0. The impacted element is an unknown function of the file /employees.php. Performing a...

vulnerabilityCVEsql-injectioncwe-74cwe-89
/MEDIUM /6.3 /⚑ 3 IOCs

SQL Injection Found in Pharmacy Sales and Inventory System

CVE-2026-6189 — A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. The affected element is an unknown function of the file...

vulnerabilityCVEhigh-severitysql-injectioncwe-74cwe-89
/HIGH /7.3 /⚑ 3 IOCs /⚙ 6 Sigma

CVE-2026-33555 — HAProxy Vulnerability

CVE-2026-33555 — An issue was discovered in HAProxy before 3.3.6. The HTTP/3 parser does not check that the received body length matches a previously announced...

vulnerabilityCVEcwe-130
/MEDIUM /4 /⚑ 2 IOCs

CVE-2026-6231 — Applications That Rely On These Functions To Validate Untrus Vulnerability

CVE-2026-6231 — The bson_validate function may return early on specific inputs and incorrectly report success. This behavior could result in skipping validation for BSON data,...

vulnerabilityCVEcwe-20
/MEDIUM /4.3 /⚑ 2 IOCs

SQL Injection Flaw Found in Pharmacy System: Exploit Available

CVE-2026-6188 — A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. Impacted is an unknown function of the file /ajax.php?action=delete_sales. This...

vulnerabilityCVEhigh-severitysql-injectioncwe-74cwe-89
/HIGH /7.3 /⚑ 3 IOCs /⚙ 6 Sigma

SQLi Exploit Public for SourceCodester Pharmacy System

CVE-2026-6187 — A vulnerability was detected in SourceCodester Pharmacy Sales and Inventory System 1.0. This issue affects some unknown processing of the file /ajax.php?action=chk_prod_availability. The...

vulnerabilityCVEhigh-severitysql-injectioncwe-74cwe-89
/HIGH /7.3 /⚑ 1 IOC /⚙ 6 Sigma

UTT HiPER 1200GW Buffer Overflow: Remote Exploit Publicly Available

CVE-2026-6186 — A security vulnerability has been detected in UTT HiPER 1200GW up to 2.5.3-170306. This vulnerability affects the function strcpy of the file /goform/formNatStaticMap....

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-120
/HIGH /8.8 /⚑ 3 IOCs /⚙ 4 Sigma

CVE-2025-31991 — Rate Limiting for attempting a user login is not being

CVE-2025-31991 — Rate Limiting for attempting a user login is not being properly enforced, making HCL DevOps Velocity susceptible to brute-force attacks past the unsuccessful...

vulnerabilityCVEcwe-307
/MEDIUM /6.8 /⚑ 2 IOCs

SQLi Exploit Drops for Simple CMS 1.0

CVE-2026-6183 — A security flaw has been discovered in code-projects Simple Content Management System 1.0. Affected by this issue is some unknown functionality of the...

vulnerabilityCVEhigh-severitysql-injectioncwe-74cwe-89
/HIGH /7.3 /⚑ 3 IOCs /⚙ 6 Sigma

SQL Injection Found in Simple CMS: Public Exploit Available

CVE-2026-6182 — A vulnerability was identified in code-projects Simple Content Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /web/admin/login.php....

vulnerabilityCVEhigh-severitysql-injectioncwe-74cwe-89
/HIGH /7.3 /⚑ 3 IOCs /⚙ 6 Sigma

Keras Vulnerability Lets Attackers Execute Code Via SavedModels

CVE-2026-1462 — A vulnerability in the `TFSMLayer` class of the `keras` package, version 3.13.0, allows attacker-controlled TensorFlow SavedModels to be loaded during deserialization of `.keras`...

vulnerabilityCVEhigh-severitycode-executioncwe-502
/HIGH /8.8 /⚑ 1 IOC /⚙ 7 Sigma

CVE-2026-21643 — Fortinet FortiClient EMS: Fortinet SQL Injection Vulnerability

CVE-2026-21643 — Fortinet FortiClient EMS contains a SQL injection vulnerability that may allow an unauthenticated attacker to execute unauthorized code or commands via specifically crafted...

vulnerabilityCVEcisa-kevactively-exploited
/HIGH /⚑ 3 IOCs /⚙ 6 Sigma

CVE-2025-60710 — Microsoft Windows: Microsoft Windows Link Following Vulnerability

CVE-2025-60710 — Microsoft Windows contains a link following vulnerability that allows for privilege escalation

vulnerabilityCVEcisa-kevactively-exploited
/HIGH /⚑ 2 IOCs /⚙ 1 Sigma

CVE-2023-36424 — Microsoft Windows: Microsoft Windows Out-of-Bounds Read Vulnerability

CVE-2023-36424 — Microsoft Windows Common Log File System Driver contains an out-of-bounds read vulnerability that could allow a threat actor for privileges escalation

vulnerabilityCVEcisa-kevactively-exploited
/HIGH /⚑ 1 IOC /⚙ 1 Sigma

CVE-2023-21529 — Microsoft Exchange Server: Microsoft Exchange Server Deserialization of Untrusted Data Vulnerability

CVE-2023-21529 — Microsoft Exchange Server contains a deserialization of untrusted data that allows an authenticated attacker to achieve remote code execution.

vulnerabilityCVEcisa-kevactively-exploited
/HIGH /⚑ 2 IOCs /⚙ 5 Sigma

CVE-2020-9715 — Adobe Acrobat: Adobe Acrobat Use-After-Free Vulnerability

CVE-2020-9715 — Adobe Acrobat contains a use-after-free vulnerability that allows for code execution

vulnerabilityCVEcisa-kevactively-exploited
/HIGH /⚑ 1 IOC /⚙ 1 Sigma

CVE-2012-1854 — Microsoft Visual Basic for Applications (VBA): Microsoft Visual Basic for Applications Insecure Library Loading Vulnerability

CVE-2012-1854 — Microsoft Visual Basic for Applications (VBA) contains an insecure library loading vulnerability that could allow for remote code execution.

vulnerabilityCVEcisa-kevactively-exploited
/HIGH /⚑ 2 IOCs /⚙ 5 Sigma

TOTOLINK A7000R Stack Buffer Overflow: Remote Exploit Published

CVE-2026-6168 — A flaw has been found in TOTOLINK A7000R up to 9.1.0u.6115. The affected element is the function setWiFiEasyGuestCfg of the file /cgi-bin/cstecgi.cgi. This...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-121
/HIGH /8.8 /⚑ 4 IOCs /⚙ 5 Sigma

SQLi Flaw Hits Faculty Management System: Exploit Public

CVE-2026-6167 — A vulnerability was detected in code-projects Faculty Management System 1.0. Impacted is an unknown function of the file /subject-print.php. The manipulation of the...

vulnerabilityCVEhigh-severitysql-injectioncwe-74cwe-89
/HIGH /7.3 /⚑ 3 IOCs /⚙ 6 Sigma

SQLi Flaw Hits Vehicle Showroom Management System

CVE-2026-6166 — A security vulnerability has been detected in code-projects Vehicle Showroom Management System 1.0. This issue affects some unknown processing of the file /util/UpdateVehicleFunction.php....

vulnerabilityCVEhigh-severitysql-injectioncwe-74cwe-89
/HIGH /7.3 /⚑ 3 IOCs /⚙ 6 Sigma

CVE-2026-5936: High-Severity SSRF Poses Internal Network Threat

CVE-2026-5936 — An attacker can control a server-side HTTP request by supplying a crafted URL, causing the server to initiate requests to arbitrary destinations. This...

vulnerabilityCVEhigh-severityinformation-disclosurecwe-918
/HIGH /8.5 /⚑ 3 IOCs /⚙ 5 Sigma

CVE-2026-40436 — The ZTE ZXEDM iEMS product has a password reset

CVE-2026-40436 — The ZTE ZXEDM iEMS product has a password reset vulnerability for any user.Because the management of the cloud EMS portal does not properly...

vulnerabilityCVEhigh-severity
/HIGH /7.1 /⚑ 1 IOC /⚙ 5 Sigma

CVE-2026-6165 — Unknown Code Of The File /Util/Login_check.Php SQL Injection

CVE-2026-6165 — A weakness has been identified in code-projects Vehicle Showroom Management System 1.0. This vulnerability affects unknown code of the file /util/Login_check.php. Executing a...

vulnerabilityCVEhigh-severitysql-injectioncwe-74cwe-89
/HIGH /7.3 /⚑ 3 IOCs /⚙ 6 Sigma

CVE-2026-6164 — Code-Projects Lost And Found Thing Management SQL Injection

CVE-2026-6164 — A security flaw has been discovered in code-projects Lost and Found Thing Management 1.0. This affects an unknown part of the file /addcat.php....

vulnerabilityCVEhigh-severitysql-injectioncwe-74cwe-89
/HIGH /7.3 /⚑ 3 IOCs /⚙ 6 Sigma

SQLi Found in Lost and Found Thing Management

CVE-2026-6163 — A vulnerability was identified in code-projects Lost and Found Thing Management 1.0. Affected by this issue is some unknown functionality of the file...

vulnerabilityCVEhigh-severitysql-injectioncwe-74cwe-89
/HIGH /7.3 /⚑ 1 IOC /⚙ 6 Sigma

CVE-2026-6161: Simple ChatBox SQLi — High Severity, Public Exploit

CVE-2026-6161 — A vulnerability was determined in code-projects Simple ChatBox up to 1.0. This affects an unknown part of the file /chatbox/insert.php of the component...

vulnerabilityCVEhigh-severitysql-injectioncwe-74cwe-89
/HIGH /7.3 /⚑ 4 IOCs /⚙ 6 Sigma

Totolink N300RH Router Hit by Remote Command Injection

CVE-2026-6158 — A flaw has been found in Totolink N300RH 6.1c.1353_B20190305. Affected is the function setUpgradeUboot of the file upgrade.so. This manipulation of the argument...

vulnerabilityCVEhigh-severitycommand-injectioncwe-77cwe-78
/HIGH /7.3 /⚑ 4 IOCs /⚙ 4 Sigma

CVE-2026-40446 — Samsung Open Source Escargot Vulnerability

CVE-2026-40446 — Access of resource using incompatible type ('type confusion') vulnerability in Samsung Open Source Escargot allows Pointer Manipulation.This issue affects Escargot: 97e8115ab1110bc502b4b5e4a0c689a71520d335.

vulnerabilityCVEcwe-843
/MEDIUM /6.5 /⚑ 2 IOCs

High-Severity Integer Overflow in Samsung Escargot Poses Risk

CVE-2026-25208 — Integer overflow vulnerability in Samsung Open Source Escargot allows Overflow Buffers.This issue affects Escargot: 97e8115ab1110bc502b4b5e4a0c689a71520d335.

vulnerabilityCVEhigh-severityinteger-overflowcwe-190
/HIGH /8.1 /⚑ 3 IOCs /⚙ 3 Sigma

Samsung Escargot Heap Overflow: A Ticking Time Bomb

CVE-2026-25205 — Heap-based buffer overflow vulnerability in Samsung Open Source Escargot allows out-of-bounds write.This issue affects Escargot:commit hash  97e8115ab1110bc502b4b5e4a0c689a71520d335 .

vulnerabilityCVEhigh-severitybuffer-overflowcwe-122
/HIGH /8.1 /⚑ 1 IOC /⚙ 3 Sigma

Totolink A800R Routers Hit by Remote Buffer Overflow

CVE-2026-6157 — A vulnerability was detected in Totolink A800R 4.1.2cu.5137_B20200730. This impacts the function setAppEasyWizardConfig in the library /lib/cste_modules/app.so. The manipulation of the argument apcliSsid...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-120
/HIGH /8.8 /⚑ 3 IOCs /⚙ 4 Sigma

Critical RCE Hits Totolink Routers: CVE-2026-6156 Explained

CVE-2026-6156 — A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313_b20191024. This affects the function setIpQosRules of the file /cgi-bin/cstecgi.cgi of the component CGI...

vulnerabilityCVEcriticalhigh-severitycommand-injectioncwe-77cwe-78
/CRITICAL /9.8 /⚑ 5 IOCs /⚙ 4 Sigma

Critical RCE Found in Totolink A7100RU Routers

CVE-2026-6155 — A weakness has been identified in Totolink A7100RU 7.4cu.2313. The impacted element is the function setWanCfg of the file /cgi-bin/cstecgi.cgi of the component...

vulnerabilityCVEcriticalhigh-severitycommand-injectioncwe-77cwe-78
/CRITICAL /9.8 /⚑ 5 IOCs /⚙ 4 Sigma

Critical RCE Flaw in Totolink A7100RU Routers Exposed

CVE-2026-6154 — A security flaw has been discovered in Totolink A7100RU 7.4cu.2313_b20191024. The affected element is the function setWizardCfg of the file /cgi-bin/cstecgi.cgi of the...

vulnerabilityCVEcriticalhigh-severitycommand-injectioncwe-77cwe-78
/CRITICAL /9.8 /⚑ 5 IOCs /⚙ 4 Sigma

SQLi Found in Vehicle Showroom Management System

CVE-2026-6153 — A vulnerability was identified in code-projects Vehicle Showroom Management System 1.0. Impacted is an unknown function of the file /util/StaffDetailsFunction.php. Such manipulation of...

vulnerabilityCVEhigh-severitysql-injectioncwe-74cwe-89
/HIGH /7.3 /⚑ 3 IOCs /⚙ 6 Sigma

UAF Flaw Hits Communication Module, Poses High Availability Risk

CVE-2026-34856 — UAF vulnerability in the communication module. Impact: Successful exploitation of this vulnerability may affect availability.

vulnerabilityCVEhigh-severitycwe-362
/HIGH /7.3 /⚑ 1 IOC /⚙ 3 Sigma

High-Severity Permission Bypass Hits LBS Module

CVE-2026-34853 — Permission bypass vulnerability in the LBS module. Impact: Successful exploitation of this vulnerability may affect availability.

vulnerabilityCVEhigh-severitycwe-270
/HIGH /7.7 /⚑ 1 IOC /⚙ 3 Sigma

CVE-2026-6152: SQLi Hits Vehicle Showroom Management System

CVE-2026-6152 — A vulnerability was determined in code-projects Vehicle Showroom Management System 1.0. This issue affects some unknown processing of the file /util/StaffAddingFunction.php. This manipulation...

vulnerabilityCVEhigh-severitysql-injectioncwe-74cwe-89
/HIGH /7.3 /⚑ 3 IOCs /⚙ 6 Sigma

SQLi Found in Vehicle Showroom System (CVE-2026-6151)

CVE-2026-6151 — A vulnerability was found in code-projects Vehicle Showroom Management System 1.0. This vulnerability affects unknown code of the file /util/PaymentStatusFunction.php. The manipulation of...

vulnerabilityCVEhigh-severitysql-injectioncwe-74cwe-89
/HIGH /7.3 /⚑ 4 IOCs /⚙ 6 Sigma

CVE-2026-6150 — Code-Projects Simple Laundry System Vulnerability

CVE-2026-6150 — A vulnerability has been found in code-projects Simple Laundry System 1.0. This affects an unknown part of the file /checkupdatestatus.php. The manipulation of...

vulnerabilityCVEcwe-79cwe-94
/MEDIUM /4.3 /⚑ 3 IOCs

CVE-2026-6149 — Code-Projects Vehicle Showroom Management System SQL Injection

CVE-2026-6149 — A flaw has been found in code-projects Vehicle Showroom Management System 1.0. Affected by this issue is some unknown functionality of the file...

vulnerabilityCVEhigh-severitysql-injectioncwe-74cwe-89
/HIGH /7.3 /⚑ 3 IOCs /⚙ 6 Sigma

CVE-2026-6148: SQLi Hits Vehicle Showroom Management System

CVE-2026-6148 — A vulnerability was detected in code-projects Vehicle Showroom Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /util/MonthTotalReportUpdateFunction.php....

vulnerabilityCVEhigh-severitysql-injectioncwe-74cwe-89
/HIGH /7.3 /⚑ 3 IOCs /⚙ 6 Sigma

CVE-2026-6143 — Farion1231 Cc-Switch Vulnerability

CVE-2026-6143 — A security flaw has been discovered in farion1231 cc-switch up to 3.12.3. Affected by this issue is some unknown functionality of the file...

vulnerabilityCVEcwe-346cwe-942
/MEDIUM /6.3 /⚑ 3 IOCs

SQL Injection Found in Hotel Management System

CVE-2026-6142 — A vulnerability was identified in tushar-2223 Hotel Management System up to bb1f3b3666124b888f1e4bcf51b6fba9fbb01d15. Affected by this vulnerability is an unknown functionality of the file...

vulnerabilityCVEhigh-severitysql-injectioncwe-74cwe-89
/HIGH /7.3 /⚑ 3 IOCs /⚙ 6 Sigma

CVE-2026-6141 — Command Injection

CVE-2026-6141 — A vulnerability was determined in danielmiessler Personal_AI_Infrastructure up to 2.3.0. Affected is an unknown function of the file Skills/Parser/Tools/parse_url.ts. Executing a manipulation can...

vulnerabilityCVEcommand-injectioncwe-77cwe-78
/MEDIUM /6.3 /⚑ 3 IOCs

Critical RCE Found in Totolink A7100RU Routers

CVE-2026-6140 — A vulnerability was found in Totolink A7100RU 7.4cu.2313_b20191024. This impacts the function UploadFirmwareFile of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing...

vulnerabilityCVEcriticalhigh-severitycommand-injectioncwe-77cwe-78
/CRITICAL /9.8 /⚑ 5 IOCs /⚙ 4 Sigma

Critical RCE Found in Totolink A7100RU Routers

CVE-2026-6139 — A vulnerability has been found in Totolink A7100RU 7.4cu.2313_b20191024. This affects the function UploadOpenVpnCert of the file /cgi-bin/cstecgi.cgi of the component CGI Handler....

vulnerabilityCVEcriticalhigh-severitycommand-injectioncwe-77cwe-78
/CRITICAL /9.8 /⚑ 5 IOCs /⚙ 4 Sigma

CVE-2026-25204 — Samsung Open Source Escarogt Java Script Denial of Service

CVE-2026-25204 — Deserialization of untrusted data vulnerability in Samsung Open Source Escarogt Java Script allows denial of service condition via process abort. This issue affects...

vulnerabilityCVEdenial-of-servicecwe-502cwe-843
/MEDIUM /6.2 /⚑ 3 IOCs

Totolink A7100RU Routers Hit by Critical OS Command Injection

CVE-2026-6138 — A flaw has been found in Totolink A7100RU 7.4cu.2313_b20191024. The impacted element is the function setAccessDeviceCfg of the file /cgi-bin/cstecgi.cgi of the component...

vulnerabilityCVEcriticalhigh-severitycommand-injectioncwe-77cwe-78
/CRITICAL /9.8 /⚑ 5 IOCs /⚙ 4 Sigma

Tenda F451 Router Stack Overflow: Public Exploit Available

CVE-2026-6137 — A vulnerability was detected in Tenda F451 1.0.0.7_cn_svn7958. The affected element is the function fromAdvSetWan of the file /goform/AdvSetWan. The manipulation of the...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-121
/HIGH /8.8 /⚑ 4 IOCs /⚙ 3 Sigma

High-Severity Buffer Overflow Hits Tenda F451 Routers

CVE-2026-6136 — A security vulnerability has been detected in Tenda F451 1.0.0.7_cn_svn7958. Impacted is the function frmL7ImForm of the file /goform/L7Im. The manipulation of the...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-121
/HIGH /8.8 /⚑ 4 IOCs /⚙ 4 Sigma

Tenda F451 Router Hit by Remote Stack Buffer Overflow

CVE-2026-6135 — A weakness has been identified in Tenda F451 1.0.0.7_cn_svn7958. This issue affects the function fromSetIpBind of the file /goform/SetIpBind. Executing a manipulation of...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-121
/HIGH /8.8 /⚑ 4 IOCs /⚙ 4 Sigma

Tenda F451 Router Hit by Remote Buffer Overflow

CVE-2026-6134 — A security flaw has been discovered in Tenda F451 1.0.0.7_cn_svn7958. This vulnerability affects the function fromqossetting of the file /goform/qossetting. Performing a manipulation...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-121
/HIGH /8.8 /⚑ 4 IOCs /⚙ 5 Sigma

Tenda Router Faces Critical Stack Buffer Overflow

CVE-2026-6133 — A vulnerability was identified in Tenda F451 1.0.0.7_cn_svn7958. This affects the function fromSafeUrlFilter of the file /goform/SafeUrlFilter. Such manipulation of the argument page...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-121
/HIGH /8.8 /⚑ 4 IOCs /⚙ 4 Sigma

Critical RCE Found in Totolink A7100RU Routers

CVE-2026-6132 — A vulnerability was determined in Totolink A7100RU 7.4cu.2313_b20191024. Affected by this issue is the function setLedCfg of the file /cgi-bin/cstecgi.cgi of the component...

vulnerabilityCVEcriticalhigh-severitycommand-injectioncwe-77cwe-78
/CRITICAL /9.8 /⚑ 5 IOCs /⚙ 4 Sigma

Critical RCE Flaw Hits Totolink Routers

CVE-2026-6131 — A vulnerability was found in Totolink A7100RU 7.4cu.2313_b20191024. Affected by this vulnerability is the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi of the component...

vulnerabilityCVEcriticalhigh-severitycommand-injectioncwe-77cwe-78
/CRITICAL /9.8 /⚑ 5 IOCs /⚙ 4 Sigma

New Chatbox AI Flaw: Remote OS Command Injection

CVE-2026-6130 — A flaw has been found in chatboxai chatbox up to 1.20.0. This impacts the function StdioClientTransport of the file src/main/mcp/ipc-stdio-transport.ts of the component...

vulnerabilityCVEhigh-severitycommand-injectioncwe-77cwe-78
/HIGH /7.3 /⚑ 4 IOCs /⚙ 4 Sigma

ChatGPT-on-WeChat Agent Mode Vulnerability Exposes Users

CVE-2026-6129 — A vulnerability was detected in zhayujie chatgpt-on-wechat CowAgent up to 2.0.4. This affects an unknown function of the component Agent Mode Service. Performing...

vulnerabilityCVEhigh-severitycwe-287cwe-306
/HIGH /7.3 /⚑ 2 IOCs /⚙ 4 Sigma

CVE-2026-40396 — Denial of Service

CVE-2026-40396 — Varnish Cache 9 before 9.0.1 allows a "workspace overflow" denial of service (daemon panic) after timeout_linger. A malicious client could send an HTTP/1...

vulnerabilityCVEdenial-of-servicecwe-670
/MEDIUM /4 /⚑ 2 IOCs

CVE-2026-40395 — Denial of Service

CVE-2026-40395 — Varnish Enterprise before 6.0.16r12 allows a "workspace overflow" denial of service (daemon panic) for shared VCL. The headerplus.write_req0() function from vmod_headerplus updates the...

vulnerabilityCVEdenial-of-servicecwe-770
/MEDIUM /4 /⚑ 2 IOCs

CVE-2026-40394 — Denial of Service

CVE-2026-40394 — Varnish Cache 9 before 9.0.1 and Varnish Enterprise before 6.0.16r11 allows a "workspace overflow" denial of service (daemon panic) for certain amounts of...

vulnerabilityCVEdenial-of-servicecwe-670
/MEDIUM /4 /⚑ 2 IOCs

Mesa WebGPU Bug Allows Out-of-Bounds Memory Access

CVE-2026-40393 — In Mesa before 25.3.6 and 26 before 26.0.1, out-of-bounds memory access can occur in WebGPU because the amount of to-be-allocated data depends on...

vulnerabilityCVEhigh-severitycwe-787
/HIGH /8.1 /⚑ 3 IOCs /⚙ 4 Sigma

CVE-2026-40386 — In libexif through 0.6.25, an integer underflow in size

CVE-2026-40386 — In libexif through 0.6.25, an integer underflow in size checking for Fuji and Olympus MakerNote decoding could be used by attackers to crash...

vulnerabilityCVEcwe-191
/MEDIUM /4 /⚑ 2 IOCs

CVE-2026-40385 — Integer Overflow

CVE-2026-40385 — In libexif through 0.6.25, an unsigned 32bit integer overflow in Nikon MakerNote handling could be used by local attackers to cause crashes or...

vulnerabilityCVEinteger-overflowcwe-190
/MEDIUM /4 /⚑ 2 IOCs

CVE-2019-25709 — CF Image Hosting Script 1.6.5 allows unauthenticated

CVE-2019-25709 — CF Image Hosting Script 1.6.5 allows unauthenticated attackers to download and decode the application database by accessing the imgdb.db file in the upload/data...

vulnerabilityCVEcriticalhigh-severitycwe-552
/CRITICAL /9.8 /⚑ 2 IOCs /⚙ 4 Sigma

CVE-2019-25705 — Buffer Overflow

CVE-2019-25705 — Echo Mirage 3.1 contains a stack buffer overflow vulnerability that allows local attackers to crash the application or execute arbitrary code by supplying...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-787
/HIGH /8.4 /⚑ 3 IOCs /⚙ 6 Sigma

CVE-2019-25701: Easy Video to iPod Converter Buffer Overflow

CVE-2019-25701 — Easy Video to iPod Converter 1.6.20 contains a local buffer overflow vulnerability in the user registration field that allows local attackers to overwrite...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-787
/HIGH /8.4 /⚑ 4 IOCs /⚙ 4 Sigma

Unauthenticated SQLi Threatens CMSsite 1.0

CVE-2019-25697 — CMSsite 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the cat_id parameter....

vulnerabilityCVEhigh-severitysql-injectioncwe-89
/HIGH /8.2 /⚑ 4 IOCs /⚙ 4 Sigma

R 3.4.4 Local Buffer Overflow: Arbitrary Code Execution via GUI

CVE-2019-25695 — R 3.4.4 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by injecting malicious input into the GUI Preferences...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-787
/HIGH /8.4 /⚑ 3 IOCs /⚙ 3 Sigma

Faleemi Desktop Software CVE-2019-25691: Buffer Overflow Bypasses DEP

CVE-2019-25691 — Faleemi Desktop Software 1.8 contains a local buffer overflow vulnerability in the System Setup dialog that allows attackers to bypass DEP protections through...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-787
/HIGH /8.4 /⚑ 3 IOCs /⚙ 5 Sigma

CVE-2019-25689 — Code Execution

CVE-2019-25689 — HTML5 Video Player 1.2.5 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by supplying an oversized key code...

vulnerabilityCVEhigh-severitycode-executioncwe-787
/HIGH /8.4 /⚑ 1 IOC /⚙ 6 Sigma

CVE-2018-25258 — The GUI Preferences Dialog That Code Execution

CVE-2018-25258 — RGui 3.5.0 contains a local buffer overflow vulnerability in the GUI preferences dialog that allows attackers to bypass DEP protections through structured exception...

vulnerabilityCVEhigh-severitycode-executioncwe-434
/HIGH /8.4 /⚑ 3 IOCs /⚙ 5 Sigma

CVE-2026-6124 — The Function FromSafeMacFilter Of The File /Goform/SafeMacFi Buffer Overflow

CVE-2026-6124 — A vulnerability was determined in Tenda F451 1.0.0.7. This vulnerability affects the function fromSafeMacFilter of the file /goform/SafeMacFilter of the component httpd. Executing...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-121
/HIGH /8.8 /⚑ 1 IOC /⚙ 4 Sigma

Tenda F451 Router Hit by Remote Buffer Overflow

CVE-2026-6123 — A vulnerability was found in Tenda F451 1.0.0.7. This affects the function fromAddressNat of the file /goform/addressNat of the component httpd. Performing a...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-121
/HIGH /8.8 /⚑ 5 IOCs /⚙ 4 Sigma

Tenda F451 Router Hit with High-Severity Buffer Overflow

CVE-2026-6122 — A vulnerability has been found in Tenda F451 1.0.0.7. Affected by this issue is the function frmL7ProtForm of the file /goform/L7Prot of the...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-121
/HIGH /8.8 /⚑ 5 IOCs

Tenda F451 Router Hit with Critical Buffer Overflow

CVE-2026-6121 — A flaw has been found in Tenda F451 1.0.0.7. Affected by this vulnerability is the function WrlclientSet of the file /goform/WrlclientSet of the...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-121
/HIGH /8.8 /⚑ 5 IOCs /⚙ 4 Sigma

Linux Kernel BPF Bug Forks Verifier, Allows OOB Map Access

A critical vulnerability, tracked as CVE-2026-31413, has been identified and patched in the Linux kernel. According to CVE Notify, the issue lies within the BPF...

vulnerabilityCVE
/HIGH /⚑ 3 IOCs /⚙ 2 Sigma

Tenda F451 Router Hit by Remote Buffer Overflow

CVE-2026-6120 — A vulnerability was detected in Tenda F451 1.0.0.7. Affected is the function fromDhcpListClient of the file /goform/DhcpListClient of the component httpd. The manipulation...

vulnerabilityCVEhigh-severitybuffer-overflowcwe-119cwe-121
/HIGH /8.8 /⚑ 5 IOCs /⚙ 3 Sigma

CVE-2026-6119 — A vulnerability was identified in AstrBotDevs AstrBot up to

CVE-2026-6119 — A vulnerability was identified in AstrBotDevs AstrBot up to 4.22.1. The affected element is the function post_data.get of the component API Endpoint. Such...

vulnerabilityCVEserver-side-request-forgerycwe-918
/MEDIUM /6.3

CVE-2026-6116 — Totolink A7100RU 7.4cu.2313_b20191024 Command Injection

CVE-2026-6116 — A vulnerability has been found in Totolink A7100RU 7.4cu.2313_b20191024. This vulnerability affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi of the component CGI...

vulnerabilityCVEcriticalhigh-severitycommand-injectioncwe-77cwe-78
/CRITICAL /9.8 /⚑ 5 IOCs /⚙ 4 Sigma

CVE-2026-6115 — Totolink A7100RU 7.4cu.2313_b20191024 Command Injection

CVE-2026-6115 — A flaw has been found in Totolink A7100RU 7.4cu.2313_b20191024. This affects the function setAppCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler....

vulnerabilityCVEcriticalhigh-severitycommand-injectioncwe-77cwe-78
/CRITICAL /9.8 /⚑ 5 IOCs /⚙ 4 Sigma

Linux Kernel Patch Plugs Resource Leak in Block Subsystem

CVE Notify recently brought to our attention a crucial fix in the Linux kernel, specifically addressing a resource leak within the `blk_register_queue()` error path. This...

vulnerabilityCVE
/HIGH /⚑ 3 IOCs /⚙ 3 Sigma

xdg-dbus-proxy Flaw Bypasses Eavesdrop Restrictions

A critical policy parser vulnerability, identified as CVE-2026-34080, has been uncovered in `xdg-dbus-proxy`. This tool acts as a filtering proxy for D-Bus connections, designed to...

vulnerabilityCVE
/HIGH /⚑ 2 IOCs /⚙ 7 Sigma

UsersWP Plugin SSRF Vulnerability Exposes WordPress Sites

A critical blind Server-Side Request Forgery (SSRF) vulnerability has been identified in the UsersWP – Front-end login form, User Registration, User Profile & Members Directory...

vulnerabilityCVE
/HIGH /⚑ 5 IOCs /⚙ 4 Sigma

CVE-2026-35534 — ChurchCRM is an open-source church management system. Prior to 7.1.0, a stored…

🚨 CVE-2026-35534 ChurchCRM is an open-source church management system. Prior to 7.1.0, a stored cross-site scripting vulnerability exists in PersonView.php due to incorrect use of...

vulnerabilityCVE
/HIGH /⚑ 1 IOC /⚙ 4 Sigma

CVE-2026-23555 — Any guest issuing a Xenstore command accessing a node using the

🚨 CVE-2026-23555 Any guest issuing a Xenstore command accessing a node using the (illegal) node path "/local/domain/", will crash xenstored due to a clobbered error...

vulnerabilityCVEthreat-intel
/HIGH /⚑ 1 IOC /⚙ 1 Sigma

CVE-2026-33186 — gRPC-Go is the Go language implementation of gRPC. Versions prior to 1.79.3…

🚨 CVE-2026-33186 gRPC-Go is the Go language implementation of gRPC. Versions prior to 1.79.3 have an authorization bypass resulting from improper input validation of the...

vulnerabilityCVE
/HIGH /⚑ 1 IOC /⚙ 4 Sigma

CVE-2026-40175 — Axios is a promise based HTTP client for the browser and Node.js. Prior to…

🚨 CVE-2026-40175 Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.0, the Axios library is vulnerable to a specific...

vulnerabilityCVEcloud
/HIGH /⚑ 1 IOC /⚙ 5 Sigma

CVE-2026-40168 — Postiz is an AI social media scheduling tool. Prior to 2.21.5, the…

🚨 CVE-2026-40168 Postiz is an AI social media scheduling tool. Prior to 2.21.5, the /api/public/stream endpoint is vulnerable to SSRF. Although the application validates the...

vulnerabilityCVEtools
/HIGH /⚑ 1 IOC /⚙ 5 Sigma

CVE-2026-39922 — GeoNode versions 4.0 before 4.4.5 and 5.0 before 5.0.2 contain a server-side…

🚨 CVE-2026-39922 GeoNode versions 4.0 before 4.4.5 and 5.0 before 5.0.2 contain a server-side request forgery vulnerability in the service registration endpoint that allows authenticated...

vulnerabilityCVEcloud
/HIGH /⚑ 1 IOC /⚙ 3 Sigma

CVE-2026-32252 — Chartbrew is an open-source web application that can connect directly to…

🚨 CVE-2026-32252 Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create charts. Prior to...

vulnerabilityCVE
/HIGH /⚑ 1 IOC /⚙ 5 Sigma

AWS Research and Engineering Studio Flaw Allows Privilege Escalation

A critical vulnerability, tracked as CVE-2026-5708, has been identified in AWS Research and Engineering Studio (RES). According to CVE Notify, prior to version 2026.03, the...

vulnerabilityCVEcloud
/HIGH /⚑ 1 IOC /⚙ 5 Sigma

CVE-2026-39349 — OrangeHRM is a comprehensive human resource management (HRM) system. From 5.0…

🚨 CVE-2026-39349 OrangeHRM is a comprehensive human resource management (HRM) system. From 5.0 to 5.8, OrangeHRM Open Source encrypts certain sensitive fields with AES in...

vulnerabilityCVEtools
/HIGH /⚑ 1 IOC /⚙ 3 Sigma

Genealogy App Suffers Critical Access Control Flaw

CVE Notify is sounding the alarm on a critical broken access control vulnerability within the Genealogy family tree PHP application. Identified as CVE-2026-39355, the flaw...

vulnerabilityCVEidentity
/HIGH /⚑ 2 IOCs /⚙ 3 Sigma

Tandoor Recipes Flaw Exposes Private Recipes

CVE Notify is flagging a critical authorization bypass vulnerability in Tandoor Recipes, an application used for managing recipes, meal planning, and shopping lists. The issue,...

vulnerabilityCVE
/HIGH /⚑ 3 IOCs /⚙ 5 Sigma

BentoML Vulnerability Allows Host Code Execution via Malicious Archives

CVE Notify is flagging a critical vulnerability in the BentoML Python library, specifically affecting versions prior to 1.4.38. The issue lies within the `generate_containerfile()` function,...

vulnerabilityCVEcloud
/HIGH /⚑ 2 IOCs /⚙ 7 Sigma

Storybook Vulnerability Exposes Sensitive Environment Variables

CVE Notify is flagging a significant vulnerability, CVE-2025-68429, impacting Storybook versions prior to 7.6.21, 8.6.15, 9.1.17, and 10.1.10. The issue stems from how Storybook handles...

vulnerabilityCVE
/HIGH /⚑ 2 IOCs /⚙ 3 Sigma

iCalendar Library Vulnerability: ICS Injection Flaw Uncovered

A critical vulnerability, CVE-2026-33635, has been identified in the popular iCalendar Ruby library. CVE Notify reports that versions prior to 2.12.2 fail to properly sanitize...

vulnerabilityCVE
/HIGH /⚑ 3 IOCs /⚙ 7 Sigma

pyLoad Vulnerability Lets Low-Privilege Users Hijack Downloads

CVE Notify is flagging a critical security flaw in pyLoad, the popular open-source Python download manager. The vulnerability, tracked as CVE-2026-40071, centers on the WebUI's...

vulnerabilityCVE
/HIGH /⚑ 2 IOCs /⚙ 6 Sigma

OpenHands AI Dev Tool Hit with Command Injection Flaw

CVE Notify is flagging a critical command injection vulnerability in OpenHands, an AI-driven development software. The issue, discovered in versions prior to 1.5.0, resides within...

vulnerabilityCVE
/HIGH /⚑ 2 IOCs /⚙ 5 Sigma

GlobaLeaks Whistleblower Tool Leaks Sensitive Support Emails

A critical vulnerability has been identified in GlobaLeaks, the open-source whistleblowing software designed for secure communication. According to CVE Notify, versions prior to 5.0.89 are...

vulnerabilityCVE
/HIGH /⚑ 1 IOC /⚙ 5 Sigma

AFFiNE Vulnerability: Open Redirect Flaw Patched in v0.26.0

CVE Notify is flagging a critical open redirect vulnerability, CVE-2026-25477, that impacted AFFiNE, an open-source workspace and operating system. The flaw resided in the /redirect-proxy...

vulnerabilityCVE
/HIGH /⚑ 1 IOC /⚙ 5 Sigma

Metabase Subscription Vulnerability Exposes Self-Hosted Instances

CVE Notify is flagging a critical vulnerability, CVE-2026-22805, affecting self-hosted instances of Metabase, the popular open-source data analytics platform. According to their report, prior to...

vulnerabilityCVE
/HIGH /⚑ 1 IOC /⚙ 8 Sigma

ChurchCRM Flaw Exposes Users to Cross-Site Scripting Attacks

CVE Notify is flagging a critical cross-site scripting (XSS) vulnerability in older versions of ChurchCRM, an open-source church management system. The flaw, identified as CVE-2026-39941,...

vulnerabilityCVE
/HIGH /⚑ 1 IOC /⚙ 5 Sigma

Synology VPN Client Flaw Exposes User PINs

CVE Notify is flagging a significant security flaw, CVE-2021-47961, affecting Synology SSL VPN Client versions prior to 1.4.5-0684. The vulnerability stems from the insecure, plaintext...

vulnerabilityCVE
/HIGH /⚑ 2 IOCs /⚙ 4 Sigma

OpenStack Skyline Vulnerable to DOM-Based XSS

CVE Notify has flagged a DOM-based Cross-Site Scripting (XSS) vulnerability impacting OpenStack Skyline versions prior to 5.0.1, 6.0.0, and 7.0.0. The issue stems from the...

vulnerabilityCVE
/HIGH /⚑ 1 IOC /⚙ 3 Sigma

CVE-2026-22750 — When configuring SSL bundles in Spring Cloud Gateway by using the configuration…

🚨 CVE-2026-22750 When configuring SSL bundles in Spring Cloud Gateway by using the configuration property spring.ssl.bundle, the configuration was silently ignored and the default SSL...

vulnerabilityCVEcloudtools
/HIGH /⚑ 1 IOC /⚙ 3 Sigma

WP-Optimize Vulnerability Lets Low-Privilege Users Wreck Smush Features

CVE Notify is flagging a critical vulnerability in the popular WP-Optimize WordPress plugin. Versions up to and including 4.5.0 are susceptible to unauthorized function access...

vulnerabilityCVE
/HIGH /⚑ 4 IOCs /⚙ 6 Sigma

Sulu CMS Flaw Grants Unauthorized Admin API Access

CVE Notify is flagging a critical access control vulnerability impacting the open-source Sulu CMS. The issue, designated CVE-2026-34372, affects versions ranging from 1.0.0 up to,...

vulnerabilityCVEtools
/HIGH /⚑ 2 IOCs /⚙ 5 Sigma

Discourse Flaw Exposes Private Content to Moderators

CVE Notify is flagging a critical access control vulnerability in the popular open-source discussion platform, Discourse. The flaw, identified as CVE-2026-33415, allowed authenticated moderators to...

vulnerabilityCVE
/HIGH /⚑ 2 IOCs /⚙ 4 Sigma

JetKVM Firmware Flaw: Trusting Updates Blindly is Risky Business

CVE Notify is flagging a serious security weakness in JetKVM devices, specifically impacting versions prior to 0.5.4. The core issue? A failure to properly validate...

vulnerabilityCVE
/HIGH /⚑ 1 IOC /⚙ 6 Sigma

SQL Injection Flaw Found in Sales and Inventory System

CVE Notify has flagged a critical SQL injection vulnerability in SourceCodester Sales and Inventory System version 1.0. The issue resides within the `/update_supplier.php` file, specifically...

vulnerabilityCVE
/HIGH /⚑ 1 IOC /⚙ 7 Sigma

Apache Tomcat Suffers Critical Padding Oracle Vulnerability

CVE Notify is flagging a serious Padding Oracle vulnerability impacting multiple versions of Apache Tomcat. The issue resides within the EncryptInterceptor component when it's running...

vulnerabilityCVE
/HIGH /⚑ 1 IOC /⚙ 6 Sigma

Smart Slider 3 Pro Hit by Sophisticated Multi-Stage Attack

A severe supply chain compromise affecting Smart Slider 3 Pro for WordPress and Joomla has been detailed by CVE Notify. The vulnerability, tracked as CVE-2026-34424,...

vulnerabilityCVEmalwareidentitytools
/HIGH /⚑ 5 IOCs /⚙ 8 Sigma

MediaWiki's ApiSandbox Vulnerable to Cross-Site Scripting

CVE Notify has flagged a critical Cross-Site Scripting (XSS) vulnerability impacting Wikimedia Foundation's MediaWiki software. The issue, tracked as CVE-2025-67477, stems from improper neutralization of...

vulnerabilityCVEidentity
/HIGH /⚑ 1 IOC /⚙ 5 Sigma

Critical Unrestricted Upload Bug Found in Pharmacy System

CVE Notify is flagging a critical vulnerability in SourceCodester's Web-based Pharmacy Product Management System, version 1.0. The issue lies within the /add-product.php file, specifically impacting...

vulnerabilityCVE
/HIGH /⚑ 1 IOC /⚙ 5 Sigma

OpenPLC_V3 Flaw Lets Attackers Bypass Auth via API

CVE Notify is flagging a significant authentication bypass vulnerability in OpenPLC_V3, tracked as CVE-2026-28205. This flaw stems from an 'Initialization of a Resource with an...

vulnerabilityCVEidentity
/HIGH /⚑ 1 IOC /⚙ 4 Sigma

Homarr Dashboard Vulnerable to DOM-Based XSS

A DOM-based Cross-Site Scripting (XSS) vulnerability has been identified in the Homarr open-source dashboard, according to CVE Notify. The flaw, present in versions prior to...

vulnerabilityCVEidentity
/HIGH /⚑ 2 IOCs /⚙ 5 Sigma

Discourse Vulnerability Leaks Staff Read Receipts

CVE Notify is flagging a vulnerability, CVE-2026-32620, impacting the popular open-source discussion platform, Discourse. The bug, present in specific versions of Discourse (2026.1.0 through 2026.1.3,...

vulnerabilityCVEdata-breach
/HIGH /⚑ 2 IOCs /⚙ 3 Sigma

Discourse Polls Flaw: Unauthorized State Changes Possible

CVE Notify is flagging a security vulnerability impacting Discourse, the popular open-source discussion platform. The flaw, tracked as CVE-2026-32619, allowed users who had lost access...

vulnerabilityCVEdata-breach
/HIGH /⚑ 2 IOCs /⚙ 5 Sigma

Discourse Vulnerability: Channel Membership Inference Flaw Patched

CVE Notify is highlighting a security vulnerability impacting the popular open-source discussion platform, Discourse. The flaw, identified as CVE-2026-32618, allows for potential channel membership inference...

vulnerabilityCVE
/HIGH /⚑ 1 IOC /⚙ 3 Sigma

Discourse Vulnerability Lets Mods Access Private Topics

CVE Notify is flagging a security flaw in the popular open-source discussion platform, Discourse. The vulnerability, tracked as CVE-2026-32615, allowed category group moderators to execute...

vulnerabilityCVE
/HIGH /⚑ 1 IOC /⚙ 4 Sigma

OrangeHRM Flaw: Local File Reads for Authenticated Users

CVE Notify is flagging a critical vulnerability, CVE-2026-39345, impacting OrangeHRM Open Source versions 5.0 through 5.8. The issue stems from a failure to properly restrict...

vulnerabilityCVEthreat-inteltools
/HIGH /⚑ 2 IOCs /⚙ 2 Sigma

Nimiq Core-RS Albatross Flaw Exposes Nodes to DoS Attacks

CVE Notify has flagged a critical vulnerability in the Nimiq core-rs-albatross Rust implementation, specifically affecting versions prior to 1.3.0. This bug, identified as CVE-2026-35468, lies...

vulnerabilityCVE
/HIGH /⚑ 2 IOCs /⚙ 1 Sigma

Discourse Vulnerability Allows Network Probing via Email Settings

CVE Notify is flagging a security flaw in the popular open-source discussion platform, Discourse. The vulnerability, tracked as CVE-2026-33185, revolves around the group email settings...

vulnerabilityCVE
/HIGH /⚑ 2 IOCs /⚙ 3 Sigma

Discourse Subscription Flaw Lets Users Grab Higher Tiers

CVE Notify is flagging a vulnerability in the popular open-source discussion platform, Discourse. The bug, tracked as CVE-2026-33074, allows a crafty user to potentially snag...

vulnerabilityCVE
/HIGH /⚑ 1 IOC /⚙ 3 Sigma

Discourse Vulnerability: Draft Topic Titles Exposed

CVE Notify has flagged a significant vulnerability affecting the popular open-source discussion platform, Discourse. The issue, identified as CVE-2026-32951, allows an authenticated user to snag...

vulnerabilityCVE
/HIGH /⚑ 1 IOC /⚙ 3 Sigma

AI Chat Interface Vulnerable to Cloud Credential Theft

CVE Notify is flagging a serious security flaw in the popular open-source `text-generation-webui`, specifically affecting versions prior to 4.3. This web interface, used for running...

vulnerabilityCVEcloudidentityai-security
/HIGH /⚑ 2 IOCs /⚙ 5 Sigma

Backstage SSRF Flaw: URL Redirects Expose Internal Systems

CVE Notify is flagging a critical Server-Side Request Forgery (SSRF) vulnerability impacting Backstage, an open framework for building developer portals. The issue lies within the...

vulnerabilityCVEtools
/HIGH /⚑ 1 IOC /⚙ 6 Sigma

Alchemy CMS RCE: Ruby Eval Flaw Opens Door for Command Execution

CVE Notify is flagging a critical remote code execution (RCE) vulnerability, CVE-2026-23885, impacting the Alchemy open-source content management system (CMS) engine. The issue stems from...

vulnerabilityCVEtools
/HIGH /⚑ 2 IOCs /⚙ 4 Sigma

Docling Core RCE Bug: PyYAML Dependency a Major Risk

CVE Notify is flagging a serious Remote Code Execution (RCE) vulnerability within the Docling Core library, specifically impacting versions 2.21.0 up to, but not including,...

vulnerabilityCVEmalwaredata-breach
/HIGH /⚑ 3 IOCs /⚙ 4 Sigma

Jeecgboot JimuReport Vulnerability Allows Remote Code Injection

CVE Notify is flagging a critical vulnerability, CVE-2026-5848, impacting Jeecgboot JimuReport versions up to 2.3.0. The issue lies within the `DriverManager.getConnection` function in the `/drag/onlDragDataSource/testConnection`...

vulnerabilityCVEtools
/HIGH /⚑ 2 IOCs /⚙ 7 Sigma

WordPress Plugin Flaw Lets Subscribers Gain Admin Privileges

CVE Notify has flagged a critical Insecure Direct Object Reference (IDOR) vulnerability lurking in the MStore API plugin for WordPress, affecting all versions up to...

vulnerabilityCVE
/HIGH /⚑ 4 IOCs /⚙ 6 Sigma

SSRF Flaw in atototo API Tool Exposes Remote Attack Risk

CVE Notify has flagged a critical Server-Side Request Forgery (SSRF) vulnerability, designated CVE-2026-5832, impacting the `atototo api-lab-mcp` tool up to version 0.2.1. The flaw resides...

vulnerabilityCVE
/HIGH /⚑ 1 IOC /⚙ 5 Sigma

SQL Injection Bug Found in Construction Management System

CVE Notify is flagging a critical SQL injection vulnerability in the iSourceCode Construction Management System, version 1.0. The flaw resides within the /borrowed_tool_report.php file, specifically...

vulnerabilityCVEtools
/HIGH /⚑ 1 IOC /⚙ 6 Sigma

Kafka Race Condition Flaw Sends Messages to Wrong Topics

CVE Notify is flagging a concerning race condition vulnerability in the Apache Kafka Java producer client. According to their report, a flaw in how the...

vulnerabilityCVE
/HIGH /⚑ 3 IOCs /⚙ 3 Sigma

Budibase Low-Code Platform Suffers Critical RCE Flaw

CVE Notify is flagging a serious remote code execution (RCE) vulnerability impacting Budibase, a popular open-source low-code platform. The flaw, designated CVE-2026-35216, allows unauthenticated attackers...

vulnerabilityCVEcloudidentity
/HIGH /⚑ 3 IOCs /⚙ 4 Sigma

Budibase Low-Code Platform Suffers Critical Path Traversal Vulnerability

CVE Notify is flagging a serious security flaw in the open-source low-code platform, Budibase. Versions prior to 3.33.4 are vulnerable to path traversal attacks via...

vulnerabilityCVE
/HIGH /⚑ 2 IOCs /⚙ 3 Sigma

Budibase SSRF Flaw: Default Config Leaves Open-Source Low-Code Exposed

CVE Notify is flagging a critical Server-Side Request Forgery (SSRF) vulnerability impacting the open-source low-code platform, Budibase. The flaw, identified as CVE-2026-31818, affects versions prior...

vulnerabilityCVE
/HIGH /⚑ 2 IOCs /⚙ 5 Sigma

Budibase Low-Code Platform Patches Critical Command Execution Flaw

CVE Notify is flagging a serious vulnerability, CVE-2026-25044, affecting the popular open-source low-code platform, Budibase. According to their report, versions prior to 3.33.4 contained a...

vulnerabilityCVE
/HIGH /⚑ 2 IOCs /⚙ 2 Sigma

SQL Injection Flaw Found in Open Source Point of Sale

CVE Notify is flagging a critical SQL injection vulnerability, CVE-2026-32888, impacting Open Source Point of Sale (OSPOS), a PHP-based web application built on the CodeIgniter...

vulnerabilityCVEtools
/HIGH /⚑ 2 IOCs /⚙ 6 Sigma

AVideo Platform Hit by SSRF Vulnerability, Leaking Sensitive Data

CVE Notify is flagging a serious Server-Side Request Forgery (SSRF) vulnerability in the open-source WWBN AVideo platform. Affecting versions 26.0 and prior, the issue stems...

vulnerabilityCVEmalwaretools
/HIGH /⚑ 3 IOCs /⚙ 6 Sigma

AVideo's PayPal Handler Vulnerable to Transaction Replay Attacks

CVE Notify is flagging a critical flaw in the WWBN AVideo open-source video platform, specifically affecting versions 26.0 and earlier. The issue lies within the...

vulnerabilityCVEtools
/HIGH /⚑ 2 IOCs /⚙ 5 Sigma

MediaWiki ReportIncident Extension Flaw Exposes Wikimedia to DoS Attacks

CVE Notify is flagging a critical vulnerability, CVE-2026-5762, impacting the Wikimedia Foundation's MediaWiki platform. Specifically, the ReportIncident Extension suffers from an allocation of resources without...

vulnerabilityCVE
/HIGH /⚑ 1 IOC /⚙ 4 Sigma

Sales System Vulnerable to SQL Injection

CVE Notify is flagging a critical SQL injection vulnerability in SourceCodester Sales and Inventory System version 1.0. The issue, specifically CVE-2026-4825, resides within the `/update_sales.php`...

vulnerabilityCVE
/HIGH /⚑ 1 IOC /⚙ 5 Sigma

SQL Injection Flaw Found in Sales & Inventory System

CVE Notify is flagging a critical SQL injection vulnerability, CVE-2026-4778, impacting SourceCodester Sales and Inventory System version 1.0. The issue lies within the `update_category.php` file,...

vulnerabilityCVE
/HIGH /⚑ 1 IOC /⚙ 6 Sigma

SQL Injection Flaw Found in Sales & Inventory System

CVE Notify is flagging a critical SQL injection vulnerability within the SourceCodester Sales and Inventory System, specifically version 1.0. The flaw resides in the `view_supplier.php`...

vulnerabilityCVEtools
/HIGH /⚑ 1 IOC /⚙ 6 Sigma

Syntx Command Approval Flaw Opens Door to RCE

CVE Notify is flagging a critical OS command injection vulnerability in Syntx's command auto-approval module. This flaw completely bypasses the module's whitelist security, which is...

vulnerabilityCVE
/HIGH /⚑ 3 IOCs /⚙ 4 Sigma

Critical Command Injection Flaw Undermines DSAI-Cline Security

CVE Notify has detailed a critical OS command injection vulnerability impacting DSAI-Cline's command auto-approval module. This flaw effectively bypasses the module's whitelist security, a serious...

vulnerabilityCVE
/HIGH /⚑ 2 IOCs /⚙ 5 Sigma

Wazuh Vulnerability: Insecure Scripts Open Door to Supply Chain Attacks

CVE Notify is flagging a significant vulnerability in Wazuh's provisioning scripts and Dockerfiles. The issue stems from the use of `curl` with the `-k` or...

vulnerabilityCVE
/HIGH /⚑ 1 IOC /⚙ 7 Sigma

FOG Project Flaw: Stored XSS Lurks in Management Tables

CVE Notify is flagging a Stored Cross-Site Scripting (XSS) vulnerability impacting earlier versions of the popular FOG Project, a free open-source suite for cloning, imaging,...

vulnerabilityCVE
/HIGH /⚑ 1 IOC /⚙ 5 Sigma

Windmill Dev Platform Suffers Critical Code Injection Flaw

CVE Notify has flagged a significant vulnerability within the popular open-source developer platform, Windmill. The issue, dubbed CVE-2026-33881, resides in the platform's NativeTS executor. According...

vulnerabilityCVE
/HIGH /⚑ 2 IOCs /⚙ 6 Sigma

FLIP Platform Login Vulnerable to Brute-Force Attacks

CVE Notify is flagging a critical vulnerability in the Federated Learning and Interoperability Platform (FLIP). This open-source platform, used for training and evaluating AI models...

vulnerabilityCVEidentityai-securitythreat-intel
/HIGH /⚑ 1 IOC /⚙ 3 Sigma

Mitsubishi Electric SCADA Flaw Opens Door for Local Code Execution

Mitsubishi Electric's GENESIS64 and related SCADA software packages are vulnerable to CVE-2024-1574, a critical flaw that could allow local attackers to gain administrative privileges. According...

vulnerabilityCVEcloud
/HIGH /⚑ 2 IOCs /⚙ 4 Sigma

Dell PowerProtect Agent Vulnerability Exposes Sensitive Data

A critical vulnerability, identified as CVE-2026-28264, has been flagged in Dell PowerProtect Agent Service. According to CVE Notify, versions of the service prior to 20.1...

vulnerabilityCVE
/HIGH /⚑ 1 IOC /⚙ 1 Sigma

WooCommerce Plugin Vulnerable to CSRF Attacks

CVE Notify has flagged a critical Cross-Site Request Forgery (CSRF) vulnerability affecting The BEAR – Bulk Editor and Products Manager Professional for WooCommerce plugin by...

vulnerabilityCVE
/HIGH /⚑ 2 IOCs /⚙ 7 Sigma

Foreman Vulnerability Opens Door for Remote Code Execution

CVE Notify is flagging a critical command injection vulnerability impacting Red Hat's Foreman, a popular open-source tool for managing infrastructure. According to CVE Notify, the...

vulnerabilityCVEidentity
/HIGH /⚑ 2 IOCs /⚙ 4 Sigma

CVE-2026-1340 — Ivanti Endpoint Manager Mobile (EPMM): Ivanti Endpoint Manager Mobile (EPMM) Code Injection Vulnerability

CVE-2026-1340 — Ivanti Endpoint Manager Mobile (EPMM) contains a code injection vulnerability that could allow attackers to achieve unauthenticated remote code execution.

vulnerabilityCVEcisa-kevactively-exploited
/HIGH /⚑ 2 IOCs /⚙ 3 Sigma

Apache ActiveMQ Broker RCE via Jolokia JMX Bridge

CVE Notify is flagging a critical vulnerability, CVE-2026-34197, impacting Apache ActiveMQ Classic. This flaw hinges on the Jolokia JMX-HTTP bridge, exposed by default on the...

vulnerabilityCVEthreat-intel
/HIGH /⚑ 3 IOCs /⚙ 6 Sigma

Lollms Session Hijacking Flaw: Password Resets Don't Cut It

CVE Notify is flagging a critical session expiration vulnerability in the parisneo/lollms application. Dubbed CVE-2026-1163, this flaw allows attackers to maintain access to an account...

vulnerabilityCVE
/HIGH /⚑ 1 IOC /⚙ 1 Sigma

WooCommerce Plugin Vulnerable to CSRF Attacks

CVE Notify is flagging a critical Cross-Site Request Forgery (CSRF) vulnerability in the Product Feed PRO for WooCommerce by AdTribes plugin. The flaw impacts versions...

vulnerabilityCVE
/HIGH /⚑ 1 IOC /⚙ 4 Sigma

TLS 1.3 Vulnerability: Key Updates Can Trigger Deadlock

CVE Notify is flagging a critical vulnerability impacting TLS 1.3 implementations, specifically CVE-2026-32283. According to their report, a flaw exists where sending multiple key update...

vulnerabilityCVE
/HIGH /⚑ 1 IOC /⚙ 1 Sigma

OpenSSL Vulnerability: Null Pointer Dereference Leads to DoS

CVE Notify is flagging a critical vulnerability, CVE-2026-28390, lurking within OpenSSL. The issue stems from how the software handles crafted CMS EnvelopedData messages, specifically those...

vulnerabilityCVEidentity
/HIGH /⚑ 3 IOCs /⚙ 4 Sigma

CI4MS CMS Vulnerable to Stored XSS via Menu Management

CVE Notify is flagging a critical stored DOM-based cross-site scripting (XSS) vulnerability impacting versions of CI4MS prior to 0.31.0.0. The issue stems from improper sanitization...

vulnerabilityCVE
/HIGH /⚑ 2 IOCs /⚙ 3 Sigma

Fleet Software Vulnerability Opens Door to Root/SYSTEM Code Execution

CVE Notify has flagged a critical command injection vulnerability, tracked as CVE-2026-34387, within the Fleet open-source device management software. According to CVE Notify, versions prior...

vulnerabilityCVEmicrosofttools
/HIGH /⚑ 2 IOCs /⚙ 4 Sigma

Fleet MDM Vulnerability: SQL Injection Threatens Sensitive Data

CVE Notify is flagging a critical second-order SQL injection vulnerability (CVE-2026-34385) impacting Fleet, the open-source device management software. They report that prior to version 4.81.0,...

vulnerabilityCVEidentitytools
/HIGH /⚑ 3 IOCs /⚙ 6 Sigma

UTT HiPER Router Flaw Opens Door for Remote Command Execution

CVE Notify has flagged a critical vulnerability, CVE-2026-31059, lurking within the UTT Aggressive HiPER 520W router, specifically in its /goform/formDia component. According to CVE Notify,...

vulnerabilityCVE
/HIGH /⚑ 1 IOC /⚙ 4 Sigma

CVE-2026-33373 — An issue was discovered in Zimbra Collaboration (ZCS) 10.0 and 10.1. A…

🚨 CVE-2026-33373 An issue was discovered in Zimbra Collaboration (ZCS) 10.0 and 10.1. A Cross-Site Request Forgery (CSRF) vulnerability exists in Zimbra Web Client due...

vulnerabilityCVEidentitythreat-intel
/HIGH /⚑ 2 IOCs /⚙ 4 Sigma

CVE-2026-35200 — Parse Server is an open source backend that can be deployed to any…

🚨 CVE-2026-35200 Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 8.6.73 and 9.7.1-alpha.4,...

vulnerabilityCVEcloudthreat-inteltools
/HIGH /⚑ 2 IOCs /⚙ 5 Sigma

CVE-2026-30867 — CocoaMQTT is a MQTT 5.0 client library for iOS and macOS written in Swift.…

🚨 CVE-2026-30867 CocoaMQTT is a MQTT 5.0 client library for iOS and macOS written in Swift. Prior to version 2.2.2, a vulnerability exists in the...

vulnerabilityCVE
/HIGH /⚑ 2 IOCs /⚙ 1 Sigma

CVE-2026-4781 — A flaw has been found in SourceCodester Sales and Inventory System 1.0. The…

🚨 CVE-2026-4781 A flaw has been found in SourceCodester Sales and Inventory System 1.0. The affected element is an unknown function of the file updatepurchase.php...

vulnerabilityCVE
/HIGH /⚑ 1 IOC /⚙ 6 Sigma

CVE-2026-4779 — A security vulnerability has been detected in SourceCodester Sales and Inventory…

🚨 CVE-2026-4779 A security vulnerability has been detected in SourceCodester Sales and Inventory System 1.0. This issue affects some unknown processing of the file updatecustomerdetails.php...

vulnerabilityCVE
/HIGH /⚑ 1 IOC /⚙ 5 Sigma

CVE-2026-3479 — DISPUTED: The project has clarified that the documentation was incorrect, and…

🚨 CVE-2026-3479 DISPUTED: The project has clarified that the documentation was incorrect, and that pkgutil.getdata() has the same security model as open(). The documentation has...

vulnerabilityCVE
/HIGH /⚑ 1 IOC /⚙ 3 Sigma

CVE-2026-22207 — OpenViking through version 0.1.18, prior to commit 0251c70, contains a broken…

🚨 CVE-2026-22207 OpenViking through version 0.1.18, prior to commit 0251c70, contains a broken access control vulnerability that allows unauthenticated attackers to gain ROOT privileges when...

vulnerabilityCVEidentity
/HIGH /⚑ 3 IOCs /⚙ 5 Sigma

CVE-2026-4570 — A vulnerability was identified in SourceCodester Sales and Inventory System 1.0.…

🚨 CVE-2026-4570 A vulnerability was identified in SourceCodester Sales and Inventory System 1.0. Affected is an unknown function of the file /viewcustomers.php of the component...

vulnerabilityCVE
/HIGH /⚑ 1 IOC /⚙ 8 Sigma

CVE-2026-35035 — CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready,…

🚨 CVE-2026-35035 CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to 0.31.2.0 ,...

vulnerabilityCVE
/HIGH /⚑ 2 IOCs /⚙ 6 Sigma

CVE-2026-34976 — Dgraph is an open source distributed GraphQL database. Prior to 25.3.1, the…

🚨 CVE-2026-34976 Dgraph is an open source distributed GraphQL database. Prior to 25.3.1, the restoreTenant admin mutation is missing from the authorization middleware config (admin.go),...

vulnerabilityCVEcloudidentitytools
/HIGH /⚑ 5 IOCs /⚙ 3 Sigma

CVE-2026-34969 — Nhost is an open source Firebase alternative with GraphQL. Prior to 0.48.0, the…

🚨 CVE-2026-34969 Nhost is an open source Firebase alternative with GraphQL. Prior to 0.48.0, the auth service's OAuth provider callback flow places the refresh token...

vulnerabilityCVEidentitytools
/HIGH /⚑ 5 IOCs /⚙ 3 Sigma

CVE-2026-34365 — InvoiceShelf is an open-source web & mobile app that helps track expenses,…

🚨 CVE-2026-34365 InvoiceShelf is an open-source web & mobile app that helps track expenses, payments and create professional invoices and estimates. Prior to version 2.2.0,...

vulnerabilityCVE
/HIGH /⚑ 1 IOC /⚙ 4 Sigma

CVE-2026-34729 — phpMyFAQ is an open source FAQ web application. Prior to version 4.1.1, there…

🚨 CVE-2026-34729 phpMyFAQ is an open source FAQ web application. Prior to version 4.1.1, there is a stored XSS vulnerability via Regex Bypass in Filter::removeAttributes()....

vulnerabilityCVEtools
/HIGH /⚑ 1 IOC /⚙ 7 Sigma

CVE-2025-68153 — Juju is an open source application orchestration engine that enables any…

🚨 CVE-2025-68153 Juju is an open source application orchestration engine that enables any application operation on any infrastructure at any scale through special operators called...

vulnerabilityCVEtools
/HIGH /⚑ 2 IOCs /⚙ 5 Sigma

CVE-2026-30573 — A Business Logic vulnerability exists in SourceCodester Pharmacy Product…

🚨 CVE-2026-30573 A Business Logic vulnerability exists in SourceCodester Pharmacy Product Management System 1.0. The vulnerability is located in the add-sales.php file. The application fails...

vulnerabilityCVE
/HIGH /⚑ 1 IOC /⚙ 3 Sigma

CVE-2026-30526 — A Reflected Cross-Site Scripting (XSS) vulnerability exists in SourceCodester…

🚨 CVE-2026-30526 A Reflected Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Zoo Management System v1.0. The vulnerability is located in the login page, specifically within...

vulnerabilityCVE
/HIGH /⚑ 1 IOC /⚙ 4 Sigma

CVE-2026-30523 — A Business Logic vulnerability exists in SourceCodester Loan Management System…

🚨 CVE-2026-30523 A Business Logic vulnerability exists in SourceCodester Loan Management System v1.0 due to the lack of proper input validation. The application allows administrators...

vulnerabilityCVE
/HIGH /⚑ 1 IOC /⚙ 3 Sigma

PowerShell Scripts Deployed for Wiper Malware Attacks, INCD Warns

The Israel National Cyber Directorate (INCD) has issued a warning regarding a recent cyberattack employing PowerShell scripts to execute wiper malware. This malicious activity targets...

INCDisraeladvisoryalert
/MEDIUM /⚑ 3 IOCs /⚙ 2 Sigma

CVE-2026-4420 — Bludit is vulnerable to Stored Cross-Site Scripting (XSS) in its page creating…

🚨 CVE-2026-4420 Bludit is vulnerable to Stored Cross-Site Scripting (XSS) in its page creating functionality. An authenticated attacker with page creation privileges (such as Author,...

vulnerabilityCVEidentity
/HIGH /⚑ 2 IOCs /⚙ 4 Sigma

CVE-2026-33227 — Improper validation and restriction of a classpath path name vulnerability in…

🚨 CVE-2026-33227 Improper validation and restriction of a classpath path name vulnerability in Apache ActiveMQ Client, Apache ActiveMQ Broker, Apache ActiveMQ All. In two instances...

vulnerabilityCVEdata-breachmicrosoft
/HIGH /⚑ 2 IOCs

CVE-2026-28810 — Generation of Predictable Numbers or Identifiers vulnerability in Erlang/OTP…

🚨 CVE-2026-28810 Generation of Predictable Numbers or Identifiers vulnerability in Erlang/OTP kernel (inetres, inetdb modules) allows DNS Cache Poisoning. The built-in DNS resolver (inetres) uses...

vulnerabilityCVEidentity
/HIGH /⚑ 2 IOCs

CVE-2026-1114 — In parisneo/lollms version 2.1.0, the application's session management is…

🚨 CVE-2026-1114 In parisneo/lollms version 2.1.0, the application's session management is vulnerable to improper access control due to the use of a weak secret key...

vulnerabilityCVE
/HIGH /⚑ 1 IOC

CVE-2013-0270 — A flaw was found in OpenStack Keystone. A remote attacker could exploit this…

🚨 CVE-2013-0270 A flaw was found in OpenStack Keystone. A remote attacker could exploit this vulnerability by sending a large HTTP request, specifically by providing...

vulnerabilityCVE
/HIGH /⚑ 1 IOC

CVE-2026-35408 — Directus is a real-time API and App dashboard for managing SQL database…

🚨 CVE-2026-35408 Directus is a real-time API and App dashboard for managing SQL database content. Prior to 11.17.0, Directus's Single Sign-On (SSO) login pages lacked...

vulnerabilityCVEidentity
/HIGH /⚑ 2 IOCs

CVE-2026-35208 — lichess.org is the forever free, adless and open source chess server. Any…

🚨 CVE-2026-35208 lichess.org is the forever free, adless and open source chess server. Any approved streamer can inject arbitrary HTML into /streamer and the homepage...

vulnerabilityCVEtools
/HIGH /⚑ 2 IOCs

CVE-2026-34972 — OpenFGA is a high-performance and flexible authorization/permission engine…

🚨 CVE-2026-34972 OpenFGA is a high-performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar. From 1.8.0 to 1.13.1, under specific conditions,...

vulnerabilityCVE
/HIGH /⚑ 2 IOCs

CVE-2026-34990 — OpenPrinting CUPS is an open source printing system for Linux and other…

🚨 CVE-2026-34990 OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, a local unprivileged...

vulnerabilityCVEtools
/HIGH /⚑ 3 IOCs

CVE-2026-23940 — Uncontrolled Resource Consumption vulnerability in hexpm hexpm/hexpm allows…

🚨 CVE-2026-23940 Uncontrolled Resource Consumption vulnerability in hexpm hexpm/hexpm allows Excessive Allocation. Publishing an oversized package can cause Hex.pm to run out of memory while...

vulnerabilityCVE
/HIGH /⚑ 1 IOC

CVE-2026-28807 — Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')…

🚨 CVE-2026-28807 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in gleam-wisp wisp allows arbitrary file read via percent-encoded path traversal....

vulnerabilityCVE
/HIGH /⚑ 2 IOCs

CVE-2026-21622 — Insufficient Session Expiration vulnerability in hexpm hexpm/hexpm…

🚨 CVE-2026-21622 Insufficient Session Expiration vulnerability in hexpm hexpm/hexpm ('Elixir.Hexpm.Accounts.PasswordReset' module) allows Account Takeover. Password reset tokens generated via the "Reset your password" flow do...

vulnerabilityCVEdata-breachidentity
/HIGH /⚑ 3 IOCs

CVE-2026-21621 — Incorrect Authorization vulnerability in hexpm hexpm/hexpm…

🚨 CVE-2026-21621 Incorrect Authorization vulnerability in hexpm hexpm/hexpm ('Elixir.HexpmWeb.API.OAuthController' module) allows Privilege Escalation. An API key created with read-only permissions (domain: "api", resource: "read") can...

vulnerabilityCVEidentity
/HIGH /⚑ 3 IOCs

CVE-2026-21619 — Uncontrolled Resource Consumption, Deserialization of Untrusted Data…

🚨 CVE-2026-21619 Uncontrolled Resource Consumption, Deserialization of Untrusted Data vulnerability in hexpm hexcore (hexapi modules), hexpm hex (mixhexapi modules), erlang rebar3 (r3hexapi modules) allows Object...

vulnerabilityCVEidentity
/HIGH /⚑ 1 IOC

CVE-2025-48040 — Uncontrolled Resource Consumption vulnerability in Erlang OTP ssh (sshsftp…

🚨 CVE-2025-48040 Uncontrolled Resource Consumption vulnerability in Erlang OTP ssh (sshsftp modules) allows Excessive Allocation, Flooding. This vulnerability is associated with program files lib/ssh/src/sshsftpd.erl. This...

vulnerabilityCVEidentity
/HIGH /⚑ 1 IOC

CVE-2025-48039 — Allocation of Resources Without Limits or Throttling vulnerability in Erlang…

🚨 CVE-2025-48039 Allocation of Resources Without Limits or Throttling vulnerability in Erlang OTP ssh (sshsftp modules) allows Excessive Allocation, Resource Leak Exposure. This vulnerability is...

vulnerabilityCVEidentity
/HIGH /⚑ 2 IOCs

CVE-2026-34565 — CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready,…

🚨 CVE-2026-34565 CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.0.0,...

vulnerabilityCVE
/HIGH /⚑ 1 IOC

CVE-2026-29872 — A cross-session information disclosure vulnerability exists in the…

🚨 CVE-2026-29872 A cross-session information disclosure vulnerability exists in the awesome-llm-apps project in commit e46690f99c3f08be80a9877fab52acacf7ab8251 (2026-01-19). The affected Streamlit-based GitHub MCP Agent stores user-supplied API...

vulnerabilityCVEidentityai-securitytools
/HIGH /⚑ 2 IOCs

CVE-2026-29954 — In KubePlus 4.1.4, the mutating webhook and kubeconfiggenerator components have…

🚨 CVE-2026-29954 In KubePlus 4.1.4, the mutating webhook and kubeconfiggenerator components have an SSRF vulnerability when processing the chartURL field of ResourceComposition resources. The field...

vulnerabilityCVE
/HIGH /⚑ 3 IOCs

CVE-2026-37977 — A flaw was found in Keycloak. A remote attacker can exploit a Cross-Origin…

🚨 CVE-2026-37977 A flaw was found in Keycloak. A remote attacker can exploit a Cross-Origin Resource Sharing (CORS) header injection vulnerability in Keycloak's User-Managed Access...

vulnerabilityCVE
/HIGH /⚑ 3 IOCs

CVE-2026-5620 — A vulnerability has been found in itsourcecode Construction Management System…

🚨 CVE-2026-5620 A vulnerability has been found in itsourcecode Construction Management System 1.0. Affected is an unknown function of the file /borrowedequipreport.php of the component...

vulnerabilityCVE
/HIGH /⚑ 1 IOC

CVE-2019-25657 — AnyBurn 4.3 x86 contains a denial of service vulnerability that allows local…

🚨 CVE-2019-25657 AnyBurn 4.3 x86 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string...

vulnerabilityCVE
/HIGH /⚑ 1 IOC

CVE-2026-5584 — A vulnerability has been found in Fosowl agenticSeek 0.1.0. Impacted is the…

🚨 CVE-2026-5584 A vulnerability has been found in Fosowl agenticSeek 0.1.0. Impacted is the function PyInterpreter.execute of the file sources/tools/PyInterpreter.py of the component query Endpoint....

vulnerabilityCVEtools
/HIGH /⚑ 1 IOC

CVE-2026-5575 — A vulnerability was detected in SourceCodester/jkev Record Management System…

🚨 CVE-2026-5575 A vulnerability was detected in SourceCodester/jkev Record Management System 1.0. Affected by this vulnerability is an unknown functionality of the file index.php of...

vulnerabilityCVE
/HIGH /⚑ 1 IOC

CVE-2026-5553 — A vulnerability was identified in itsourcecode Online Cellphone System 1.0.…

🚨 CVE-2026-5553 A vulnerability was identified in itsourcecode Online Cellphone System 1.0. Affected by this vulnerability is an unknown functionality of the file /cp/available.php of...

vulnerabilityCVE
/HIGH /⚑ 1 IOC

CVE-2026-5551 — A security flaw has been discovered in itsourcecode Free Hotel Reservation…

🚨 CVE-2026-5551 A security flaw has been discovered in itsourcecode Free Hotel Reservation System 1.0. This vulnerability affects unknown code of the file /hotel/admin/login.php of...

vulnerabilityCVEtools
/HIGH /⚑ 1 IOC

CVE-2026-5534 — A vulnerability was identified in itsourcecode Online Enrollment System 1.0.…

🚨 CVE-2026-5534 A vulnerability was identified in itsourcecode Online Enrollment System 1.0. This affects an unknown function of the file /sms/user/index.php?view=edit&id=10 of the component Parameter...

vulnerabilityCVE
/HIGH /⚑ 1 IOC

CVE-2026-5531 — A vulnerability has been found in SourceCodester Student Result Management…

🚨 CVE-2026-5531 A vulnerability has been found in SourceCodester Student Result Management System 1.0. Impacted is an unknown function of the file /logincredentials.txt of the...

vulnerabilityCVEidentity
/HIGH /⚑ 1 IOC

CVE-2026-34776 — Electron is a framework for writing cross-platform desktop applications using…

🚨 CVE-2026-34776 Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. Prior to versions 38.8.6, 39.8.1, 40.8.1, and 41.0.0, on...

vulnerabilityCVEdata-breachmicrosofttools
/HIGH /⚑ 2 IOCs

CVE-2026-34770 — Electron is a framework for writing cross-platform desktop applications using…

🚨 CVE-2026-34770 Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. Prior to versions 38.8.6, 39.8.1, 40.8.0, and 41.0.0-beta.8, apps...

vulnerabilityCVEmicrosoftidentitytools
/HIGH /⚑ 3 IOCs

CVE-2026-27447 — OpenPrinting CUPS is an open source printing system for Linux and other…

🚨 CVE-2026-27447 OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, CUPS daemon (cupsd)...

vulnerabilityCVEtools
/HIGH

CVE-2026-22661 — prompts.chat prior to commit 0f8d4c3 contains a path traversal vulnerability in…

🚨 CVE-2026-22661 prompts.chat prior to commit 0f8d4c3 contains a path traversal vulnerability in skill file handling that allows attackers to write arbitrary files to the...

vulnerabilityCVEtools
/HIGH /⚑ 1 IOC

CVE-2025-10681 — Storage credentials are hardcoded in the mobile app and device firmware. These…

🚨 CVE-2025-10681 Storage credentials are hardcoded in the mobile app and device firmware. These credentials do not adequately limit end user permissions and do not...

vulnerabilityCVEcloudidentity
/MEDIUM /⚑ 1 IOC

CVE-2022-4987 — Hirschmann Industrial HiVision version 08.1.03 prior to 08.1.04 and 08.2.00…

🚨 CVE-2022-4987 Hirschmann Industrial HiVision version 08.1.03 prior to 08.1.04 and 08.2.00 contains a vulnerability in the execution of user-configured external applications that allows a...

vulnerabilityCVE
/MEDIUM /⚑ 1 IOC

CVE-2020-37216 — Hirschmann HiOS devices versions prior to 08.1.00 and 07.1.01 contain a denial…

🚨 CVE-2020-37216 Hirschmann HiOS devices versions prior to 08.1.00 and 07.1.01 contain a denial of service vulnerability in the EtherNet/IP stack where improper handling of...

vulnerabilityCVE
/MEDIUM /⚑ 1 IOC

CVE-2026-32716 — SciTokens is a reference library for generating and using SciTokens. Prior to…

🚨 CVE-2026-32716 SciTokens is a reference library for generating and using SciTokens. Prior to version 1.9.6, the Enforcer incorrectly validates scope paths by using a...

vulnerabilityCVE
/HIGH /⚑ 1 IOC

CVE-2026-33997 — Moby is an open source container framework. Prior to version 29.3.1, a security…

🚨 CVE-2026-33997 Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that allows plugins privilege validation to...

vulnerabilityCVEcloudtools
/HIGH /⚑ 1 IOC

CVE-2026-34040 — Moby is an open source container framework. Prior to version 29.3.1, a security…

🚨 CVE-2026-34040 Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that allows attackers to bypass authorization...

vulnerabilityCVEcloudtools
/HIGH /⚑ 1 IOC

CVE-2024-28862 — The Ruby One Time Password library (ROTP) is an open source library for…

🚨 CVE-2024-28862 The Ruby One Time Password library (ROTP) is an open source library for generating and validating one time passwords. Affected versions had overly...

vulnerabilityCVEtools
/HIGH /⚑ 1 IOC

CVE-2022-21693 — OnionShare is an open source tool that lets you securely and anonymously share…

🚨 CVE-2022-21693 OnionShare is an open source tool that lets you securely and anonymously share files, host websites, and chat with friends using the Tor...

vulnerabilityCVEtools
/HIGH /⚑ 2 IOCs

CVE-2026-32113 — Discourse is an open-source discussion platform. From versions 2026.1.0-latest…

🚨 CVE-2026-32113 Discourse is an open-source discussion platform. While this cookie is normally set during legitimate DiscourseConnect Provider flows with cryptographically validated SSO payloads, cookies...

vulnerabilityCVEidentity
/HIGH /⚑ 1 IOC

CVE-2025-24085 — A use after free issue was addressed with improved memory management. This…

🚨 CVE-2025-24085 A use after free issue was addressed with improved memory management. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.6,...

vulnerabilityCVE
/HIGH /⚑ 2 IOCs

CVE-2024-44309 — A cookie management issue was addressed with improved state management. This…

🚨 CVE-2024-44309 A cookie management issue was addressed with improved state management. This issue is fixed in Safari 18.1.1, iOS 17.7.2 and iPadOS 17.7.2, iOS...

vulnerabilityCVE
/HIGH /⚑ 1 IOC

CVE-2024-44308 — The issue was addressed with improved checks. This issue is fixed in Safari…

🚨 CVE-2024-44308 The issue was addressed with improved checks. This issue is fixed in Safari 18.1.1, iOS 17.7.2 and iPadOS 17.7.2, iOS 18.1.1 and iPadOS...

vulnerabilityCVE
/HIGH /⚑ 2 IOCs

CVE-2026-4350 — The Perfmatters plugin for WordPress is vulnerable to arbitrary file deletion…

🚨 CVE-2026-4350 The Perfmatters plugin for WordPress is vulnerable to arbitrary file deletion via path traversal in all versions up to, and including, 2.5.9.1. This...

vulnerabilityCVE
/HIGH /⚑ 2 IOCs

CVE-2025-55102 — A denial-of-service vulnerability exists in the NetX IPv6 component…

🚨 CVE-2025-55102 A denial-of-service vulnerability exists in the NetX IPv6 component functionality of Eclipse ThreadX NetX Duo. A specially crafted network packet of "Packet Too...

vulnerabilityCVE
/HIGH /⚑ 1 IOC

CVE-2026-34389 — Fleet is open source device management software. Prior to 4.81.0, Fleet…

🚨 CVE-2026-34389 Fleet is open source device management software. Prior to 4.81.0, Fleet contained an issue in the user invitation flow where the email address...

vulnerabilityCVEidentitytools
/HIGH /⚑ 1 IOC

CVE-2026-34388 — Fleet is open source device management software. Prior to 4.81.0, a…

🚨 CVE-2026-34388 Fleet is open source device management software. Prior to 4.81.0, a denial-of-service vulnerability in Fleet's gRPC Launcher endpoint allows an authenticated host to...

vulnerabilityCVEtools
/HIGH /⚑ 2 IOCs

CVE-2026-34373 — Parse Server is an open source backend that can be deployed to any…

🚨 CVE-2026-34373 Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.66 and...

vulnerabilityCVEtools
/HIGH /⚑ 1 IOC

CVE-2026-3502 — TrueConf Client: TrueConf Client Download of Code Without Integrity Check Vulnerability

CVE-2026-3502 — TrueConf Client contains a download of code without integrity check vulnerability. An attacker who is able to influence the update delivery path can...

vulnerabilityCVEcisa-kevactively-exploited
/HIGH /⚑ 2 IOCs

CVE-2026-5281 — Google Dawn: Google Dawn Use-After-Free Vulnerability

CVE-2026-5281 — Google Dawn contains an use-after-free vulnerability that could allow a remote attacker who had compromised the renderer process to execute arbitrary code via...

vulnerabilityCVEcisa-kevactively-exploited
/HIGH /⚑ 3 IOCs

Password Spray Attacks Target Microsoft 365 in Israel

The INCD reports a significant increase in password spray attacks targeting Israeli organizations using Microsoft 365 cloud services. This advisory covers the attack method and...

INCDisraeladvisoryalert
/MEDIUM /⚑ 1 IOC

Supply Chain Attack Targets NPM Packages, INCD Warns

The INCD has issued a warning regarding an active supply chain attack campaign targeting JavaScript libraries within the NPM registry. Compromised packages handle sensitive data...

INCDisraeladvisoryalert
/MEDIUM /⚑ 3 IOCs

Israel Braces for Annual Activist Cyber Attacks Amidst Regional Tensions

The INCD warns of anticipated cyberattack surge around OPIsrael (April 7), Holocaust Remembrance Day, and Independence Day. Hacktivist groups are expected to intensify attacks amid...

INCDisraeladvisoryalert
/MEDIUM /⚑ 3 IOCs

CVE-2025-53521 — F5 BIG-IP: F5 BIG-IP Stack-Based Buffer Overflow Vulnerability

CVE-2025-53521 — F5 BIG-IP APM contains a stack-based buffer overflow vulnerability that could allow a threat actor to achieve remote code execution.

vulnerabilityCVEcisa-kevactively-exploited
/HIGH /⚑ 2 IOCs

CVE-2026-33634 — Aquasecurity Trivy: Aquasecurity Trivy Embedded Malicious Code Vulnerability

CVE-2026-33634 — Aquasecurity Trivy contains an embedded malicious code vulnerability that could allow an attacker to gain access to everything in the CI/CD environment, including...

vulnerabilityCVEcisa-kevactively-exploited
/HIGH /⚑ 1 IOC

CVE-2026-33017 — Langflow Langflow: Langflow Code Injection Vulnerability

CVE-2026-33017 — Langflow contains a code injection vulnerability that could allow building public flows without requiring authentication.

vulnerabilityCVEcisa-kevactively-exploited
/HIGH /⚑ 2 IOCs

CVE-2025-54068 — Laravel Livewire: Laravel Livewire Code Injection Vulnerability

CVE-2025-54068 — Laravel Livewire contain a code injection vulnerability that could allow unauthenticated attackers to achieve remote command execution in specific scenarios.

vulnerabilityCVEcisa-kevactively-exploited
/HIGH /⚑ 2 IOCs

CVE-2025-43520 — Apple Multiple Products: Apple Multiple Products Classic Buffer Overflow Vulnerability

CVE-2025-43520 — Apple watchOS, iOS, iPadOS, macOS, visionOS, and tvOS contain a classic buffer overflow vulnerability which could allow a malicious application to cause unexpected...

vulnerabilityCVEcisa-kevactively-exploited
/HIGH /⚑ 1 IOC

CVE-2025-43510 — Apple Multiple Products: Apple Multiple Products Improper Locking Vulnerability

CVE-2025-43510 — Apple watchOS, iOS, iPadOS, macOS, visionOS, and tvOS contain an improper locking vulnerability that could allow a malicious application to cause unexpected changes...

vulnerabilityCVEcisa-kevactively-exploited
/HIGH /⚑ 1 IOC

CVE-2025-32432 — Craft CMS Craft CMS: Craft CMS Code Injection Vulnerability

CVE-2025-32432 — Craft CMS contains a code injection vulnerability that allows a remote attacker to execute arbitrary code.

vulnerabilityCVEcisa-kevactively-exploited
/HIGH /⚑ 1 IOC

CVE-2025-31277 — Apple Multiple Products: Apple Multiple Products Buffer Overflow Vulnerability

CVE-2025-31277 — Apple Safari, iOS, watchOS, visionOS, iPadOS, macOS, and tvOS contain a buffer overflow vulnerability that could allow the processing of maliciously crafted web...

vulnerabilityCVEcisa-kevactively-exploited
/HIGH /⚑ 2 IOCs

CVE-2026-20131 — Cisco Secure Firewall Management Center (FMC): Cisco Secure Firewall Management Center (FMC) Software and Cisco Security Cloud Control (SCC) Firewall Management Deserialization of Untrusted Data Vulnerability

CVE-2026-20131 — Cisco Secure Firewall Management Center (FMC) Software and Cisco Security Cloud Control (SCC) Firewall Management contain a deserialization of untrusted data vulnerability in...

vulnerabilityCVEcisa-kevactively-exploitedransomware
/CRITICAL /⚑ 2 IOCs

CVE-2026-20963 — Microsoft SharePoint: Microsoft SharePoint Deserialization of Untrusted Data Vulnerability

CVE-2026-20963 — Microsoft SharePoint contains a deserialization of untrusted data vulnerability that allows an unauthorized attacker to execute code over a network.

vulnerabilityCVEcisa-kevactively-exploited
/HIGH /⚑ 2 IOCs

CVE-2025-66376 — Synacor Zimbra Collaboration Suite (ZCS): Synacor Zimbra Collaboration Suite (ZCS) Cross-Site Scripting Vulnerability

CVE-2025-66376 — Synacor Zimbra Collaboration Suite (ZCS) contains a cross-site scripting vulnerability in the Classic UI where attackers could abuse Cascading Style Sheets (CSS) @import...

vulnerabilityCVEcisa-kevactively-exploited
/HIGH /⚑ 1 IOC

CVE-2025-47813 — Wing FTP Server Wing FTP Server: Wing FTP Server Information Disclosure Vulnerability

CVE-2025-47813 — Wing FTP Server contains a generation of error message containing sensitive information vulnerability when using a long value in the UID cookie.

vulnerabilityCVEcisa-kevactively-exploited
/HIGH /⚑ 1 IOC

DDoS Attack Prevention: INCD Advisory for Israeli Organizations

The INCD has issued guidance on DDoS attack prevention amid ongoing military operations. Organizations across Israel face distributed denial-of-service attacks of varying intensity. This advisory...

INCDisraeladvisoryalert
/MEDIUM /⚑ 1 IOC

Medical Device Firm Hit by Cyberattack, INCD Warns

The Israel National Cyber Directorate (INCD) has issued an advisory regarding a significant cyber incident affecting an international medical equipment company. Initial reports indicate that...

INCDisraeladvisoryalert
/MEDIUM /⚑ 3 IOCs /⚙ 2 Sigma

Microsoft's March 2024 Security Updates: Critical Vulnerabilities Addressed

The INCD has issued an advisory regarding Microsoft's monthly security updates addressing approximately 87 vulnerabilities, including 3 critical, 6 with high exploitation probability, and 20...

INCDisraelvulnerabilityadvisoryalert
/HIGH /⚑ 5 IOCs

CVE-2026-3910 — Google Chromium V8: Google Chromium V8 Improper Restriction of Operations Within the Bounds of a Memory Buffer Vulnerability

CVE-2026-3910 — Google Chromium V8 contains an improper restriction of operations within the bounds of a memory buffer vulnerability that could allow a remote attacker...

vulnerabilityCVEcisa-kevactively-exploited
/HIGH /⚑ 1 IOC

CVE-2026-3909 — Google Skia: Google Skia Out-of-Bounds Write Vulnerability

CVE-2026-3909 — Google Skia contains an out-of-bounds write vulnerability that could allow a remote attacker to perform out of bounds memory access via a crafted...

vulnerabilityCVEcisa-kevactively-exploited
/HIGH /⚑ 3 IOCs

Critical Rockwell Controller Flaw Exploited in Global Attacks

The Israel National Cyber Directorate (INCD) has issued a warning regarding the active exploitation of a critical vulnerability affecting specific Rockwell Automation controller series. This...

INCDisraelvulnerabilityadvisoryalert
/HIGH /⚑ 2 IOCs /⚙ 4 Sigma

Cloud Resilience Isn't Backup: INCD Warns Against Data Loss Risks

Many organizations utilizing cloud infrastructure may mistakenly rely on the built-in resiliency and redundancy mechanisms provided by major cloud vendors like AWS, Azure, and Google...

INCDisraeladvisoryalert
/MEDIUM /⚑ 5 IOCs /⚙ 1 Sigma

CVE-2025-68613 — n8n n8n: n8n Improper Control of Dynamically-Managed Code Resources Vulnerability

CVE-2025-68613 — n8n contains an improper control of dynamically managed code resources vulnerability in its workflow expression evaluation system that allows for remote code execution....

vulnerabilityCVEcisa-kevactively-exploited
/HIGH /⚑ 2 IOCs

CVE-2026-1603 — Ivanti Endpoint Manager (EPM): Ivanti Endpoint Manager (EPM) Authentication Bypass Vulnerability

CVE-2026-1603 — Ivanti Endpoint Manager (EPM) contains an authentication bypass using an alternate path or channel vulnerability that could allow a remote unauthenticated attacker to...

vulnerabilityCVEcisa-kevactively-exploited
/HIGH /⚑ 2 IOCs

CVE-2025-26399 — SolarWinds Web Help Desk: SolarWinds Web Help Desk Deserialization of Untrusted Data Vulnerability

CVE-2025-26399 — SolarWinds Web Help Desk contain a deserialization of untrusted data vulnerability in AjaxProxy that could allow an attacker to run commands on the...

vulnerabilityCVEcisa-kevactively-exploited
/HIGH /⚑ 2 IOCs

CVE-2021-22054 — Omnissa Workspace One UEM: Omnissa Workspace ONE Server-Side Request Forgery

CVE-2021-22054 — Omnissa Workspace One UEM formerly known as VMware Workspace One UEM contains a server-side request forgery (SSRF) vulnerability that could allow a malicious...

vulnerabilityCVEcisa-kevactively-exploited
/HIGH /⚑ 1 IOC

CVE-2023-43000 — Apple Multiple Products: Apple Multiple products Use-After-Free Vulnerability

CVE-2023-43000 — Apple macOS, iOS, iPadOS, and Safari 16.6 contain a use-after-free vulnerability due to the processing of maliciously crafted web content that may lead...

vulnerabilityCVEcisa-kevactively-exploited
/HIGH /⚑ 2 IOCs

CVE-2023-41974 — Apple iOS and iPadOS: Apple iOS and iPadOS Use-After-Free Vulnerability

CVE-2023-41974 — Apple iOS and iPadOS contain a use-after-free vulnerability. An app may be able to execute arbitrary code with kernel privileges.

vulnerabilityCVEcisa-kevactively-exploited
/HIGH /⚑ 1 IOC

CVE-2021-30952 — Apple Multiple Products: Apple Multiple Products Integer Overflow or Wraparound Vulnerability

CVE-2021-30952 — Apple tvOS, macOS, Safari, iPadOS and watchOS contain an integer overflow or wraparound vulnerability due to the processing of maliciously crafted web content...

vulnerabilityCVEcisa-kevactively-exploited
/HIGH /⚑ 2 IOCs

CVE-2021-22681 — Rockwell Multiple Products: Rockwell Multiple Products Insufficient Protected Credentials Vulnerability

CVE-2021-22681 — Multiple Rockwell products contain an insufficient protected credentials vulnerability. Studio 5000 Logix Designer software may allow a key to be discovered. This key...

vulnerabilityCVEcisa-kevactively-exploited
/HIGH /⚑ 2 IOCs

CVE-2017-7921 — Hikvision Multiple Products: Hikvision Multiple Products Improper Authentication Vulnerability

CVE-2017-7921 — Multiple Hikvision products contain an improper authentication vulnerability that could allow a malicious user to escalate privileges on the system and gain access...

vulnerabilityCVEcisa-kevactively-exploited
/HIGH /⚑ 1 IOC