CVE-2026-44061

creationtimestamp| type| source ---|---|--- 2026-05-21 10:33:43+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mme7t5fs622e 2026-06-01 00:01:26+00:00| seen| https://bsky.app/profile/slackers.it/post/3mn6rmo4sw523...

BELL-CVE-2026-43340

Bulletin has no description...

CVE-2026-9121

creationtimestamp| type| source ---|---|--- 2026-05-20 22:34:38+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmcxndoehv2p 2026-05-21 18:07:08+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mmez5wdurf25 2026-05-25 18:00:00+00:00| seen|...

CVE-2026-9144 Taiko AG1000-01A Rev 7.3/8 Stored XSS via Web Configuration Interface

Taiko AG1000-01A SMS Alert Gateway Rev 7.3 and Rev 8 contains a stored cross-site scripting vulnerability in the embedded web configuration interface that allows authenticated attackers to execute persistent JavaScript by fragmenting malicious payloads across multiple administrative form fields...

CVE-2026-5946

creationtimestamp| type| source ---|---|--- 2026-05-20 07:42:48+00:00| seen| https://www.acn.gov.it/portale/w/aggiornamenti-per-isc-bind-5 2026-05-20 10:23:00+00:00| seen| https://cyber.gc.ca/en/alerts-advisories/isc-bind-security-advisory-av26-490 2026-05-20 14:24:10+00:00| seen|...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mac80211: The issue in ieee80211scanrx involves checking the skb length. This code requires hard-coded compile-time constants for determining the header length check. Instead, a dynamic determination based on the frame type shoul...

Astra Linux - уязвимость в firefox, thunderbird

Through a series of API calls and redirections, an alert dialog controlled by an attacker could have been displayed on another website with the victim website’s URL shown. This vulnerability affects Firefox 123, Firefox ESR 115.8, and Thunderbird 115.8...

SOC-Alert-Investigation-Portfolio

SOC Alert Investigation Portfolio This repository contains pr...

GHSA-58QX-3VCG-4XPX

creationtimestamp| type| source ---|---|--- 2026-05-19 19:42:10+00:00| seen| https://gist.github.com/konard/d8a22725a8b00a188eb2098b18eaa766 2026-05-19 19:44:33+00:00| seen| https://gist.github.com/konard/beb604d0f86e740a59c10cc19fb9b50b 2026-05-19 20:19:30+00:00| seen|...

MAL-2026-4171 Malicious code in @mc-xp/mc-monolith-js-src-package (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 13fafa7ca25af537c9383868398521cf50a086c1055e9451e4a2208de0083923 The OpenSSF Package Analysis project identified '@mc-xp/mc-monolith-js-src-package' @ 99.9.1 npm as malicious. It is considered malicious becaus...

CVE-2026-42096

creationtimestamp| type| source ---|---|--- 2026-05-19 02:55:00+00:00| seen| https://cert.pl/en/posts/2026/05/CVE-2026-42096 2026-05-19 19:00:05+00:00| seen| https://t.me/GithubRedTeam/84866 2026-05-19 21:00:04+00:00| published-proof-of-concept|...

CLSA-2026-1779153000 golang: Fix of CVE-2026-32283

CVE-2026-32283: fix TLS 1.3 deadlock in crypto/tls handleKeyUpdate when a peer sends multiple key update messages requesting a response in a single record by adding a locked flag to setReadTrafficSecret so it calls sendAlertLocked instead of re-locking the connection mutex...

MAL-2026-3999 Malicious code in @antv/geo-coord (npm)

Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...

@ithinkdt/lowcode (>=4.0.0 <=4.0.5), @nywqs/scada-engine (>=2.0.0 <=2.0.3) +2 more potentially affected by unknown CVE via @antv/x6-vue-shape (=3.0.2)

@antv/x6-vue-shape NPM version =3.0.2 is affected by a known vulnerability. The following packages have a transitive dependency on @antv/x6-vue-shape and may be impacted: - @ithinkdt/lowcode =4.0.0, =2.0.0, =1.0.0, =1.0.55 - ems-desktop =1.0.8-202601151630 Source cves: unknown CVE Source advisory...

CVE-2026-3471

Mattermost Desktop App versions =6.1 6.0.1 5.4.13.0 fail to prevent an invalid URL from loading in a pop-up window in the Mattermost Desktop App which allows a malicious server owner to repeated crash the application via calling window.open'javascript:alert';. Mattermost Advisory ID: MMSA-2026-00...

CVE-2026-3471 Opening a window with {{javascript:alert()}} as URL causes crash in the Mattermost Desktop App

Mattermost Desktop App versions =6.1 6.0.1 5.4.13.0 fail to prevent an invalid URL from loading in a pop-up window in the Mattermost Desktop App which allows a malicious server owner to repeated crash the application via calling window.open'javascript:alert';. Mattermost Advisory ID: MMSA-2026-00...

EUVD-2026-30757

Mattermost Desktop App versions =6.1 6.0.1 5.4.13.0 fail to prevent an invalid URL from loading in a pop-up window in the Mattermost Desktop App which allows a malicious server owner to repeated crash the application via calling window.open'javascript:alert';. Mattermost Advisory ID: MMSA-2026-00...

CVE-2026-8782

creationtimestamp| type| source ---|---|--- 2026-05-18 06:08:01+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mm47kzzxps2c...

CVE-2018-25328

creationtimestamp| type| source ---|---|--- 2026-05-17 14:56:16+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mm2mmwodr52k...

CVE-2026-8657

creationtimestamp| type| source ---|---|--- 2026-05-17 01:30:29+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mlz7m3b64q22 2026-05-17 01:30:47+00:00| seen| https://infosec.exchange/users/offseq/statuses/116587326764358912...