CVE-2026-41427

creationtimestamp| type| source ---|---|--- 2026-05-16 16:32:11+00:00| seen| https://gist.github.com/yanchuk/859e9c10826efe814725781953466c18...

CVE-2026-42207

Magento Long Term Support LTS is an unofficial, community-driven project provides an alternative to the Magento Community Edition e-commerce platform with a high level of backward compatibility. Prior to 20.18.0, MageProductAlertAddController::stockAction reads the uenc query parameter and passes...

CVE-2026-3160

creationtimestamp| type| source ---|---|--- 2026-05-14 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/gitlab-multiple-vulnerabilities20260515...

CVE-2025-38708

creationtimestamp| type| source ---|---|--- 2026-05-14 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-134-10...

CVE-2019-13103

creationtimestamp| type| source ---|---|--- 2026-05-14 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-134-16...

CVE-2026-46391

creationtimestamp| type| source ---|---|--- 2026-05-14 09:00:04+00:00| seen| Telegram/Ab4OFqOZ0GdnyIUaC77uZ2CbzoeHzhCrZHfEopJ-gCMQVg 2026-05-19 14:44:46+00:00| published-proof-of-concept| https://github.com/advisories/GHSA-4fg7-f244-3j49...

CVE-2026-0247

creationtimestamp| type| source ---|---|--- 2026-05-14 06:51:24+00:00| seen| https://www.acn.gov.it/portale/w/vulnerabilita-in-prodotti-palo-alto-networks-1...

CVE-2026-0251

creationtimestamp| type| source ---|---|--- 2026-05-13 20:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/palo-alto-products-multiple-vulnerabilities20260514 2026-05-13 21:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=1869 2026-05-14 06:51:24+00:00| seen|...

nautobot-ai-ops (>=1.0.0 <=1.0.4), nautobot-bgp-models (>=0.7.0 <=1.0.0) +31 more potentially affected by CVE-2026-44798 via nautobot (>=1.0.3 <=2.4.22)

nautobot PYPI version =1.0.3, =1.0.0, =0.7.0, =1.1.0, =1.6.0, =1.0.0, =1.0.1, =1.0.0, =1.0.0, =1.0.0, =1.1.0, =1.0.0, =2.0.2 and more Source cves: CVE-2026-44798 Source advisory: OSV:GHSA-P3HX-PWF3-J8WR...

Malicious Package

Overview load-bufferjs is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

[Webinar] How Modern Attack Paths Cross Code, Pipelines, and Cloud

TL;DR: Stop chasing thousands of "toast" alerts. Join experts from Wiz to learn how hackers connect tiny flaws to build a "Lethal Chain" to your data—and how to break it. Register for the Strategic Briefing Here. Most security tools work like a smoke alarm that goes off every time you burn a piec...

CVE-2026-44347

creationtimestamp| type| source ---|---|--- 2026-05-13 01:17:45+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlp4znj3va2h...

CVE-2026-45185

creationtimestamp| type| source ---|---|--- 2026-05-12 14:44:00+00:00| seen| https://thehackernews.com/2026/05/new-exim-bdat-vulnerability-exposes.html 2026-05-12 18:00:04+00:00| seen| https://t.me/GithubRedTeam/83976 2026-05-12 23:00:14+00:00| seen|...

CVE-2026-45211

creationtimestamp| type| source ---|---|--- 2026-05-12 11:58:50+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mlnqf2q7ij2w 2026-05-12 11:59:25+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mlnqg3vdmc2g...

CVE-2026-6813

creationtimestamp| type| source ---|---|--- 2026-05-12 11:42:39+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlnpi57c3y2t 2026-05-13 00:33:06+00:00| seen| https://bsky.app/profile/atomicedge.bsky.social/post/3mlp2jsnit52s...

CVE-2026-7432

creationtimestamp| type| source ---|---|--- 2026-05-12 08:04:32+00:00| seen| https://www.acn.gov.it/portale/w/ivanti-may-security-update-1 2026-05-12 08:27:11+00:00| seen| https://cyber.gc.ca/en/alerts-advisories/ivanti-security-advisory-av26-450 2026-05-14 02:55:50+00:00| seen|...

CVE-2026-8043

creationtimestamp| type| source ---|---|--- 2026-05-12 08:04:32+00:00| seen| https://www.acn.gov.it/portale/w/ivanti-may-security-update-1 2026-05-12 08:27:11+00:00| seen| https://cyber.gc.ca/en/alerts-advisories/ivanti-security-advisory-av26-450 2026-05-12 16:16:31+00:00| seen|...

Malicious code in @tanstack/arktype-adapter (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 00740c1707de87fdde677d596049a754c3269e6b54875d76eb4934a1368b7112 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2026-33359

In Meari IoT Cloud alert image storage on Alibaba OSS latest observed; storage service version not disclosed, motion snapshots are retrievable without authentication, signed URLs, or expiry enforcement. URLs function as direct object references and remain valid beyond expected operational windows...

CVE-2026-33359

Meari IoT Cloud uses Alibaba OSS for alert image storage; motion snapshots can be retrieved without authentication, signed URLs, or expiry enforcement. This affects motion alert images exposed as direct object references, with URLs remaining valid beyond expected windows. Root cause is lack of ac...