EUVD-2026-34330

IRIS is a web collaborative platform that helps incident responders share technical details during investigations. In versions prior to 2.4.28, users can create alerts for customers that are not assigned to them. This can be abused to falsely attribute fake alerts to customers. In combination wit...

CVE-2025-69755

creationtimestamp| type| source ---|---|--- 2026-06-04 19:10:26+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnid7yxtsx2x...

@agent-native/core (>=0.26.5 <=0.28.5), @intlayer/backend (=8.7.0-canary.0) +6 more potentially affected by CVE-2026-45337 via better-auth (>=1.6.0 <=1.6.10)

better-auth NPM version =1.6.0, =0.26.5, =0.0.33, =0.2.0, =1.6.0, =0.1.2, =0.2.0 Source cves: CVE-2026-45337 Source advisory: OSV:GHSA-CQ3F-VC6P-68FH...

CVE-2026-7764

creationtimestamp| type| source ---|---|--- 2026-06-04 06:37:40+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mngz5xiqip26...

PT-2026-46391

IRIS is a web collaborative platform that helps incident responders share technical details during investigations. In versions prior to 2.4.28, users can create alerts for customers that are not assigned to them. This can be abused to falsely attribute fake alerts to customers. In combination wit...

PT-2026-46387

The WP Meta Sort Posts plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.9. This is due to missing or incorrect nonce validation on the top-level included script in msp-options.php. This makes it possible for unauthenticated attackers to chan...

CVE-2026-8874

Version 3.0.7 of the Securly Chrome Extension downloads JSON files containing crisis alert keywords and filtering rules over unencrypted HTTP via the Fetch API. Other endpoints in the same extension correctly fetch IWF and CIPA data over HTTPS, demonstrating an inconsistent implementation of TLS...

CVE-2026-8876

Version 3.0.7 of the Securly Chrome Extension contains hardcoded, plaintext AES passphrases in securly.min.js. These keys decrypt crisis alert keyword data and intervention site data...

EUVD-2026-34162

Version 3.0.7 of the Securly Chrome Extension contains hardcoded, plaintext AES passphrases in securly.min.js. These keys decrypt crisis alert keyword data and intervention site data...

CVE-2026-8876

Securly Chrome Extension, version 3.0.7, is affected by CVE-2026-8876 due to hardcoded, plaintext AES passphrases in securly.min.js used to decrypt crisis alert keyword data and intervention site data. This JavaScript plaintext key exposure constitutes a cryptographic weakness that could enable u...

CVE-2026-8876 CVE-2026-8876

Version 3.0.7 of the Securly Chrome Extension contains hardcoded, plaintext AES passphrases in securly.min.js. These keys decrypt crisis alert keyword data and intervention site data...

CVE-2026-8876

Version 3.0.7 of the Securly Chrome Extension contains hardcoded, plaintext AES passphrases in securly.min.js. These keys decrypt crisis alert keyword data and intervention site data...

CVE-2026-8876 CVE-2026-8876

Version 3.0.7 of the Securly Chrome Extension contains hardcoded, plaintext AES passphrases in securly.min.js. These keys decrypt crisis alert keyword data and intervention site data...

a-mailx (=0.1.0), a2 (>=0.1.0 <=0.3.17) +360 more potentially affected by CVE-2026-6657 via jupyter-server (>=1.13.2 <=2.17.0)

jupyter-server PYPI version =1.13.2, =0.1.0, =0.14.0.3, =0.3.0, =0.1.0b0, =1.3.4, =0.18.3, =0.1.0, =1.0.1, =0.1.0, =0.14.0 and more Source cves: CVE-2026-6657 Source advisory: SNYK:PYTHON-JUPYTERSERVER-17220130...

CVE-2026-35083

creationtimestamp| type| source ---|---|--- 2026-06-03 12:54:23+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnf5qnwy422d 2026-06-03 22:00:44+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mng4blz6vn2e 2026-06-08 21:07:08+00:00| seen|...

CVE-2026-20230

creationtimestamp| type| source ---|---|--- 2026-06-03 12:22:10+00:00| seen| https://cyber.gc.ca/en/alerts-advisories/cisco-security-advisory-av26-547 2026-06-03 21:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=1899 2026-06-03 23:03:34+00:00| seen|...

UBUNTU-CVE-2026-47065

ZDRES-232: resolveProxyClass Not Overridden - acceptMatchers Filter Bypass via java.lang.reflect.Proxy Assessment: Fully addressed. When the serialised stream contains a TCPROXYCLASSDESC the marker for a java.lang.reflect.Proxy , JDK’s ObjectInputStream.readProxyDesc is dispatched. JDK then calls...

CVE-2025-14771

creationtimestamp| type| source ---|---|--- 2026-06-03 06:01:01+00:00| seen| https://cyber.gc.ca/en/alerts-advisories/control-systems-abb-security-advisory-av26-545 2026-06-03 11:29:36+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mneyz2dgnr2o 2026-06-03 14:01:41+00:00| seen|...

PT-2026-46049

Name of the Vulnerable Software and Affected Versions Securly Chrome Extension version 3.0.7 Description The software contains hardcoded, plaintext AES passphrases within the securly.min.js file. These passphrases are used to decrypt intervention site data and crisis alert keyword data...

CVE-2026-33245

creationtimestamp| type| source ---|---|--- 2026-06-02 21:01:39+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mndiiziwpy2q 2026-06-02 23:26:25+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mndqlviq3g23 2026-06-05 06:37:08+00:00| seen|...