CVE-2026-46509

creationtimestamp| type| source ---|---|--- 2026-05-28 20:02:05+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mmwstuyrpp2e...

CVE-2026-9095

creationtimestamp| type| source ---|---|--- 2026-05-28 19:46:30+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmwry2puay2e 2026-05-28 21:01:38+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mmww6euqtt2w...

CVE-2026-9937

creationtimestamp| type| source ---|---|--- 2026-05-28 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/microsoft-edge-multiple-vulnerabilities20260529 2026-05-28 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities20260529 2026-05-29...

CVE-2026-9976

creationtimestamp| type| source ---|---|--- 2026-05-28 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/microsoft-edge-multiple-vulnerabilities20260529 2026-05-28 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities20260529 2026-05-29...

CVE-2026-9984

creationtimestamp| type| source ---|---|--- 2026-05-28 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/microsoft-edge-multiple-vulnerabilities20260529 2026-05-28 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities20260529 2026-05-29...

CVE-2026-9009

creationtimestamp| type| source ---|---|--- 2026-05-28 07:00:32+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mmvh6e6h3x2n 2026-05-28 07:20:48+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmvicngffi2e 2026-05-28 07:30:29+00:00| seen|...

CVE-2026-44712

creationtimestamp| type| source ---|---|--- 2026-05-27 22:01:13+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mmuizvc4qx2e 2026-05-27 23:01:26+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmumfptprr2q...

CVE-2026-44886

Pi.Alert is a WIFI / LAN intruder detector with web service monitoring. From 2024-06-29 to before 2026-05-07, the web application endpoint is vulnerable to SQL injection. The /pialert/php/server/devices.php route accepts requests from unauthenticated users when the action URL parameter is set to...

CVE-2026-44887

Pi.Alert is a WIFI / LAN intruder detector with web service monitoring. Prior to 2026-05-07, Pi.Alert's web-based configuration editor allows arbitrary Python code to be injected into pialert.conf. Since the background scan daemon loads this file via Python's exec, injected code executes as the...

EUVD-2026-32636

Pi.Alert is a WIFI / LAN intruder detector with web service monitoring. From 2024-06-29 to before 2026-05-07, the web application endpoint is vulnerable to SQL injection. The /pialert/php/server/devices.php route accepts requests from unauthenticated users when the action URL parameter is set to...

CVE-2026-44886

Pi.Alert is a WIFI / LAN intruder detector with web service monitoring. From 2024-06-29 to before 2026-05-07, the web application endpoint is vulnerable to SQL injection. The /pialert/php/server/devices.php route accepts requests from unauthenticated users when the action URL parameter is set to...

CVE-2026-44887

Pi.Alert is a WIFI / LAN intruder detector with web service monitoring. Prior to 2026-05-07, Pi.Alert's web-based configuration editor allows arbitrary Python code to be injected into pialert.conf. Since the background scan daemon loads this file via Python's exec, injected code executes as the...

CVE-2026-44887 Unauthenticated RCE via Python Config File Injection in SaveConfigFile() (Path)

Pi.Alert is a WIFI / LAN intruder detector with web service monitoring. Prior to 2026-05-07, Pi.Alert's web-based configuration editor allows arbitrary Python code to be injected into pialert.conf. Since the background scan daemon loads this file via Python's exec, injected code executes as the...

CVE-2026-44888

Pi.Alert vulnerability CVE-2026-44888: unauthenticated RCE via SaveConfigFile() config injection. Prior to 2026-05-07, numeric config values (e.g., SMTP_PORT) were written into pialert.conf without validation; pialert.conf is loaded with Python exec() every 3–5 minutes by a background cron, allow...

CVE-2026-44888 Unauthenticated RCE via Python Config File Injection in SaveConfigFile() (Interger)

Pi.Alert is a WIFI / LAN intruder detector with web service monitoring. Prior to 2026-05-07, Pi.Alert's SaveConfigFile endpoint writes user-supplied numeric config values e.g., SMTPPORT directly into pialert.conf without validation. Since pialert.conf is loaded via Python's exec every 3–5 minutes...

CVE-2026-42754

creationtimestamp| type| source ---|---|--- 2026-05-27 12:57:53+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmtkofkna62q...

CVE-2026-48962

creationtimestamp| type| source ---|---|--- 2026-05-27 04:30:28+00:00| seen| https://infosec.exchange/users/offseq/statuses/116644657711662061 2026-05-27 04:30:31+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mmsod6gi4p22 2026-05-27 05:02:43+00:00| seen|...

PT-2026-44075

Pi.Alert is a WIFI / LAN intruder detector with web service monitoring. Prior to 2026-05-07, Pi.Alert's web-based configuration editor allows arbitrary Python code to be injected into pialert.conf. Since the background scan daemon loads this file via Python's exec, injected code executes as the...

Amazon Linux 2 : cni-plugins, --advisory ALAS2-2026-3311 (ALAS-2026-3311)

The version of cni-plugins installed on the remote host is prior to 1.7.1-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3311 advisory. Actions which insert URLs into the content attribute of HTML meta tags are not escaped. This can allow XSS if the meta...

CVE-2026-8855

creationtimestamp| type| source ---|---|--- 2026-05-26 19:00:43+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mmroidmxkf2l 2026-05-26 21:07:07+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mmrvke7acb25 2026-05-26 21:07:07+00:00| seen|...