PT-2026-35642

Name of the Vulnerable Software and Affected Versions ProFTPD versions prior to 1.3.10rc1 Description A flaw in the mod sql module allows unauthenticated remote attackers to bypass authentication and execute arbitrary code. The issue stems from a lack of protection for SQL query structures,...

New ClickFix attack Hides in Native Windows Tools to Reduce Detection Risk

Fake CAPTCHA ClickFix attack tricks users into running malicious commands, using cmdkey and regsvr32 to maintain persistence and avoid detection on Windows...

CVE-2019-25680

creationtimestamp| type| source ---|---|--- 2026-04-24 17:37:08+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mkb2vfjg7u2p...

CVE-2024-50478

creationtimestamp| type| source ---|---|--- 2026-04-23 16:07:07+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mk6ffk7uos2s...

Observability for Akamai Cloud: Get Started with Akamai Cloud Pulse

...

A Shortcut to Coercion: Incomplete Patch of APT28's Zero-Day Leads to CVE-2026-32202

...

CVE-2017-20236

creationtimestamp| type| source ---|---|--- 2026-04-22 16:07:09+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mk3uwn7jkv2f...

xss-demo-blog

No d...

PT-2026-34552

CVE-2026-30623 vulnerability via Anthropic's MCP SDK has been fixed since v1.83.6-nightly. Please refer to our blog post for more details. https://t.co/ImGk2mGYug...

CVE-2025-29635: Mirai Campaign Targets D-Link Devices

...

EUVD-2026-24073

Reflected Cross-Site Scripting XSS vulnerability in Navigate Content Management System. The vulnerability is present in the '/blog' endpoint because user input is not properly sanitized through designed query parameters. This results in unsafe HTML rendering, which could allow a remote attacker t...

CVE-2026-3317

Reflected Cross-Site Scripting XSS vulnerability in Navigate Content Management System. The vulnerability is present in the '/blog' endpoint because user input is not properly sanitized through designed query parameters. This results in unsafe HTML rendering, which could allow a remote attacker t...

CVE-2026-3317 Reflected Cross-Site Scripting in Navigate CMS application

Reflected Cross-Site Scripting XSS vulnerability in Navigate Content Management System. The vulnerability is present in the '/blog' endpoint because user input is not properly sanitized through designed query parameters. This results in unsafe HTML rendering, which could allow a remote attacker t...

CVE-2026-3317

CVE-2026-3317 is a reflected XSS vulnerability in Navigate Content Management System affecting the /blog endpoint. The root cause is unsanitized user input via designed query parameters, leading to unsafe HTML rendering and the potential execution of JavaScript in a victim’s browser. The issue is...

CVE-2026-3317 Reflected Cross-Site Scripting in Navigate CMS application

Reflected Cross-Site Scripting XSS vulnerability in Navigate Content Management System. The vulnerability is present in the '/blog' endpoint because user input is not properly sanitized through designed query parameters. This results in unsafe HTML rendering, which could allow a remote attacker t...

CVE-2026-3317

Reflected Cross-Site Scripting XSS vulnerability in Navigate Content Management System. The vulnerability is present in the '/blog' endpoint because user input is not properly sanitized through designed query parameters. This results in unsafe HTML rendering, which could allow a remote attacker t...

Navigate Content Management System 跨站脚本漏洞

Navigate Content Management System is a website content management system developed by the Spanish company Navigate. Navigate Content Management System has a cross-site scripting vulnerability. This vulnerability arises from improper cleaning of user inputs at the blog endpoint, which may lead to...

PT-2026-33923

Reflected Cross-Site Scripting XSS vulnerability in Navigate Content Management System. The vulnerability is present in the '/blog' endpoint because user input is not properly sanitized through designed query parameters. This results in unsafe HTML rendering, which could allow a remote attacker t...

CVE-2019-25675

creationtimestamp| type| source ---|---|--- 2026-04-20 22:37:07+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mjxjs5e6en2s...

CVE-2026-6576

A vulnerability was determined in liangliangyy DjangoBlog up to 2.1.0.0. The affected element is the function CommandHandler of the file servermanager/api/commonapi.py of the component WeChat Bot Interface. Executing a manipulation of the argument Source can lead to command injection. It is...