18182 matches found
ROOT-OS-DEBIAN-11-CVE-2026-46236 CVE-2026-46236 in rootio-linux - Patched by Root
Root has patched CVE-2026-46236 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...
Korenix JetPort 5601v3 - Path Traversal
The pathname of the root directory to a Restricted Directory 'Path Traversal' vulnerability in Korenix JetPort 5601 allows Path Traversal.This issue affects JetPort 5601- through 1.2. id: CVE-2024-11303 info: name: Korenix JetPort 5601v3 - Path Traversal author: geeknik severity: high description...
Ruby Dragonfly <1.4.0 - Remote Code Execution
Ruby Dragonfly before 1.4.0 contains an argument injection vulnerability that allows remote attackers to read and write to arbitrary files via a crafted URL when the verifyurl option is disabled. This may lead to code execution. The problem occurs because the generate and process features mishand...
DataEase - Remote Code Execution
DataEase is an open-source business intelligence and data visualization platform. Public advisories state that CVE-2025-49002 is related to a bypass in the previous fix for CVE-2025-32966 involving case-insensitive handling of restricted H2 JDBC keywords. This template is a non-invasive detection...
MINI-W9J2-JR2Q-VJMJ
Bulletin has no description...
CVE-2026-31673
creationtimestamp| type| source ---|---|--- 2026-07-06 05:52:37+00:00| seen| https://www.hkcert.org/security-bulletin/debian-linux-kernel-multiple-vulnerabilities20260706 2026-07-09 01:16:49+00:00| seen| https://www.hkcert.org/security-bulletin/suse-linux-kernel-multiple-vulnerabilities20260702...
PT-2026-55983
The Form Vibes – Database Manager for Forms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Contact Form 7 Form Field in all versions up to, and including, 1.5.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers ...
EUVD-2026-41754
A flaw has been found in AIAnytime Awesome-MCP-Server up to a884bb51bcd99e08e14fd712c749d55d9d9a13ab. Affected by this issue is some unknown functionality of the file mcp-wiki/src/mcpwiki/server.py of the component mcp-wiki/wiki-summary. This manipulation of the argument url causes server-side...
CVE-2026-7839
creationtimestamp| type| source ---|---|--- 2026-07-03 09:07:07+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mpq6zuwhna2s 2026-07-09 11:59:52+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mq7liax6oy2y...
PYSEC-2026-303 CAI find_file Agent Tool has Command Injection Vulnerability Through Argument Injection
Summary The CAI Cybersecurity AI framework contains multiple argument injection vulnerabilities in its function tools. User-controlled input is passed directly to shell commands via subprocess.Popen with shell=True, allowing attackers to execute arbitrary commands on the host system. Vulnerable...
Ukraine Says Russian Intelligence Used Fake Support Texts to Steal Messaging Credentials
The Security Service of Ukraine SSU said it, together with the U.S. Federal Bureau of Investigation FBI, uncovered a long-running campaign orchestrated by Russian intelligence services to break into the messaging accounts of government officials, military personnel, politicians, and activists in...
OpenAI Previews GPT-5.6 Sol With Restricted Access and Stronger Cyber Safeguards
OpenAI on Friday released three versions of GPT-5.6 , called Sol, Terra, and Luna , as a limited preview to a small number of companies as part of an ongoing engagement with the U.S. government. While Sol is the latest flagship model and the most powerful, Terra strikes a balance between efficien...
CVE-2026-13024
creationtimestamp| type| source ---|---|--- 2026-06-25 05:45:44+00:00| seen| https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities20260625 2026-06-25 12:00:13+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mp4ey2p4eu2c 2026-07-01 02:46:06+00:00| seen|...
EVoke Systems Charging Station Management System
ADVISORY SUMMARY Successful exploitation of these vulnerabilities could enable attackers to gain unauthorized administrative control over vulnerable charging stations or disrupt charging services through denial-of-service attacks. 2. RECOMMENDED PRACTICES CISA recommends users take defensive...
CVE-2026-4983
creationtimestamp| type| source ---|---|--- 2026-06-24 11:40:04+00:00| seen| https://bsky.app/profile/cybersecinsight.bsky.social/post/3moztf4hs7n2y...
Hubbell Aclara Metrum Cellular Web Interface
ADVISORY SUMMARY Successful exploitation of this vulnerability could allow attackers to manipulate critical device settings and repeatedly disrupt operations, potentially causing a loss of communications to the device. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to...
Exploit for CVE-2026-20262
cve-id ⚡ Simple Usage Use this project only in safe and...
Cyber-Arena
CyberArena - Cybersecurity Challenge Platform CyberArena is a...
sql_injection_exploit.sh
sqlinjectionexpl...
PT-2026-49231
Name of the Vulnerable Software and Affected Versions Cornerstone versions prior to 7.8.8 Description A flaw allows a user with subscriber privileges to achieve arbitrary code execution, which is the ability to run unauthorized commands or code on the host system. Recommendations Update to versio...