Lucene search
K

240 matches found

Circl
Circl
β€’added 2026/06/09 7:0 p.m.β€’7 views

CVE-2026-46394

creationtimestamp| type| source ---|---|--- 2026-06-09 19:00:13+00:00| published-proof-of-concept| Telegram/Twzxtbvyqic9grgE7JaZrbs3i9BOrZG8PBBvMyWgrTB7Ya8 2026-06-09 23:00:05+00:00| published-proof-of-concept| Telegram/avQcqITCN0CdPqbuzPd1c2U29MoQRxNSjCudrYTZic4II...

7.7CVSS5.8AI score0.00768EPSS
Exploits1
Circl
Circl
β€’added 2026/06/09 3:0 p.m.β€’5 views

CVE-2026-00000

creationtimestamp| type| source ---|---|--- 2026-06-09 15:00:12+00:00| published-proof-of-concept| Telegram/TPZhP3a04vI9AManDnxQiLM92frB40hJI3gtpEixtxo5IZo 2026-06-09 23:00:05+00:00| published-proof-of-concept| Telegram/avQcqITCN0CdPqbuzPd1c2U29MoQRxNSjCudrYTZic4II...

5.8AI score
Exploits1
Positive Technologies
Positive Technologies
β€’added 2026/06/07 12:0 a.m.β€’19 views

PT-2026-47173

$1,000 of compute found 21 zero-days in FFmpeg. An autonomous agent called depthfirst scanned roughly 1.5 million lines of C, then wrote a reproducible proof-of-concept for every bug it reported. The shift is that second half. Not a list of suspicious lines for a human to chase, but 21 crashing...

5.9AI score
Exploits0References3
ATTACKERKB
ATTACKERKB
β€’added 2026/06/04 7:31 p.m.β€’7 views

CVE-2026-41522

Iris is a web collaborative platform that helps incident responders share technical details during investigations. Prior to version 2.4.28, DFIR-IRIS exposes an optional GraphQL endpoint at /graphql that does not enforce the same authorization checks as the REST API. Any authenticated user can...

7.1CVSS5.9AI score0.00246EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
β€’added 2026/06/04 12:0 a.m.β€’14 views

PT-2026-46332

Unauthenticated Local File Inclusion in LuxMed | Medicine & Healthcare Doctor WordPress Theme = 1.2.2 versions...

8.1CVSS5.2AI score0.00348EPSS
Exploits0References2
Positive Technologies
Positive Technologies
β€’added 2026/06/04 12:0 a.m.β€’13 views

PT-2026-46374

Unauthenticated Local File Inclusion in Orpheus = 1.3 versions...

8.1CVSS5.2AI score0.00348EPSS
Exploits0References2
Positive Technologies
Positive Technologies
β€’added 2026/06/04 12:0 a.m.β€’13 views

PT-2026-46328

Unauthenticated PHP Object Injection in Reisen = 1.4.1 versions...

9.8CVSS5.3AI score0.00386EPSS
Exploits0References2
Positive Technologies
Positive Technologies
β€’added 2026/06/04 12:0 a.m.β€’13 views

PT-2026-46324

Unauthenticated Local File Inclusion in Rosaleen = 2.8 versions...

8.1CVSS5.2AI score0.00435EPSS
Exploits0References3
Positive Technologies
Positive Technologies
β€’added 2026/06/04 12:0 a.m.β€’12 views

PT-2026-46340

Unauthenticated Local File Inclusion in Especio = 1.0 versions...

8.1CVSS5.2AI score0.00435EPSS
Exploits0References3
Positive Technologies
Positive Technologies
β€’added 2026/06/04 12:0 a.m.β€’12 views

PT-2026-46351

Unauthenticated Local File Inclusion in Abelle = 1.22 versions...

8.1CVSS5.2AI score0.00435EPSS
Exploits0References3
Positive Technologies
Positive Technologies
β€’added 2026/06/04 12:0 a.m.β€’13 views

PT-2026-46362

Unauthenticated Local File Inclusion in Granola = 1.13 versions...

8.1CVSS5.2AI score0.00348EPSS
Exploits0References2
Positive Technologies
Positive Technologies
β€’added 2026/06/04 12:0 a.m.β€’13 views

PT-2026-46368

Unauthenticated Local File Inclusion in Skyward = 1.10 versions...

8.1CVSS5.2AI score0.00348EPSS
Exploits0References2
Positive Technologies
Positive Technologies
β€’added 2026/06/03 12:0 a.m.β€’12 views

PT-2026-45932

BREAKING: Samsung discloses critical CVE-2026-23786 and CVE-2024-53922 in semiconductor products, enabling potential unauthorized access with patches pending. https://t.co/As20ekaylO...

5.8AI score
Exploits0References1
Ubuntu
Ubuntu
β€’added 2026/06/02 2:46 p.m.β€’25 views

USN-8371-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as Dirty Frag. A logic flaw existed in the XFRM ESP-in-TCP subsystem and in the RxRPC networking subsystem when processing paged fragments. A local attacker...

8.8CVSS6.3AI score0.93235EPSS
Exploits57
Wordfence Blog
Wordfence Blog
β€’added 2026/05/29 4:23 p.m.β€’28 views

Wordfence Bug Bounty Program Monthly Report – March 2026

In March 2026, the Wordfence Bug Bounty Program received 1718 vulnerability submissions from our growing community of security researchers working to improve the overall security posture of the WordPress ecosystem. These submissions are reviewed, triaged, and processed by the Wordfence Threat...

6.2AI score
Exploits0
The Hacker News
The Hacker News
β€’added 2026/05/28 1:53 p.m.β€’22 views

Microsoft Slams Public Zero-Day Disclosures Amid GitHub Researcher Account Removal

Microsoft has come out strongly in favor of Coordinated Vulnerability Disclosure CVD, urging the research community to share their findings and give affected vendors an opportunity to better understand the impact and address them before they are publicly disclosed. The development comes after a...

7.8CVSS6.6AI score0.63076EPSS
Exploits6
Positive Technologies
Positive Technologies
β€’added 2026/05/27 12:0 a.m.β€’15 views

PT-2026-43621

Impact An attacker can cause the creation of unnecessary background threads in the python-engineio server by exploiting the heartbeat mechanism, which launches a thread when a new connection is received, and when the client sends a PONG packet. Note: this issue primarily affects synchronous...

7.5CVSS5.8AI score
Exploits0References9
MSRC
MSRC
β€’added 2026/05/27 12:0 a.m.β€’11 views

A shared responsibility: Protecting customers through Coordinated Vulnerability Disclosure

In recent weeks several zero-day vulnerabilities have been publicly disclosed. The details of these vulnerabilities were not shared with Microsoft prior to release, and the disclosures put our customers at unnecessary risk...

5.8AI score
Exploits0
Positive Technologies
Positive Technologies
β€’added 2026/05/26 12:0 a.m.β€’20 views

PT-2026-43620

Name of the Vulnerable Software and Affected Versions radvd versions prior to 2.21 Description The radvdump utility contains a stack buffer overflow in the Route Information option parser. When processing a crafted ICMPv6 Router Advertisement, the print ff function copies up to 2032 bytes of...

8.8CVSS6.1AI score0.00203EPSS
Exploits0References20
Packet Storm News
Packet Storm News
β€’added 2026/05/21 12:0 a.m.β€’11 views

A First Measurement Study on Authentication Security in Real-World Remote MCP Servers

The Model Context Protocol MCP is emerging as a common interface connecting large language models LLMs with external services. Remote deployments are becoming increasingly important as agents connect to user-linked online services, such as social, productivity, and financial services. In such...

5.8AI score
Exploits0
Rows per page
Query Builder