7010 matches found
CVE-2026-34621
creationtimestamp| type| source ---|---|--- 2026-04-07 04:00:00+00:00| published-proof-of-concept| https://justhaifei1.blogspot.com/2026/04/expmon-detected-sophisticated-zero-day-adobe-reader.html 2026-04-11 04:00:00+00:00| exploited| https://helpx.adobe.com/security/products/acrobat/apsb26-43.ht...
KLA90970 Multiple vulnerabilities in Mozilla Thunderbird
Multiple vulnerabilities were found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Incorrect boundary conditions vulnerability in the Graphics can be exploited to cause...
KLA90972 Multiple vulnerabilities in Mozilla Firefox
Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Incorrect boundary conditions vulnerability in the Graphics can be exploited to cause denia...
Storm-1175 focuses gaze on vulnerable web-facing assets in high-tempo Medusa ransomware operations
In this article 1. Storm-1175’s rapid attack chain: From initial access to impact 2. Mitigation and protection guidance 3. Microsoft Defender detections 4. Indicators of compromise The financially motivated cybercriminal actor tracked by Microsoft Threat Intelligence as Storm-1175 operates...
⚡ Weekly Recap: Axios Hack, Chrome 0-Day, Fortinet Exploits, Paragon Spyware and More
This week had real hits. The key software got tampered with. Active bugs showed up in the tools people use every day. Some attacks didn’t even need much effort because the path was already there. One weak spot now spreads wider than before. What starts small can reach a lot of systems fast. New...
SmartContract-VulnHunter
🛡️ SmartContract VulnHunter The ultimate smart contract securi...
SALLIE: Safeguarding against Latent Language and Image Exploits
Large Language Models LLMs and Vision-Language Models VLMs remain highly vulnerable to textual and visual jailbreaks, as well as prompt injections arXiv:2307.15043, Greshake et al., 2023, arXiv:2306.13213. Existing defenses often degrade performance through complex input transformations or treat...
Linux Distros Unpatched Vulnerability : CVE-2026-35582
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Ubuntu Linux - Unknown description CVE-2026-35582 Note that Nessus relies on the presence of the package as reported by the vendor. %NASLMINLEVEL 80900 C Tenabl...
CVE-2026-35607
creationtimestamp| type| source ---|---|--- 2026-04-04 20:31:28+00:00| published-proof-of-concept| https://github.com/filebrowser/filebrowser/security/advisories/GHSA-7526-j432-6ppp 2026-04-07 19:33:54+00:00| seen| Telegram/2sVgvXJxKnqdd0t3ix7z2PFFoP4qMIqNMJ7HHwXtd94aJL4 2026-04-07 19:34:12+00:00...
Chromium: CVE-2026-5281 Use after free in Dawn
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. Google is aware that an exploit for CVE-2026-5281 exists in the wild...
lightweight-msf
Lightweight-MSF !License: MIThttps://img.shields.io/badge...
RuleForge: Automated Generation and Validation for Web Vulnerability Detection at Scale
Security teams face a challenge: the volume of newly disclosed Common Vulnerabilities and Exposures CVEs far exceeds the capacity to manually develop detection mechanisms. In 2025, the National Vulnerability Database published over 48,000 new vulnerabilities, motivating the need for automation. W...
CVEs
...
A Taxonomy of Cognitive Security
Last week, I listened to a fascinating talk by K. Melton on cognitive security, cognitive hacking, and reality pentesting. The slides from the talk are here, but--even better--Menton has a long essay laying out the basic concepts and ideas. The whole thing is important and well worth reading, and...
March Linux Patch Wednesday
MarchLinux Patch Wednesday. In March, Linux vendors began addressing 575 vulnerabilities, which is 57 fewer than in February. Of these, 93 are in the Linux Kernel ⬇️ a significant decrease - there were 305 in February. There are two vulnerabilities with signs of in-the-wild exploitation: 🔻 RCE -...
Fedora 44 : mingw-expat (2026-cf814a1a06)
The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-cf814a1a06 advisory. Update to 2.7.5. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for this...
SUSE CVE-2026-27859
A mail message containing excessive amount of RFC 2231 MIME parameters causes LMTP to use too much CPU. A suitably formatted mail message causes mail delivery process to consume large amounts of CPU time. Use MTA capabilities to limit RFC 2231 MIME parameters in mail messages, or upgrade to fixed...
PT-2026-28800
Name of the Vulnerable Software and Affected Versions Nezha Monitoring versions 2.0.14 through 2.0.19 Description The software allows the 'PATCH /server/id' endpoint to accept and store nonexistent ddns profiles IDs for a server owned by a member. If a different user subsequently creates a DDNS...
Linux Distros Unpatched Vulnerability : CVE-2025-59032
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ManageSieve AUTHENTICATE command crashes when using literal as SASL initial response. This can be used to crash ManageSieve service repeatedly, making it...
Linux Distros Unpatched Vulnerability : CVE-2025-59031
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Dovecot has provided a script to use for attachment to text conversion. This script unsafely handles zip- style attachments. Attacker can use specially crafted...