CVE-2026-4415 GIGABYTE｜Gigabyte Control Center - Arbitrary File Write

Gigabyte Control Center developed by GIGABYTE has an Arbitrary File Write vulnerability. When the pairing feature is enabled, unauthenticated remote attackers can write arbitrary files to any location on the underlying operating system, leading to arbitrary code execution or privilege escalation...

CVE-2026-4415

Gigabyte Control Center developed by GIGABYTE has an Arbitrary File Write vulnerability. When the pairing feature is enabled, unauthenticated remote attackers can write arbitrary files to any location on the underlying operating system, leading to arbitrary code execution or privilege escalation...

CVE-2026-4415

CVE-2026-4415 – Gigabyte Control Center : The vulnerability is described as an Arbitrary File Write when the pairing feature is enabled. Unauthenticated remote attackers can write arbitrary files to locations on the OS, enabling arbitrary code execution or privilege escalation. The CVSS metrics i...

CVE-2026-4415 GIGABYTE｜Gigabyte Control Center - Arbitrary File Write

Gigabyte Control Center developed by GIGABYTE has an Arbitrary File Write vulnerability. When the pairing feature is enabled, unauthenticated remote attackers can write arbitrary files to any location on the underlying operating system, leading to arbitrary code execution or privilege escalation...

CVE-2026-2602

The Twentig plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'featuredImageSizeWidth' parameter in versions up to, and including, 1.9.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level...

PT-2026-29029

Multiple stored cross-site scripting XSS vulnerabilities in the Edit feature of the Software Package List page of IngEstate Server v11.14.0 allow attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the About application, What's news, or Release note parameters...

CVE-2026-30082

Multiple stored cross-site scripting XSS vulnerabilities in the Edit feature of the Software Package List page of IngEstate Server v11.14.0 allow attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the About application, What's news, or Release note parameters...

Label-Efficient Training Updates for Malware Detection over Time

Machine Learning ML-based detectors are becoming essential to counter the proliferation of malware. However, common ML algorithms are not designed to cope with the dynamic nature of real-world settings, where both legitimate and malicious software evolve. This distribution drift causes models...

CVE-2026-30082

Multiple stored cross-site scripting XSS vulnerabilities in the Edit feature of the Software Package List page of IngEstate Server v11.14.0 allow attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the About application, What's news, or Release note parameters...

CVE-2026-30082

CVE-2026-30082 describes multiple stored cross-site scripting (XSS) vulnerabilities in the Edit feature of the Software Package List page of IngEstate Server v11.14.0 . The issue allows an attacker to inject crafted payloads via the About application, What’s new, or Release note parameters to exe...

CVE-2026-30082

Multiple stored cross-site scripting XSS vulnerabilities in the Edit feature of the Software Package List page of IngEstate Server v11.14.0 allow attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the About application, What's news, or Release note parameters...

Linux Distros Unpatched Vulnerability : CVE-2026-27876

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A chained attack via SQL Expressions and a Grafana Enterprise plugin can lead to a remote arbitrary code execution impact RCE. This is enabled by a feature in...

Exploit for Code Injection in Openwebui Open_Webui

CVE-2026-0766: OpenWebUI Remote Code Execution Educational...

[SECURITY] Fedora 43 Update: bcftools-1.23.1-1.fc43

BCFtools is a set of utilities that manipulate genomic variant calls in the Variant Call Format VCF and its binary counterpart BCF. All commands work transparently with both VCFs and BCFs, both uncompressed and BGZF-compressed. This BCFtools includes the polysomy subcommand, which is implemented...

[SECURITY] Fedora 44 Update: bcftools-1.23.1-1.fc44

BCFtools is a set of utilities that manipulate genomic variant calls in the Variant Call Format VCF and its binary counterpart BCF. All commands work transparently with both VCFs and BCFs, both uncompressed and BGZF-compressed. This BCFtools includes the polysomy subcommand, which is implemented...

Context-Aware Phishing Email Detection Using Machine Learning and NLP

Phishing attacks remain among the most prevalent cybersecurity threats, causing significant financial losses for individuals and organizations worldwide. This paper presents a machine learning-based phishing email detection system that analyzes email body content using natural language processing...

CVE-2026-27880

A flaw was found in Grafana. A remote attacker can exploit the feature toggle evaluation endpoint by sending unbounded values, causing the system to read excessive data into memory. This can lead to out-of-memory crashes, resulting in a Denial of Service DoS for the affected service. Mitigation...

CVE-2026-33955 Notesnook vulnerable to RCE via stored XSS in Note History diff viewer

Notesnook is a note-taking app. Prior to version 3.3.11 on Web/Desktop, a cross-site scripting vulnerability stored in the note history comparison viewer can escalate to remote code execution in a desktop application. The issue is triggered when an attacker-controlled note header is displayed usi...

CVE-2026-33955 Notesnook vulnerable to RCE via stored XSS in Note History diff viewer

Notesnook is a note-taking app. Prior to version 3.3.11 on Web/Desktop, a cross-site scripting vulnerability stored in the note history comparison viewer can escalate to remote code execution in a desktop application. The issue is triggered when an attacker-controlled note header is displayed usi...

EUVD-2026-16872

Notesnook is a note-taking app. Prior to version 3.3.11 on Web/Desktop, a cross-site scripting vulnerability stored in the note history comparison viewer can escalate to remote code execution in a desktop application. The issue is triggered when an attacker-controlled note header is displayed usi...