EUVD-2026-10561

OneUptime has Synthetic Monitor RCE via exposed Playwright browser object...

Siemens SINEC Security Monitor 安全漏洞

SINEC Security Monitor is a modular network security software for passive, non-intrusive, continuous network security monitoring during production at customer premises. Siemens SINEC Security Monitor suffers from an information disclosure vulnerability that can be exploited by attackers to obtain...

Siemens SINEC Security Monitor Information Disclosure Vulnerability

SINEC Security Monitor is a modular network security software for passive, non-intrusive, continuous network security monitoring during production at customer premises. Siemens SINEC Security Monitor suffers from an information disclosure vulnerability that can be exploited by attackers to obtain...

PT-2026-24226

A vulnerability has been identified in SINEC Security Monitor All versions V4.9.0. The affected application leaks confidential information in metadata, and files such as information on contributors and email address, on SSM Server...

PT-2026-24190

Name of the Vulnerable Software and Affected Versions OneUptime versions prior to 10.0.21 Description OneUptime Synthetic Monitors allow a low-privileged authenticated project user to execute arbitrary commands on the oneuptime-probe server/container. The root cause is that untrusted Synthetic...

CVE-2026-30921 OneUptime Synthetic Monitor RCE via exposed Playwright browser object

OneUptime is a solution for monitoring and managing online services. Prior to 10.0.20, OneUptime Synthetic Monitors allow low-privileged project users to submit custom Playwright code that is executed on the oneuptime-probe service. In the current implementation, this untrusted code is run inside...

CVE-2026-30921

OneUptime has a server-side RCE in Synthetic Monitors prior to version 10.0.20: untrusted user-provided Playwright code runs inside the oneuptime-probe VM with live Playwright objects (browser/page) injected, allowing an attacker to call browser.browserType().launch() and spawn arbitrary executab...

CVE-2026-28469

OpenClaw versions prior to 2026.2.14 contain a webhook routing vulnerability in the Google Chat monitor component that allows cross-account policy context misrouting when multiple webhook targets share the same HTTP path. Attackers can exploit first-match request verification semantics to process...

CVE-2026-27728

OneUptime is a solution for monitoring and managing online services. Prior to version 10.0.7, an OS command injection vulnerability in NetworkPathMonitor.performTraceroute allows any authenticated project user to execute arbitrary operating system commands on the Probe server by injecting shell...

SUSE-SU-2026:20682-1 Security update for ucode-intel

This update for ucode-intel fixes the following issues: - Intel CPU Microcode was updated to the 20260210 release bsc1258046: - CVE-2024-24853: Updated fix for incorrect behavior order in transition between executive monitor and SMI transfer monitor STM in some IntelR Processor may allow a...

CVE-2026-29127

The IDC SFX2100 Satellite Receiver sets overly permissive file system permissions on the monitor user's home directory. The directory is configured with permissions 0777, granting read, write, and execute access to all local users on the system, which may cause local privilege escalation dependin...

CVE-2026-29124

Multiple SUID root-owned binaries are found in /home/monitor/terminal, /home/monitor/kore-terminal, /home/monitor/IDE-DPack/terminal-dpack, and /home/monitor/IDE-DPack/terminal-dpack2 in International Data Casting IDC SFX2100 Satellite Receiver, which may lead to local privlidge escalation from t...

CVE-2026-28469

OpenClaw versions prior to 2026.2.14 contain a webhook routing vulnerability in the Google Chat monitor component that allows cross-account policy context misrouting when multiple webhook targets share the same HTTP path. Attackers can exploit first-match request verification semantics to process...

CVE-2026-28469

OpenClaw versions prior to 2026.2.14 contain a webhook routing vulnerability in the Google Chat monitor component that allows cross-account policy context misrouting when multiple webhook targets share the same HTTP path. Attackers can exploit first-match request verification semantics to process...

CVE-2026-28469

OpenClaw versions prior to 2026.2.14 contain a webhook routing vulnerability in the Google Chat monitor component that allows cross-account policy context misrouting when multiple webhook targets share the same HTTP path. Attackers can exploit first-match request verification semantics to process...

CVE-2026-28469

OpenClaw contains a webhook routing vulnerability in the Google Chat monitor component (extensions/googlechat/src/monitor.ts) that allows cross-account policy context misrouting when multiple webhook targets share the same HTTP path. The issue arises because the system uses first-match request ve...

How a Music Streaming CEO Built an Open-Source Global Threat Map in His Spare Time

Frustrated by fragmented war news, Anghami’s Elie Habib built World Monitor, a platform that fuses global data, like aircraft signals and satellite detections, to track conflicts as they unfold...

CVE-2026-28776

International Datacasting Corporation IDC SFX Series SuperFlex SatelliteReceiver contains hardcoded credentials for the monitor account. A remote unauthenticated attacker can use these trivial, undocumented credentials to access the system via SSH. While initially dropped into a restricted shell,...

EUVD-2026-9523

The IDC SFX2100 Satellite Receiver sets overly permissive file system permissions on the monitor user's home directory. The directory is configured with permissions 0777, granting read, write, and execute access to all local users on the system, which may cause local privilege escalation dependin...

EUVD-2026-9516

Multiple SUID root-owned binaries are found in /home/monitor/terminal, /home/monitor/kore-terminal, /home/monitor/IDE-DPack/terminal-dpack, and /home/monitor/IDE-DPack/terminal-dpack2 in International Data Casting IDC SFX2100 Satellite Receiver, which may lead to local privlidge escalation from t...