Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

4 matches found

NVD
NVDadded yesterday5 views

CVE-2026-56772

NewsBlur before 14.5.0 contains a broken access control vulnerability that allows authenticated users to read private notification feeds by supplying arbitrary userid values to the GET /social/interactions endpoint without ownership verification. Attackers can enumerate userid values to access...

5.3CVSS
Exploits0References3
CVE
CVEadded yesterday5 views

CVE-2026-56772

NewsBlur

5.3CVSS6AI score
Exploits0References3
CVE
CVEadded yesterday5 views

CVE-2026-56771

NewsBlur prior to 14.5.0 is affected by an SSRF in the add_url endpoint. The issue lets authenticated users trigger arbitrary server requests to internal networks by failing to filter private IPs, potentially reaching localhost services and cloud metadata endpoints. This enables internal network ...

8.5CVSS6AI score
Exploits0References4
HackRead
HackReadadded 2021/06/28 4:17 p.m.38 views

Hacker wipes out database of RSS newsreader service NewsBlur

By Deeba Ahmed Personal newsreader NewsBlur service has been restored after a hacker wiped out MongoDB data that was exposed to public access. This is a post from HackRead.com Read the original post: Hacker wipes out database of RSS newsreader service NewsBlur...

3.2AI score
Exploits0
Rows per page
Query Builder