CVE-2026-8187

A flaw has been found in Open5GS up to 2.7.7. This impacts the function gtpv1urecvcb of the file src/upf/gtp-path.c of the component UPF. Executing a manipulation can lead to resource consumption. The attack may be performed from remote. The project was informed of the problem early through an...

CVE-2026-8249 Open5GS SMF npcf-handler.c update_authorized_pcc_rule_and_qos denial of service

A flaw has been found in Open5GS up to 2.7.7. The impacted element is the function updateauthorizedpccruleandqos of the file /src/smf/npcf-handler.c of the component SMF. This manipulation causes denial of service. Remote exploitation of the attack is possible. The exploit has been published and...

CVE-2026-42661

creationtimestamp| type| source ---|---|--- 2026-05-08 13:33:06+00:00| seen| https://bsky.app/profile/atomicedge.bsky.social/post/3mldtrx27dz2s...

EUVD-2026-28472

A security flaw has been discovered in gyoridavid short-video-maker up to 1.3.4. This affects an unknown part of the file src/server/routers/rest.ts of the component REST API. The manipulation of the argument req.params.tmpFile results in path traversal. The attack can be launched remotely. The...

PT-2026-39153

An issue was discovered in 6.0 before 6.0.5 and 5.2 before 5.2.14. Response headers do not vary on cookies if a session is not modified, but SESSION SAVE EVERY REQUEST is True. A remote attacker can steal a user's session after that user visits a cached public page. Earlier, unsupported Django...

WordPress bunny.net plugin <= 2.3.6 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by NumeX in WordPress Plugin bunny.net versions = 2.3.6...

CVE-2026-43534

creationtimestamp| type| source ---|---|--- 2026-05-05 13:07:49+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ml4axy3e6a2n 2026-05-05 17:59:54+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3ml4rcaoglm2z 2026-05-24 23:37:06+00:00| seen|...

Astra Linux - уязвимость в webkit2gtk

The issue has been addressed through improved checks. This issue is fixed in iOS 16.6, iPadOS 16.6, Safari 16.5.2, tvOS 16.6, macOS Ventura 13.5, and watchOS 9.6. Processing web content may lead to arbitrary code execution. Apple is aware of a report indicating that this issue may have been...

Astra Linux - уязвимость в webkit2gtk

A type confusion issue has been addressed through improved checks. This issue is fixed in iOS 15.7.4 and iPadOS 15.7.4, iOS 16.3.1 and iPadOS 16.3.1, macOS Ventura 13.2.1, and Safari. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that...

Astra Linux - уязвимость в webkit2gtk

The issue was addressed with improved bounds checks. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.8 and iPadOS 15.7.8, Safari 16.5, iOS 16.5 and iPadOS 16.5. A remote attacker may be able to break out of Web Content sandbox. Apple is aware of a report that this issu...

Astra Linux - уязвимость в webkit2gtk

A memory management issue related to “use after free” operations has been addressed through improved memory management practices. This issue is fixed in macOS Monterey 12.2.1, iOS 15.3.1, and iPadOS 15.3.1, as well as Safari 15.3 versions 16612.4.9.1.8 and 15612.4.9.1.8. Processing maliciously...

PT-2026-35574

A vulnerability was identified in duartium papers-mcp-server 9ceb3812a6458ba7922ca24a7406f8807bc55598. Impacted is the function search papers of the file src/main.py. Such manipulation of the argument topic leads to path traversal. The attack may be launched remotely. The exploit is publicly...

CVE-2026-6357

creationtimestamp| type| source ---|---|--- 2026-04-27 20:57:33+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mkixil2wqr2j 2026-05-07 12:00:58+00:00| seen| https://bsky.app/profile/lambdawatchdog.bsky.social/post/3mlb66cgbnt23...

EUVD-2026-25734

A flaw has been found in AgentDeskAI browser-tools-mcp up to 1.2.0. This issue affects some unknown processing of the file browser-tools-server/browser-connector.ts. Executing a manipulation can lead to os command injection. The attack may be performed from remote. The exploit has been published...

CVE-2026-6599

creationtimestamp| type| source ---|---|--- 2026-04-20 08:12:44+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjvzijquam2v...

CVE-2026-40487

creationtimestamp| type| source ---|---|--- 2026-04-18 03:13:31+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjqhtmq72h2f 2026-04-18 03:16:49+00:00| seen| Telegram/pg0pMMwJv5FTHbXxc3MO00N2B5ehQq9biiv2KNNNK0Va5Yk 2026-05-03 11:00:04+00:00| seen| https://t.me/GithubRedTeam/82615...

Microsoft Visual Studio Products (April 2026)

The Microsoft Visual Studio Products are missing security updates. It is, therefore, affected by multiple vulnerabilities: - Stack-based buffer overflow in .NET and Visual Studio allows an unauthorized attacker to deny service over a network. CVE-2026-32203 - Improper neutralization of special...

CVE-2026-39422

creationtimestamp| type| source ---|---|--- 2026-04-14 04:39:23+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjgkripynq2m...

CVE-2026-6106

creationtimestamp| type| source ---|---|--- 2026-04-12 00:02:44+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjb2eweuut2k 2026-04-12 01:30:30+00:00| seen| https://infosec.exchange/users/offseq/statuses/116389146135516653 2026-04-12 01:30:41+00:00| seen|...

CVE-2026-34477

creationtimestamp| type| source ---|---|--- 2026-04-10 15:45:00+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mj5o3zfi6q26 2026-05-13 16:36:23+00:00| seen| https://gist.github.com/ppkarwasz/53b0a3c07a9e44aa945726138f67d11c...