UBUNTU-CVE-2026-3388

A vulnerability was found in Squirrel up to 3.2. This affects the function SQCompiler::Factor/SQCompiler::UnaryOP of the file squirrel/sqcompiler.cpp. Performing a manipulation results in uncontrolled recursion. The attack needs to be approached locally. The exploit has been made public and could...

IBM: SQL Injection vulnerability found on ibm.com endpoint

A SQL injection vulnerability was found on an ibm.com endpoint. The vulnerability was reported to IBM, analyzed, and remediated...

Roblox gives predators “powerful tools” to target children, says LA County

Los Angeles County has sued online gaming company Roblox, adding to a series of suits that accuse the virtual worlds platform of misleading parents into thinking it's safe while leaving children exposed to predators and sexually explicit content. The February 19 filing makes LA County the first...

WordPress Tablesome plugin <= 1.2.3 - SQL Injection vulnerability

SQL Injection vulnerability discovered by daroo in WordPress Plugin Tablesome versions = 1.2.3...

WordPress iXML - Google XML sitemap generator plugin <= 0.6 - Reflected Cross-Site Scripting via 'iXML_email' Parameter vulnerability

WordPress iXML - Google XML sitemap generator plugin = 0.6 - Reflected Cross-Site Scripting via 'iXMLemail' Parameter vulnerability discovered by johska in WordPress Plugin iXML versions = 0.6...

CVE-2026-2997

creationtimestamp| type| source ---|---|--- 2026-02-23 01:49:00+00:00| seen| https://www.twcert.org.tw/en/cp-139-10721-276b6-2.html...

`rpc-check` was removed from crates.io for malicious code

It was attempting to steal credentials from the POLYMARKETPRIVATEKEY environment variable. The malicious crate had 3 versions published on 2026-02-15 and had been downloaded only 155 times. There were no crates depending on this crate on crates.io. Thanks to Sisong Li for finding and reporting th...

CVE-2025-33252

creationtimestamp| type| source ---|---|--- 2026-02-18 14:18:12+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mf5bhtpgd72s 2026-02-18 14:18:39+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mf5bio2fvx2s...

PT-2026-8348

A flaw has been found in GeekAI up to 4.2.4. The affected element is the function Download of the file api/handler/net handler.go. This manipulation of the argument url causes server-side request forgery. Remote exploitation of the attack is possible. The exploit has been published and may be use...

CVE-2026-21527

creationtimestamp| type| source ---|---|--- 2026-02-10 17:30:28+00:00| seen| https://www.thezdi.com/blog/2026/2/10/the-february-2026-security-update-review 2026-02-12 05:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-26-082/ 2026-02-13 04:55:23+00:00| seen|...

GHSA-88QH-CPHV-996C

creationtimestamp| type| source ---|---|--- 2026-02-05 03:10:06+00:00| seen| https://gist.github.com/alon710/d61e988d3abea6933e5eb5c34dd5a0ec...

WordPress KiviCare plugin <= 3.6.16 - SQL Injection vulnerability

SQL Injection vulnerability discovered by alakinnn in WordPress Plugin KiviCare versions = 3.6.16...

CVE-2025-71180

creationtimestamp| type| source ---|---|--- 2026-01-31 14:26:11+00:00| seen| https://infosec.exchange/users/vuldb/statuses/115990172209554146 2026-03-19 00:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/ 2026-04-02 17:00:00+00:00| seen|...

Azure Linux 3.0 Security Update: kernel (CVE-2025-38173)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38173 advisory. - In the Linux kernel, the following vulnerability has been resolved: crypto: marvell/cesa - Handle zero- leng...

CVE-2025-49342

creationtimestamp| type| source ---|---|--- 2026-01-20 20:33:52+00:00| seen| Telegram/keysXW7hEKYIw15QdawfQpLvMANk1Gh5H-G6lI8-hSBN1c...

CVE-2025-54718

creationtimestamp| type| source ---|---|--- 2026-01-20 20:11:47+00:00| seen| Telegram/Dq8idxvfZe5fhzXxSGOIklyuUdW9GuQzRcuXaJIrodTXq4...

CVE-2026-1173

A vulnerability was found in birkir prime up to 0.4.0.beta.0. The impacted element is an unknown function of the file /graphql of the component GraphQL Array Based Query Batch Handler. The manipulation results in denial of service. The attack can be executed remotely. The exploit has been made...

CVE-2020-28975

creationtimestamp| type| source ---|---|--- 2026-01-19 00:13:20+00:00| seen| https://gist.github.com/konard/65ced3fd74042bf5ba0737f60d57d145 2026-01-19 00:16:42+00:00| seen| https://gist.github.com/konard/ed57bdf6f23e9388249c3e81f52a7d40 2026-01-19 00:16:50+00:00| seen|...

CVE-2025-15531

A vulnerability was identified in Open5GS up to 2.7.5. This vulnerability affects the function sgwcbeareradd of the file src/sgwc/context.c. The manipulation leads to reachable assertion. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. The...

CVE-2026-22816

creationtimestamp| type| source ---|---|--- 2026-01-17 01:53:07+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mcliw3rlqm2i...