CVE-2026-7344

creationtimestamp| type| source ---|---|--- 2026-04-28 20:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities20260429 2026-04-29 00:51:06+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mkluz3q2ea2c 2026-04-29 01:30:27+00:00| seen|...

CVE-2026-42167

creationtimestamp| type| source ---|---|--- 2026-04-28 15:00:17+00:00| seen| Telegram/H01iEvXyQvFt3BKrUWEkrM93zs5xMaOZIzFsw2eb4Vo29b0 2026-04-28 21:00:04+00:00| published-proof-of-concept| Telegram/eS6PVxYAnM0JrA3WVLfUd-acXUZbhqPWuOh5cENwecmTOw 2026-04-29 00:02:19+00:00| seen|...

CVE-2026-7243

creationtimestamp| type| source ---|---|--- 2026-04-28 12:30:32+00:00| seen| https://infosec.exchange/users/offseq/statuses/116482338362194303 2026-04-28 12:30:33+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mkklmuu4fh26...

Why Unofficial Download Sources Are Still a Security Risk in 2026

Security Risk in 2026: why unofficial download sources still put users at risk, and how to verify safe, official install paths before installing software...

CVE-2026-7244

creationtimestamp| type| source ---|---|--- 2026-04-28 11:00:39+00:00| seen| https://infosec.exchange/users/offseq/statuses/116481984920066984 2026-04-28 11:00:40+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mkkgm5kchn2j...

The Role of Aggregated Liquidity in Modern Crypto Markets

Aggregated liquidity improves crypto trading by combining multiple sources, offering better rates, deeper markets, and more reliable execution across assets...

CVE-2026-7248

creationtimestamp| type| source ---|---|--- 2026-04-28 09:30:32+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mkkbkxvuui2o 2026-04-28 09:30:35+00:00| seen| https://infosec.exchange/users/offseq/statuses/116481630491966753 2026-04-28 11:14:03+00:00| seen|...

GHSA-3CH2-JXXC-V4XF

creationtimestamp| type| source ---|---|--- 2026-04-28 04:41:41+00:00| seen| https://gist.github.com/beejak/c190bcb8f8b76e8b2200faef11e807d6 2026-04-28 05:20:25+00:00| seen| https://gist.github.com/beejak/235d9793985eef4870d4d4fe221cc6fe...

VMware Spring Boot 安全特征问题漏洞

VMware Spring Boot is an open-source framework developed by the American company VMware. There are security vulnerabilities in versions 4.0.0 to 4.0.5, 3.5.0 to 3.5.13, 3.4.0 to 3.4.15, 3.3.0 to 3.3.18, and 2.7.0 to 2.7.32 of VMware Spring Boot. These vulnerabilities stem from the use of random...

JLSEC-2026-250 Issue summary: Checking excessively long DSA keys or parameters may be very slow. Impact summary...

Issue summary: Checking excessively long DSA keys or parameters may be very slow. Impact summary: Applications that use the functions EVPPKEYparamcheck or EVPPKEYpubliccheck to check a DSA public key or DSA parameters may experience long delays. Where the key or parameters that are being checked...

JLSEC-2026-246 Issue summary: Checking excessively long invalid RSA public keys may take a long time. Impact...

Issue summary: Checking excessively long invalid RSA public keys may take a long time. Impact summary: Applications that use the function EVPPKEYpubliccheck to check RSA public keys may experience long delays. Where the key that is being checked has been obtained from an untrusted source this may...

CVE-2026-7081

creationtimestamp| type| source ---|---|--- 2026-04-27 06:00:28+00:00| seen| https://infosec.exchange/users/offseq/statuses/116475142309509367 2026-04-27 06:00:30+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mkhfeiid2z2m 2026-05-27 15:07:07+00:00| seen|...

CVE-2026-7082

creationtimestamp| type| source ---|---|--- 2026-04-27 04:30:28+00:00| seen| https://infosec.exchange/users/offseq/statuses/116474788419965715 2026-04-27 04:30:30+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mkhadknlfc23 2026-04-30 16:37:08+00:00| seen|...

Vulnerability Identification by Harnessing Inter-Connected Multi-Source Information

The utilization of third-party open-source libraries is widespread in modern software development. Due to the dependency relationships, vulnerabilities within open-source libraries pose significant security threats to downstream software. However, the library vulnerabilities are usually implicitl...

CVE-2026-7028

creationtimestamp| type| source ---|---|--- 2026-04-26 09:00:29+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mkf6xfb75r2c 2026-04-26 09:00:29+00:00| seen| https://infosec.exchange/users/offseq/statuses/116470187694877186...

CVE-2026-42255

creationtimestamp| type| source ---|---|--- 2026-04-26 04:30:28+00:00| seen| https://infosec.exchange/users/offseq/statuses/116469126078662586 2026-04-26 04:30:30+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mkepumtra62y...

CVE-2026-6992

creationtimestamp| type| source ---|---|--- 2026-04-26 00:00:40+00:00| seen| https://infosec.exchange/users/offseq/statuses/116468065185354062 2026-04-26 00:00:42+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mkeas6tx2z2j...

CVE-2026-7020

creationtimestamp| type| source ---|---|--- 2026-04-25 19:00:11+00:00| published-proof-of-concept| Telegram/nKEyw9MjoGdomWTZ3S8SlTvKWSYFHtmZQZAzmqMnPOrvSyM 2026-04-25 21:00:05+00:00| published-proof-of-concept| Telegram/i724dyswVXMowZfrYp7dzckzTfB5Kjt1pPkquGXPc1QA0 2026-04-26 15:00:06+00:00|...

CVE-2026-41314

A flaw was found in pypdf, a pure-Python PDF library. An attacker can exploit this vulnerability by crafting a malicious PDF file that accesses an image using /FlateDecode with large size values. This can lead to memory exhaustion, resulting in a Denial of Service DoS for the system processing th...

CVE-2026-29050

melange allows users to build apk packages using declarative pipelines. Starting in version 0.32.0 and prior to version 0.43.4, an attacker who can influence a melange configuration file — for example through pull-request-driven CI or build-as-a-service scenarios — could set pipeline.uses to a...