CVE-2026-41586

creationtimestamp| type| source ---|---|--- 2026-04-22 12:54:53+00:00| published-proof-of-concept| https://github.com/hyperledger/fabric/security/advisories/GHSA-prf8-cf2x-rhx7 2026-04-22 12:54:53+00:00| published-proof-of-concept|...

CVE-2026-41245

A flaw was found in Junrar, an open-source Java RAR archive library. A path traversal vulnerability in the LocalFolderExtractor allows a remote attacker to write arbitrary files with attacker-controlled content into sibling directories. This occurs when a specially crafted RAR archive is extracte...

CVE-2026-4119

creationtimestamp| type| source ---|---|--- 2026-04-22 09:00:28+00:00| seen| https://infosec.exchange/users/offseq/statuses/116447538532151230 2026-04-22 09:00:30+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mk353qm3xy2m 2026-04-22 11:16:16+00:00| published-proof-of-concept|...

CVE-2017-20230

creationtimestamp| type| source ---|---|--- 2026-04-22 01:24:36+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mk2dmksft72e 2026-04-22 01:29:37+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mk2dvjwak62b 2026-04-22 16:15:34+00:00| seen|...

PT-2026-34524

DDEV is an open-source tool for running local web development environments for PHP and Node.js. Versions prior to 1.25.2 have unsanitized extraction in both Untar and Unzip functions in pkg/archive/archive.go. Downloads and extracts archives from remote sources without path validation. Version...

CVE-2026-33748

BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. Prior to version 0.28.1, insufficient validation of Git URL fragment subdir components may allow access to files outside the checked-out Git repository root. Possible access is...

UBUNTU-CVE-2026-33748

BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. Prior to version 0.28.1, insufficient validation of Git URL fragment subdir components may allow access to files outside the checked-out Git repository root. Possible access is...

CVE-2026-41445

creationtimestamp| type| source ---|---|--- 2026-04-20 18:29:07+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjx3wojlct2k 2026-04-20 18:46:57+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mjx4wm5a4s2z 2026-04-20 21:22:08+00:00| seen|...

CVE-2026-25524

creationtimestamp| type| source ---|---|--- 2026-04-20 18:14:06+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjx33qbzqp2e 2026-04-20 19:11:48+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mjx6cxu2zf2t 2026-04-20 21:21:58+00:00| seen|...

CVE-2026-24467

creationtimestamp| type| source ---|---|--- 2026-04-20 17:21:45+00:00| seen| Telegram/7kKxZY5KjVtNNq82uAZn6qPfMFkWsKJQXsAec31tFmY88 2026-04-20 18:09:02+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjx2srud322i 2026-04-20 18:50:23+00:00| seen|...

CVE-2026-5265

creationtimestamp| type| source ---|---|--- 2026-04-20 16:12:58+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mjwudarxe22v 2026-04-20 16:23:01+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mjwuv7lkt72h...

CVE-2026-6629

creationtimestamp| type| source ---|---|--- 2026-04-20 12:05:12+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjwgi72x5m2r 2026-04-20 13:16:52+00:00| published-proof-of-concept| Telegram/7GNSW27Y2N6zMsJzLht94-sDuqQRdO09nNnVciVhTSt0Y 2026-04-20 13:21:17+00:00| seen|...

Nginx UI 安全漏洞

Nginx UI is a web interface for Nginx developed by Jacky. Versions of Nginx UI prior to 2.3.5 contained security vulnerabilities. These vulnerabilities stemmed from WebSocket endpoints that did not validate sources and an insecure storage of authentication tokens, which could lead to cross-site...

CVE-2026-6574

creationtimestamp| type| source ---|---|--- 2026-04-19 15:00:14+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mju7sa6ety2v 2026-04-19 15:00:15+00:00| seen| https://infosec.exchange/users/offseq/statuses/116431966121032331 2026-04-19 15:15:14+00:00| seen|...

CVE-2026-6573

creationtimestamp| type| source ---|---|--- 2026-04-19 13:30:30+00:00| seen| https://infosec.exchange/users/offseq/statuses/116431613406912291 2026-04-19 13:30:32+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mju2rtiq652p 2026-04-19 13:32:52+00:00| seen|...

CVE-2026-6569

creationtimestamp| type| source ---|---|--- 2026-04-19 12:45:12+00:00| seen| https://bsky.app/profile/postac001.bsky.social/post/3mjtyaskb5q23 2026-04-19 13:15:22+00:00| seen| Telegram/YgXeijrZB5WsTpBElNL5GhGy2ztSUOfDhY0-ECDYQWHxtTM 2026-04-19 13:52:54+00:00| seen|...

CVE-2026-6570

creationtimestamp| type| source ---|---|--- 2026-04-19 12:00:30+00:00| seen| https://infosec.exchange/users/offseq/statuses/116431259439926433 2026-04-19 12:00:31+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mjtvqumily26 2026-04-19 13:47:53+00:00| seen|...

CVE-2026-6562

creationtimestamp| type| source ---|---|--- 2026-04-19 09:29:21+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjtncmbgsm2v 2026-04-19 09:41:58+00:00| seen| https://bsky.app/profile/postac001.bsky.social/post/3mjtnz5tr6h2e 2026-04-19 11:15:54+00:00| published-proof-of-concept|...

CVE-2026-24749

The Silverstripe Assets Module is a required component of Silverstripe Framework. In versions prior to 2.4.5 and 3.0.0-rc1 through 3.1.2, images rendered in templates or otherwise accessed via DBFile::getURL or DBFile::getSourceURL incorrectly add an access grant to the current session, which...

CVE-2026-6518

creationtimestamp| type| source ---|---|--- 2026-04-18 06:48:40+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjqtueebpf26 2026-04-18 07:01:11+00:00| seen| https://bsky.app/profile/postac001.bsky.social/post/3mjqukpruc52v 2026-04-18 07:16:24+00:00| seen|...