MINI-XC2R-7V63-J4CX

Bulletin has no description...

MINI-6Q27-3PQQ-VVP2

Bulletin has no description...

CVE-2025-12694

A local privilege escalation vulnerability exists in Forcepoint VPN Client that allows a local non-administrative user to escalate privileges to SYSTEM. This issue affects VPN Client for Windows: versions 6.11.3 and prior...

EUVD-2025-210063

A local privilege escalation vulnerability exists in Forcepoint VPN Client that allows a local non-administrative user to escalate privileges to SYSTEM. This issue affects VPN Client for Windows: versions 6.11.3 and prior...

CVE-2025-12694 Local Privilege Escalation in VPN Client

A local privilege escalation vulnerability exists in Forcepoint VPN Client that allows a local non-administrative user to escalate privileges to SYSTEM. This issue affects VPN Client for Windows: versions 6.11.3 and prior...

CVE-2025-12694

A local privilege escalation vulnerability exists in Forcepoint VPN Client that allows a local non-administrative user to escalate privileges to SYSTEM. This issue affects VPN Client for Windows: versions 6.11.3 and prior...

MINI-J73M-3PJR-24HV

Bulletin has no description...

MINI-22CM-JR63-CG4R

Bulletin has no description...

WordPress ARMember Premium – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup plugin <= 7.3.1 - Authenticated (Subscriber+) SQL Injection vulnerability

Authenticated Subscriber+ SQL Injection vulnerability discovered by h0xilo in WordPress Plugin ARMember Premium versions = 7.3.1...

CVE-2026-49189

creationtimestamp| type| source ---|---|--- 2026-06-04 07:30:29+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mnh44fcjsw2f 2026-06-04 07:30:37+00:00| seen| https://infosec.exchange/users/offseq/statuses/116690663960529131 2026-06-04 07:43:12+00:00| seen|...

CVE-2026-49185

creationtimestamp| type| source ---|---|--- 2026-06-04 04:30:27+00:00| seen| https://infosec.exchange/users/offseq/statuses/116689956169057665 2026-06-04 04:30:29+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mngs2jmfpk2q 2026-06-04 06:54:06+00:00| seen|...

CVE-2026-41858

creationtimestamp| type| source ---|---|--- 2026-06-04 04:00:49+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mngqfhddhf25 2026-06-04 06:34:39+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mngyykjnwv2p 2026-06-04 07:26:16+00:00| seen|...

CVE-2026-41860

creationtimestamp| type| source ---|---|--- 2026-06-04 03:20:28+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mngo5dkpkj2f 2026-06-04 04:00:33+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mngqeycd7q2k 2026-06-04 09:07:08+00:00| seen|...

Security Bulletin: Due to use of js-yaml-4.1.0.tgz, IBM Sterling Connect:Direct Web Services is affected by modify the prototype of the result of a parsed yaml.

Summary js-yaml-4.1.0.tgz is used by IBM Sterling Connect:Direct Web Services CVE-2025-64718. Vulnerability Details CVEID:CVE-2025-64718 DESCRIPTION: js-yaml is a JavaScript YAML parser and dumper. In js-yaml before 4.1.1 and 3.14.2, it's possible for an attacker to modify the prototype of the...

[SECURITY] Fedora 43 Update: libsoup3-3.6.6-3.fc43

Libsoup is an HTTP library implementation in C. It was originally part of a SOAP Simple Object Access Protocol implementation called Soup, but the SOAP and non-SOAP parts have now been split into separate packages. libsoup uses the Glib main loop and is designed to work well with GTK applications...

traefik -- Multiple vulnerabilities

The traefik project releases a new version addressing multiple CVEs: CVE-2026-48020 StripPrefix Route-Level Auth Bypass CVE-2026-48491 SNICheck ignores wildcard TLSOptions mappings, allowing domain-fronted mTLS bypass HTTP/3 mTLS bypass via exact SNI TLSOptions lookup for wildcard and mixed-case...

PT-2026-46182

A local privilege escalation vulnerability exists in Forcepoint VPN Client that allows a local non-administrative user to escalate privileges to SYSTEM. This issue affects VPN Client for Windows: versions 6.11.3 and prior...

VulnCheck KEV: CVE-2026-5073

The ARMember Premium plugin for WordPress is vulnerable to SQL Injection via the 'order' parameter of the 'armdirectorypagingaction' AJAX action in all versions up to, and including, 7.3.1. This is due to insufficient escaping on the user-supplied 'order' and 'orderby' parameters and the lack of...

HTML::Parser 安全漏洞

HTML::Parser is a tool for parsing HTML documents and separating markup from content, developed as open source by libwww-perl. Versions of HTML::Parser prior to 3.84 contained security vulnerabilities. These vulnerabilities stemmed from the XS routine’s cache pointing to the SV pointer in the...

Froxlor 安全漏洞

Froxlor is a set of lightweight server management software developed by the Froxlor team. Version 2.3.6 of Froxlor contains a security vulnerability. This vulnerability stems from the fact that the FTP account processing program does not enforce a shell whitelist, which may allow arbitrary shell...