3928 matches found
Microweber Information Disclosure
Microweber contains a vulnerability that allows exposure of sensitive information to an unauthorized actor in Packagist microweber/microweber prior to 1.2.11. id: CVE-2022-0281 info: name: Microweber Information Disclosure author: pikpikcu severity: high description: Microweber contains a...
CVE-2026-48028 Mastodon: Removal of integrity-protected JSON entries from signed activities
Mastodon is a free, open-source social network server based on ActivityPub. Prior to 4.5.10, 4.4.17, and 4.3.23, Mastodon's normalization of incoming activities signed with Linked-Data Signatures does not sufficiently protect the activities from a certain class of spoofing, allowing threat actors...
New OXLOADER Loader Uses Malicious Google Ads to Deliver CastleStealer
Cybersecurity researchers have disclosed details of a new campaign that delivers CastleStealer by means of a previously unreported malware loader dubbed OXLOADER. According to Elastic Security Labs, the campaign leverages malicious Google Ads as a starting point to distribute the malware. Evidenc...
EUVD-2026-37957
Exposure of sensitive information to an unauthorized actor in Cost Management Interactive Experiences allows an unauthorized attacker to disclose information over a network...
PT-2026-50799
Name of the Vulnerable Software and Affected Versions Cost Management Interactive Experiences affected versions not specified Description Exposure of sensitive information in Cost Management Interactive Experiences allows an unauthorized attacker to disclose information over a network...
CVE-2026-45594
Exposure of sensitive information to an unauthorized actor in Windows Application Identity AppID Subsystem allows an authorized attacker to disclose information locally...
CVE-2026-48855
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Erlang OTP ssh sshsftpd module allows File Discovery. The SSHFXPREADLINK handler in sshsftpd sends the raw result of file:readlink/2 to the client without calling chrootfilename/2 to strip the backend root prefix. An...
EUVD-2026-35529
Exposure of sensitive information to an unauthorized actor in Windows NTLM allows an unauthorized attacker to perform spoofing over a network...
CVE-2026-45594
Exposure of sensitive information to an unauthorized actor in Windows Application Identity AppID Subsystem allows an authorized attacker to disclose information locally...
EUVD-2026-35729
Exposure of sensitive information to an unauthorized actor in Windows Hyper-V allows an authorized attacker to disclose information locally...
CVE-2026-42972
CVE-2026-42972 describes a Windows Hyper-V information disclosure vulnerability. The issue allows a locally authenticated attacker (low privileges) to disclose sensitive information due to exposure of information to an unauthorized actor. CVSS 3.1/Local, Low complexity, Privileges Low, Confidenti...
EUVD-2026-35596
Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to disclose information locally...
EUVD-2026-35595
Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to disclose information locally...
EUVD-2026-35552
Exposure of sensitive information to an unauthorized actor in Windows Application Identity AppID Subsystem allows an authorized attacker to disclose information locally...
Windows Shell Information Disclosure Vulnerability
Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to disclose information locally...
Windows Shell Information Disclosure Vulnerability
Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to disclose information locally...
Windows Application Identity (AppID) Information Disclosure Vulnerability
Exposure of sensitive information to an unauthorized actor in Windows Application Identity AppID Subsystem allows an authorized attacker to disclose information locally...
PT-2026-48124
Name of the Vulnerable Software and Affected Versions Windows NTLM affected versions not specified Description Exposure of sensitive information to an unauthorized actor in Windows NTLM allows an attacker to perform spoofing over a network, which can affect the system. Recommendations At the...
PT-2026-47983
Exposure of sensitive information to an unauthorized actor in Windows Application Identity AppID Subsystem allows an authorized attacker to disclose information locally...
PT-2026-47886
Name of the Vulnerable Software and Affected Versions Windows Shell affected versions not specified Description Exposure of sensitive information in Windows Shell allows an authorized attacker to disclose information locally, which can affect the system. Recommendations At the moment, there is no...