30535 matches found
CVE-2026-56329 Capgo - Cross-Tenant Preview Namespace Collision via Non-Bijective Underscore Decoding
Capgo before 12.128.2 contains a cross-tenant preview namespace collision vulnerability caused by non-bijective decoding of double underscores to dots in preview hostname parsing. Attackers can register app IDs with underscores that collide with other tenants' dotted app IDs, causing preview...
CVE-2026-5069
creationtimestamp| type| source ---|---|--- 2026-07-10 05:39:55+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqbgptqx442d 2026-07-11 00:43:56+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqdgnihrty2e...
CVE-2026-21053
Improper input validation in Samsung Email prior to version 6.2.13.1 allows local attackers to create arbitrary files within the application sandbox...
CVE-2026-51119
Invixium IXM WEB 2.3.85.25 is affected. The issue allows privilege escalation via the /SystemUsers/CreateAppUser component, as described in CVE-2026-51119, with CVSS 3.1 base score 9.1 (CRITICAL). No specific root-cause, vulnerable version ranges, exploit details, or fixes are provided beyond thi...
CVE-2026-51119
An issue in Invixium IXM WEB v.2.3.85.25 allows an attacker to escalate privileges via the /SystemUsers/CreateAppUser components...
CVE-2026-4653
creationtimestamp| type| source ---|---|--- 2026-07-09 23:07:27+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqaqs2htoe2y 2026-07-09 23:07:28+00:00| seen| https://bsky.app/profile/qiancx.bsky.social/post/3mqaqs2m7yb27...
CVE-2026-55604
creationtimestamp| type| source ---|---|--- 2026-07-09 22:37:06+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqap3r6pk42e 2026-07-10 05:01:55+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mqbeluswmw2a...
CVE-2026-12170
creationtimestamp| type| source ---|---|--- 2026-07-09 22:30:04+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqaop7hjtu2i...
CVE-2026-59734
creationtimestamp| type| source ---|---|--- 2026-07-09 18:47:50+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqacbssmiz2z 2026-07-13 22:00:04+00:00| seen| https://t.me/GithubRedTeam/92945 2026-07-14 00:00:08+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/92945...
CVE-2026-13462
PayRange Android app, version 7.0.7 and below, contains an SSL bypass vulnerability that allows invalid certificates to be accepted in application webviews. A remote and unauthenticated attacker can steal information that the user sends...
CVE-2026-13461
When coupled with the SSL bypass vulnerability, JavaScript can be injected into a WebView in the PayRange version 7.0.7 app. The injection of specific JavaScript function calls allows the attacker to escape the WebView sandbox and perform a number of dangerous actions on the user's device...
CVE-2026-13462
PayRange Android app (version 7.0.7 and below) is affected by CVE-2026-13462 due to an SSL bypass in WebViews, allowing invalid certificates to be accepted. This enables a remote, unauthenticated attacker to intercept and exfiltrate data the user submits via the app. Attack surface is the app’s W...
EUVD-2026-42637
PayRange Android app, version 7.0.7 and below, contains an SSL bypass vulnerability that allows invalid certificates to be accepted in application webviews. A remote and unauthenticated attacker can steal information that the user sends...
EUVD-2026-42635
When coupled with the SSL bypass vulnerability, JavaScript can be injected into a WebView in the PayRange version 7.0.7 app. The injection of specific JavaScript function calls allows the attacker to escape the WebView sandbox and perform a number of dangerous actions on the user's device...
CVE-2026-59207
creationtimestamp| type| source ---|---|--- 2026-07-09 16:10:23+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mq7zibfybn25...
CVE-2026-59208
creationtimestamp| type| source ---|---|--- 2026-07-09 16:03:25+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mq7z3sn6kq2i 2026-07-15 15:22:07+00:00| seen| https://bsky.app/profile/hn100.bsky.social/post/3mqozlgli3q2t 2026-07-15 15:27:26+00:00| seen|...
CVE-2017-2845
creationtimestamp| type| source ---|---|--- 2026-07-09 11:37:07+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mq7k7ms5iz2n...
CVE-2026-2342
creationtimestamp| type| source ---|---|--- 2026-07-09 09:44:06+00:00| seen| https://bsky.app/profile/stackflag.bsky.social/post/3mq7dvjy7wm2w...
CVE-2026-15137
creationtimestamp| type| source ---|---|--- 2026-07-09 03:52:08+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mq6qa72g7o2k...
CVE-2026-15112
creationtimestamp| type| source ---|---|--- 2026-07-09 01:30:29+00:00| seen| https://infosec.exchange/users/offseq/statuses/116887429378642543 2026-07-09 01:30:31+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mq6icwy3iv23 2026-07-09 04:45:15+00:00| seen|...