Drift-Protocol-Exploit-2026

Case Study: Drift Protocol $285M Logic Exploit April 2026 A...

mysql: Optimizer unspecified vulnerability (CPU Apr 2026)

Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.45. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols t...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect WebSphere Service Registry and Repository due to April 2026 CPU

Summary There are multiple vulnerabilities in IBM SDK Java Technology Edition, used by WebSphere Service Registry and Repository. These issues were disclosed as part of the IBM Java SDK updates in April 2026. These issues are also addressed by WebSphere Application Server shipped with WebSphere...

Security Bulletin: Multiple security vulnerabilities are addressed with Cloud Pak foundational services 4.6.21 shipped with IBM Cloud Pak for Business Automation iFixes for April 2026

Summary IBM Cloud Pak for Business Automation includes IBM Cloud Pak foundational services. IBM Cloud Pak for Business Automation April 2026 security fixes update this dependency beyond 4.6.21 to address security vulnerabilities. Vulnerability Details CVEID:CVE-2024-45310 DESCRIPTION: runc is a C...

Carnival confirms data breach impacting nearly 6 million

Carnival Corporation, parent of Carnival Cruise Line, is sending out fresh “Notice of Cybersecurity Event” letters dated May 27, 2026. If you feel like you've read that sentence before, you're not imagining things. Over the last decade, the world’s largest cruise operator has accumulated a worryi...

Security Bulletin: OpenPages is vulnerable to IBM Semeru Runtime Quarterly CPU - Apr 2026 - Includes OpenJDK April 2026 CPU plus one CVE

Summary IBM Semeru Runtime Quarterly CPU - Apr 2026 - Includes OpenJDK April 2026 CPU plus one CVE. CVE-2026-34282, CVE-2026-22016, CVE-2026-23865, CVE-2026-22021, CVE-2026-22013, CVE-2026-22018, CVE-2026-22008, CVE-2026-34268, CVE-2026-22007, CVE-2026-6918 Vulnerability Details Refer to the...

CVE-2026-9396

A security flaw has been discovered in Besen BS20 EV Charging Station up to 20260426. Affected by this vulnerability is an unknown functionality of the component Firmware Version Check. The manipulation results in improper restriction of rendered ui layers. The attack can be executed remotely. A...

CVE-2026-9395

A vulnerability was identified in Besen BS20 EV Charging Station up to 20260426. Affected is an unknown function of the component BLE/UDP. The manipulation leads to insufficiently protected credentials. The attack needs to be initiated within the local network. The original disclosure mentions,...

mysql: InnoDB unspecified vulnerability (CPU Apr 2026)

Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network access via...

mysql: Optimizer unspecified vulnerability (CPU Apr 2026)

Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker with network...

CVE-2026-9398

A security vulnerability has been detected in Besen BS20 EV Charging Station up to 20260426. This affects an unknown part of the component BLE/WiFi. Such manipulation leads to authentication bypass by capture-replay. The attack must be carried out from within the local network. Attacks of this...

EUVD-2026-31551

A weakness has been identified in Besen BS20 EV Charging Station up to 20260426. Affected by this issue is some unknown functionality of the component OTA Update Installation Handler. This manipulation causes improper authorization. The attack is possible to be carried out remotely. A high degree...

CVE-2026-9396

The CVE-2026-9396 entry concerns Besen BS20 EV Charging Station firmware (up to 20260426). Affected component: Firmware Version Check. The vulnerability is caused by an issue in the UI layer rendering, where manipulation can cause improper restriction of rendered UI layers. The attack is describe...

CVE-2026-9396 Besen BS20 EV Charging Station Firmware Version Check ui layer

A security flaw has been discovered in Besen BS20 EV Charging Station up to 20260426. Affected by this vulnerability is an unknown functionality of the component Firmware Version Check. The manipulation results in improper restriction of rendered ui layers. The attack can be executed remotely. A...

CVE-2026-9395

A vulnerability was identified in Besen BS20 EV Charging Station up to 20260426. Affected is an unknown function of the component BLE/UDP. The manipulation leads to insufficiently protected credentials. The attack needs to be initiated within the local network. The original disclosure mentions,...

PT-2026-42966

A security flaw has been discovered in Besen BS20 EV Charging Station up to 20260426. Affected by this vulnerability is an unknown functionality of the component Firmware Version Check. The manipulation results in improper restriction of rendered ui layers. The attack can be executed remotely. A...

PT-2026-42969

A security vulnerability has been detected in Besen BS20 EV Charging Station up to 20260426. This affects an unknown part of the component BLE/WiFi. Such manipulation leads to authentication bypass by capture-replay. The attack must be carried out from within the local network. Attacks of this...

Multiple vulnerabilities in Trend Micro Endpoint security products for enterprises (May 2026)

Overview Multiple vulnerabilities in Trend Micro Endpoint security products for enterprises contain multiple vulnerabilities listed below. Relative path traversal in Apex One server CWE-23 - CVE-2026-34926 The only product that could be vulnerable to this exploit is TrendAI Apex One On Premise...

Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - Apr 2026 - Includes Oracle April 2026 CPU for Rational Software Architect Designer

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition,Versions 8 and Java 17 that are used by Rational Software Architect Designer and Rational Software Architect Designer for Websphere Software. These issues were disclosed as part of the IBM SDK, Java Technology Edition...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK (April 2026) affect IBM InfoSphere Information Server

Summary There are multiple vulnerabilities in the IBM® SDK Java™ Technology Edition, Version 8 that is used by IBM InfoSphere Information Server. These issues were disclosed as part of the IBM Java SDK updates in April 2026. Vulnerability Details CVEID:CVE-2026-22016 DESCRIPTION: Easily exploitab...