CVE-2026-45457

creationtimestamp| type| source ---|---|--- 2026-06-09 11:04:53+00:00| seen| https://advisories.ncsc.nl/advisory?id=NCSC-2026-0182 2026-06-09 16:12:18+00:00| seen| https://www.thezdi.com/blog/2026/6/9/the-june-2026-security-update-review...

Malicious Package

Overview chai-as-json is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

CVE-2026-40543

creationtimestamp| type| source ---|---|--- 2026-06-01 01:55:00+00:00| seen| https://cert.pl/en/posts/2026/06/CVE-2026-40543 2026-06-01 12:30:11+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mna3hk2oep2p...

CVE-2026-7054

creationtimestamp| type| source ---|---|--- 2026-05-29 10:07:07+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mmyc2x7f2i2g...

Malicious Package

Overview polymarket-ai-agent is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

AI Survey: 50% of Organizations Struggle to Maintain Latency at Scale

The Akamai State of AI Inference report captures real data from the field that describes how AI inference is being built and scaled in production today...

Akamai Cloud Is Built for What Cloud Has Become (Updated May 2026)

...

CVE-2026-41404

creationtimestamp| type| source ---|---|--- 2026-04-30 19:07:07+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mkqcptrocq2s...

PT-2026-34552

CVE-2026-30623 vulnerability via Anthropic's MCP SDK has been fixed since v1.83.6-nightly. Please refer to our blog post for more details. https://t.co/ImGk2mGYug...

CVE-2025-29635: Mirai Campaign Targets D-Link Devices

...

PT-2026-33582

Name of the Vulnerable Software and Affected Versions AMD CPUs affected versions not specified Description A transient execution vulnerability exists within AMD CPUs that allows a local user-privileged attacker to leak data via the floating point divisor unit. This issue, known as Floating Point...

📄 XWiki Blog Cross Site Scripting

XWiki Blog versions prior to 9.15.7 suffer from a persistent cross site scripting vulnerability via the blog post title. CVE-2025-66024: XWiki Blog Application home page vulnerable to Stored XSS via Post Title Overview | Field | Details | |---|---| | CVE ID | CVE-2025-66024 | | Severity | HIGH | ...

Exploit for CVE-2025-66024

CVE-2025-66024: XWiki Blog Application home page vulnerable to...

CVE-2026-35574

creationtimestamp| type| source ---|---|--- 2026-04-07 19:33:43+00:00| seen| Telegram/7stdzVfIjMVb7tvEQLoql-CFRLg5JIYu0eUqsXCfmQ30DI4 2026-04-07 19:33:54+00:00| seen| Telegram/2sVgvXJxKnqdd0t3ix7z2PFFoP4qMIqNMJ7HHwXtd94aJL4 2026-04-17 05:07:08+00:00| seen|...

CVE-2026-39307

creationtimestamp| type| source ---|---|--- 2026-04-05 04:59:42+00:00| published-proof-of-concept| https://github.com/MervinPraison/PraisonAI/security/advisories/GHSA-4ph2-f6pf-79wv 2026-04-07 19:34:21+00:00| seen| Telegram/OYPeMWdUc2Y5vftMssiNoDYA806NyVd6-qxnWxvkgzfQI 2026-04-16 03:37:07+00:00|...

CVE-2026-34790

creationtimestamp| type| source ---|---|--- 2026-04-02 17:37:38+00:00| seen| Telegram/s8qY890P48N3Wo9aQa8rI-zenhf5cWovFj-1HEcEoggzt84 2026-04-08 07:20:09+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mixqxgjfg72r...

GHSA-R33W-C82V-X5V7 CI4MS: Blogs Posts (Categories) Full Account Takeover for All-Roles & Privilege-Escalation via Stored DOM XSS

Summary Vulnerability: Blogs Posts Categories Full Account Takeover for All-Roles & Privilege-Escalation via Stored DOM XSS - Stored Cross-Site Scripting via Unsanitized Blog Post Content in Blog Management Categories Description The application fails to properly sanitize user-controlled input wh...

CVE-2024-43253

creationtimestamp| type| source ---|---|--- 2026-04-01 22:00:15+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mihouqxrhn2f...

CVE-2026-34568 CI4MS: Blogs Posts Full Account Takeover for All-Roles & Privilege-Escalation via Stored DOM XSS

CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.31.0.0, the application fails to properly sanitize user-controlled input when creating or editing blog posts. An attacker can inject a...

Cross-site Scripting (XSS)

Overview baserproject/basercms is a Content management system based on CakePHP. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the blog post rendering process. An attacker can execute arbitrary scripts in the context of a user's browser by injecting malicious...