CVE-2026-46302

In the Linux kernel, the following vulnerability has been resolved: selinux: allow multiple opens of /sys/fs/selinux/policy Currently there can only be a single open of /sys/fs/selinux/policy at any time. This allows any process to block any other process from reading the kernel policy. The...

EUVD-2026-35167

In the Linux kernel, the following vulnerability has been resolved: selinux: allow multiple opens of /sys/fs/selinux/policy Currently there can only be a single open of /sys/fs/selinux/policy at any time. This allows any process to block any other process from reading the kernel policy. The...

Important: Red Hat Security Advisory: Multicluster Global Hub 1.7.1 security update

Multicluster Global Hub v1.7.1 general availability release images, which provide security fixes, bug fixes, and updated container images. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a...

Instagram Recovery Tool Bug Exposed 20,225 Accounts to Password Reset Abuse

Meta says an Instagram recovery tool bug allowed attackers to abuse password resets, affecting 20,225 accounts and exposing users without 2FA to account takeover risk...

NeDi 1.9C - Cross-Site Scripting

NeDi 1.9C is vulnerable to cross-site scripting because of an incorrect implementation of sanitize in inc/libmisc.php. This function attempts to escape the SCRIPT tag from user-controllable values, but can be easily bypassed, as demonstrated by an onerror attribute of an IMG element as a...

NexusDB <4.50.23 - Local File Inclusion

NexusQA NexusDB before 4.50.23 allows the reading of files via ../ directory traversal and local file inclusion. id: CVE-2020-24571 info: name: NexusDB 4.50.23 - Local File Inclusion author: pikpikcu severity: high description: NexusQA NexusDB before 4.50.23 allows the reading of files via ../...

MajorDoMo - Unauthenticated RCE

MajorDoMo contains a remote code execution caused by an include order bug and lack of exit after redirect in admin panel's PHP console, letting unauthenticated attackers execute arbitrary PHP code via crafted GET requests. id: CVE-2026-27174 info: name: MajorDoMo - Unauthenticated RCE author:...

PT-2026-47285

Incorrect authorization in the User Messages dashboard widget in Checkmk 2.5.0p5 causes the message-fetching endpoints to return the dashboard creator's messages rather than the viewer's, allowing an attacker who knows a valid public dashboard share token to read the issuer's personal messages by...

PT-2026-47275

The Recipe Card Blocks Lite plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the recipe block's 'summary' and 'notes' attributes in all versions up to, and including, 3.4.13. This is due to the 'WPZOOM Helpers::deserialize block attributes' method converting unicode-encoded...

RHEL 9 : rhc (RHSA-2026:24337)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:24337 advisory. rhc is a client tool and daemon that connects the system to Red Hat hosted services enabling system and subscription management. Security...

PT-2026-47289

Finally !!! - CVE-2026-50168 Angular 100k⭐️ https://t.co/gCwvYlXpR0 BugBounty GoogleVRP https://t.co/ViwfEVlp4R...

Debian dla-4621 : glibc-doc - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4621 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4621-1 [email protected]...

bugbounty-toolkit

🎯 Bug Bounty Recon Toolkit Automated recon toolkit for author...

CVE-2026-11308

An inappropriate implementation flaw was found in the Extensions component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=505945112...

CVE-2026-11309

An insufficient policy enforcement flaw was found in the History component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=506392934...

CVE-2026-11306

An use after free flaw was found in the PDFium component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=504548949...

CVE-2026-11300

An inappropriate implementation flaw was found in the Permissions component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=503614310...

CVE-2026-11299

An out of bounds read flaw was found in the Fonts component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=502598424...

CVE-2026-11292

A policy bypass flaw was found in the Blink component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=502358901...

CVE-2026-11296

An inappropriate implementation flaw was found in the ImageCapture component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=502493950...