CVE-2026-12849

creationtimestamp| type| source ---|---|--- 2026-06-24 06:28:41+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mozbycv5rt25...

CVE-2026-35291

...

PT-2026-49102

Name of the Vulnerable Software and Affected Versions GPAC MP4Box version 2.4 Description A floating point exception occurs in the avidmx process function within the isomedia/isom write.c file. A floating point exception is a runtime error that happens when a program attempts an illegal arithmeti...

PT-2026-48486

Name of the Vulnerable Software and Affected Versions Palo Alto Networks PAN-OS affected versions not specified Description A memory corruption issue occurs during the processing of tunnel traffic. An authenticated user can trigger system reboots by sending a maliciously crafted packet. If these...

01os (>=0.0.1 <=0.0.14), 0b1-protocol (>=0.1.0 <=0.1.3) +41628 more potentially affected by CVE-2026-34993 via aiohttp (>=0.13.1 <=3.13.5)

aiohttp PYPI version =0.13.1, =0.0.1, =0.1.0, =0.1.0, =0.2.0, =0.1.0, =1.0.0, =0.1.0, =0.1.0, =1.0.0, =0.1.0, =0.1.1, =0.1.2, =0.1.3 - 1942pyc =7.0.1 - 1claw-crewai-tools =0.1.0 and more Source cves: CVE-2026-34993 Source advisory: OSV:GHSA-JG22-MG44-37J8...

PT-2026-47208

Name of the Vulnerable Software and Affected Versions Dulwich versions prior to 1.2.5 Description An uncontrolled resource consumption issue leads to memory exhaustion and denial-of-service. A client with push access can send a small crafted thin pack where the delta header specifies an excessive...

PT-2026-39086

Content removed...

CVE-2026-41202

creationtimestamp| type| source ---|---|--- 2026-05-07 06:17:48+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlakynbolz2e 2026-05-07 09:00:32+00:00| seen| https://infosec.exchange/users/offseq/statuses/116532473442667986 2026-05-07 09:00:34+00:00| seen|...

CVE-2026-34079

creationtimestamp| type| source ---|---|--- 2026-04-07 23:21:06+00:00| seen| Telegram/WwaVaWmCpWfeYuJ8P8IqcUlHCUAeEgjmrCmKGvAa3A2q2J0 2026-04-08 01:31:20+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mix5holkl323 2026-04-10 14:32:09+00:00| seen|...

PT-2026-30997

Another CVE CVE-2026-31268 has been assigned and is currently pending publication 🥰 https://t.co/2bfMaVHbE4...

Security Bulletin: IBM Maximo Application Suite - Predict Component was using vulnerable library flask-3.1.2 which is vulnerable to CVE-2026-27205

Summary IBM Maximo Application Suite - Predict Component was using vulnerable library flask-3.1.2-py3-none-any.whl which is vulnerable to CVE-2026-27205. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2026-27205 DESCRIPTION: Flask is a web server...

CERTFR-2026-ALE-003

creationtimestamp| type| source ---|---|--- 2026-03-20 13:18:20+00:00| seen| https://social.numerique.gouv.fr/users/certfr/statuses/116261696202353385...

CVE-2025-38300

creationtimestamp| type| source ---|---|--- 2026-03-19 00:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/...

CVE-2026-28399

creationtimestamp| type| source ---|---|--- 2026-03-03 19:19:53+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mg6ifbejac2s...

EUVD-2026-4549

The User Submitted Posts – Enable Users to Submit Posts from the Front End plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the custom fields in all versions up to, and including, 20251210 due to insufficient input sanitization and output escaping. This makes it possible for...

EUVD-2026-4569

The Cookie consent for developers plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple settings fields in all versions up to, and including, 1.7.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

EUVD-2026-4573

The WP Youtube Video Gallery plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0. This is due to missing nonce verification on the wpYTVideoGallerySettingSave function. This makes it possible for unauthenticated attackers to modify plugin...

EUVD-2026-4578

The Kalrav AI Agent plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the kalravuploadfile AJAX action in all versions up to, and including, 2.3.3. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site...

EUVD-2026-4586

Not used...

EUVD-2026-4276

MyBB Delete Account Plugin 1.4 contains a cross-site scripting vulnerability in the account deletion reason input field. Attackers can inject malicious scripts that will execute in the admin interface when viewing delete account reasons...