GNUnet P2P Framework 0.26.2

GNUnet is a peer-to-peer framework with focus on providing security. All peer-to-peer messages in the network are confidential and authenticated. The framework provides a transport abstraction layer and can currently encapsulate the network traffic in UDP IPv4 and IPv6, TCP IPv4 and IPv6, HTTP, o...

IServ Schoolserver User Enumeration

IServ Schoolserver suffers from a user enumeration vulnerability. The vendor does not feel this is an issue...

Systems-and-Cyber-Security-Coursework

CSI6SCS2526 — Systems and Cyber Security Coursework Gr...

New GreatXML Exploit Bypasses Windows BitLocker via Recovery Partition XML Files

Security researcher Chaotic Eclipse aka Nightmare-Eclipse and MSNightmare has released a new Windows BitLocker bypass dubbed GreatXML , a day after they published an exploit for Microsoft Defender. "This was an accidental discovery, it took a total of 4 hours to find this," the researcher said in...

The Gentlemen Ransomware Claims 478 Victims, Can Spread Like a Worm

A new analysis of The Gentlemen operation has revealed that the financially motivated threat group initially operated as an affiliate responsible for conducting double extortion attacks, while leveraging resources from various ransomware-as-a-service RaaS schemes like LockBit aka Tenacious Mantis...

CVE-2026-28742

creationtimestamp| type| source ---|---|--- 2026-06-11 16:15:41+00:00| seen| https://bsky.app/profile/boredchilada.bsky.social/post/3mnzmpx4uza2v...

CVE-2026-42947

creationtimestamp| type| source ---|---|--- 2026-06-11 16:15:40+00:00| seen| https://bsky.app/profile/boredchilada.bsky.social/post/3mnzmpx4uza2v...

CVE-2026-50108

creationtimestamp| type| source ---|---|--- 2026-06-11 16:15:40+00:00| seen| https://bsky.app/profile/boredchilada.bsky.social/post/3mnzmpx4uza2v...

CVE-2026-10557

creationtimestamp| type| source ---|---|--- 2026-06-11 16:13:04+00:00| seen| https://bsky.app/profile/boredchilada.bsky.social/post/3mnzmlcnxbg2f...

CVE-2026-7368

creationtimestamp| type| source ---|---|--- 2026-06-11 16:13:04+00:00| seen| https://bsky.app/profile/boredchilada.bsky.social/post/3mnzmlcnxbg2f...

CVE-2026-28277

creationtimestamp| type| source ---|---|--- 2026-06-11 16:10:14+00:00| seen| https://bsky.app/profile/boredchilada.bsky.social/post/3mnzmg7zp4z2u...

CVE-2026-27022

creationtimestamp| type| source ---|---|--- 2026-06-11 16:10:14+00:00| seen| https://bsky.app/profile/boredchilada.bsky.social/post/3mnzmg7zp4z2u...

CVE-2026-11816

creationtimestamp| type| source ---|---|--- 2026-06-11 15:00:45+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mnzijwsfgq25...

CVE-2026-10847

creationtimestamp| type| source ---|---|--- 2026-06-11 15:00:37+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mnzijoxr3c2l...

CVE-2026-11852

Debusine is an integrated solution to build, distribute and maintain a Debian-based distribution. Files managed by debusine are organized into artifacts. The endpoints that create and delete relationships between artifacts enforced no permissions checks beyond being able to see the artifacts in...

CVE-2026-52759

Ghidra before 12.1.1 contains an uncontrolled memory allocation vulnerability in the Mach-O binary parser that allows attackers to cause denial of service. An attacker can supply a crafted Mach-O binary with an arbitrarily large ncmds load command count value, forcing the parser to allocate...

CVE-2026-53693

A stored cross-site scripting vulnerability existed in MISP BSimVis tag rendering code. Several client-side rendering paths interpolated tag names, collection names, entity identifiers, cluster names, and tag metadata directly into HTML, HTML attributes, inline JavaScript event handlers, and CSS...

CVE-2026-52757

Ghidra before 12.1 contains a heap-use-after-free vulnerability in the decompiler's HighVariable::merge function during the variable merging pass. Attackers can trigger this vulnerability by crafting a binary that causes stale pointers in the HighIntersectTest::highedgemap cache to be dereference...

CVE-2026-52756

Ghidra before 12.2 contains an unauthenticated path traversal vulnerability in the IsfServer that accepts TCP connections and passes client-supplied namespace strings directly to filesystem operations without validation. Remote attackers can connect to port 54321 and send crafted protobuf message...

CVE-2026-24067

Slate Digital Connect 1.37.0 for macOS installs a privileged helper tool, com.slatedigital.connect.privileged.helper.tool, which exposes the XPC service com.slatedigital.connect.privileged.helper.tool2. The helper validates connecting XPC clients by obtaining the client's process identifier and...