WordPress ProfileGrid – User Profiles, Groups and Communities plugin <= 5.9.8.4 - Authenticated (Subscriber+) SQL Injection vulnerability

Authenticated Subscriber+ SQL Injection vulnerability discovered by Jonah Burgess CryptoCat in WordPress Plugin ProfileGrid versions = 5.9.8.4...

Lemmy may expose private community data through community, saved, liked, and modlog API views

Summary Lemmy applies private-community checks in PostView and CommentView, but several adjacent API views skip the accepted-follower filter. Bob, a registered user who is not an accepted follower, can read private community sidebar and summary fields. Alice, a former accepted follower, can still...

GHSA-3JVJ-V6W2-H948 Lemmy has SSRF in /api/v3/post via Webmention dispatch

Summary Lemmy allows an authenticated low-privileged user to create a link post through POST /api/v3/post. When a post is created in a public community, the backend asynchronously sends a Webmention to the attacker-controlled link target. The submitted URL is checked for syntax and scheme, but th...

Zeek 8.0.7

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek ha...

CVE-2026-25417

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Metagauss ProfileGrid profilegrid-user-profiles-groups-and-communities allows Stored XSS.This issue affects ProfileGrid : from n/a through = 5.9.8.1...

CVE-2026-1264

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.1.0.0 through 6.1.2.72, 6.2.0.0 through 6.2.0.51, 6.2.1.0 through 6.2.1.11, and 6.2.2.0 allows a remote unauthenticated attacker to view and delete the partners of a community and to delete the communities...

EUVD-2026-12661

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.1.0.0 through 6.1.2.72, 6.2.0.0 through 6.2.0.51, 6.2.1.0 through 6.2.1.11, and 6.2.2.0 allows a remote unauthenticated attacker to view and delete the partners of a community and to delete the communities...

CVE-2026-1264

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.1.0.0 through 6.1.2.72, 6.2.0.0 through 6.2.0.51, 6.2.1.0 through 6.2.1.11, and 6.2.2.0 allows a remote unauthenticated attacker to view and delete the partners of a community and to delete the communities...

CVE-2026-1264

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.1.0.0 through 6.1.2.72, 6.2.0.0 through 6.2.0.51, 6.2.1.0 through 6.2.1.11, and 6.2.2.0 allows a remote unauthenticated attacker to view and delete the partners of a community and to delete the communities...

CVE-2026-1264 IBM Sterling B2B Integrator and IBM Sterling File Gateway Improper Access Controls

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.1.0.0 through 6.1.2.72, 6.2.0.0 through 6.2.0.51, 6.2.1.0 through 6.2.1.11, and 6.2.2.0 allows a remote unauthenticated attacker to view and delete the partners of a community and to delete the communities...

CVE-2026-1264

CVE-2026-1264 affects IBM Sterling B2B Integrator and IBM Sterling File Gateway, versions 6.1.0.0–6.1.2.7_2, 6.2.0.0–6.2.0.5_1, 6.2.1.0–6.2.1.1_1, and 6.2.2.0. The issue is an improper access control that permits a remote, unauthenticated attacker to view and delete partners of a community and to...

CVE-2026-1264 IBM Sterling B2B Integrator and IBM Sterling File Gateway Improper Access Controls

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.1.0.0 through 6.1.2.72, 6.2.0.0 through 6.2.0.51, 6.2.1.0 through 6.2.1.11, and 6.2.2.0 allows a remote unauthenticated attacker to view and delete the partners of a community and to delete the communities...

Security Bulletin: IBM Sterling B2B Integrator and IBM Sterling File Gateway are Vulnerable due to an access control vulnerability in AFT web app ( CVE-2026-1264 )

Summary IBM Sterling B2B Integrator and IBM Sterling File Gateway have addressed access control security vulnerability Vulnerability Details CVEID:CVE-2026-1264 DESCRIPTION: IBM Sterling B2B Integrator and IBM Sterling File Gateway allows a remote unauthenticated attacker to view and delete the...

PT-2026-25956

IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.1.0.0 through 6.1.2.7 2, 6.2.0.0 through 6.2.0.5 1, 6.2.1.0 through 6.2.1.1 1, and 6.2.2.0 allows a remote unauthenticated attacker to view and delete the partners of a community and to delete the communities...

CVE-2025-13416

The CVE-2025-13416 relates to the ProfileGrid – User Profiles, Groups and Communities WordPress plugin. Affected versions are all up to and including 5.9.7.2. Root cause: missing capability check in the pm_deactivate_user_from_group() function, enabling authenticated users with Subscriber-level a...

MiracleLinux 4 : quagga-0.99.15-5.AXS4.2 (AXSA:2011-136:01)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2011-136:01 advisory. Quagga is a free software that manages TCP/IP based routing protocol. It takes multi-server and multi- thread approach to resolve the current...

NYPD Sued Over Possible Records Collected Through Muslim Spying Program

The New York Police Department's “mosque-raking” program targeted Muslim communities across NYC. Now, as the city's first Muslim mayor takes office, one man is fighting—again—to fully expose it...

Zeek 8.0.3

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek ha...

EUVD-2013-0958

Malware in sbrugna...

EUVD-2010-2287

Malware in sbrugna...