PT-2026-27856

Name of the Vulnerable Software and Affected Versions WPVulnerability versions through 4.2.1 Description An authorization issue exists in Javier Casares WPVulnerability wpvulnerability. The issue stems from incorrectly configured access control security levels, potentially allowing unauthorized...

CVE-2026-32388

Missing Authorization vulnerability in linethemes GLB glb allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GLB: from n/a through = 1.2.2...

CVE-2026-24616

Missing Authorization vulnerability in Damian WP Popups wp-popups-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Popups: from n/a through = 2.2.0.5...

EUVD-2018-10950

Malware in sbrugna...

EUVD-2021-25657

Malware in sbrugna...

EUVD-2000-0784

Malware in sbrugna...

EUVD-2025-20698

Malicious code in bioql PyPI...

EUVD-2023-43975

Malicious code in bioql PyPI...

EUVD-2022-39825

Malicious code in bioql PyPI...

EUVD-2025-4120

Malicious code in bioql PyPI...

EUVD-2022-34830

Malicious code in bioql PyPI...

TP-Link warns of botnet infecting routers and targeting Microsoft 365 accounts

TP-Link has issued a warning about a botnet exploiting two vulnerabilities to infect small office/home SOHO routers, which are then weaponized to attack Microsoft 365 accounts. The vulnerabilities affect the Archer C7 and TL-WR841N/ND routers, though other models may also be at risk. Despite the...

PT-2025-34004 · WordPress · Relywp Coupon Affiliates

Name of the Vulnerable Software and Affected Versions: RelyWP Coupon Affiliates versions through 6.4.0 Description: A missing authorization flaw exists in Elliot Sowersby / RelyWP Coupon Affiliates, allowing exploitation of incorrectly configured access control security levels. Recommendations:...

CVE-2025-20285

A vulnerability in the IP Access Restriction feature of Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to bypass configured IP access restrictions and log in to the device from a disallowed IP address. This vulnerability is due to improper enforcement of access controls...

CVE-2025-7076 BlackVue Dashcam 590X Configuration upload.cgi access control

A vulnerability was found in BlackVue Dashcam 590X up to 20250624. It has been rated as critical. Affected by this issue is some unknown functionality of the file /upload.cgi of the component Configuration Handler. The manipulation leads to improper access controls. The attack needs to be initiat...

CVE-2025-48147

Missing Authorization vulnerability in Crypto Cloud CryptoCloud - Crypto Payment Gateway cryptocloud-crypto-payment-gateway allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CryptoCloud - Crypto Payment Gateway: from n/a through = 2.1.2...

CVE-2025-49288

Missing Authorization vulnerability in Rustaurius Ultimate WP Mail ultimate-wp-mail allows Authentication Bypass.This issue affects Ultimate WP Mail: from n/a through = 1.3.5...

PT-2025-24181 · Unknown · Post Grid Master

Name of the Vulnerable Software and Affected Versions: Post Grid Master versions through 3.4.13 Description: The issue is related to Missing Authorization, allowing exploitation of incorrectly configured access control security levels. Recommendations: For versions through 3.4.13, update to a...

Exploit for CVE-2024-42049

CVE-2024-42049-PoC CVE Details - https://nvd.nist.gov/vuln...

CVE-2025-5163

A vulnerability, which was classified as problematic, was found in yangshare 技术杨工 warehouseManager 仓库管理系统 1.0. This affects an unknown part. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be...