23170 matches found
CVE-2026-15375
creationtimestamp| type| source ---|---|--- 2026-07-11 00:13:54+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqdexrohb62w...
CVE-2026-12761
creationtimestamp| type| source ---|---|--- 2026-07-10 23:18:06+00:00| seen| https://bsky.app/profile/stackflag.bsky.social/post/3mqdbtyyx3625 2026-07-11 00:00:37+00:00| seen| https://bsky.app/profile/pulse-wp.com/post/3mqde7tbdel22 2026-07-11 14:00:30+00:00| seen|...
GHSA-H4G2-XFMW-Q2C9
creationtimestamp| type| source ---|---|--- 2026-07-10 23:12:24+00:00| seen| https://gist.github.com/alon710/5e2741edb2d79f8c7e4e9d0fb2942745 2026-07-11 00:01:00+00:00| seen| https://gist.github.com/alon710/5e2741edb2d79f8c7e4e9d0fb2942745...
CVE-2026-55669
creationtimestamp| type| source ---|---|--- 2026-07-10 23:00:08+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqdatvtvhq26...
CVE-2026-55641
creationtimestamp| type| source ---|---|--- 2026-07-10 22:59:36+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqdaswkwrv2y 2026-07-11 19:00:53+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mqfdwxlrnz25...
CVE-2026-8609
creationtimestamp| type| source ---|---|--- 2026-07-10 22:20:55+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqd6nqxkrk2x 2026-07-11 00:17:08+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqdf5lhe6f2e...
CVE-2026-15083
Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Drupal ECA: Event - Condition - Action allows Object Injection. This issue affects ECA: Event - Condition - Action versions: from 0.0.0 to 2.1.20, from 3.0.0 to 3.0.12, from 3.1.0 to 3.1.4...
CVE-2026-15083
Summary: CVE-2026-15083 affects the Drupal ECA: Event - Condition - Action (ECA) module. The issue is an unitary vulnerability where an Improperly Controlled Modification of Dynamically-Determined Object Attributes can lead to Object Injection. Affected versions: ECA: Event - Condition - Action i...
CVE-2026-15083 ECA: Event - Condition - Action - Less critical - Information disclosure - SA-CONTRIB-2026-074
Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Drupal ECA: Event - Condition - Action allows Object Injection. This issue affects ECA: Event - Condition - Action versions: from 0.0.0 to 2.1.20, from 3.0.0 to 3.0.12, from 3.1.0 to 3.1.4...
CVE-2026-13039
The Eventin – Event Calendar, Event Registration, Tickets & Booking AI Powered plugin for WordPress is vulnerable to authorization bypass due to a regression in versions from 4.0.26 up to and including 4.1.15. This is due to the plugin not properly verifying that a user is authorized to perform a...
CVE-2026-55879
OpenReplay (self-hosted) versions 1.24.0–1.24.x are affected by an unauthenticated stored XSS in the tracking SDK. The SDK accepts custom event names and captured page URLs from any visitor using a public project key and stores data in ClickHouse without output encoding. When rendered in the auth...
CVE-2026-55472
creationtimestamp| type| source ---|---|--- 2026-07-10 20:10:06+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqcxdteayy2z 2026-07-11 01:02:46+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqdhp6pnjy2y 2026-07-14 04:11:02+00:00| seen|...
CVE-2026-55670 ZITADEL: Cross-Tenant User Leakage via Recycled Identifiers
ZITADEL is an open source identity management platform. Prior to 4.15.1, ZITADEL's event store validation can retain the original resource owner for a deleted user identifier, causing a later user recreated with the same identifier in another organization to be provisioned under the original...
CVE-2026-55670 ZITADEL: Cross-Tenant User Leakage via Recycled Identifiers
ZITADEL is an open source identity management platform. Prior to 4.15.1, ZITADEL's event store validation can retain the original resource owner for a deleted user identifier, causing a later user recreated with the same identifier in another organization to be provisioned under the original...
EUVD-2026-42977
ZITADEL is an open source identity management platform. Prior to 4.15.1, ZITADEL's event store validation can retain the original resource owner for a deleted user identifier, causing a later user recreated with the same identifier in another organization to be provisioned under the original...
CVE-2026-55670
ZITADEL (open source identity management) prior to v4.15.2 is affected by a cross-tenant leakage in the event store validation: when a user is deleted, the original resource owner may remain associated with the deleted user’s ID and, if a new user is recreated in another organization with the sam...
CVE-2026-33382
creationtimestamp| type| source ---|---|--- 2026-07-10 17:00:54+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mqcmrjabny2r 2026-07-10 22:29:42+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqd75hwwav2i 2026-07-11 00:20:09+00:00| seen|...
CVE-2026-60086
creationtimestamp| type| source ---|---|--- 2026-07-10 16:24:26+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqckqcwydo2z 2026-07-10 20:23:11+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqcy3aa7mh22...
EUVD-2026-42409
libp2p: CPU DoS via oversized IHAVE and IWANT control message arrays...
CVE-2026-15298
creationtimestamp| type| source ---|---|--- 2026-07-10 14:10:12+00:00| seen| https://bsky.app/profile/hugovalters.bsky.social/post/3mqcdablfyd2v...