CVE-2026-20172 Cisco Enterprise Chat and Email Lite Agent File Upload Vulnerability

A vulnerability in the Lite Agent feature of Cisco Enterprise Chat and Email ECE could allow an authenticated, remote attacker to conduct browser-based attacks. To exploit this vulnerability, the attacker must have valid credentials for a user account with at least the role of Agent. This...

Linux Distros Unpatched Vulnerability : CVE-2026-43143

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mfd: core: Add locking around 'mfdofnodelist' Manipulating a list in the kernel isn't safe without some sort of mutual exclusion. Add a mutex any time we access...

Photon OS 4.0: Linux PHSA-2026-4.0-1008

An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-4.0-1008. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Zero Day Attacks: Novel Behaviour or Novel Vulnerability?

Zero-day attacks pose severe cybersecurity risks due to their high success rates and stealth. Because signature-based approaches struggle to detect such attacks, building Intrusion Detection Systems IDSs for detecting zero-day attacks is essential. We contend that for an IDS to be effective it mu...

Astra Linux – Vulnerability in Thunderbird

The ms-msdt, search, and search-ms protocols deliver content to Microsoft applications, bypassing the browser, when a user accepts a prompt. These applications have known vulnerabilities that have been exploited in the wild although we know of none exploited through Thunderbird. Therefore, in thi...

clan-nxt-toolkit

🔴 CLAN NXT Toolkit ██████╗██╗ █████╗ ███╗ ██╗...

mcp-exploitdb-query

mcp-exploitdb-query MCP server to query ExploitDB. This serv...

disclosures

...

exploitdb

The Exploit Database Git Repository This is an official repos...

obliteratus-brain

OBLITERATUS BRAIN The Persistent Knowledge Layer for OBLITE...

April "In the Trend of VM" (#26): one Microsoft SharePoint vulnerability

April "In the Trend of VM" 26: one Microsoft SharePoint vulnerability. Presenting the traditional monthly roundup of trending vulnerabilities according to Positive Technologies. Once again, it is single-vendor, Microsoft-related, and this time it could not be more compact. While the previous Marc...

What Anthropic’s Mythos Means for the Future of Cybersecurity

Two weeks ago, Anthropic announced that its new model, Claude Mythos Preview, can autonomously find and weaponize software vulnerabilities, turning them into working exploits without expert guidance. These were vulnerabilities in key software like operating systems and internet infrastructure tha...

Photon OS 4.0: Expat PHSA-2026-4.0-1002

An update of the expat package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-4.0-1002. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Exploits

No d...

Automated-CSRF-PoC-Generator

Description: A specialized Python script designed to automate th...

LLM-and-MCP

Detection and Exploitation of Vulnerabilities in Android Appli...

KLA91018 Memory handling vulnerability in Linux Kernel

Memory handling vulnerability was found in Linux Kernel. Malicious users can exploit this vulnerability to obtain sensitive information, cause denial of service, gain root privileges. Original advisories Information about the Copy Fail vulnerability Linux CVE announce – CVE-2026-31431 Exploitatio...

Important: Red Hat Security Advisory: Red Hat OpenShift Service Mesh 3.2.4

Red Hat OpenShift Service Mesh 3.2.4 This update has a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section. Red Hat OpenShift Service Mesh 3.2....

[Podcast] It's not you, it's your printer: State-sponsored and phishing threats in 2025

!\Podcast\ It's not you, it's your printer: State-sponsored and phishing threats in 2025https://storage.ghost.io/c/af/a0/afa04ee3-414f-4481-8d23-7e7c146f192e/content/images/2026/04/YiR2025cover2x1-2-1.jpg In this episode, we unpack state-sponsored and phishing trends from the 2025 Talos Year in...

MINE-CYBERSECURITY-PROJECT-1

MINE-CYBERSECURITY-PROJECTS This repository contains advanced...