Claude Fable 5 and Mythos 5 “abruptly disabled” after US gov. ban

Anthropic has been ordered by the US government to cut off its newest Claude Fable 5 and Mythos 5 models for fear of abuse by adversaries. Reuters reports that Anthropic said it will "abruptly ​disable" its most advanced AI models for all users after the US government ordered it to suspend access...

EUVD-2026-36723

Subscriber Broken Access Control in Really Simple SSL = 9.5.9 versions...

Handala Hacking Group Claims Breach of California Water Service

The Handala hacking group claims it has targeted California Water Service, leaking 5GB of customer database and GPS network files in its latest infrastructure attack...

Security Bulletin: IBM Engineering Systems Design Rhapsody was affected by CVE-2025-11143

Summary IBM Engineering Systems Design Rhapsody was affected by CVE-2025-11143. Although the vulnerability is generally rated low to medium severity due to the specific conditions required for exploitation, it can become more impactful in complex multi-layered architectures where consistent URL...

PT-2026-49479

Unauthenticated Cross Site Scripting XSS in MW WP Form = 5.1.3 versions...

PT-2026-49301

Name of the Vulnerable Software and Affected Versions Kandji Agent versions prior to 4.7.55374 Description A client validation gap in the software allows a local attacker to escalate privileges and invoke restricted agent functionality. Recommendations Update to version 4.7.55374 or later...

PT-2026-49445

Subscriber Broken Access Control in Classified Listing = 5.3.9 versions...

PT-2026-49403

Unauthenticated Privilege Escalation in WP BASE Booking = 5.9.0 versions...

PT-2026-49444

Unauthenticated Cross Site Scripting XSS in AutomatorWP = 5.6.7 versions...

PT-2026-49488

Unauthenticated Broken Access Control in WPC Product Bundles for WooCommerce = 8.5.3 versions...

PT-2026-49547

Name of the Vulnerable Software and Affected Versions Canon EOS Network Setting Tool versions prior to 1.5.1 Description The software employs weak SSH cryptographic algorithms, which are encryption methods used to secure communication over the Secure Shell SSH protocol that are no longer consider...

CVE-2026-38065

Tenda 5G03 V05.03.02.04 Version 1.0 is vulnerable to Command injection in the function actionimsonwithapn via the imsapn parameter...

PT-2026-49398

Unauthenticated SQL Injection in SpeakOut! Email Petitions = 4.6.5 versions...

PT-2026-49518

Unauthenticated SQL Injection in eCommerce Product Catalog = 3.5.5 versions...

PT-2026-49314

Name of the Vulnerable Software and Affected Versions flatnotes version 5.5.4 Description An arbitrary file upload issue exists in the attachment handling component. This allows attackers to execute arbitrary code by uploading a specially crafted HTML or SVG file. Recommendations At the moment,...

PT-2026-49449

Unauthenticated Cross Site Scripting XSS in Classified Listing = 5.3.8 versions...

PT-2026-49480

Unauthenticated Sensitive Data Exposure in EmbedPress = 4.5.2 versions...

CVE-2026-38062

Summary: CVE-2026-38062 affects Tenda 5G03 (V05.03.02.04, Version 1.0). The issue is a command injection in the function action_set_rat_mode via the ratMode parameter. Multiple trusted sources (NVD, EUVD, CVE lists, vuln enrichment) describe this vulnerability with the same root cause. The CVSS v...

PT-2026-49407

Unauthenticated Cross Site Scripting XSS in Notification for Telegram = 3.5 versions...

PT-2026-49356

Unauthenticated Broken Access Control in User Registration = 5.1.2 versions...