CVE-2026-44479

Vercel’s AI Cloud is a unified platform for building modern applications. From 50.16.0 to 52.0.0, hen the Vercel CLI runs in non-interactive mode --non-interactive or auto-detected AI agent, commands that cannot complete autonomously emit JSON payloads with suggested follow-up commands. If the us...

Exploit for CVE-2026-21509

🛡️ CVE-2026-21509 — Microsoft Office Zero-Day !OFFICEhttps...

exploitRag-FullStack

ExploitRAG - RAG-based Cybersecurity Chat System A production...

EUVD-2025-203103

Next has a Denial of Service with Server Components - Incomplete Fix Follow-Up...

EUVD-2023-37479

Malicious code in bioql PyPI...

EUVD-2025-8198

Malicious code in bioql PyPI...

EUVD-2023-37482

Malicious code in bioql PyPI...

CVE-2025-56132

LiquidFiles filetransfer server is vulnerable to a user enumeration issue in its password reset functionality. The application returns distinguishable responses for valid and invalid email addresses, allowing unauthenticated attackers to determine the existence of user accounts. Version 4.2...

CVE-2025-57811 Craft Potential Remote Code Execution via Twig SSTI

Craft is a platform for creating digital experiences. From versions 4.0.0-RC1 to 4.16.5 and 5.0.0-RC1 to 5.8.6, there is a potential remote code execution vulnerability via Twig SSTI Server-Side Template Injection. This is a follow-up to CVE-2024-52293. This vulnerability has been patched in...

CVE-2025-57811 Craft Potential Remote Code Execution via Twig SSTI

Craft is a platform for creating digital experiences. From versions 4.0.0-RC1 to 4.16.5 and 5.0.0-RC1 to 5.8.6, there is a potential remote code execution vulnerability via Twig SSTI Server-Side Template Injection. This is a follow-up to CVE-2024-52293. This vulnerability has been patched in...

CVE-2025-57811

Craft CMS vulnerability CVE-2025-57811 is a remote code execution via Twig SSTI affecting Craft 4.x (4.0.0-RC1 through 4.16.5) and 5.x (5.0.0-RC1 through 5.8.6). The issue stems from Twig SSTI and is a follow-up to CVE-2024-52293. Affected versions are patched in Craft 4.16.6 and 5.8.7. If you ru...

CVE-2025-23460 WordPress RWS Enquiry And Lead Follow-up plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in rhizomaticweb RWS Enquiry And Lead Follow-up rws-enquiry allows Reflected XSS.This issue affects RWS Enquiry And Lead Follow-up: from n/a through = 1.0...

WordPress RWS Enquiry And Lead Follow-up plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Mika in WordPress Plugin RWS Enquiry And Lead Follow-up versions = 1.0...

Linux Distros Unpatched Vulnerability : CVE-2024-47728

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf: Zero former ARGPTRTOLONG,INT args in case of error For all non-tracing helpers which formerly had ARGPTRTOLONG,INT as input arguments, zero the value for t...

Security update for rsync

This update for rsync fixes the following issues: NOTE: This update has been retracted due to a buggy security fix. A followup update will be provided. CVE-2024-12085: leak of uninitialized stack data on the server leading to possible ASLR bypass. bsc1234101 CVE-2024-12086: leak of a client...

SUSE: Security Advisory (SUSE-SU-2025:0120-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-7115-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion

A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635...

encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion

A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635...

encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion

A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635...