Lucene search
K

1502784 matches found

The Hacker News
The Hacker News
added 1 hour ago5 views

ThreatsDay: AI Compute Hijacking, Apple Email Flaw, BlueHammer Ransomware + 14 Stories

This week’s security news is mostly about weak spots. Browsers, bots, sandboxes, AI systems, and email flows all show the same problem in different ways. Everything looks normal until someone tests a small gap and finds a way through. This is not one big break. It is small permissions, weak check...

7.8CVSS7.8AI score0.06749EPSS
Exploits3
NVD
NVD
added 1 hour ago5 views

CVE-2026-53357

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: fix UAF in l2capsockcleanuplisten vs l2capconndel btacceptdequeue unlinks a not-yet-accepted child from the parent accept queue and releasesocks it before returning, so the returned sk has no caller reference and is...

Exploits0References8
CVE
CVE
added 3 hours ago5 views

CVE-2026-53357

CVE-2026-53357 triggers a use-after-free in the Linux kernel Bluetooth stack (l2cap) when closing a listening socket: bt_accept_dequeue() temporarily holds the child, then cleanup_listen() may operate on a sk that has already been freed by l2cap_conn_del() during an HCI disconnect. The race occur...

5.8AI score
Exploits0References8
Cvelist
Cvelist
added 3 hours ago4 views

CVE-2026-53357 Bluetooth: fix UAF in l2cap_sock_cleanup_listen() vs l2cap_conn_del()

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: fix UAF in l2capsockcleanuplisten vs l2capconndel btacceptdequeue unlinks a not-yet-accepted child from the parent accept queue and releasesocks it before returning, so the returned sk has no caller reference and is...

Exploits0References8
ATTACKERKB
ATTACKERKB
added 3 hours ago3 views

CVE-2026-53357

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: fix UAF in l2capsockcleanuplisten vs l2capconndel btacceptdequeue unlinks a not-yet-accepted child from the parent accept queue and releasesocks it before returning, so the returned sk has no caller reference and is...

5.8AI score
Exploits0References9Affected Software1
EUVD
EUVD
added 3 hours ago2 views

EUVD-2026-41372

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: fix UAF in l2capsockcleanuplisten vs l2capconndel btacceptdequeue unlinks a not-yet-accepted child from the parent accept queue and releasesocks it before returning, so the returned sk has no caller reference and is...

7.8CVSS5.8AI score0.00152EPSS
Exploits0References8
Malwarebytes
Malwarebytes
added 4 hours ago5 views

WinRAR flaw could allow attackers to take control of your computer

Rarlab has released a new version of the popular WinRAR tool to patch a vulnerability that can be abused in remote code execution attacks. The issue is fixed in WinRAR 7.23, but users must install the new version manually because WinRAR still does not offer automatic updates. They also need to ma...

7.8CVSS7.6AI score0.00286EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 6 hours ago3 views

Security Bulletin: IBM App Connect Enterprise Certified Container operator and operands are vulnerable to loss of confidentiality and denial of service due to multiple CVEs

Summary IBM App Connect Enterprise Certified Container operator and operands are vulnerable to loss of confidentiality and denial of service due to multiple CVEs. This bulletin provides patch information to address the vulnerabilities Vulnerability Details CVEID:CVE-2026-56761 DESCRIPTION: hono...

9.1CVSS7.1AI score0.0086EPSS
Exploits1Affected Software1
OSV
OSV
added 6 hours ago2 views

RHSA-2026:34355 Red Hat Security Advisory: mod_http2 security, bug fix, and enhancement update

Bulletin has no description...

7.3CVSS5.7AI score0.00525EPSS
Exploits0References12
OSV
OSV
added 6 hours ago2 views

RHSA-2026:34192 Red Hat Security Advisory: buildah security, bug fix, and enhancement update

Bulletin has no description...

7.5CVSS6.6AI score0.00651EPSS
Exploits0References31
OSV
OSV
added 6 hours ago2 views

RHSA-2026:34160 Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.6 Product Security and Bug Fix Update

Bulletin has no description...

8.1CVSS6AI score0.0068EPSS
Exploits5References60
OSV
OSV
added 6 hours ago2 views

RHSA-2026:34109 Red Hat Security Advisory: httpd security, bug fix, and enhancement update

Bulletin has no description...

7.7CVSS6.7AI score0.00687EPSS
Exploits0References32
OSV
OSV
added 6 hours ago2 views

RHSA-2026:34095 Red Hat Security Advisory: kernel security, bug fix, and enhancement update

Bulletin has no description...

7.8CVSS6.5AI score0.00475EPSS
Exploits0References48
OSV
OSV
added 6 hours ago2 views

RHSA-2026:34094 Red Hat Security Advisory: kernel security, bug fix, and enhancement update

Bulletin has no description...

7.8CVSS6.5AI score0.00475EPSS
Exploits0References93
OSV
OSV
added 6 hours ago2 views

RHSA-2026:30267 Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

Bulletin has no description...

4.7CVSS5.7AI score0.00126EPSS
Exploits0References19
NVD
NVD
added 6 hours ago5 views

CVE-2026-9145

The Database for Contact Form 7, WPforms, Elementor forms plugin for WordPress is vulnerable to Arbitrary File Copy via the createentryel function in versions up to, and including, 1.5.1. The function reads rawvalue from Elementor Pro's FormRecord object for upload-type fields and passes it...

6.5CVSS
Exploits0References5
IBM Security Bulletins
IBM Security Bulletins
added 6 hours ago3 views

Security Bulletin: IBM Quantum Safe Remediator is affected by mutiple vulnerabilities

Summary The vulnerabilities are found in the dependent open source libraries used in IBM Quantum Safe Remediator code base. IBM Quantum Safe Remediator has addressed these vulnerabilities by updating the versions of the affected libraries. Vulnerability Details CVEID:CVE-2026-39824 DESCRIPTION:...

9.3CVSS6.4AI score0.00492EPSS
Exploits2Affected Software1
Nuclei
Nuclei
added 7 hours ago7 views

MajorDoMo - Unauthenticated RCE

MajorDoMo contains a remote code execution caused by an include order bug and lack of exit after redirect in admin panel's PHP console, letting unauthenticated attackers execute arbitrary PHP code via crafted GET requests. id: CVE-2026-27174 info: name: MajorDoMo - Unauthenticated RCE author:...

9.8CVSS6.8AI score0.06996EPSS
Exploits4References4
Nuclei
Nuclei
added 7 hours ago95 views

PHPIPAM <v1.5.1 - Missing Authorization

In phpIPAM 1.5.1, an unauthenticated user could download the list of high-usage IP subnets that contains sensitive information such as a subnet description, IP ranges, and usage rates via findfullsubnets.php endpoint. The bug lies in the fact that findfullsubnets.php does not verify if the user i...

7.5CVSS6.7AI score0.37304EPSS
Exploits1References1
Nuclei
Nuclei
added 7 hours ago19 views

Comodo Unified Threat Management Web Console - Remote Code Execution

Comodo Firewall & Central Manager UTM All Release before 2.7.0 & 1.5.0 are susceptible to a web shell based remote code execution vulnerability. id: CVE-2018-17431 info: name: Comodo Unified Threat Management Web Console - Remote Code Execution author: dwisiswant0 severity: critical description:...

9.8CVSS7.9AI score0.83912EPSS
Exploits4References5
Rows per page
Query Builder