CVE-2026-46125 wifi: mac80211: remove station if connection prep fails

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: remove station if connection prep fails If connection preparation fails for MLO connections, then the interface is completely reset to non-MLD. In this case, we must not keep the station since it's related to the...

EUVD-2026-32884

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: remove station if connection prep fails If connection preparation fails for MLO connections, then the interface is completely reset to non-MLD. In this case, we must not keep the station since it's related to the...

CVE-2026-46125

CVE-2026-46125 describes a Linux kernel issue in the wifi mac80211 path where, if Multi-Link Operation (MLO) connection preparation fails, the associated station may not be removed correctly. The advisory states that the interface is reset to non-MLD and the station linked to the vif should be de...

WordPress MinhNhut Link Gateway plugin <= 3.6.1 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by san6051 - COFFSec in WordPress Plugin MinhNhut Link Gateway versions = 3.6.1...

CVE-2025-48977

creationtimestamp| type| source ---|---|--- 2026-05-28 09:17:24+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mmvot54h5h2m 2026-05-28 12:14:12+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmvypbrv6o2q...

CVE-2026-4377 Use of Weak Credentials in D-Link DWR-X1820 router

Dlink DWR-X1820 router uses weak default password generated from its IMEI number and does not require users to change it. An attacker who knows how passwords are generated can easily crack the default password if they have the device IMEI number. This issue was fixed in version 1.00B16CP...

CVE-2026-4377 Use of Weak Credentials in D-Link DWR-X1820 router

Dlink DWR-X1820 router uses weak default password generated from its IMEI number and does not require users to change it. An attacker who knows how passwords are generated can easily crack the default password if they have the device IMEI number. This issue was fixed in version 1.00B16CP...

CVE-2026-4377

The CVE refers to the D-Link DWR-X1820 router, where a weak default password is generated from the IMEI and does not require change by the user. This vulnerability can allow an attacker who knows the password-generation method to crack the default password given the device IMEI. A fix is availabl...

ext2: reject inodes with zero i_nlink and valid mode in ext2_iget()

...

CVE-2026-9803

creationtimestamp| type| source ---|---|--- 2026-05-28 07:53:54+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmvk5sxddj2t...

CVE-2026-9673

creationtimestamp| type| source ---|---|--- 2026-05-28 07:43:53+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmvjlvvqlf2q...

CVE-2026-9796

creationtimestamp| type| source ---|---|--- 2026-05-28 07:24:33+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmvijedyoo2q...

CVE-2026-9798

creationtimestamp| type| source ---|---|--- 2026-05-28 07:17:28+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmvi4od46s2h...

CVE-2026-9795

creationtimestamp| type| source ---|---|--- 2026-05-28 07:14:27+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmvhxby6g72v...

CVE-2026-9644

creationtimestamp| type| source ---|---|--- 2026-05-28 07:11:43+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmvhsficy22n 2026-05-29 01:24:13+00:00| seen| https://bsky.app/profile/donwebmedia.bsky.social/post/3mmxetw7lxy2i...

CVE-2026-9801

creationtimestamp| type| source ---|---|--- 2026-05-28 07:06:54+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmvhjrk23y2v...

CVE-2026-9794

creationtimestamp| type| source ---|---|--- 2026-05-28 07:04:44+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmvhfwk2vu2e...

CVE-2026-7651 User Registration & Membership <= 5.1.5 - Authenticated (Subscriber+) Insecure Direct Object Reference to Arbitrary Media Deletion via 'profile-pic-url' Parameter

The User Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction, User Profile, Custom User Registration & Login Builder plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.1.5. This is due to missing...

CVE-2026-7533 Easy Digital Downloads <= 3.6.7 - Cross-Site Request Forgery to Payment Account Hijacking via 'square_tokens' Parameter

The Easy Digital Downloads plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.6.7. This is due to missing nonce verification in the handleoauthredirect function, which is registered on the admininit hook and processes Square OAuth tokens from ...

CVE-2026-6824

creationtimestamp| type| source ---|---|--- 2026-05-28 05:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-148-05 2026-05-29 19:00:31+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mmz7upfzmm27 2026-05-29 20:27:22+00:00| seen|...