CVE-2026-45915

In the Linux kernel, the following vulnerability has been resolved: fat: avoid parent link count underflow in rmdir Corrupted FAT images can leave a directory inode with an incorrect inlink e.g. 2 even though subdirectories exist. rmdir then unconditionally calls dropnlinkdir and can drive inlink...

CVE-2026-45915

In CVE-2026-45915, the Linux kernel FAT filesystem code fixes a parent-link underflow in rmdir. A corrupted FAT image could leave a directory inode with an incorrect i_nlink, causing rmdir to call drop_nlink(dir) and drive i_nlink to 0, triggering a WARN_ON. The patch adds a sanity check in vfat_...

CVE-2026-8054

creationtimestamp| type| source ---|---|--- 2026-05-27 12:08:49+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmthwqhajr2p 2026-05-27 16:40:57+00:00| seen| https://bsky.app/profile/basefortify.bsky.social/post/3mmtx4dglos2m 2026-05-27 16:40:58+00:00| seen|...

CVE-2026-3348

The MinhNhut Link Gateway plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's settings Description, Title, and other fields in all versions up to, and including, 3.6.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticat...

CVE-2026-3349

The MinhNhut Link Gateway plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'url' parameter on the redirect page in all versions up to, and including, 3.6.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers ...

CVE-2026-2288

The myLinksDump plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'linktitle' parameter in all versions up to, and including, 1.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access...

CVE-2026-999999

creationtimestamp| type| source ---|---|--- 2026-05-27 11:00:04+00:00| seen| https://t.me/GithubRedTeam/86098 2026-05-27 21:02:47+00:00| seen| Telegram/ymQhnDFcziGLHK8SJX7axBvcDuNVbRkzysaenktlRf2qI3g...

CVE-2026-48784

creationtimestamp| type| source ---|---|--- 2026-05-27 10:04:13+00:00| seen| https://bsky.app/profile/symfony.com/post/3mmtaxwk33y23 2026-05-27 14:35:08+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mmtq4e3x7q2h...

CVE-2026-8042

creationtimestamp| type| source ---|---|--- 2026-05-27 09:53:45+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmtaf7ne3f2e...

CVE-2026-8906

creationtimestamp| type| source ---|---|--- 2026-05-27 09:29:25+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmt6zpts4t2i...

CVE-2026-3348 MinhNhut Link Gateway <= 3.6.1 - Authenticated (Admin+) Stored Cross-Site Scripting via Plugin Settings

The MinhNhut Link Gateway plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's settings Description, Title, and other fields in all versions up to, and including, 3.6.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticat...

CVE-2026-3349

The MinhNhut Link Gateway plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'url' parameter on the redirect page in all versions up to, and including, 3.6.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers ...

EUVD-2026-32174

The MinhNhut Link Gateway plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's settings Description, Title, and other fields in all versions up to, and including, 3.6.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticat...

CVE-2026-3348 MinhNhut Link Gateway <= 3.6.1 - Authenticated (Admin+) Stored Cross-Site Scripting via Plugin Settings

The MinhNhut Link Gateway plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's settings Description, Title, and other fields in all versions up to, and including, 3.6.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticat...

CVE-2026-3349

The CVE describes a vulnerability in the MinhNhut Link Gateway plugin for WordPress: a Reflected Cross-Site Scripting issue exploitable via the url parameter on the redirect page, affecting all versions up to and including 3.6.1. The root cause is insufficient input sanitization and output escapi...

CVE-2026-3348

Summary: CVE-2026-3348 affects the MinhNhut Link Gateway WordPress plugin up to version 3.6.1. The issue is a Stored Cross-Site Scripting flaw caused by insufficient input sanitization and output escaping in plugin settings (Description, Title, and other fields). Exploitation requires authenticat...

CVE-2026-2288

CVE-2026-2288 affects the WordPress plugin myLinksDump (versions up to 1.6). The vulnerability is a Stored Cross-Site Scripting flaw triggered by the attack vector through the public-facing parameter 'link_title', caused by insufficient input sanitization and output escaping. Authentication requi...

CVE-2026-8942

creationtimestamp| type| source ---|---|--- 2026-05-27 09:11:46+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmt625haue2p...

CVE-2026-7618

creationtimestamp| type| source ---|---|--- 2026-05-27 09:00:42+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmt5gecmo52v...

CVE-2026-40834

creationtimestamp| type| source ---|---|--- 2026-05-27 08:11:16+00:00| seen| https://infosec.exchange/users/certvde/statuses/116645525736344350 2026-05-27 08:12:06+00:00| seen| https://infosec.exchange/users/certvde/statuses/116645529147227087...