CVE-2026-33079

A flaw was found in Mistune, a Markdown parser. This vulnerability, known as Regular Expression Denial of Service ReDoS, exists in the LINKTITLERE regular expression. A remote attacker can exploit this by providing specially crafted Markdown input, which causes the regular expression engine to...

tplink-priv-zero

TP-Link TL-WR841N v14 — Authenticated OS Command Injection RC...

CVE-2026-9404

creationtimestamp| type| source ---|---|--- 2026-05-25 06:00:28+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mmnsg7hw3k2f 2026-05-25 06:00:29+00:00| seen| https://infosec.exchange/users/offseq/statuses/116633686859071234...

CVE-2026-45758

creationtimestamp| type| source ---|---|--- 2026-05-25 03:51:09+00:00| seen| https://bsky.app/profile/skuebeck.graz.social.ap.brid.gy/post/3mmnl6set7sc2 2026-06-05 20:40:29+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnkypx7yrf2l 2026-06-05 21:00:21+00:00| seen|...

MAL-2026-4473 Malicious code in @zizie071/libsignal-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3e6d5096096e7e958916c5449a7480949135e6af5cd9acd4e1b1edab8c331163 On require, index.js schedules install.js which locates the installer's @whiskeysockets/baileys package on disk and overwrites lib/Socket/newsletter....

PT-2026-43074

Name of the Vulnerable Software and Affected Versions Firefox for iOS versions prior to 151.1 Description Firefox for iOS incorrectly displayed specially crafted right-to-left RTL and internationalized domain names IDNs within link preview UI surfaces. A crafted RTL hostname could visually reorde...

Mozilla Firefox for iOS 安全漏洞

Mozilla Firefox for iOS is a web browser designed for iOS devices by the US-based Mozilla Foundation. A security vulnerability exists in Mozilla Firefox for iOS prior to version 151.1, which stems from the incorrect display of specially crafted right-to-left domain names and internationalized...

CVE-2026-9360

creationtimestamp| type| source ---|---|--- 2026-05-24 09:00:28+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mmllz5x2pp2m...

ROS-20260524-73-0044

A vulnerability in the Jenkins Automation Server is related to incorrect symbolic link detection prior to file access during .tar and .tar.gz archive extraction. Exploitation of the vulnerability could allow an attacker acting remotely to write arbitrary files...

CVE-2018-25358 D-Link DIR601 2.02NA Credential Disclosure via my_cgi.cgi

D-Link DIR601 2.02NA contains a credential disclosure vulnerability that allows unauthenticated attackers to retrieve sensitive configuration data by manipulating the tablename parameter in POST requests. Attackers can send requests to /mycgi.cgi with tablename values like adminuser,...

EUVD-2018-21880

D-Link DIR601 2.02NA contains a credential disclosure vulnerability that allows unauthenticated attackers to retrieve sensitive configuration data by manipulating the tablename parameter in POST requests. Attackers can send requests to /mycgi.cgi with tablename values like adminuser,...

CVE-2018-25358

D-Link DIR601 2.02NA contains a credential disclosure vulnerability that allows unauthenticated attackers to retrieve sensitive configuration data by manipulating the tablename parameter in POST requests. Attackers can send requests to /mycgi.cgi with tablename values like adminuser,...

CVE-2018-25358 D-Link DIR601 2.02NA Credential Disclosure via my_cgi.cgi

D-Link DIR601 2.02NA contains a credential disclosure vulnerability that allows unauthenticated attackers to retrieve sensitive configuration data by manipulating the tablename parameter in POST requests. Attackers can send requests to /mycgi.cgi with tablename values like adminuser,...

CVE-2018-25358

The CVE-2018-25358 entry concerns the D-Link DIR-601 (firmware 2.02NA) where an unauthenticated attacker can disclose credentials via /my_cgi.cgi by manipulating the table_name parameter in POST requests. Affected data includes administrative credentials and wireless keys, exposed in cleartext. T...

CVE-2026-40411

creationtimestamp| type| source ---|---|--- 2026-05-23 03:59:23+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmikpvbh6e2p 2026-05-27 19:37:05+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mmuaycjlbz2y...

CVE-2026-42834

Improper access control in Windows Admin Center allows an authorized attacker to elevate privileges over a network...

CVE-2026-41091

Improper link resolution before file access 'link following' in Microsoft Defender allows an authorized attacker to elevate privileges locally...

[SECURITY] Fedora 44 Update: composer-2.9.8-1.fc44

Composer helps you declare, manage and install dependencies of PHP projects, ensuring you have the right stack everywhere. Documentation: https://getcomposer.org/doc/...

CVE-2026-40166

creationtimestamp| type| source ---|---|--- 2026-05-22 22:42:29+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmhyz7op7v2e...

CVE-2026-39970

creationtimestamp| type| source ---|---|--- 2026-05-22 22:32:06+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmhygjnno62o 2026-05-23 20:27:45+00:00| seen| https://infosec.exchange/users/vuldb/statuses/116625766625880175 2026-06-06 11:02:43+00:00| seen|...