CVE-2026-8492

The CVE-2026-8492 issue concerns the GTranslate/Translate Drupal module for Drupal, where a MAID vulnerability allows Resource Location Spoofing. The root cause is inadequate validation in the module’s language-switcher widget JavaScript, specifically around document.currentScript, which can caus...

CVE-2026-8492 Translate Drupal with GTranslate - Less critical - DOM clobbering / link manipulation - SA-CONTRIB-2026-035

Modification of Assumed-Immutable Data MAID vulnerability in Drupal Translate Drupal with GTranslate allows Resource Location Spoofing. This issue affects Translate Drupal with GTranslate: from 0.0.0 before 3.0.5...

golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root

A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the Root.Chmod function is replaced with a symbolic link during execution, specifically after Root.Chmod checks the target but before acting, the chmod operation will be performed on the file the...

golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root

A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the Root.Chmod function is replaced with a symbolic link during execution, specifically after Root.Chmod checks the target but before acting, the chmod operation will be performed on the file the...

CVE-2026-41470

creationtimestamp| type| source ---|---|--- 2026-05-19 21:18:19+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmacvwwmpk2o...

CVE-2026-36827

creationtimestamp| type| source ---|---|--- 2026-05-19 20:34:13+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmaah3kxw22p...

CVE-2026-6009

creationtimestamp| type| source ---|---|--- 2026-05-19 20:14:14+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mma7dep22x2r...

CVE-2026-42526

creationtimestamp| type| source ---|---|--- 2026-05-19 19:29:34+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mma4tie6mk25 2026-05-19 22:36:07+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmahaomavt2t...

CVE-2026-27173

creationtimestamp| type| source ---|---|--- 2026-05-19 19:14:29+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mma3yjr42d2s 2026-05-19 22:00:28+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mmafattt2v2s 2026-05-20 00:42:54+00:00| seen|...

CVE-2026-46529

creationtimestamp| type| source ---|---|--- 2026-05-19 19:04:29+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mma3gmwe2x22 2026-05-21 15:00:05+00:00| seen| https://t.me/GithubRedTeam/85237 2026-05-21 17:05:24+00:00| seen|...

CVE-2026-35086

creationtimestamp| type| source ---|---|--- 2026-05-19 18:05:53+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mm7y5tzwdr25...

CVE-2026-47358

creationtimestamp| type| source ---|---|--- 2026-05-19 18:00:22+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mm7xtxrdfg2z 2026-05-19 20:37:58+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmaanshoko2e...

CVE-2026-31909

creationtimestamp| type| source ---|---|--- 2026-05-19 17:52:48+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mm7xgh3aqf25 2026-05-31 11:01:33+00:00| seen| https://bsky.app/profile/keiwork35.bsky.social/post/3mn5g24uhcb2u...

CVE-2026-45187

creationtimestamp| type| source ---|---|--- 2026-05-19 17:46:26+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mm7x32oxvr2z...

CVE-2026-47358

Terrascan v1.18.3 and prior are vulnerable to Server-Side Request Forgery SSRF via external URL resolution in uploaded IaC templates when running in server mode. When Terrascan parses uploaded ARM templates or CloudFormation templates, it resolves external URLs referenced within those templates v...

CVE-2026-8966

creationtimestamp| type| source ---|---|--- 2026-05-19 17:01:56+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mm7ulixcic2q 2026-05-19 20:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/mozilla-products-multiple-vulnerabilities20260520...

CVE-2026-8970

creationtimestamp| type| source ---|---|--- 2026-05-19 16:41:55+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mm7thpa6i32i 2026-05-19 20:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/mozilla-products-multiple-vulnerabilities20260520 2026-05-20 02:01:27+00:00| seen|...

golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root

A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the Root.Chmod function is replaced with a symbolic link during execution, specifically after Root.Chmod checks the target but before acting, the chmod operation will be performed on the file the...

Important: Red Hat Security Advisory: opentelemetry-collector security update

An update for opentelemetry-collector is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

CVE-2026-5511 Information Disclosure via Diagnostic Interface Due to Improper Input Validation on TP-Link's Archer AX72

In the web management interface of Archer AX72 SG v1, the network diagnostic feature improperly handles invalid user input, resulting in limited exposure of diagnostic command usage information. An authenticated attacker with administrative privileges could exploit this issue to confirm the...