Argo CD: Stored XSS in application link annotations enables developer-to-admin privilege escalation

Summary A user with application write access developer role can set link.argocd.argoproj.io/ annotations on any ArgoCD Application. These annotation values are rendered in the Summary tab's URLs section as elements without URL validation. Using the pipe-separator trick Display Text |...

GHSA-H98R-WV3H-FR38 Argo CD: Stored XSS in application link annotations enables developer-to-admin privilege escalation

Summary A user with application write access developer role can set link.argocd.argoproj.io/ annotations on any ArgoCD Application. These annotation values are rendered in the Summary tab's URLs section as elements without URL validation. Using the pipe-separator trick Display Text |...

Mailpit: Concurrent map read & write in proxy CSS rewriter - remote unauth crash (fatal error: concurrent map read and map write)

Summary The screenshot/print proxy /proxy?data=… maintains a package-level assets mapstringMessageAssets cache, but reads the map without holding assetsMutex while a long-running cleanup goroutine and re-entrant CSS-rewriting code path concurrently write to it under the lock. When the...

TP-Link, Photoshop, OpenVPN, Norton VPN vulnerabilities

Cisco Talos' Vulnerability Discovery & Research team recently disclosed eight vulnerabilities in TP-Link, and one each in Adobe Photoshop, OpenVPN, and Gen Digital's Norton VPN. The vulnerabilities mentioned in this blog post have been patched by their respective vendors, in adherence to Cisco 's...

CVE-2026-34883

An issue was discovered in the Portrait Dell Color Management application before 3.7.0 for Dell monitors. On Windows, a symbolic link vulnerability allows a local low-privileged user to escalate privileges to Administrator. During installation, the software writes the file CCFLFamily07Feb11.edr t...

CVE-2026-47694

creationtimestamp| type| source ---|---|--- 2026-05-19 14:46:04+00:00| published-proof-of-concept| https://github.com/WWBN/AVideo/security/advisories/GHSA-c8h8-vq34-9fw2 2026-05-29 17:01:17+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmyz7ktvwb27...

CVE-2026-5306

creationtimestamp| type| source ---|---|--- 2026-05-19 14:32:07+00:00| seen| https://bsky.app/profile/atomicedge.bsky.social/post/3mm7m7ma57d2a...

CVE-2026-45829

creationtimestamp| type| source ---|---|--- 2026-05-19 14:30:28+00:00| seen| https://bsky.app/profile/hendryadrian.bsky.social/post/3mm7m4mnh3p2q 2026-05-19 15:30:06+00:00| seen| https://t.me/truesecator/8219 2026-05-19 21:44:20+00:00| seen|...

Microsoft Defender Elevation of Privilege Vulnerability

Improper link resolution before file access 'link following' in Microsoft Defender allows an authorized attacker to elevate privileges locally...

Windows Admin Center in Azure Portal Elevation of Privilege Vulnerability

Improper access control in Windows Admin Center allows an authorized attacker to elevate privileges over a network...

org.apache.tomcat/tomcat-catalina: tomcat: Apache Tomcat: session fixation via rewrite valve

A session fixation vulnerability has been identified in Apache Tomcat, affecting its rewrite functionality. If the rewrite valve is enabled for a web application, an attacker can craft a specific URL. If a victim clicks on this malicious URL, their subsequent interaction with the resource will...

CVE-2026-37981

creationtimestamp| type| source ---|---|--- 2026-05-19 13:32:55+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mm7ivqtujx2v...

podman: Podman kube play command may overwrite host files

There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the targ...

CVE-2026-42384

creationtimestamp| type| source ---|---|--- 2026-05-19 12:32:06+00:00| seen| https://bsky.app/profile/atomicedge.bsky.social/post/3mm7fiz3ikk2c...

CVE-2026-8814

creationtimestamp| type| source ---|---|--- 2026-05-19 09:31:33+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mm73g5n63l2h...

podman: Podman kube play command may overwrite host files

There's a vulnerability in podman where an attacker may use the kube play command to overwrite host files when the kube file container a Secrete or a ConfigMap volume mount and such volume contains a symbolic link to a host file path. In a successful attack, the attacker can only control the targ...

CVE-2026-47428

creationtimestamp| type| source ---|---|--- 2026-05-19 09:23:47+00:00| published-proof-of-concept| https://github.com/vitest-dev/vitest/security/advisories/GHSA-2h32-95rg-cppp...

org.apache.tomcat/tomcat-catalina: tomcat: Apache Tomcat: session fixation via rewrite valve

A session fixation vulnerability has been identified in Apache Tomcat, affecting its rewrite functionality. If the rewrite valve is enabled for a web application, an attacker can craft a specific URL. If a victim clicks on this malicious URL, their subsequent interaction with the resource will...

org.apache.tomcat/tomcat-juli: tomcat: Apache Tomcat: console manipulation

An improper input neutralization flaw has been discovered in Apache Tomcat. Tomcat did not escape ANSI escape sequences in log messages. If Tomcat was running in a console on a Windows operating system, and the console supported ANSI escape sequences, it was possible for an attacker to use a...

CVE-2026-31071

creationtimestamp| type| source ---|---|--- 2026-05-19 07:40:12+00:00| seen| https://gist.github.com/nedlir/bc8ad4693c53256819280e8f5de49286 2026-05-19 20:25:09+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mma7wrvkst2i...