CVE-2026-42213 SolidCAM-GPPL-IDE: Path traversal in `inc` directive enables file probing and NTLM-hash leak

SolidCAM-GPPL-IDE is an unofficial, independently developed extension, Postprocessor IDE for SolidCAM. From version 1.0.0 to before version 1.0.2, the inc "filename" directive in GPPL postprocessor files is resolved by GpplDocumentLinkHandler into a clickable link VS Code textDocument/documentLin...

CVE-2026-41512

creationtimestamp| type| source ---|---|--- 2026-05-08 21:00:00+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mlemr2enkx2g...

CVE-2026-41507

creationtimestamp| type| source ---|---|--- 2026-05-08 20:59:52+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mlemqt6vvp2q 2026-05-12 15:08:10+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mlo2vqio2r2o...

GHSA-628H-Q48J-JR6Q

creationtimestamp| type| source ---|---|--- 2026-05-08 20:40:28+00:00| seen| https://gist.github.com/alon710/bf727aea4f480d1e2e016713a2841996...

CVE-2026-42181

Lemmy is a link aggregator and forum for the fediverse. Prior to version 0.19.18, Lemmy fetches metadata for user-supplied post URLs and, under the default StoreLinkPreviews image mode, downloads the preview image through local pict-rs. While the top-level page URL is checked against internal IP...

GHSA-H9HM-M2XJ-4RQ9

creationtimestamp| type| source ---|---|--- 2026-05-08 20:10:29+00:00| seen| https://gist.github.com/alon710/b2fb36b6ecfecf3424b0cb12c54264f5...

GHSA-V39H-62P7-JPJC

creationtimestamp| type| source ---|---|--- 2026-05-08 19:40:29+00:00| seen| https://gist.github.com/alon710/5589e0b554769b0725c771aeba30c7e4 2026-05-19 19:42:10+00:00| seen| https://gist.github.com/konard/d8a22725a8b00a188eb2098b18eaa766 2026-05-19 19:44:33+00:00| seen|...

GHSA-MPM8-CX2P-626Q

creationtimestamp| type| source ---|---|--- 2026-05-08 19:10:29+00:00| seen| https://gist.github.com/alon710/81381888e21682cdeae4882d5cd6667d...

NPM: Electerm users can run dangrous code through link or command line

NPM: Electerm users can run dangrous code through link or command line vulnerability discovered by ? in WordPress Npm electerm versions = 3.0.6, 3.8.8...

CVE-2026-6701

creationtimestamp| type| source ---|---|--- 2026-05-08 18:33:06+00:00| seen| https://bsky.app/profile/atomicedge.bsky.social/post/3mleekftnto2a...

CVE-2026-39211

creationtimestamp| type| source ---|---|--- 2026-05-08 18:19:08+00:00| seen| https://gist.github.com/cla7aye15I4nd/f9a7700240afe7ae8171ee65682e890f...

CVE-2026-39216

creationtimestamp| type| source ---|---|--- 2026-05-08 18:19:08+00:00| seen| https://gist.github.com/cla7aye15I4nd/f9a7700240afe7ae8171ee65682e890f...

Liberapay: Liberapay member team twitter account broken Link Hijacking via Expired Twitter Account Link

The profile of a Liberapay team member contained a link to an expired Twitter account, creating a broken link hijacking vulnerability. The expired Twitter account link was displayed on the member's Liberapay profile and donation page, falsely confirming to donors that the account was legitimate a...

GHSA-7HGR-XVRR-XPW3

creationtimestamp| type| source ---|---|--- 2026-05-08 18:10:29+00:00| seen| https://gist.github.com/alon710/a2e4841e35af8a18a7e5e75c8d1f5747...

CVE-2026-41588

creationtimestamp| type| source ---|---|--- 2026-05-08 17:43:52+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mlebsdnqbg2t 2026-05-08 18:46:49+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlefcwic3y2t 2026-05-12 22:07:07+00:00| seen|...

CVE-2026-5247

creationtimestamp| type| source ---|---|--- 2026-05-08 17:33:06+00:00| seen| https://bsky.app/profile/atomicedge.bsky.social/post/3mleb74euom2g...

CVE-2026-41883

creationtimestamp| type| source ---|---|--- 2026-05-08 17:30:09+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mleazslabt2k 2026-05-08 18:32:06+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mleeijljta2v...

CVE-2026-41690

creationtimestamp| type| source ---|---|--- 2026-05-08 17:29:53+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mleazdfstp2c 2026-05-08 18:36:14+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mleepyw5wy2i...

CVE-2026-43345

creationtimestamp| type| source ---|---|--- 2026-05-08 17:27:06+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mleauelgzo2n...

CVE-2026-41683

creationtimestamp| type| source ---|---|--- 2026-05-08 17:22:32+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mleam5ppcx2c 2026-05-08 19:13:15+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlegs6ixd72c...