CVE-2026-6848

creationtimestamp| type| source ---|---|--- 2026-04-22 13:08:32+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mk3kxbqt2x2q...

CVE-2026-34281

creationtimestamp| type| source ---|---|--- 2026-04-22 12:50:35+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mk3jx5vxd72b...

CVE-2025-6016

creationtimestamp| type| source ---|---|--- 2026-04-22 12:50:07+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mk3jwdl7pl2u 2026-04-24 07:57:51+00:00| seen| https://ccb.belgium.be/advisories/warning-11-new-vulnerabilities-gitlab-ce-and-ee-editions-patch-immediately...

CVE-2026-6515

creationtimestamp| type| source ---|---|--- 2026-04-22 12:50:07+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mk3jwdl7pl2u 2026-04-24 07:57:51+00:00| seen| https://ccb.belgium.be/advisories/warning-11-new-vulnerabilities-gitlab-ce-and-ee-editions-patch-immediately...

CVE-2026-4922

creationtimestamp| type| source ---|---|--- 2026-04-22 12:50:07+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mk3jwdl7pl2u 2026-04-22 18:09:13+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mk43qximgb2k 2026-04-22 18:59:59+00:00| seen|...

CVE-2025-0186

creationtimestamp| type| source ---|---|--- 2026-04-22 12:50:06+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mk3jwdl7pl2u 2026-04-24 07:57:51+00:00| seen| https://ccb.belgium.be/advisories/warning-11-new-vulnerabilities-gitlab-ce-and-ee-editions-patch-immediately...

CVE-2026-22752

creationtimestamp| type| source ---|---|--- 2026-04-22 12:45:25+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mk3jnvyvfq2h 2026-04-22 15:40:56+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3mk3th4so7sa2...

CVE-2026-33600

creationtimestamp| type| source ---|---|--- 2026-04-22 12:44:13+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mk3jlshmw42t...

CVE-2026-33262

creationtimestamp| type| source ---|---|--- 2026-04-22 12:34:07+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mk3izqj77r2k...

EUVD-2026-24717

The Gallagher Website Design plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's loginlink shortcode in all versions up to, and including, 2.6.4 due to insufficient input sanitization and output escaping on the 'prefix' attribute. This makes it possible for...

CVE-2026-33257

creationtimestamp| type| source ---|---|--- 2026-04-22 12:28:52+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mk3iqer7u32k 2026-04-27 06:39:56+00:00| seen| https://bsky.app/profile/shiojiri.com/post/3mkhhkzbwp2af...

CVE-2026-33261

creationtimestamp| type| source ---|---|--- 2026-04-22 12:15:29+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mk3hyghief2q...

CVE-2026-4132

creationtimestamp| type| source ---|---|--- 2026-04-22 11:16:16+00:00| published-proof-of-concept| Telegram/4Ce1p0rz1Dwr7V7nrROOlVFZDWJLAA0UiQHZa7V2KBLsc 2026-04-24 03:33:06+00:00| seen| https://bsky.app/profile/atomicedge.bsky.social/post/3mk7lq65bhb24...

WordPress Link Library plugin <= 7.8.8 - Arbitrary File Deletion vulnerability

Arbitrary File Deletion vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin Link Library versions = 7.8.8...

CVE-2026-28684

A flaw was found in python-dotenv. A local attacker can exploit this by crafting a symbolic link, which the setkey and unsetkey functions in python-dotenv follow when rewriting .env files. This can lead to the overwriting of arbitrary files on the system. Mitigation Mitigation for this issue is...

CVE-2026-1913

The Gallagher Website Design plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's loginlink shortcode in all versions up to, and including, 2.6.4 due to insufficient input sanitization and output escaping on the 'prefix' attribute. This makes it possible for...

EUVD-2026-24652

The Switch CTA Box plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'wppwctabox' shortcode in all versions up to, and including, 1.1. This is due to insufficient input sanitization and output escaping on user-supplied post meta values including 'ctaboxbuttonlink',...

CVE-2026-1913 Gallagher Website Design <= 2.6.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'prefix' Shortcode Attribute

The Gallagher Website Design plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's loginlink shortcode in all versions up to, and including, 2.6.4 due to insufficient input sanitization and output escaping on the 'prefix' attribute. This makes it possible for...

CVE-2026-1913

The Gallagher Website Design plugin for WordPress is affected by a Stored Cross-Site Scripting (XSS) vulnerability via the login_link shortcode, present in all versions up to and including 2.6.4. The issue stems from insufficient input sanitization and output escaping on the 'prefix' attribute, a...

CVE-2026-6023

creationtimestamp| type| source ---|---|--- 2026-04-22 08:46:26+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mk34cmwggp2k 2026-04-22 09:15:31+00:00| seen| Telegram/4TzioWDgsVQC8RNZfmkg0C5nwkVRV-bYkkXJoHA6GlOJ-c 2026-04-22 10:23:24+00:00| seen|...