CVE-2025-59710

An issue was discovered in Biztalk360 before 11.5. Because of incorrect access control, any user is able to request the loading a DLL file. During the loading, a method is called. An attacker can craft a malicious DLL, upload it to the server, and use it to achieve remote code execution on the...

CVE-2026-2949

creationtimestamp| type| source ---|---|--- 2026-04-04 04:06:15+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mineb2fzmu24 2026-04-10 11:30:07+00:00| seen| https://bsky.app/profile/atomicedge.bsky.social/post/3mj57ub5bmc2e...

CVE-2026-34612

creationtimestamp| type| source ---|---|--- 2026-04-04 00:24:14+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mimxtzrhzp2q 2026-04-04 01:18:11+00:00| seen| Telegram/NqFWwBgJewLI29Tb0q1DIosuMN7rhj0bJY4LtsK35hxc 2026-04-04 03:01:37+00:00| seen|...

CVE-2026-34607

creationtimestamp| type| source ---|---|--- 2026-04-04 00:21:13+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mimxonqgoh22 2026-04-04 01:18:11+00:00| seen| Telegram/NqFWwBgJewLI29Tb0q1DIosuMN7rhj0bJY4LtsK35hxc 2026-04-14 03:37:07+00:00| seen|...

CVE-2026-35201

creationtimestamp| type| source ---|---|--- 2026-04-04 00:16:27+00:00| published-proof-of-concept| https://github.com/davidfstr/rdiscount/security/advisories/GHSA-6r34-94wq-jhrc 2026-04-17 12:45:07+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mjoxcsml6d2r...

CVE-2026-34788

creationtimestamp| type| source ---|---|--- 2026-04-04 00:02:36+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mimwnemipo2j...

WordPress plugin Shortcodes Ultimate 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

SUSE CVE-2026-23460

In the Linux kernel, the following vulnerability has been resolved: net/rose: fix NULL pointer dereference in rosetransmitlink on reconnect syzkaller reported a bug 1, and the reproducer is available at 2. ROSE sockets use four sk-skstate values: TCPCLOSE, TCPLISTEN, TCPSYNSENT, and TCPESTABLISHE...

CVE-2026-27833

creationtimestamp| type| source ---|---|--- 2026-04-03 23:21:15+00:00| published-proof-of-concept| Telegram/6UgEKYpuzuWLxLktBSFu6z7cSh4q5naaHoBaDBfOi0oKaqw 2026-04-04 03:02:51+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3minapnnxep2t 2026-04-10 14:07:08+00:00| seen|...

CVE-2026-5485

creationtimestamp| type| source ---|---|--- 2026-04-03 23:21:08+00:00| seen| Telegram/C4IqkAaofmVuG0ts1zoVr23H-sEIs7UsuvOGOq7uR7BrNw 2026-04-04 04:00:48+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mindxbbi2t27 2026-06-14 16:07:09+00:00| seen|...

CVE-2026-28728

Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis True Image Windows before build 42902...

CVE-2026-34118

A heap-based buffer overflow vulnerability was identified in TP-Link Tapo C520WS v2.6 in the HTTP POST body parsing logic due to missing validation of remaining buffer capacity after dynamic allocation, due to insufficient boundary validation when handling externally supplied HTTP input. An...

CVE-2026-34121

An authentication bypass vulnerability within the HTTP handling of the DS configuration service in TP-Link Tapo C520WS v2.6 was identified, due to inconsistent parsing and authorization logic in JSON requests during authentication check. An unauthenticated attacker can append an...

CVE-2026-34124

A denial-of-service vulnerability was identified in TP-Link Tapo C520WS v2.6 within the HTTP request path parsing logic. The implementation enforces length restrictions on the raw request path but does not account for path expansion performed during normalization. An attacker on the adjacent...

CVE-2026-34119

A heap-based buffer overflow vulnerability was identified in TP-Link Tapo C520WS v2.6 within the HTTP parsing loop when appending segmented request bodies without continuous write‑boundary verification, due to insufficient boundary validation when handling externally supplied HTTP input. An...

CVE-2026-34122

A stack-based buffer overflow vulnerability was identified in TP-Link Tapo C520WS v2.6 within a configuration handling component due to insufficient input validation. An attacker can exploit this vulnerability by supplying an excessively long value for a vulnerable configuration parameter,...

CVE-2026-35560

creationtimestamp| type| source ---|---|--- 2026-04-03 22:58:24+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mimt2ksyo423 2026-04-03 23:21:03+00:00| published-proof-of-concept| Telegram/Y6tkTwR3TbgbLqd0XdHY3LGxaSf8SFw0ekLA3xjK-BPXbc 2026-04-03 23:21:08+00:00| seen|...

CVE-2026-34211

creationtimestamp| type| source ---|---|--- 2026-04-03 21:45:14+00:00| published-proof-of-concept| https://github.com/advisories/GHSA-8pfc-jjgw-6g26 2026-04-07 17:28:27+00:00| seen| Telegram/JtakylbYKAfJvCRBIgmgtreOTLAC-UR5YdC-v7gW7NnsM 2026-04-11 09:34:25+00:00| seen|...

CVE-2026-25726

creationtimestamp| type| source ---|---|--- 2026-04-03 21:17:42+00:00| published-proof-of-concept| Telegram/qTocgF1bA6EikMAxrpKqC2AQPtdVVaE6KTy64KQmK5LJ1E 2026-04-03 21:28:15+00:00| seen| https://bsky.app/profile/postac001.bsky.social/post/3mimnzdwkyz2v 2026-04-04 05:14:42+00:00| seen|...

CVE-2026-5475

creationtimestamp| type| source ---|---|--- 2026-04-03 20:25:55+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mimkjvcskj2z...