CVE-2026-35201

creationtimestamp| type| source ---|---|--- 2026-04-04 00:16:27+00:00| published-proof-of-concept| https://github.com/davidfstr/rdiscount/security/advisories/GHSA-6r34-94wq-jhrc 2026-04-17 12:45:07+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mjoxcsml6d2r...

CVE-2026-34788

creationtimestamp| type| source ---|---|--- 2026-04-04 00:02:36+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mimwnemipo2j...

WordPress plugin Shortcodes Ultimate 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

SUSE CVE-2026-23460

In the Linux kernel, the following vulnerability has been resolved: net/rose: fix NULL pointer dereference in rosetransmitlink on reconnect syzkaller reported a bug 1, and the reproducer is available at 2. ROSE sockets use four sk-skstate values: TCPCLOSE, TCPLISTEN, TCPSYNSENT, and TCPESTABLISHE...

CVE-2026-27833

creationtimestamp| type| source ---|---|--- 2026-04-03 23:21:15+00:00| published-proof-of-concept| Telegram/6UgEKYpuzuWLxLktBSFu6z7cSh4q5naaHoBaDBfOi0oKaqw 2026-04-04 03:02:51+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3minapnnxep2t 2026-04-10 14:07:08+00:00| seen|...

CVE-2026-5485

creationtimestamp| type| source ---|---|--- 2026-04-03 23:21:08+00:00| seen| Telegram/C4IqkAaofmVuG0ts1zoVr23H-sEIs7UsuvOGOq7uR7BrNw 2026-04-04 04:00:48+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mindxbbi2t27 2026-06-14 16:07:09+00:00| seen|...

CVE-2026-28728

Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis True Image Windows before build 42902...

CVE-2026-34118

A heap-based buffer overflow vulnerability was identified in TP-Link Tapo C520WS v2.6 in the HTTP POST body parsing logic due to missing validation of remaining buffer capacity after dynamic allocation, due to insufficient boundary validation when handling externally supplied HTTP input. An...

CVE-2026-34121

An authentication bypass vulnerability within the HTTP handling of the DS configuration service in TP-Link Tapo C520WS v2.6 was identified, due to inconsistent parsing and authorization logic in JSON requests during authentication check. An unauthenticated attacker can append an...

CVE-2026-34124

A denial-of-service vulnerability was identified in TP-Link Tapo C520WS v2.6 within the HTTP request path parsing logic. The implementation enforces length restrictions on the raw request path but does not account for path expansion performed during normalization. An attacker on the adjacent...

CVE-2026-34119

A heap-based buffer overflow vulnerability was identified in TP-Link Tapo C520WS v2.6 within the HTTP parsing loop when appending segmented request bodies without continuous write‑boundary verification, due to insufficient boundary validation when handling externally supplied HTTP input. An...

CVE-2026-34122

A stack-based buffer overflow vulnerability was identified in TP-Link Tapo C520WS v2.6 within a configuration handling component due to insufficient input validation. An attacker can exploit this vulnerability by supplying an excessively long value for a vulnerable configuration parameter,...

CVE-2026-35560

creationtimestamp| type| source ---|---|--- 2026-04-03 22:58:24+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mimt2ksyo423 2026-04-03 23:21:03+00:00| published-proof-of-concept| Telegram/Y6tkTwR3TbgbLqd0XdHY3LGxaSf8SFw0ekLA3xjK-BPXbc 2026-04-03 23:21:08+00:00| seen|...

CVE-2026-34211

creationtimestamp| type| source ---|---|--- 2026-04-03 21:45:14+00:00| published-proof-of-concept| https://github.com/advisories/GHSA-8pfc-jjgw-6g26 2026-04-07 17:28:27+00:00| seen| Telegram/JtakylbYKAfJvCRBIgmgtreOTLAC-UR5YdC-v7gW7NnsM 2026-04-11 09:34:25+00:00| seen|...

CVE-2026-25726

creationtimestamp| type| source ---|---|--- 2026-04-03 21:17:42+00:00| published-proof-of-concept| Telegram/qTocgF1bA6EikMAxrpKqC2AQPtdVVaE6KTy64KQmK5LJ1E 2026-04-03 21:28:15+00:00| seen| https://bsky.app/profile/postac001.bsky.social/post/3mimnzdwkyz2v 2026-04-04 05:14:42+00:00| seen|...

CVE-2026-5475

creationtimestamp| type| source ---|---|--- 2026-04-03 20:25:55+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mimkjvcskj2z...

CVE-2026-23462

A flaw was found in the Linux kernel's Bluetooth subsystem HIDP. A local attacker can exploit a use-after-free vulnerability by failing to properly drop a reference to an L2CAP Logical Link Control and Adaptation Protocol connection during a user removal callback. This memory corruption flaw may...

CVE-2026-35218

creationtimestamp| type| source ---|---|--- 2026-04-03 17:26:47+00:00| published-proof-of-concept| Telegram/CfZ2Rt5oDMh5hfP6-7c66YyHAz2lNtcnTrevEl4rY2ivCc 2026-04-03 18:40:49+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mimenycbpv2i 2026-04-04 06:17:29+00:00| seen|...

CVE-2026-35214

creationtimestamp| type| source ---|---|--- 2026-04-03 17:26:47+00:00| published-proof-of-concept| Telegram/CfZ2Rt5oDMh5hfP6-7c66YyHAz2lNtcnTrevEl4rY2ivCc 2026-04-03 19:00:51+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mimfrsgetc27 2026-04-08 23:40:10+00:00| seen|...

GHSA-7R9J-R86Q-7G45

creationtimestamp| type| source ---|---|--- 2026-04-03 17:26:40+00:00| published-proof-of-concept| Telegram/DJsg5Qi7j92DgCP14lqfeXU4IPClBfbIww0fpCMr4ueipk0 2026-04-04 02:48:17+00:00| seen| https://bsky.app/profile/cyber-news-fi.bsky.social/post/3min7vlzl2s2s...