61495 matches found
CVE-2025-59710
An issue was discovered in Biztalk360 before 11.5. Because of incorrect access control, any user is able to request the loading a DLL file. During the loading, a method is called. An attacker can craft a malicious DLL, upload it to the server, and use it to achieve remote code execution on the...
PT-2026-30283
Impact Links and image links in the default markdown to HTML renderer are not properly escaped. Hugo users who trust their Markdown content or have custom render hooks for links and images are not affected. Patches Patched in v0.159.2 Workarounds Create custom render hooks for links and images in...
PT-2026-30235
OpenClaw before 2026.4.2 reuses the PKCE verifier as the OAuth state parameter in the Gemini OAuth flow, exposing it through the redirect URL. Attackers who capture the redirect URL can obtain both the authorization code and PKCE verifier, defeating PKCE protection and enabling token redemption...
PT-2026-30216
On Tapo C520WS v2, restricted accounts for example, hub users are intended to execute only a limited set of low‑sensitivity operations. Due to a logic flaw in the device’s API authorization mechanism, an attacker can craft requests that leverage legitimate “method mapping” behavior to bypass...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of state checks in the rosetransmitlink function, potentially leading to null pointer...
Casdoor 代码问题漏洞
Casdoor is an open-source platform developed by Casdoor that supports various authentication and authorization protocols. Version 2.356.0 of Casdoor has a code vulnerability; this vulnerability stems from a flaw in the Webhook URL Handler component, which may lead to server-side request forgeing...
CVE-2026-5312
A weakness has been identified in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. Affected by this vulnerability is the...
CVE-2026-4820
IBM Maximo Application Suite 9.1, 9.0, 8.11, and 8.10 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to th...
CVE-2026-5311
A security flaw has been discovered in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. Affected is the function...
CVE-2026-5429
creationtimestamp| type| source ---|---|--- 2026-04-02 22:22:55+00:00| seen| Telegram/EKU3EO0GNZYVnupMzIC7jT0Kx1d9wsZeA8MakquUKITh-r8 2026-04-03 02:30:55+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mikohmm4px2c...
CVE-2025-65114
creationtimestamp| type| source ---|---|--- 2026-04-02 22:22:04+00:00| published-proof-of-concept| Telegram/23ZcvUWmnJsq-zA1xOv2ctyvywAVz8hRL5r96BcfYjQKx08 2026-04-03 06:01:32+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mil2aaz7wy2p 2026-04-03 06:05:49+00:00| seen|...
CVE-2025-15620
creationtimestamp| type| source ---|---|--- 2026-04-02 22:20:53+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mikaikdgyk2d 2026-04-02 23:18:37+00:00| seen| Telegram/wPpcMbRpbo1Ga69LyA-eFh8R0SLzJGU8C7s0zmgI81BZZk 2026-04-03 02:22:03+00:00| seen|...
CVE-2026-34932
creationtimestamp| type| source ---|---|--- 2026-04-02 21:45:26+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mik6j5zxnm2i 2026-04-02 22:23:12+00:00| published-proof-of-concept| Telegram/qg3HF91OLRRzWQbI7Pfv-fl8vLkHd7iL-mBbLD40slyOww...
CVE-2026-35053
creationtimestamp| type| source ---|---|--- 2026-04-02 21:40:25+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mik6a7kjlp22 2026-04-02 22:23:23+00:00| seen| Telegram/3gsJ80xyJgAiTFZiH4SjKRBEhW5SGPUuKPeFIX1uRKbZ4...
CVE-2024-40849
creationtimestamp| type| source ---|---|--- 2026-04-02 21:35:27+00:00| seen| https://bsky.app/profile/postac001.bsky.social/post/3mik5xcpvlq2k...
CVE-2026-34840
creationtimestamp| type| source ---|---|--- 2026-04-02 21:35:25+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mik5xb3jpw27 2026-04-02 22:23:12+00:00| published-proof-of-concept| Telegram/qg3HF91OLRRzWQbI7Pfv-fl8vLkHd7iL-mBbLD40slyOww 2026-04-03 02:23:26+00:00| seen|...
CVE-2023-7342
creationtimestamp| type| source ---|---|--- 2026-04-02 21:33:50+00:00| seen| https://bsky.app/profile/postac001.bsky.social/post/3mik5ufznqr2z...
CVE-2026-34758
creationtimestamp| type| source ---|---|--- 2026-04-02 21:05:56+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mik4ck4d5p2o 2026-04-02 22:22:50+00:00| seen| Telegram/8YijTp8Bkg1BgPYn1xfGtyu-IfZ2h3UIXQPTCviuLwYJAlo 2026-04-03 02:31:08+00:00| seen|...
CVE-2026-34833
creationtimestamp| type| source ---|---|--- 2026-04-02 20:58:23+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mik3uzxlow23 2026-04-02 22:22:55+00:00| seen| Telegram/EKU3EO0GNZYVnupMzIC7jT0Kx1d9wsZeA8MakquUKITh-r8...
CVE-2026-34838
creationtimestamp| type| source ---|---|--- 2026-04-02 20:56:14+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mik3r6ye3j2j 2026-04-02 22:23:12+00:00| published-proof-of-concept| Telegram/qg3HF91OLRRzWQbI7Pfv-fl8vLkHd7iL-mBbLD40slyOww 2026-04-03 02:22:10+00:00| seen|...