CVE-2026-33011

creationtimestamp| type| source ---|---|--- 2026-03-20 05:57:52+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mhhtisoyc42n...

CVE-2026-32949

creationtimestamp| type| source ---|---|--- 2026-03-20 05:50:57+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mhht4heo6x2o...

CVE-2026-31998

creationtimestamp| type| source ---|---|--- 2026-03-20 05:40:09+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mhhsj4wzoq2a...

Malicious Package

Overview el-icon is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...

Malicious Package

Overview polymarket-onchain is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

CVE-2026-4465

A flaw has been found in D-Link DIR-513 1.10. The impacted element is an unknown function of the file /goform/formSysCmd. Executing a manipulation of the argument sysCmd can lead to os command injection. The attack may be launched remotely. The exploit has been published and may be used. This...

CVE-2026-4465

A flaw has been found in D-Link DIR-513 1.10. The impacted element is an unknown function of the file /goform/formSysCmd. Executing a manipulation of the argument sysCmd can lead to os command injection. The attack may be launched remotely. The exploit has been published and may be used. This...

EUVD-2026-13482

A flaw has been found in D-Link DIR-513 1.10. The impacted element is an unknown function of the file /goform/formSysCmd. Executing a manipulation of the argument sysCmd can lead to os command injection. The attack may be launched remotely. The exploit has been published and may be used. This...

CVE-2026-4465 D-Link DIR-513 formSysCmd os command injection

A flaw has been found in D-Link DIR-513 1.10. The impacted element is an unknown function of the file /goform/formSysCmd. Executing a manipulation of the argument sysCmd can lead to os command injection. The attack may be launched remotely. The exploit has been published and may be used. This...

CVE-2026-4465 D-Link DIR-513 formSysCmd os command injection

A flaw has been found in D-Link DIR-513 1.10. The impacted element is an unknown function of the file /goform/formSysCmd. Executing a manipulation of the argument sysCmd can lead to os command injection. The attack may be launched remotely. The exploit has been published and may be used. This...

CVE-2026-4465

CVE-2026-4465 affects D-Link DIR-513 v1.10. The vulnerability is in an unknown function in /goform/formSysCmd, where manipulating the sysCmd argument can trigger an os command injection. The attack can be launched remotely, and the exploit has been published; the affected products are no longer m...

CVE-2026-32880

creationtimestamp| type| source ---|---|--- 2026-03-20 01:55:48+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mhhfxxmpng2z...

CVE-2026-32711

creationtimestamp| type| source ---|---|--- 2026-03-20 01:13:54+00:00| published-proof-of-concept| https://github.com/pydicom/pydicom/security/advisories/GHSA-v856-2rf8-9f28 2026-03-20 04:43:21+00:00| seen| https://bsky.app/profile/postac001.bsky.social/post/3mhhpdkkvkv2h...

CVE-2026-32828

Kargo manages and automates the promotion of software artifacts. In versions 1.4.0 through 1.6.3, 1.7.0-rc.1 through 1.7.8, 1.8.0-rc.1 through 1.8.11, and 1.9.0-rc.1 through 1.9.4, the http and http-download promotion steps allow Server-Side Request Forgery SSRF against link-local addresses, most...

EUVD-2026-13424

Kargo manages and automates the promotion of software artifacts. In versions 1.4.0 through 1.6.3, 1.7.0-rc.1 through 1.7.8, 1.8.0-rc.1 through 1.8.11, and 1.9.0-rc.1 through 1.9.4, the http and http-download promotion steps allow Server-Side Request Forgery SSRF against link-local addresses, most...

CVE-2026-32766

astral-tokio-tar is a tar archive reading/writing library for async Rust. In versions 0.5.6 and earlier, malformed PAX extensions were silently skipped when parsing tar archives. This silent skipping rather than rejection of invalid PAX extensions could be used as a building block for a parser...

CVE-2026-32766

astral-tokio-tar is a tar archive reading/writing library for async Rust. In versions 0.5.6 and earlier, malformed PAX extensions were silently skipped when parsing tar archives. This silent skipping rather than rejection of invalid PAX extensions could be used as a building block for a parser...

PT-2026-26626

Textpattern CMS version 4.9.0 contains a second-order cross-site scripting vulnerability that allows attackers to inject malicious scripts by exploiting improper sanitization of user-supplied input in Atom feed XML elements. Attackers can embed unescaped payloads in parameters such as category th...

PT-2026-26536

A flaw has been found in D-Link DIR-513 1.10. The impacted element is an unknown function of the file /goform/formSysCmd. Executing a manipulation of the argument sysCmd can lead to os command injection. The attack may be launched remotely. The exploit has been published and may be used. This...

PT-2026-26619

D-Link DIR-513 Web Service formEasySetPassword stack-based overflow CVE: CVE-2026-4486 PT-Identifier: PT-2026-26619 Vendor: D-link Product: DIR-513 CVSS: 8.7 Credits: AttackingLin VulDB User Description: A vulnerability was found in D-Link DIR-513 1.10. This affects the function formEasySetPasswo...