12354 matches found
CVE-2026-6851
The CVE-2026-6851 entry concerns Bitdefender products on Windows: Bitdefender Total Security and Bitdefender Internet Security, specifically the File Shredder module. The vulnerability is described as an improper link resolution before file access (link following) that enables a less-privileged l...
CVE-2026-6851 Improper link resolution before file access in Bitdefender Total Security via Link Following (VA-13681)
An Improper link resolution before file access 'link following' vulnerability in the File Shredder module as used in Bitdefender Total Security and Internet Security on Windows allows a less-privileged local user to elevate rights by leveraging a race conditions via Symbolic Links. This issue...
EUVD-2026-43632
An Improper link resolution before file access 'link following' vulnerability in the File Shredder module as used in Bitdefender Total Security and Internet Security on Windows allows a less-privileged local user to elevate rights by leveraging a race conditions via Symbolic Links. This issue...
LolLMS < 2.2.0 - Server-Side Request Forgery
A Server-Side Request Forgery SSRF vulnerability exists in parisneo/lollms versions prior to 2.2.0. The /api/files/export-content endpoint processes Markdown image URLs by downloading them via downloadimagetotemp in backend/routers/files.py without any validation, allowing an unauthenticated...
CVE-2026-44761
creationtimestamp| type| source ---|---|--- 2026-07-14 00:56:04+00:00| seen| https://bsky.app/profile/stackflag.bsky.social/post/3mqkypxf4yz2v 2026-07-14 01:30:26+00:00| seen| https://infosec.exchange/users/offseq/statuses/116915740682728635 2026-07-14 01:30:27+00:00| seen|...
CVE-2026-44752
CVE-2026-44752 affects SAP NetWeaver Application Server Java (often noted with the Configuration Wizard). The vulnerability is a Cross-Site Scripting (XSS) issue where an unauthenticated attacker can inject malicious JavaScript through crafted URLs. When a victim loads such a URL, the script runs...
CVE-2026-61462
creationtimestamp| type| source ---|---|--- 2026-07-13 18:48:04+00:00| seen| https://bsky.app/profile/stackflag.bsky.social/post/3mqke5w7ni22d 2026-07-13 19:02:29+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqkexp5qxn2t 2026-07-14 04:01:23+00:00| seen|...
CVE-2026-61958
creationtimestamp| type| source ---|---|--- 2026-07-13 11:37:40+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqjm4cslsu2y 2026-07-13 11:37:42+00:00| seen| https://bsky.app/profile/qiancx.bsky.social/post/3mqjm4elph22m 2026-07-14 02:25:56+00:00| seen|...
CVE-2026-57424
Missing Authorization vulnerability in knitpay Razorpay Payment Links for WooCommerce rzp-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Razorpay Payment Links for WooCommerce: from n/a through = 2.1.4...
CVE-2026-6850
creationtimestamp| type| source ---|---|--- 2026-07-13 09:38:05+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqjfgfdc4x26 2026-07-13 09:48:04+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqjfycu6co22 2026-07-13 09:48:06+00:00| seen|...
Arbitrary Command Execution
GitHub CLI is vulnerable to Arbitrary Command Execution. The vulnerability is due to insufficient validation of JupyterLab URLs returned by a Codespace, where attacker-controlled non-loopback URLs such as vscode:// are passed to VS Code, allowing malicious Codespaces to execute arbitrary commands...
CVE-2026-57424 WordPress Razorpay Payment Links for WooCommerce plugin <= 2.1.4 - Broken Access Control vulnerability
Missing Authorization vulnerability in knitpay Razorpay Payment Links for WooCommerce rzp-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Razorpay Payment Links for WooCommerce: from n/a through = 2.1.4...
CVE-2026-57424
CVE-2026-57424 affects the WordPress plugin Razorpay Payment Links for WooCommerce (rzp-woocommerce). Multiple sources describe a Missing Authorization / Broken Access Control vulnerability in versions up to and including 2.1.4, allowing exploitation of improperly configured access control. Conne...
CVE-2026-15522
creationtimestamp| type| source ---|---|--- 2026-07-13 03:28:55+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqiqseevj52c 2026-07-13 03:32:45+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqiqz75lmn2x 2026-07-13 21:03:37+00:00| seen|...
CVE-2026-15524
creationtimestamp| type| source ---|---|--- 2026-07-13 03:28:22+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqiqreyjsq26 2026-07-13 03:36:54+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqiramtlks2w...
CVE-2026-15516
creationtimestamp| type| source ---|---|--- 2026-07-13 01:31:58+00:00| seen| https://bsky.app/profile/qiancx.bsky.social/post/3mqikbabw3d23 2026-07-13 01:32:00+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqikbcff2j2i 2026-07-13 03:44:27+00:00| seen|...
CVE-2026-15510
creationtimestamp| type| source ---|---|--- 2026-07-12 23:35:19+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqidqncgq226 2026-07-12 23:46:52+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqiefc2vp526 2026-07-13 03:15:05+00:00| seen|...
CVE-2026-15506
creationtimestamp| type| source ---|---|--- 2026-07-12 22:29:18+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqia2lm2hr26 2026-07-12 23:41:52+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqie4dn33n2w 2026-07-13 01:00:36+00:00| seen|...
CVE-2026-15501
creationtimestamp| type| source ---|---|--- 2026-07-12 13:27:01+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqhbqvz6lj2a 2026-07-12 13:33:06+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqhc3qfqzv24 2026-07-12 17:18:02+00:00| seen|...
CVE-2026-56313
creationtimestamp| type| source ---|---|--- 2026-07-12 12:30:18+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqh6liqhun2y 2026-07-12 13:01:11+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mqhacp5ihg2w 2026-07-12 13:02:28+00:00| seen|...