PT-2026-25698

Raytha CMS does not have any brute force protection mechanism implemented. It allows an attacker to send multiple automated logon requests without triggering lockout, throttling, or step-up challenges. This issue was fixed in version 1.4.6...

Raytha CMS 安全漏洞

Raytha CMS is a content management system developed by the American company Raytha. Versions of Raytha CMS prior to 1.4.6 contained security vulnerabilities. These vulnerabilities stemmed from the lack of any brute-force attack protection mechanisms, allowing attackers to send multiple automated...

Job scam uses fake Google Forms site to harvest Google logins

As part of our investigation into a job-themed phishing campaign, we came across several suspicious URLs that all looked like this: https://forms.google.ss-o.com/forms/d/e/uniqueid/viewform?form=opportunitysec&promo= The subdomain forms.google.ss-o.com is a clear attempt to impersonate the...

PT-2026-20391

Not properly invalidated session vulnerability in Graylog Web Interface, version 2.2.3, due to incorrect management of session invalidation after new logins. The application generates a new 'sessionId' each time a user authenticates, but does not invalidate previously issued session identifiers,...

CVE-2026-1729 AdForest <= 6.0.12 - Authentication Bypass

The AdForest theme for WordPress is vulnerable to authentication bypass in all versions up to, and including, 6.0.12. This is due to the plugin not properly verifying a user's identity prior to authenticating them through the 'sbloginuserwithotpfun' function. This makes it possible for...

CVE-2026-1729

CVE-2026-1729 concerns the AdForest WordPress theme. It describes an authentication bypass in the function sb_login_user_with_otp_fun, allowing unauthenticated attackers to log in as arbitrary users (including administrators) in all versions up to and including 6.0.12. The underlying cause is imp...

Keycloak Detection Consolidation

Consolidation of Keycloak detections. SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only include"pluginfeedinfo.inc"; if description...

CVE-2020-37116

GUnet OpenEclass 1.7.3 includes phpMyAdmin 2.10.0.2 by default, which allows remote logins. Attackers with access to the platform can remotely access phpMyAdmin and, after uploading a shell, view the config.php file to obtain the MySQL password, leading to full database compromise...

EUVD-2020-30979

GUnet OpenEclass 1.7.3 includes phpMyAdmin 2.10.0.2 by default, which allows remote logins. Attackers with access to the platform can remotely access phpMyAdmin and, after uploading a shell, view the config.php file to obtain the MySQL password, leading to full database compromise...

CVE-2025-13471

The User Activity Log WordPress plugin through 2.2 does not properly handle failed login attempts in some cases, allowing unauthenticated users to set arbitrary options to 1 for example to enable User Registration when it has been turned off...

EUVD-2025-206412

The User Activity Log WordPress plugin through 2.2 does not properly handle failed login attempts in some cases, allowing unauthenticated users to set arbitrary options to 1 for example to enable User Registration when it has been turned off...

CVE-2025-52026

An information disclosure vulnerability exists in the /srvs/membersrv/getCashiers endpoint of the Aptsys gemscms backend platform thru 2025-05-28. This unauthenticated endpoint returns a list of cashier accounts, including names, email addresses, usernames, and passwords hashed using MD5. As MD5 ...

149 Million Usernames and Passwords Exposed by Unsecured Database

This “dream wish list for criminals” includes millions of Gmail, Facebook, banking logins, and more. The researcher who discovered it suspects they were collected using infostealing malware...

PT-2026-4531

Name of the Vulnerable Software and Affected Versions Aptsys gemscms backend platform versions prior to 2025-05-29 Description An information disclosure issue exists in the /srvs/membersrv/getCashiers API endpoint of the Aptsys gemscms backend platform. This unauthenticated endpoint reveals a lis...

Jordanian Man Pleads Guilty to Selling Stolen Logins for 50 Companies

Jordanian man pleads guilty to selling stolen corporate logins in FBI sting after extradition from Georgia; tied to access of 50+ company networks...

CVE-2025-23614

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in niksudan WordPress Additional Logins wp-additional-logins allows Reflected XSS.This issue affects WordPress Additional Logins: from n/a through = 1.0.0...

CVE-2025-66620

An unused webshell in MicroServer allows unlimited login attempts, with sudo rights on certain files and directories. An attacker with admin access to MicroServer can gain limited shell access, enabling persistence through reverse shells, and the ability to modify or remove data stored in the fil...

CVE-2025-66620

An unused webshell in MicroServer allows unlimited login attempts, with sudo rights on certain files and directories. An attacker with admin access to MicroServer can gain limited shell access, enabling persistence through reverse shells, and the ability to modify or remove data stored in the fil...

CVE-2025-66620 Columbia Weather Systems MicroServer Command Shell in Externally Accessible Directory

An unused webshell in MicroServer allows unlimited login attempts, with sudo rights on certain files and directories. An attacker with admin access to MicroServer can gain limited shell access, enabling persistence through reverse shells, and the ability to modify or remove data stored in the fil...

CVE-2025-66620

CVE-2025-66620 concerns Columbia Weather Systems MicroServer. Reports describe an unused webshell that allows unlimited login attempts and sudo rights on select files/directories. An attacker with admin access can gain a limited shell, enable persistence (reverse shells), and modify or remove fil...