CVE-2026-23928 Stored XSS vulnerability in the Item history/Plain text widget

The Item history widget in Zabbix 7.0+ or the Plain text widget in Zabbix 6.0 can execute injected JavaScript when HTML display is enabled. This can allow an attacker to perform unauthorized actions depending on which user opens a dashboard containing these widgets. The malicious JavaScript would...

CVE-2026-23928 Stored XSS vulnerability in the Item history/Plain text widget

The Item history widget in Zabbix 7.0+ or the Plain text widget in Zabbix 6.0 can execute injected JavaScript when HTML display is enabled. This can allow an attacker to perform unauthorized actions depending on which user opens a dashboard containing these widgets. The malicious JavaScript would...

CVE-2026-23928

The Item history widget in Zabbix 7.0+ or the Plain text widget in Zabbix 6.0 can execute injected JavaScript when HTML display is enabled. This can allow an attacker to perform unauthorized actions depending on which user opens a dashboard containing these widgets. The malicious JavaScript would...

CVE-2026-26933 Improper Validation of Array Index in Packetbeat Leading to Denial of Service

Improper Validation of Array Index CWE-129 in multiple protocol parser components in Packetbeat can lead Denial of Service via Input Data Manipulation CAPEC-153. An attacker with the ability to send specially crafted, malformed network packets to a monitored network interface can trigger...

PT-2026-2848

Improper Validation of Array Index CWE-129 in Packetbeat’s MongoDB protocol parser can allow an attacker to cause Overflow Buffers CAPEC-100 through specially crafted network traffic. This requires an attacker to send a malformed payload to a monitored network interface where MongoDB protocol...

CVE-2022-27968

Cynet 360 Web Portal before v4.5 was discovered to allow attackers to access a list of monitored files and profiles via a crafted GET request sent to /WebApp/SettingsFileMonitor/GetFileMonitorProfiles...

Zero-Day Zero: The AI Attack That Just Ended the Era of the Forgiving Internet

Why the Exploit Window Has Collapsed and How CISOs Must Pivot to Survive For decades, cybersecurity was a game of time. We banked on the buffer between a vulnerability’s disclosure and its widespread exploitation. We relied on the forgiving internet, where human attackers needed days or weeks to...

Malicious code in butanaih-asafui-datajhu (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f3b276dc0f8e1c4d86ca9701de4913118912bcc908b98a0cdb5c04cc65b2d076 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2025-4888

Malicious code in bioql PyPI...

Sex offenders, terrorists, drug dealers, exposed in spyware breach

We've covered spyware and stalkerware leaks many times before, but we don't often see such exposure in software used by law enforcement. According to a report by Straight Arrow News SAN, the hacker “wikkid” said the intrusion against RemoteCOM was “one of the easiest” they’d ever carried out...

CVE-2025-10542

iMonitor EAM 9.6394 ships with default administrative credentials that are also displayed within the management client’s connection dialog. If the administrator does not change these defaults, a remote attacker can authenticate to the EAM server and gain full control over monitored agents and dat...

CVE-2025-10542

iMonitor EAM 9.6394 ships with default administrative credentials that are also displayed within the management client’s connection dialog. If the administrator does not change these defaults, a remote attacker can authenticate to the EAM server and gain full control over monitored agents and dat...

CVE-2025-10542 Insecure Default Admin Credentials Enable Full Administrative Access in iMonitor EAM

iMonitor EAM 9.6394 ships with default administrative credentials that are also displayed within the management client’s connection dialog. If the administrator does not change these defaults, a remote attacker can authenticate to the EAM server and gain full control over monitored agents and dat...

CVE-2025-37833

creationtimestamp| type| source ---|---|--- 2025-05-08 07:11:15+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3loneasyv3mj2 2025-05-08 08:31:45+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3loniqspppt2t 2025-05-08...

CVE-2024-10405

Brocade SANnav before SANnav 2.3.1b enables weak TLS ciphers on ports 443 and 18082. In case of a successful exploit, an attacker can read Brocade SANnav data stream that includes monitored Brocade Fabric OS switches performance data, port status, zoning information, WWNs, IP Addresses, but no...

CVE-2024-10405

Brocade SANnav before SANnav 2.3.1b enables weak TLS ciphers on ports 443 and 18082. In case of a successful exploit, an attacker can read Brocade SANnav data stream that includes monitored Brocade Fabric OS switches performance data, port status, zoning information, WWNs, IP Addresses, but no...

Xymon Daemon Gather Information

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Xymon Daemon Gather Information', 'Description' = %q This module retrieves information from a Xymon daemon service formerly Hobbit, based on Big...

Key safe security, or the lack of it

A few years back we put a key safe into our office. Previously, we had used a very simple locked cabinet to ensure keys were returned, as before that, keys kept being accidentally taken home. There’s no data of significance kept at the office. Everything is hosted elsewhere, but we could do witho...

CVE-2024-28872

The TLS certificate validation code is flawed. An attacker can obtain a TLS certificate from the Stork server and use it to connect to the Stork agent. Once this connection is established with the valid certificate, the attacker can send malicious commands to a monitored service Kea or BIND 9,...

CVE-2023-41705

Processing of user-defined DAV user-agent strings is not limited. Availability of OX App Suite could be reduced due to high processing load. Please deploy the provided updates and patch releases. Processing time of DAV user-agents now gets monitored, and the related request is terminated if a...