Lucene search
K

7 matches found

ATTACKERKB
ATTACKERKB
added 2026/03/04 1:21 a.m.3 views

CVE-2026-1980

The WPBookit plugin for WordPress is vulnerable to unauthorized data disclosure due to a missing authorization check on the 'getcustomerlist' route in all versions up to, and including, 1.0.8. This makes it possible for unauthenticated attackers to retrieve sensitive customer information includin...

5.3CVSS5.9AI score0.00375EPSS
Exploits0References5
HackRead
HackRead
added 2025/11/15 6:35 p.m.6 views

DoorDash hit by data breach after an employee falls for social engineering scam

Food delivery giant DoorDash confirms a data breach on Oct 25, 2025, where an employee fell for a social engineering scam. User names, emails, and home addresses were stolen...

7AI score
Exploits0
EUVD
EUVD
added 2025/11/10 9:51 p.m.4 views

EUVD-2025-50817

Langfuse is an open source large language model engineering platform. Starting in version 2.70.0 and prior to versions 2.95.11 and 3.124.1, in certain project membership APIs, the server trusted a user‑controlled orgId and used it in authorization checks. As a result, any authenticated user on th...

5CVSS6.2AI score0.00325EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/11/10 12:0 a.m.7 views

PT-2025-46209

Name of the Vulnerable Software and Affected Versions Langfuse versions 2.70.0 through 2.95.10 Langfuse versions 3.0.0 through 3.124.0 Description Langfuse is a large language model engineering platform. In certain project membership APIs, the server improperly trusted a user-controlled orgId and...

5CVSS6.3AI score0.00325EPSS
Exploits0References11
Cvelist
Cvelist
added 2025/10/22 6:0 a.m.13 views

CVE-2025-10638 NS Maintenance Mode for WP <= 1.3.1 - Unauthenticated Subscribers Export

The NS Maintenance Mode for WP WordPress plugin through 1.3.1 lacks authorization in its subscriber export function allowing unauthenticated attackers to download a list of a site's subscribers containing their name and email address...

0.00224EPSS
Exploits0References1
HackRead
HackRead
added 2025/08/26 12:51 p.m.5 views

Study Reveals TikTok, Alibaba, Temu Collect Extensive User Data in America

Incogni finds top foreign apps downloaded in the US harvest names, locations, and emails, sharing them with third parties for ads and profiling...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2018/07/09 10:20 a.m.2 views

Timehop Hacked — Hackers Stole Personal Data Of All 21 Million Users

And the hacks just keep on coming. Timehop social media app has been hit by a major data breach on July 4th that compromised the personal data of its more than 21 million users. Timehop is a simple social media app that collects your old photos and posts from your iPhone, Facebook, Instagram,...

6.8AI score
Exploits0
Rows per page
Query Builder