CVE-2026-6157

creationtimestamp| type| source ---|---|--- 2026-04-12 18:27:12+00:00| seen| https://infosec.exchange/users/vuldb/statuses/116393143940938921 2026-04-13 04:17:31+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mjdz3hiejr27 2026-04-13 05:18:10+00:00| published-proof-of-concep...

CVE-2026-34179

creationtimestamp| type| source ---|---|--- 2026-04-09 07:10:23+00:00| published-proof-of-concept| https://github.com/canonical/lxd/security/advisories/GHSA-c3h3-89qf-jqm5 2026-04-09 10:18:40+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mj2lfkl4z627 2026-04-09...

CVE-2025-14727

creationtimestamp| type| source ---|---|--- 2025-12-17 16:58:56+00:00| seen| https://infosec.exchange/users/cR0w/statuses/115735968836991760 2025-12-17 17:31:11+00:00| seen| https://gist.github.com/Darkcrai86/f330bb00b3e418af5808330ef79bf782 2025-12-17 17:56:31+00:00| seen|...

CVE-2025-10686

creationtimestamp| type| source ---|---|--- 2025-11-14 06:41:19+00:00| seen| https://bsky.app/profile/jos1264.social.skynetcloud.site.ap.brid.gy/post/3m5l35oclwe32 2025-11-14 07:35:03+00:00| seen| https://gist.github.com/Darkcrai86/fb060803fb49df2837e0b35a885e21f8 2025-11-14 08:53:57+00:00| seen|...

Exploit for CVE-2025-46183

Vulnerability Disclosures Public reports of identified vulner...

Information Exposure

org.junit.platform, junit-platform-reporting is vulnerable to information exposure. The vulnerability is due to a flaw in the OpenTestReportGeneratingListener leaking Git credentials in generated Open Test Reporting XML files, which allows an attacker to steal exposed tokens from publicly...

HackerOne: IDOR: Authorization Bypass in LockReport Mutation for public reports

An authorization bypass vulnerability allowed an attacker to lock any public report, potentially disrupting the reporting process...

GSD-2022-1006324 unknown in Exchange Server version Exchange Server 2019

In Microsoft Exchange Server version Exchange Server 2019 and possibly earlier an undisclosed vulnerability exists in an undisclosed component that can be attacked via the network, reportedly resulting in remote code execution. This is also known as ZDI-CAN-18333, and public reports of exploitati...

Hitachi Energy APM Edge

1. EXECUTIVE SUMMARY CVSS v3 8.2 ATTENTION: Low attack complexity Vendor: Hitachi Energy Equipment: Transformer Asset Performance Management APM Edge Vulnerability: Reliance on Uncontrolled Component 2. UPDATE OR REPOSTED INFORMATION This updated advisory is a follow-up to the original advisory...

HackerOne: Reading redacted data via hackbot's answers

Summary: Hello, I have found a way to use hackbot's automated duplication answers to reveal redacted data via brute force. This is restricted by the length of the report and number of radacted items. For short report with little content and just 1-2 redacted texts this is rather easy to accomplis...

HackerOne: New hacktivity view discloses report IDs of non-public reports

url: https://hackerone.com/hacktivity.json this url reveals information of reporters Report id ./...

HackerOne: New hacktivity view discloses report IDs of non-public reports

The new hacktivity view unintentionally leaked the report IDs of non-public undisclosed reports through react ID's. It has the same root cause as 127620 and was reporter earlier than that, so we decided to award the same bounty. The new hacktivity view unintentionally leaked the report IDs of...