198 matches found
CVE-2026-13997
creationtimestamp| type| source ---|---|--- 2026-07-01 21:20:15+00:00| seen| https://bsky.app/profile/qiancx.bsky.social/post/3mpmh2z4gap2u 2026-07-01 21:20:18+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mpmh33luvg24 2026-07-02 07:48:45+00:00| seen|...
CVE-2026-13824
creationtimestamp| type| source ---|---|--- 2026-07-01 19:57:25+00:00| seen| https://bsky.app/profile/qiancx.bsky.social/post/3mpmcguh3752x 2026-07-01 19:57:25+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mpmcgufwpg2i 2026-07-02 01:07:47+00:00| seen|...
CVE-2026-46817
creationtimestamp| type| source ---|---|--- 2026-06-29 13:46:37+00:00| seen| https://bsky.app/profile/bleepingcomputer.com/post/3mpgmrwrd2525 2026-06-29 14:01:32+00:00| seen| https://bsky.app/profile/sec-news-bot.bsky.social/post/3mpgnmnxscm2c 2026-06-29 14:03:49+00:00| seen|...
PT-2026-52445
Name of the Vulnerable Software and Affected Versions Remote Keyless Entry System RKES using 433 MHz key fob FCC ID CWTR53R0 affected versions not specified Description The system is susceptible to a roll-back attack targeting its rolling-code authentication. An attacker within radio frequency...
CVE-2026-52940
creationtimestamp| type| source ---|---|--- 2026-06-24 08:38:38+00:00| seen| https://infosec.exchange/users/vuldb/statuses/116804178176541056 2026-06-24 10:44:32+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mozqbszocp2x...
CVE-2026-56345
AVideo through 29.0 contains an authorization bypass vulnerability in the Meet plugin's uploadRecordedVideo.json.php endpoint that derives the target usersid from the uploaded filename without verification. An attacker with knowledge of the Meet shared secret can craft a malicious file upload wit...
CVE-2026-56345 AVideo - Arbitrary User Session Hijacking via Meet Plugin uploadRecordedVideo Endpoint
AVideo through 29.0 contains an authorization bypass vulnerability in the Meet plugin's uploadRecordedVideo.json.php endpoint that derives the target usersid from the uploaded filename without verification. An attacker with knowledge of the Meet shared secret can craft a malicious file upload wit...
CVE-2026-9496
creationtimestamp| type| source ---|---|--- 2026-05-26 07:30:27+00:00| seen| https://infosec.exchange/users/offseq/statuses/116639703159350878 2026-05-26 07:30:29+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mmqhw45f252v 2026-05-26 09:05:28+00:00| seen|...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the luoretrievefile function. When retrieval fails, this function does not record the attempt...
GHSA-J7H9-2JH7-G967
creationtimestamp| type| source ---|---|--- 2026-05-08 06:10:29+00:00| seen| https://gist.github.com/alon710/c7b619fc9598b87dfd99f8a1b7bcf968...
CVE-2026-35252
...
CVE-2026-34787
creationtimestamp| type| source ---|---|--- 2026-04-04 00:04:12+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mimwq7bzyr25...
CVE-2026-34456
creationtimestamp| type| source ---|---|--- 2026-04-01 21:10:10+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mihm36pb7h24 2026-04-01 23:27:18+00:00| seen| Telegram/bl6LC3S0UxxO5vDfC3lE4LaBC6ObKrhuhRcx8XqwmK5Cxg 2026-04-02 04:02:26+00:00| seen|...
PT-2026-26488
Summary A Server-Side Request Forgery SSRF vulnerability exists in plugin/Live/standAloneFiles/saveDVR.json.php. When the AVideo Live plugin is deployed in standalone mode the intended configuration for this file, the $ REQUEST'webSiteRootURL' parameter is used directly to construct a URL that is...
CVE-2026-33022
creationtimestamp| type| source ---|---|--- 2026-03-17 19:46:29+00:00| published-proof-of-concept| https://github.com/advisories/GHSA-cv4x-93xx-wgfj 2026-03-20 07:16:11+00:00| seen| https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-33022 2026-03-20 10:04:34+00:00| seen|...
Sextortion “I recorded you” emails reuse passwords found in disposable inboxes
Our malware removal support team recently flagged a new wave of sextortion emails, with the subject line: “You pervert, I recorded you!” If the message sounds familiar, that's because it's a variation of the long-running "Hello pervert" scam. The email claims the target’s device has been infected...
GHSA-4RV8-5CMM-2R22
creationtimestamp| type| source ---|---|--- 2026-02-28 02:40:11+00:00| seen| https://gist.github.com/alon710/b64eb8bf5447813639656d54741fea24...
Can You Tell It'S AI? Human Perception of Synthetic Voices in Vishing Scenarios
Large Language Models and commercial speech synthesis systems now enable highly realistic AI-generated voice scams vishing, raising urgent concerns about deception at scale. Yet it remains unclear whether individuals can reliably distinguish AI-generated speech from human-recorded voices in...
CVE-2025-61880
creationtimestamp| type| source ---|---|--- 2026-02-13 08:26:04+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3meq3hl65st2g...
CVE-2026-21958
creationtimestamp| type| source ---|---|--- 2026-01-21 21:18:16+00:00| seen| https://vulnerability.circl.lu/bundle/bbcbc485-b88d-4831-b8e9-6e37e7bd9875...