ZOHO ManageEngine Exchange reporter Plus 安全漏洞

ZOHO ManageEngine Exchange Reporter Plus is a web-based Microsoft Exchange reporting, auditing, and monitoring software developed by ZOHO Corporation. Previous versions of ZOHO ManageEngine Exchange Reporter Plus, including version 5802, contained security vulnerabilities. These vulnerabilities...

PT-2026-30028

Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Folder Message Count and Size report...

ZOHO ManageEngine Exchange Reporter Plus 安全漏洞

ZOHO ManageEngine Exchange Reporter Plus is a web-based Exchange Server reporting tool developed by ZOHO Corporation. Previous versions of ZOHO ManageEngine Exchange Reporter Plus, including version 5802, contained security vulnerabilities. These vulnerabilities stemmed from a storage cross-site...

PT-2026-30024

Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Permissions based on Distribution Groups report...

CVE-2025-24266

creationtimestamp| type| source ---|---|--- 2026-04-02 22:15:18+00:00| seen| Telegram/P5-d6aZOqF55QElx3cS6BOd0aPe5lgIDzzkyeelTZVJswY 2026-04-02 22:15:27+00:00| seen| Telegram/zRO4yDgOkqitQ-0uPFlpuBUiTVJii3PBjh2HUkR1y964uzw...

GHSA-H5J9-CVRW-V5QH

creationtimestamp| type| source ---|---|--- 2026-04-02 19:27:42+00:00| seen| Telegram/e54ga9nXMr6DQKQaz2LvLSMhQxTpsj-b4LBmwV1E43L1qeM...

CVE-2026-5346

creationtimestamp| type| source ---|---|--- 2026-04-02 17:38:06+00:00| published-proof-of-concept| Telegram/MQ6ai6F8nIsMgggTBJXuPSpPwamg57gds1UAnW3xco8kE...

GHSA-7P93-6934-F4Q7

creationtimestamp| type| source ---|---|--- 2026-04-02 17:37:18+00:00| seen| Telegram/asfs2UkHDA2dEAWxK7wNvn0OefGesF-RFz1ocNui3XpVnY...

Wordfence Intelligence Weekly WordPress Vulnerability Report (March 23, 2026 to March 29, 2026)

Last week, there were 122 vulnerabilities disclosed in 90 WordPress Plugins and 22 WordPress Themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 46 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilities...

CVE-2025-40318

creationtimestamp| type| source ---|---|--- 2026-04-02 17:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0397/ 2026-04-07 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/ubuntu-linux-kernel-multiple-vulnerabilities20260408 2026-05-10 18:00:00+00:00| seen|...

CVE-2025-39895

creationtimestamp| type| source ---|---|--- 2026-04-02 17:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0397/ 2026-04-07 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/ubuntu-linux-kernel-multiple-vulnerabilities20260408 2026-05-10 18:00:00+00:00| seen|...

EUVD-2026-18224

In Progress Flowmon versions prior to 12.5.8, a vulnerability exists whereby an authenticated low-privileged user may craft a request during the report generation process that results in unintended commands being executed on the server...

AARTF---Autonomous-AI-RedTeam-Framework

AARTF AI-Driven Autonomous Security Workflow !CIhttps:/...

CVE-2026-3692

In Progress Flowmon versions prior to 12.5.8, a vulnerability exists whereby an authenticated low-privileged user may craft a request during the report generation process that results in unintended commands being executed on the server...

CVE-2026-23417

creationtimestamp| type| source ---|---|--- 2026-04-02 14:02:19+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mijen2o7ei23 2026-05-31 20:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/suse-linux-kernel-multiple-vulnerabilities20260601...

CVE-2026-3692

In Progress Flowmon versions prior to 12.5.8, a vulnerability exists whereby an authenticated low-privileged user may craft a request during the report generation process that results in unintended commands being executed on the server...

CVE-2026-3692 Unintended command execution during report generation in Progress Flowmon

In Progress Flowmon versions prior to 12.5.8, a vulnerability exists whereby an authenticated low-privileged user may craft a request during the report generation process that results in unintended commands being executed on the server...

CVE-2026-3692 Unintended command execution during report generation in Progress Flowmon

In Progress Flowmon versions prior to 12.5.8, a vulnerability exists whereby an authenticated low-privileged user may craft a request during the report generation process that results in unintended commands being executed on the server...

CVE-2026-3692

Progress Flowmon

EUVD-2026-18202

A security flaw has been discovered in efforthye fast-filesystem-mcp up to 3.5.1. The affected element is the function handleGetDiskUsage of the file src/index.ts. Performing a manipulation results in command injection. The attack is possible to be carried out remotely. The exploit has been...