27967 matches found
Astra Linux – Vulnerability in WebKit2GTK
The issue has been addressed through improved checks. This issue is fixed in iOS 16.6, iPadOS 16.6, Safari 16.5.2, tvOS 16.6, macOS Ventura 13.5, and watchOS 9.6. Processing web content may lead to arbitrary code execution. Apple is aware of a report indicating that this issue may have been...
Astra Linux – Vulnerability in WebKit2GTK
A memory management issue related to “use after free” operations has been addressed through improved memory management practices. This issue is fixed in macOS Monterey 12.2.1, iOS 15.3.1, and iPadOS 15.3.1, as well as Safari 15.3 versions 16612.4.9.1.8 and 15612.4.9.1.8. Processing maliciously...
CVE-2026-43620
creationtimestamp| type| source ---|---|--- 2026-05-20 02:56:08+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmavryzuxl2q 2026-05-20 04:18:43+00:00| seen| https://vulnerability.circl.lu/bundle/98dfc241-f74a-4ad3-9b5d-a312ab6e6c87 2026-05-20 09:58:24+00:00| seen|...
WordPress Presto Player plugin <= 4.1.3 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Bao - BlueRock in WordPress Plugin Presto Player versions = 4.1.3...
CVE-2026-44868
creationtimestamp| type| source ---|---|--- 2026-05-12 23:14:15+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlow4smlga2i...
CVE-2026-8187
A flaw has been found in Open5GS up to 2.7.7. This impacts the function gtpv1urecvcb of the file src/upf/gtp-path.c of the component UPF. Executing a manipulation can lead to resource consumption. The attack may be performed from remote. The project was informed of the problem early through an...
CVE-2026-8249 Open5GS SMF npcf-handler.c update_authorized_pcc_rule_and_qos denial of service
A flaw has been found in Open5GS up to 2.7.7. The impacted element is the function updateauthorizedpccruleandqos of the file /src/smf/npcf-handler.c of the component SMF. This manipulation causes denial of service. Remote exploitation of the attack is possible. The exploit has been published and...
CVE-2026-42661
creationtimestamp| type| source ---|---|--- 2026-05-08 13:33:06+00:00| seen| https://bsky.app/profile/atomicedge.bsky.social/post/3mldtrx27dz2s...
EUVD-2026-28472
A security flaw has been discovered in gyoridavid short-video-maker up to 1.3.4. This affects an unknown part of the file src/server/routers/rest.ts of the component REST API. The manipulation of the argument req.params.tmpFile results in path traversal. The attack can be launched remotely. The...
PT-2026-39153
An issue was discovered in 6.0 before 6.0.5 and 5.2 before 5.2.14. Response headers do not vary on cookies if a session is not modified, but SESSION SAVE EVERY REQUEST is True. A remote attacker can steal a user's session after that user visits a cached public page. Earlier, unsupported Django...
WordPress bunny.net plugin <= 2.3.6 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by NumeX in WordPress Plugin bunny.net versions = 2.3.6...
CVE-2026-43534
creationtimestamp| type| source ---|---|--- 2026-05-05 13:07:49+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ml4axy3e6a2n 2026-05-05 17:59:54+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3ml4rcaoglm2z 2026-05-24 23:37:06+00:00| seen|...
PT-2026-35574
A vulnerability was identified in duartium papers-mcp-server 9ceb3812a6458ba7922ca24a7406f8807bc55598. Impacted is the function search papers of the file src/main.py. Such manipulation of the argument topic leads to path traversal. The attack may be launched remotely. The exploit is publicly...
CVE-2026-6357
creationtimestamp| type| source ---|---|--- 2026-04-27 20:57:33+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mkixil2wqr2j 2026-05-07 12:00:58+00:00| seen| https://bsky.app/profile/lambdawatchdog.bsky.social/post/3mlb66cgbnt23...
EUVD-2026-25734
A flaw has been found in AgentDeskAI browser-tools-mcp up to 1.2.0. This issue affects some unknown processing of the file browser-tools-server/browser-connector.ts. Executing a manipulation can lead to os command injection. The attack may be performed from remote. The exploit has been published...
CVE-2026-6599
creationtimestamp| type| source ---|---|--- 2026-04-20 08:12:44+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjvzijquam2v...
CVE-2026-40487
creationtimestamp| type| source ---|---|--- 2026-04-18 03:13:31+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjqhtmq72h2f 2026-04-18 03:16:49+00:00| seen| Telegram/pg0pMMwJv5FTHbXxc3MO00N2B5ehQq9biiv2KNNNK0Va5Yk 2026-05-03 11:00:04+00:00| seen| https://t.me/GithubRedTeam/82615...
Microsoft Visual Studio Products (April 2026)
The Microsoft Visual Studio Products are missing security updates. It is, therefore, affected by multiple vulnerabilities: - Stack-based buffer overflow in .NET and Visual Studio allows an unauthorized attacker to deny service over a network. CVE-2026-32203 - Improper neutralization of special...
CVE-2026-39422
creationtimestamp| type| source ---|---|--- 2026-04-14 04:39:23+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjgkripynq2m...
CVE-2026-6106
creationtimestamp| type| source ---|---|--- 2026-04-12 00:02:44+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjb2eweuut2k 2026-04-12 01:30:30+00:00| seen| https://infosec.exchange/users/offseq/statuses/116389146135516653 2026-04-12 01:30:41+00:00| seen|...