773 matches found
CVE-2026-58144
creationtimestamp| type| source ---|---|--- 2026-07-09 13:45:12+00:00| seen| https://gist.github.com/sermikr0/75686815e441c07462cfdea2fed5d305 2026-07-10 00:03:14+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqatvsmcv62t 2026-07-10 18:39:34+00:00| seen|...
GHSA-3G9W-X9XQ-CQ9G vulnerabilities
Vulnerabilities for packages: chromium...
MINI-W79M-P6P7-VP3V
Bulletin has no description...
CVE-2026-46940
...
MINI-5M7V-6JGV-JMFV
Bulletin has no description...
MINI-CR4F-VGFW-7RVR
Bulletin has no description...
PT-2026-46083
Certain URLs passed to the redirect function can trigger an open redirect to an external domain depending on the level of validation done by the application prior to returning the redirect. !NOTE This does not impact your React Router application if you are using Declarative Mode...
CVE-2026-34358
creationtimestamp| type| source ---|---|--- 2026-05-19 23:01:48+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mmaioiuwkz2g 2026-05-19 23:07:19+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmaiyukcv72p...
LuxeMart-
No d...
MINI-4F7X-C7P5-Q47M
Bulletin has no description...
CVE-2026-34276
CVE-2026-34276 affects Oracle MySQL Server (Group Replication Plugin). Affected versions: MySQL 8.0.0–8.0.45, 8.4.0–8.4.8, and 9.0.0–9.6.0. The vulnerability allows a low-privileged, network-accessible attacker (via multiple protocols) to cause a hang or a frequently repeatable crash of MySQL Ser...
Official Clerk JavaScript SDKs: Middleware-based route protection bypass
Summary createRouteMatcher in @clerk/nextjs, @clerk/nuxt, and @clerk/astro can be bypassed by certain crafted requests, allowing them to skip middleware gating and reach downstream handlers. Sessions are not compromised and no existing user can be impersonated - the bypass only affects the...
CVE-2026-27802
A flaw was found in Vaultwarden. A manager, an authorized user, can exploit this vulnerability by performing a bulk permission update to collections they are not authorized to access. This can lead to privilege escalation, allowing the manager to gain unauthorized access and control over these...
CVE-2025-57793
creationtimestamp| type| source ---|---|--- 2026-01-28 19:21:42+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mdiyn7p42h26 2026-01-28 19:48:12+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mdj24mba3u23...
EUVD-2026-4456
ALGO 8180 IP Audio Alerter Web UI Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is required to exploit this vulnerability. The specific fla...
CVE-2026-22463
creationtimestamp| type| source ---|---|--- 2026-01-22 17:43:15+00:00| seen| https://gist.github.com/Darkcrai86/a88e0cde08fb268e1fc15fc740109cd4...
EUVD-2026-3879
A maliciously crafted HTML payload, stored in a component’s description and clicked by a user, can trigger a Stored Cross-site Scripting XSS vulnerability in the Autodesk Fusion desktop application. A malicious actor may leverage this vulnerability to read local files or execute arbitrary code in...
EUVD-2026-3983
Missing Authorization vulnerability in Ninja Team GDPR CCPA Compliance Support ninja-gdpr-compliance allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GDPR CCPA Compliance Support: from n/a through = 2.7.4...
EUVD-2026-4067
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in bslthemes Myour myour allows PHP Local File Inclusion.This issue affects Myour: from n/a through = 1.5.1...
CVE-2026-21922
...