CVE-2026-4881

In affected versions of Octopus Server, permissions were not checked correctly resulting in any authenticated user being able to make server level changes using a certain API endpoint despite receiving an error...

EUVD-2026-34227

In affected versions of Octopus Server, permissions were not checked correctly resulting in any authenticated user being able to make server level changes using a certain API endpoint despite receiving an error...

EUVD-2025-23857

Malicious code in bioql PyPI...

Ivanti Addressed A Critical Zero-Day Flaw in EPMM Software

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary The vulnerability in Ivanti Endpoint Manager Mobile allows unauthorized remote access to personal information and enables limited server changes, posing significant security risks to affected...

VulnCheck KEV: CVE-2008-1244

cgi-bin/setupdns.exe on the Belkin F5D7230-4 router with firmware 9.01.10 does not require authentication, which allows remote attackers to perform administrative actions, as demonstrated by changing a DNS server via the dns11, dns12, dns13, and dns14 parameters. NOTE: it was later reported...