SEMCMS 访问控制错误漏洞

SEMCMS is an open-source content management system CMS for foreign trade websites that supports multiple languages. Version SEMCMS 5.0 has a access control vulnerability, which stems from an unauthorized access vulnerability in the SEMCMScopy.php file...

Taier 授权问题漏洞

Taier is a distributed scheduling system open source by DTStack. It aims to reduce the costs of ETL processes, clarify complex dependencies between tasks, and lower labor costs related to submission, scheduling, and operations. Versions of Taier 1.4.0 and earlier have vulnerabilities related to...

Netty: DNS Cache Poisoning due to Predictable PRNG and Default Static Source Port

Summary Netty's DNS resolver uses a predictable PRNG for generating DNS transaction IDs and defaults to a static UDP source port. This combination reduces the entropy of DNS queries, enabling DNS Cache Poisoning Kaminsky attack. Details Two factors contribute to this vulnerability in...

CVE-2026-44631

creationtimestamp| type| source ---|---|--- 2026-06-08 23:00:40+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mnsrxdvbsz27 2026-06-09 00:51:01+00:00| seen| https://www.acn.gov.it/portale/w/rilevate-vulnerabilita-in-apache-http-server 2026-06-09 12:35:09+00:00| seen|...

Improper Verification of Source of a Communication Channel

Overview Affected versions of this package are vulnerable to Improper Verification of Source of a Communication Channel due to improper validation in the validateToken function. An attacker can cause the server to treat unvalidated client addresses as validated by supplying any non-empty token...

CVE-2026-44186

creationtimestamp| type| source ---|---|--- 2026-06-08 21:52:58+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mnso2pqd7v2c 2026-06-09 11:13:00+00:00| seen| https://bsky.app/profile/omo.bsky.social/post/3mnu2uq6ygc2l 2026-06-09 12:35:09+00:00| seen|...

CVE-2026-44185

creationtimestamp| type| source ---|---|--- 2026-06-08 21:47:11+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mnsntyk2bp2g 2026-06-09 11:25:35+00:00| seen| https://infosec.exchange/users/vuldb/statuses/116719900071495044 2026-06-09 12:35:09+00:00| seen|...

CVE-2026-11582

creationtimestamp| type| source ---|---|--- 2026-06-08 21:43:01+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnsnmjzlmj2q 2026-06-08 22:28:23+00:00| seen| https://bsky.app/profile/postac001.bsky.social/post/3mnsq2m4kgj2f...

CVE-2026-29170

creationtimestamp| type| source ---|---|--- 2026-06-08 21:33:38+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mnsmy6kpfq2g 2026-06-09 12:35:07+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mnu7hq6yhy25 2026-06-09 18:00:00+00:00| seen|...

CVE-2026-47344

creationtimestamp| type| source ---|---|--- 2026-06-08 21:13:20+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnslwat77o2j...

CVE-2026-46486

creationtimestamp| type| source ---|---|--- 2026-06-08 21:07:39+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnslnc7g4f2a...

CVE-2026-47345

creationtimestamp| type| source ---|---|--- 2026-06-08 20:57:38+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnsl3enfz62j...

CVE-2026-10786

creationtimestamp| type| source ---|---|--- 2026-06-08 20:46:14+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnskgyyezw2t...

CVE-2026-10544

creationtimestamp| type| source ---|---|--- 2026-06-08 20:42:27+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnsk4qi4ed2p...

CVE-2026-44541

CVE-2026-44541 affects Fides, an open-source privacy engineering platform. A DOM-based XSS exists in the client-side script fides.js when HTML-formatted descriptions are enabled, reachable from version 2.33.0 up to before 2.84.5. The vulnerability is triggered via the fides_description override, ...

EUVD-2026-35201

Fides is an open-source privacy engineering platform. From version 2.33.0 to before version 2.84.5, there is a DOM-based XSS vulnerability in fides.js via the fidesdescription override. This issue has been patched in version 2.84.5...

CVE-2026-25856

creationtimestamp| type| source ---|---|--- 2026-06-08 19:59:32+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnshtinjdu23 2026-06-08 23:00:32+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mnsrx3xuwo2y...

CVE-2026-39910

creationtimestamp| type| source ---|---|--- 2026-06-08 19:43:06+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnsgt6ropt23...

CVE-2026-25555

creationtimestamp| type| source ---|---|--- 2026-06-08 19:40:54+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnsgrf6fel23 2026-06-16 03:30:23+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2026/CVE-2026-25555.yaml...

USN-8408-1: Twig vulnerability

It was discovered that Twig did not properly validate PHP callables when using a source policy. An authenticated user could possibly use this issue to execute arbitrary code...