@cenk1cenk2/renovate-config (>=2.3.132 <=2.3.148), @jamietanna/patch-testing (>=0.1.0 <=0.2.28) +7 more potentially affected by unknown CVE via renovate (>=36.109.4 <=40.21.2)

renovate NPM version =36.109.4, =2.3.132, =0.1.0, =0.14.0, =0.5.0, =0.1.0, =0.1.0, =0.0.1, =0.19.0 - @zotero-chinese/renovate-config =1.0.3 Source cves: unknown CVE Source advisory: OSV:GHSA-FR4J-65PV-GJJJ...

Exploit for Improper Handling of Length Parameter Inconsistency in Mongodb

MongoBleed-Pro ☠️ Advanced MongoDB Memory L...

Proactive Malware Threat Management: A How-To Guide

Trying to defend against every potential malware attack is like trying to boil the ocean. You can’t be everywhere at once, and treating every vulnerability as a top priority is a surefire way to burn out your team. The old way of reacting to every alert simply doesn't scale. A modern defense...

Aura Inspector

aura-inspector is a Swiss Army knife of Salesforce Experience Cloud testing. It facilitates in discovering misconfigured Salesforce Experience Cloud applications as well as automates much of the testing process...

MAL-2026-237 Malicious code in formater (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 71f6a751b5ff98dceeee5863086a2d9988640b93d96ccef9d50fb0d0d1dd116c During importing the package automatically downloads a script that uses a Telegram bot to perform remote control over the computer --- Category: MALICIOUS - Th...

MAL-2026-236 Malicious code in graponater (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 9bbd986bf5883f6b5b40a7061c514b13f71a27c021471595671d060b260affc3 The package, distinguished as a speed testing or typosquatted Telegram library, contains a Telegram bot to perform remote control of the computer --- Category:...

Security update for wget2 (important)

openSUSE Security Update: Security update for wget2 Announcement ID: openSUSE-SU-2026:0010-1 Rating: important References: 1255728 1255729 Cross-References: CVE-2025-69194 CVE-2025-69195 Affected Products: openSUSE Backports SLE-15-SP6 An update that fixes two vulnerabilities is now available...

Exploit for Improper Handling of Length Parameter Inconsistency in Mongodb

MongoBleed PoC CVE-2025-14847 Ethical Disclosure & Discl...

penetration-testing-dvwa

No d...

PoC-Apisix

PoC-Apisix RCE via serverless-pre-function plugin when Admi...

CVE-2021-33469

COVID19 Testing Management System 1.0 is vulnerable to Cross Site Scripting XSS via the "Admin name" parameter...

CVE-2021-33470

COVID19 Testing Management System 1.0 is vulnerable to SQL Injection via the admin panel...

CVE-2016-10977

The nelio-ab-testing plugin before 4.5.0 for WordPress has filename=..%2f directory traversal...

CVE-2016-10927

The nelio-ab-testing plugin before 4.5.11 for WordPress has SSRF in ajax/iesupport.php...

CVE-2017-18547

The nelio-ab-testing plugin before 4.6.4 for WordPress has CSRF in experiment forms...

CVE-2019-2727

Vulnerability in the Oracle Application Testing Suite component of Oracle Enterprise Manager Products Suite subcomponent: Load Testing for Web Apps. The supported version that is affected is 13.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to...

CVE-2023-40719

A use of hard-coded credentials vulnerability in Fortinet FortiAnalyzer and FortiManager 7.0.0 - 7.0.8, 7.2.0 - 7.2.3 and 7.4.0 allows an attacker to access Fortinet private testing data via the use of static credentials...

CVE-2023-25573

metersphere is an open source continuous testing platform. In affected versions an improper access control vulnerability exists in /api/jmeter/download/files, which allows any user to download any file without authentication. This issue may expose all files available to the running process. This...

CVE-2025-23789

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in tahminajannat URL Shortener | Conversion Tracking | AB Testing | WooCommerce easy-broken-link-checker allows Reflected XSS.This issue affects URL Shortener | Conversion Tracking | AB Testing |...

Cybersecurity AI: A Game-Theoretic AI for Guiding Attack and Defense

AI-driven penetration testing now executes thousands of actions per hour but still lacks the strategic intuition humans apply in competitive security. To build cybersecurity superintelligence --Cybersecurity AI exceeding best human capability-such strategic intuition must be embedded into agentic...