CVE-2026-47106

CVE-2026-47106 affects Ellucian Banner Self-Service prior to the April T2 release. The issue is a stored cross-site scripting (XSS) vulnerability in the course search functionality caused by missing HTML encoding during DOM insertion. Malicious JavaScript can be stored in fields such as faculty d...

EUVD-2026-35796

Ellucian Banner Self-Service before the April T2 release 2025-04-23 contains a stored cross-site scripting vulnerability in the course search functionality that allows authenticated Banner ERP users to inject malicious payloads into faculty and course fields by exploiting missing HTML encoding...

PT-2026-48222

Ellucian Banner Self-Service before the April T2 release 2025-04-23 contains a stored cross-site scripting vulnerability in the course search functionality that allows authenticated Banner ERP users to inject malicious payloads into faculty and course fields by exploiting missing HTML encoding...

CVE-2026-49771

creationtimestamp| type| source ---|---|--- 2026-06-04 10:59:58+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mnhhsw4byz2g 2026-06-04 11:29:20+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnhjhig4ny25...

CVE-2026-9490

creationtimestamp| type| source ---|---|--- 2026-05-30 11:00:11+00:00| seen| Telegram/yYHRBxvUjQ02015bx83J8tkOO2fwWdsxD6Ne1eYIS9oW1lo 2026-05-30 15:00:07+00:00| seen| Telegram/J8DlVyKG2Ha88-DPAHAkyXqdyfexfy2s10iFJfB3MNT4g...

Stochastic Analysis of Cybersecurity Defense Strategies under Single Attack Scenario

This research presents a novel stochastic framework for proactive cybersecurity defense timing under a single attack scenario. The approach models the defense process as a continuous observation mechanism in which the defense instant and the subsequent observation slot follow independent...

CVE-2026-9789

creationtimestamp| type| source ---|---|--- 2026-05-28 04:30:27+00:00| seen| https://infosec.exchange/users/offseq/statuses/116650319974507739 2026-05-28 04:30:29+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mmv6s36qac22 2026-05-30 11:00:11+00:00| seen|...

CVE-2026-8175

creationtimestamp| type| source ---|---|--- 2026-05-27 15:01:51+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mmtrm3smoa2w 2026-05-27 15:59:55+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmtutxmoug2i 2026-06-05 20:07:07+00:00| seen|...

CVE-2026-49017

creationtimestamp| type| source ---|---|--- 2026-05-27 03:00:27+00:00| seen| https://infosec.exchange/users/offseq/statuses/116644303789823901 2026-05-27 03:00:29+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mmsjca6nvq2v 2026-05-27 05:00:31+00:00| seen|...

CVE-2026-48247

creationtimestamp| type| source ---|---|--- 2026-05-21 18:49:15+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmf3jagyq62q 2026-05-21 19:37:17+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmf675fama2h...

CVE-2026-43578

creationtimestamp| type| source ---|---|--- 2026-05-06 20:45:18+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3ml7kywdjit2r 2026-05-06 21:32:36+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ml7nnj45ja2e 2026-05-24 19:37:06+00:00| seen|...

CVE-2026-7750

creationtimestamp| type| source ---|---|--- 2026-05-04 10:29:40+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mkzhob2nub2e 2026-05-04 10:56:56+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mkzj6ydbzi26...

EUVD-2026-26277

Integer underflow in the DHCPv6 sub-option parser in FreeRTOS-Plus-TCP before V4.4.1 and V4.2.6 allows an adjacent network actor to corrupt the device's IPv6 address assignment, DNS configuration, and lease times, and to cause a denial of service permanent IP task freeze requiring hardware reset ...

CVE-2026-39920

creationtimestamp| type| source ---|---|--- 2026-04-24 17:19:23+00:00| published-proof-of-concept| Telegram/izuLnFsi0kO0A2H5Dx71PRMcc4LiTVfuRwLjXwzmOGc60yQ 2026-04-24 17:19:31+00:00| published-proof-of-concept| Telegram/FPQxil1P7tPI78qOg-WRCqlMyjImNa5-xFn-dcI6eBMsRo 2026-04-25 09:00:28+00:00| see...

CVE-2026-42605

creationtimestamp| type| source ---|---|--- 2026-04-23 19:32:57+00:00| published-proof-of-concept| https://github.com/AzuraCast/AzuraCast/security/advisories/GHSA-vp2f-cqqp-478j 2026-05-09 21:00:03+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mlh5a355gx2c 2026-05-09...

Is “Satoshi Nakamoto” Really Adam Back?

The New York Times has a long article where the author lays out an impressive array of circumstantial evidence that the inventor of Bitcoin is the cypherpunk Adam Back. I don't know. The article is convincing, but it's written to be convincing. I can't remember if I ever met Adam. I was a member ...

CVE-2026-37749

creationtimestamp| type| source ---|---|--- 2026-04-16 19:00:11+00:00| published-proof-of-concept| Telegram/jBpTD-VrkkU4blOwQXqNEQHYP3qYdnW5ne9K2E9cd5frRY 2026-04-16 21:00:04+00:00| published-proof-of-concept| Telegram/YdSs7ODl4GqLLTJMVDK5lc2sRwnfVBIE8xXSYrBaURrpR0I 2026-04-17 15:00:04+00:00|...

CVE-2026-6069

creationtimestamp| type| source ---|---|--- 2026-04-10 14:47:33+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mj5kvcmx4f2z 2026-04-10 17:21:41+00:00| published-proof-of-concept| Telegram/VrQ9Ov0zxRZi9WqN3kvWB9KwPzyBbBtKpr0H2dFm10XhQ 2026-04-11 10:00:13+00:00| seen|...

CVE-2026-6013

creationtimestamp| type| source ---|---|--- 2026-04-10 05:46:47+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mj4moctij525 2026-04-10 06:26:50+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mj4ovwnaon2o 2026-04-10 07:17:18+00:00| seen|...

pretix: API leaks check-in data between events of the same organizer

A new API endpoint introduced in pretix 2025 that is supposed to return all check-in events of a specific event in fact returns all check-in events belonging to the respective organizer. This allows an API consumer to access information for all other events under the same organizer, even those th...