109037 matches found
CVE-2026-22102
creationtimestamp| type| source ---|---|--- 2026-07-13 11:14:04+00:00| seen| https://bsky.app/profile/stackflag.bsky.social/post/3mqjks3uozc2t 2026-07-13 18:58:02+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqkepq5v6a2w 2026-07-14 03:05:58+00:00| seen|...
CVE-2026-22096
creationtimestamp| type| source ---|---|--- 2026-07-13 11:10:06+00:00| seen| https://bsky.app/profile/stackflag.bsky.social/post/3mqjkkyqbj62r 2026-07-13 18:49:50+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqkeb3m33j2e 2026-07-14 03:05:36+00:00| seen|...
CVE-2026-57386
creationtimestamp| type| source ---|---|--- 2026-07-13 11:00:32+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqjjzvwbef27...
CVE-2026-57772
creationtimestamp| type| source ---|---|--- 2026-07-13 10:51:14+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqjjjbh4rv25 2026-07-13 22:07:00+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqkpbmzimm27...
CVE-2026-57375
creationtimestamp| type| source ---|---|--- 2026-07-13 10:48:13+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqjjdvgpsn27 2026-07-13 18:56:06+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqkemc3tb22i...
CVE-2026-41041
URL path injection via unencoded user-supplied identifiers vulnerability in Apache Gravitino. This issue affects Apache Gravitino: from 1.0.0 before 1.2.1. Users are recommended to upgrade to version 1.2.1, which fixes the issue...
CVE-2026-62143
creationtimestamp| type| source ---|---|--- 2026-07-13 09:37:25+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqjffc5gow2y...
CVE-2026-22099 Missing authentication for Bluetooth communication
The charging station does not require authentication for Bluetooth commands to perform actions. The functionality exposed includes sensitive information leakage, triggering reboots, or pushing a firmware update URL...
CVE-2026-22099
CVE-2026-22099 affects a charging station where Bluetooth commands do not require authentication. This leads to exposure of sensitive information, potential reboot triggering, and the ability to push a firmware update URL via Bluetooth. The issue is described with high impact on confidentiality, ...
CVE-2026-41041 Apache Gravitino: URL path injection via unencoded user-supplied identifiers in MCP REST client f-string URL construction, enabling path traversal to unintended API endpoints.
URL path injection via unencoded user-supplied identifiers vulnerability in Apache Gravitino. This issue affects Apache Gravitino: from 1.0.0 before 1.2.1. Users are recommended to upgrade to version 1.2.1, which fixes the issue...
CVE-2026-12274
creationtimestamp| type| source ---|---|--- 2026-07-13 07:48:25+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqj7cel2gg26 2026-07-14 03:15:29+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqlaj7r33z2z...
CVE-2026-11964
creationtimestamp| type| source ---|---|--- 2026-07-13 07:42:45+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqj6y7ymo52i 2026-07-13 17:40:05+00:00| seen| https://bsky.app/profile/stackflag.bsky.social/post/3mqkaedxj7k2h 2026-07-14 00:00:11+00:00| seen|...
CVE-2026-12273
creationtimestamp| type| source ---|---|--- 2026-07-13 07:41:09+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqj6vfbljy2y 2026-07-14 03:38:36+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqlbsllbjm2c...
CVE-2026-4769
creationtimestamp| type| source ---|---|--- 2026-07-13 07:21:18+00:00| seen| https://infosec.exchange/users/certvde/statuses/116911458109125585 2026-07-13 07:54:49+00:00| seen| https://bsky.app/profile/securityonline.bsky.social/post/3mqj7nsuneh2l 2026-07-13 08:30:05+00:00| seen|...
MAL-2026-10420 Malicious code in path-addon-extend (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b383636076e2701a372675c281ee82463d97529ed7d8db027276aa8a8b68b966 path-addon-extend presents itself as a copy of Node's built-in path module. On module load, path.js issues an HTTPS GET to a base64-obscured URL that...
Vulnerabilities found in Juniper Networks’ Junos OS and Junos OS Evolved
Juniper has identified several vulnerabilities in Junos OS and Junos OS Evolved, specifically related to devices in the MX Series, PTX Series, QFX Series, EX Series, SRX Series, and QFX10000 Series. These vulnerabilities affect various components of Junos OS and Junos OS Evolved, including the...
WordPress AI Engine Plugin - Token Exposure
Unauthenticated sensitive information exposure in AI Engine WordPress plugin = 3.1.3 exposes bearer tokens via REST API endpoints when No-Auth URL is enabled. id: CVE-2025-11749 info: name: WordPress AI Engine Plugin - Token Exposure author: 4m3rr0r severity: critical description: | Unauthenticat...
Versa Concerto API Path Based - Authentication Bypass
Authentication bypass in the Versa Concerto API, caused by URL decoding inconsistencies. It allowed unauthorized access to certain API endpoints by manipulating the URL path.This issue enabled attackers to bypass authentication controls and access restricted resources. id: CVE-2025-34027 info:...
CVE-2026-49876
creationtimestamp| type| source ---|---|--- 2026-07-13 04:10:16+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mqit4ca7od2c 2026-07-13 18:58:22+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqkeqdsbpl2i 2026-07-14 03:54:38+00:00| seen|...
CVE-2026-15525
CVE-2026-15525 affects the kLOsk adloop package up to version 0.9.0. The vulnerability is in the function _validate_urls in src/adloop/ads/write.py, where manipulating the argument final_url can trigger a server-side request forgery (SSRF). The issue can be exploited remotely and the exploit is p...