108696 matches found
CVE-2026-40006
creationtimestamp| type| source ---|---|--- 2026-07-10 10:57:24+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqbyhjhsfl2f 2026-07-10 12:15:37+00:00| seen| https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-40006 2026-07-10 13:18:20+00:00| seen|...
CVE-2026-12400
The FlowForms – Conversational Form Builder plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.1.1 via the updateform due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with...
CVE-2026-59721
creationtimestamp| type| source ---|---|--- 2026-07-10 09:14:21+00:00| seen| https://bsky.app/profile/hugovalters.bsky.social/post/3mqbspbvraw27...
CVE-2026-21057
creationtimestamp| type| source ---|---|--- 2026-07-10 08:47:10+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqbr6mzc2h2x 2026-07-10 09:56:42+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqbv2z7uij2a 2026-07-10 09:56:43+00:00| seen|...
CVE-2026-21045
creationtimestamp| type| source ---|---|--- 2026-07-10 08:12:28+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqbpamuqba27 2026-07-10 09:54:30+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqbux2ewhl2e 2026-07-10 12:46:38+00:00| seen|...
CVE-2026-59226
creationtimestamp| type| source ---|---|--- 2026-07-10 05:40:42+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqbgr7qezc26...
CVE-2026-59225
creationtimestamp| type| source ---|---|--- 2026-07-10 05:40:20+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqbgqlpmwx2e...
CVE-2026-12123
The All-in-One Video Gallery plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 4.8.5 via the 'vdl' parameter. This makes it possible for authenticated attackers, with subscriber-level access and above, to make web requests to arbitrary locatio...
CVE-2026-59221
creationtimestamp| type| source ---|---|--- 2026-07-10 05:30:29+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqbg6yf7g42s...
CVE-2026-59227
creationtimestamp| type| source ---|---|--- 2026-07-10 05:30:09+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqbg6ejpes22...
CVE-2026-15331
A vulnerability was identified in zhayujie CowAgent up to 2.1.0. The affected element is the function addurl/addpackage of the file agent/skills/service.py of the component Skill Installation Handler. The manipulation of the argument Name leads to path traversal. The attack may be initiated...
CVE-2026-15282
creationtimestamp| type| source ---|---|--- 2026-07-10 05:16:07+00:00| seen| https://bsky.app/profile/stackflag.bsky.social/post/3mqbffamohv2z 2026-07-11 00:00:32+00:00| seen| https://bsky.app/profile/pulse-wp.com/post/3mqde7qogx42j...
CVE-2026-15284
The King Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'formpageid' parameter in versions up to, and including, 51.1.62 This is due to insufficient input sanitization in the addtosubmissions function, which applies sanitizetextfield which preserves...
CVE-2026-55616
creationtimestamp| type| source ---|---|--- 2026-07-10 04:07:20+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqbbkbvc622t...
CVE-2026-59858
creationtimestamp| type| source ---|---|--- 2026-07-10 00:40:15+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqavxyae4f2l 2026-07-10 19:54:50+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqcwikfmx22a 2026-07-11 01:45:18+00:00| seen|...
CVE-2026-55490
creationtimestamp| type| source ---|---|--- 2026-07-10 00:02:34+00:00| seen| https://bsky.app/profile/bootintel.bsky.social/post/3mqatulwmip2n...
PT-2026-57164
Name of the Vulnerable Software and Affected Versions Lucee CFML Server versions 5.3.x Lucee CFML Server versions 6.1.x Lucee CFML Server versions 6.2.x Lucee CFML Server versions 7.0.x Description Reflected cross-site scripting occurs during URL path parsing, allowing unauthenticated remote...
Linux Distros Unpatched Vulnerability : CVE-2026-59831
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GitHub CLI gh is GitHub's official command line tool. From 2.10.0 through 2.95.0, connecting to a malicious Codespace with gh codespace jupyter can allow comman...
CVE-2026-57501
Zen is a firefox-based browser. Prior to 1.21.5b, Zen's glance and split-view context-menu actions, Open link in glance and Split link in new tab, load a page-controlled link URL with the System principal instead of the originating page's principal, allowing a malicious web page to place a link t...
CVE-2026-13080
creationtimestamp| type| source ---|---|--- 2026-07-09 22:35:46+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqaozezmzg2f...