Lucene search
+L

1154138 matches found

Patchstack
Patchstack
added 55 minutes ago4 views

WordPress GEO my WP plugin <= 4.5.4 - Unauthenticated SQL Injection vulnerability

Unauthenticated SQL Injection vulnerability discovered by ? in WordPress Plugin GEO my WordPress versions = 4.5.4...

9.1CVSS5.8AI score0.00349EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 1 hour ago4 views

WordPress Under Construction plugin <= 5.76 - Arbitrary File Download vulnerability

Arbitrary File Download vulnerability discovered by Nguyen Ngoc Duc duc193 in WordPress Plugin Under Construction versions = 5.76...

6.5CVSS5.2AI score0.00308EPSS
Exploits0References1Affected Software1
The Hacker News
The Hacker News
added 1 hour ago5 views

ACR Stealer Uses ClickFix Lures to Steal Browser Tokens and Microsoft 365 Files

ACR Stealer, an infostealer in circulation since 2024, is walking out of enterprise networks with saved browser passwords, live session tokens, PDFs, Microsoft 365 documents, and files from synced OneDrive and SharePoint folders. It gets in because someone pasted a command into a Run box and...

6.4AI score
Exploits0
Patchstack
Patchstack
added 2 hours ago4 views

WordPress miniOrange Social Login and Register (Discord, Google, Twitter, LinkedIn) plugin <= 7.7.0 - Unauthenticated Authentication Bypass to Administrator Account Takeover vulnerability

Unauthenticated Authentication Bypass to Administrator Account Takeover vulnerability discovered by Supakiad S. m3ez - E-CQURITY Thailand in WordPress Plugin WordPress Social Login and Register versions = 7.7.0...

9.8CVSS6.1AI score0.00463EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 7 hours ago3 views

CVE-2026-57076

A flaw was found in YAML::Syck. An attacker could exploit a heap use-after-free vulnerability by providing a specially crafted YAML document that reuses an anchor name as an anchors-table key. This flaw causes the software to read freed heap memory, which may lead to information disclosure or...

6.3CVSS6AI score
Exploits0References5
F5 Networks
F5 Networks
added 7 hours ago3 views

K000162310: Linux kernel vulnerability CVE-2026-46316

Security Advisory Description In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Drop the translation cache reference only for the erased entry vgicitsinvalidatecache walks the per-ITS translation cache with xaforeach and drops the cache's reference on each...

9.3CVSS6.6AI score0.00202EPSS
Exploits1
Richard Bejtlich's blog
Richard Bejtlich's blog
added 8 hours ago2 views

FreeBSD Released the Most Security Advisories in Project History in June 2026

On average, the FreeBSD security team releases about 2 security advisories per month. AI has changed this. In April, the project released 8 advisories, with 6 powered by AI. In May, the count decreased slightly to 7. Today I took a look at the FreeBSD Security Advisory page to check the latest...

6.2AI score
Exploits0
BDU FSTEC
BDU FSTEC
added yesterday14 views

The vulnerability of the software for calculating positions of individual RTLS transponders in the SIMATIC RTLS Locating Manager lies in the lack of a mechanism for verifying input data during backup scenarios. This allows a malicious actor to execute arbitrary code with SYSTEM privileges.

The vulnerability of the software for calculating positions of individual RTLS transponders in the SIMATIC RTLS Locating Manager is related to deficiencies in the mechanism for verifying input data during backup scenario execution. Exploiting this vulnerability could allow an attacker, operating...

9.1CVSS6.1AI score0.00648EPSS
Exploits0References2Affected Software1
Microsoft Secure
Microsoft Secure
added yesterday9 views

ACR Stealer: Two observed intrusion chains amid increased threat activity

In this article 1. Campaign 1: WebDAV-based ClickFix with Python loaders and blockchain C2 2. Campaign 2: MSHTA-initiated PowerShell chain with steganographic payload delivery 3. Mitigation and protection guidance 4. References 5. Learn more From late April 2026 to mid-June 2026, Microsoft Defend...

6.4AI score
Exploits0
OSV
OSV
added yesterday3 views

MAL-2026-10761 Malicious code in my-tailwind-gutenberg-block (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 964a3f6c00b9b203b2ce5d2bf2a913e877d136325b805010ef3615c2dcc6a52a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.1AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added yesterday4 views

Malicious code in my-tailwind-gutenberg-block (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 964a3f6c00b9b203b2ce5d2bf2a913e877d136325b805010ef3615c2dcc6a52a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.1AI score
Exploits0References1
NVD
NVD
added yesterday7 views

CVE-2026-57896

An out-of-bounds read vulnerability in the Productivity Suite allows a local attacker to trigger kernel memory corruption by sending a crafted IOCTL request. This could lead to limited information disclosure or disruption of the affected product...

6.9CVSS
Exploits0References3
NVD
NVD
added yesterday7 views

CVE-2026-61378

A divide-by-zero vulnerability in the Productivity Suite allows a local attacker to cause a division by zero leading to a system crash...

6.8CVSS
Exploits0References3
NVD
NVD
added yesterday8 views

CVE-2026-60073

An out-of-bounds read in the Productivity Suite allows a physical attacker to control the length of data sent to a USB device. This can lead to a system crash or disclosure of kernel memory...

5.9CVSS
Exploits0References3
NVD
NVD
added yesterday6 views

CVE-2026-11889

SALTO ProAccess Space software using the tenancy feature / logical partition is vulnerable to a privilege escalation attack that could allow an authorized attacker to access any space managed by the affected product...

7.1CVSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added yesterday5 views

Security Bulletin: IBM WebSphere Application Server and WebSphere Application Server Liberty are affected by a security bypass vulnerability (CVE-2026-10842)

Summary IBM WebSphere Application Server and WebSphere Application Server Liberty are affected by a security bypass vulnerability with the appSecurity-1.0, appSecurity-2.0 , appSecurity-3.0 or appSecurity-4.0 feature enabled. Vulnerability Details CVEID:CVE-2026-10842 DESCRIPTION: IBM WebSphere...

6.1AI score
Exploits0Affected Software1
OSSF Malicious Packages
OSSF Malicious Packages
added yesterday6 views

Malicious code in abseil-py (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 6b0ae8e92b62a5524d9ca665a07b3139a9cd4af2af0a0016dc6d425ecc2cc72e Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

6.2AI score
Exploits0References1
CVE
CVE
added yesterday9 views

CVE-2026-11889

CVE-2026-11889 concerns SALTO ProAccess Space software with the tenancy/partition feature. The issue enables privilege escalation that could let an authenticated attacker access any space managed by the affected installation. Exploitation requires valid authenticated operator credentials and the ...

7.1CVSS6.1AI score
Exploits0References2
EUVD
EUVD
added yesterday5 views

EUVD-2026-45039

SALTO ProAccess Space software using the tenancy feature / logical partition is vulnerable to a privilege escalation attack that could allow an authorized attacker to access any space managed by the affected product...

7.1CVSS6.1AI score
Exploits0References2
ATTACKERKB
ATTACKERKB
added yesterday3 views

CVE-2026-11889

SALTO ProAccess Space software using the tenancy feature / logical partition is vulnerable to a privilege escalation attack that could allow an authorized attacker to access any space managed by the affected product...

7.1CVSS6.1AI score
Exploits0References3
Rows per page
Query Builder