cyberintel.kalymoon.com · 21946 articles · updated every 4 hours · grows forever
A vulnerability has been found in OpenClaw up to 2026.1.24 and classified as critical . The impacted element is the function handleBlueBubblesWebhookRequest of the file extensions/bluebubbles/src/moni…
A vulnerability was found in ATutor 2.2.4 and classified as problematic . This affects an unknown function of the file /install/upgrade.php of the component URL Handler . Executing a manipulation can …
A vulnerability was found in ATutor 2.2.4 . It has been classified as problematic . This impacts an unknown function of the component URL Handler . The manipulation leads to cross site scripting. This…
A vulnerability was found in WSO2 API Control Plane, Universal Gateway, Traffic Manager, API Manager, Carbon API Management Implementation and Carbon API Manager Rest API Utility . It has been declare…
A vulnerability was found in WSO2 Identity Server, Open Banking IAM, Identity Server as Key Manager, Email OTP Authenticator and Carbon Authenticator Library for EmailOTP . It has been rated as proble…
A vulnerability categorized as problematic has been discovered in WSO2 Identity Server and Carbon MagicLink Authenticator Module . Affected by this issue is some unknown functionality. Such manipulati…
A vulnerability identified as problematic has been detected in WSO2 Identity Server and Conditional Authentication User and Roles Related Functions . This affects an unknown part of the component Orga…
A vulnerability labeled as problematic has been found in Dell ECS and ObjectScale . This vulnerability affects unknown code. Executing a manipulation can lead to authentication bypass by assumed-immut…
A vulnerability marked as very critical has been reported in Dell Automation Platform 1.x . This issue affects some unknown processing. The manipulation leads to missing authorization. This vulnerabil…
A vulnerability described as problematic has been identified in Dell ECS and ObjectScale . Impacted is an unknown function. The manipulation results in csv injection. This vulnerability was named CVE-…
A vulnerability classified as problematic has been found in WSO2 Identity Server and Carbon MagicLink Authenticator Module . The affected element is an unknown function of the component Magic Link/Pas…
A vulnerability classified as critical was found in WSO2 API Manager, Universal Gateway, Traffic Manager, API Control Plane, Carbon API Gateway and Carbon API Management Implementation . The impacted …
A vulnerability, which was classified as critical , has been found in Dell ECS and ObjectScale . This affects an unknown function. Performing a manipulation results in improper privilege management. T…
A vulnerability, which was classified as critical , was found in Dell ECS and ObjectScale . This impacts an unknown function. Executing a manipulation can lead to hard-coded credentials. This vulnerab…
A vulnerability has been found in GROWI up to 7.5.0 and classified as critical . Affected is an unknown function. The manipulation leads to path traversal. This vulnerability is listed as CVE-2026-419…
A vulnerability was found in VectifyAI PageIndex up to f50e52975313c6716c02b20a119577a1929decba and classified as problematic . Affected by this vulnerability is the function toc_transformer of the fi…
A vulnerability was found in aiwaves-cn agents up to e8c4e3c2d19739d3dff59e577d1c97090cc15f59 . It has been classified as problematic . Affected by this issue is the function recall_relevant_memories_…
A vulnerability was found in jishenghua jshERP up to 3.6 . It has been declared as critical . This affects the function getUserByWeixinCode of the file jshERP-boot/src/main/java/com/jsh/erp/service/Us…
A vulnerability was found in inkeep agents 0.58.14 . It has been rated as critical . This vulnerability affects the function createDevContext of the file agents-api/src/middleware/runAuth.ts of the co…
A vulnerability categorized as critical has been discovered in Cockpit-HQ Cockpit . This issue affects some unknown processing of the component System Logs User Interface . Executing a manipulation ca…
A vulnerability identified as critical has been detected in pgAdmin 4 up to 9.14 . Impacted is an unknown function of the component FileBackedSessionManager . The manipulation leads to path traversal.…
Key Findings Ransomware in Q1 2026: Consolidation at Scale During the first quarter of 2026, we monitored more than 70 active data leak sites (DLS) that collectively listed 2,122 new victims. This fig…
For the latest discoveries in cyber research for the week of 11th May, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Instructure, the US education technology company behin…
Executive Summary Since our February 2026 report on AI-related threat activity, Google Threat Intelligence Group (GTIG) has continued to track a maturing transition from nascent AI-enabled operations …