CyberIntel ⬡ News
★ Saved ◆ Cyber Reads

// Cyber
Intel Feed

cyberintel.kalymoon.com  ·  33453 articles  ·  updated every 4 hours · grows forever

33453Total
25558Full Text
Jul 05, 2026Latest
◈ Women in Cyber ◉ Threat Intelligence ◎ How-To & Tutorials ⬡ Vulnerabilities & CVEs 🔍 Digital Forensics ◍ Incident Response & DFIR ◆ Security Tools & Reviews ◇ Industry News & Leadership ✉ Email Security 🛡 Active Threats ⚠ Critical CVEs ◐ Insider Threat & DLP ◌ Quantum Computing ◬ AI & Machine Learning
🔥 Trending Topics · Last 48h
⬡ Vulnerabilities & CVEs May 23, 2026
CVE-2026-41148 | mermaid-js mermaid up to 10.9.5/11.14.x createCssStyles Parser addStyleClass code injection (GHSA-xcj9-5m2h-648r)

A vulnerability was found in mermaid-js mermaid up to 10.9.5/11.14.x . It has been rated as critical . This issue affects the function addStyleClass of the component createCssStyles Parser . This mani…

VulDB Read →
⬡ Vulnerabilities & CVEs May 23, 2026
CVE-2026-41069 | strukturag libheif up to 1.21.x AVIF File entry_count out-of-bounds (GHSA-p82x-fpmv-576r)

A vulnerability categorized as problematic has been discovered in strukturag libheif up to 1.21.x . Impacted is an unknown function of the component AVIF File Handler . Such manipulation of the argume…

VulDB Read →
⬡ Vulnerabilities & CVEs May 23, 2026
CVE-2026-41074 | bestpractical rt up to 6.0.2 cross-site request forgery (GHSA-265j-qx4w-256j)

A vulnerability identified as problematic has been detected in bestpractical rt up to 6.0.2 . The affected element is an unknown function. Performing a manipulation results in cross-site request forge…

VulDB Read →
⬡ Vulnerabilities & CVEs May 23, 2026
CVE-2026-33843 | Microsoft Entra Active Directory authentication bypass

A vulnerability labeled as critical has been found in Microsoft Entra . The impacted element is an unknown function of the component Active Directory Handler . Executing a manipulation can lead to aut…

VulDB Read →
⬡ Vulnerabilities & CVEs May 23, 2026
CVE-2026-41090 | Microsoft 365 Copilot for iOS command injection

A vulnerability marked as critical has been reported in Microsoft 365 Copilot for iOS . This affects an unknown function. The manipulation leads to command injection. This vulnerability is referenced …

VulDB Read →
⬡ Vulnerabilities & CVEs May 23, 2026
CVE-2026-26147 | Microsoft Azure Stack HCI input validation

A vulnerability described as problematic has been identified in Microsoft Azure Stack HCI . This impacts an unknown function. The manipulation results in improper input validation. This vulnerability …

VulDB Read →
⬡ Vulnerabilities & CVEs May 23, 2026
CVE-2026-23663 | Microsoft Global Secure Access privileges management

A vulnerability classified as critical has been found in Microsoft Global Secure Access . Affected is an unknown function. This manipulation causes improper privilege management. This vulnerability is…

VulDB Read →
⬡ Vulnerabilities & CVEs May 23, 2026
CVE-2026-35430 | Microsoft Azure Privileged Identity Management authorization

A vulnerability classified as very critical was found in Microsoft Azure Privileged Identity Management . Affected by this vulnerability is an unknown functionality. Such manipulation leads to authori…

VulDB Read →
⬡ Vulnerabilities & CVEs May 23, 2026
CVE-2026-40411 | Microsoft Azure Virtual Network Gateway input validation

A vulnerability, which was classified as very critical , has been found in Microsoft Azure Virtual Network Gateway . Affected by this issue is some unknown functionality. Performing a manipulation res…

VulDB Read →
⬡ Vulnerabilities & CVEs May 23, 2026
CVE-2026-40412 | Microsoft Azure Orbital Spatio unrestricted upload

A vulnerability, which was classified as critical , was found in Microsoft Azure Orbital Spatio . This affects an unknown part. Executing a manipulation can lead to unrestricted upload. This vulnerabi…

VulDB Read →
⬡ Vulnerabilities & CVEs May 23, 2026
CVE-2026-23652 | Microsoft Power Pages command injection

A vulnerability has been found in Microsoft Power Pages and classified as critical . This vulnerability affects unknown code. The manipulation leads to command injection. This vulnerability is documen…

VulDB Read →
⬡ Vulnerabilities & CVEs May 23, 2026
CVE-2026-41104 | Microsoft Planetary Computer Pro deserialization

A vulnerability was found in Microsoft Planetary Computer Pro and classified as very critical . This issue affects some unknown processing. The manipulation results in deserialization. This vulnerabil…

VulDB Read →
⬡ Vulnerabilities & CVEs May 23, 2026
CVE-2026-42901 | Microsoft Entra origin validation (EUVD-2026-31522)

A vulnerability was found in Microsoft Entra . It has been classified as very critical . Impacted is an unknown function. This manipulation causes origin validation error. This vulnerability appears a…

VulDB Read →
⬡ Vulnerabilities & CVEs May 23, 2026
CVE-2026-41076 | bestpractical rt up to 5.0.9/6.0.2 LDAP/AD improper authentication (GHSA-3w28-fmcr-mjjx)

A vulnerability was found in bestpractical rt up to 5.0.9/6.0.2 . It has been declared as critical . The affected element is an unknown function of the component LDAP/AD . Such manipulation leads to i…

VulDB Read →
⬡ Vulnerabilities & CVEs May 23, 2026
CVE-2026-41149 | mermaid-js mermaid up to 10.9.5/11.14.x Setting code injection (GHSA-ghcm-xqfw-q4vr / EUVD-2026-31520)

A vulnerability was found in mermaid-js mermaid up to 10.9.5/11.14.x . It has been rated as critical . The impacted element is an unknown function of the component Setting Handler . Performing a manip…

VulDB Read →
⬡ Vulnerabilities & CVEs May 23, 2026
CVE-2026-42827 | Microsoft 365 Copilot command injection

A vulnerability categorized as critical has been discovered in Microsoft 365 Copilot . This affects an unknown function. Executing a manipulation can lead to command injection. This vulnerability is h…

VulDB Read →
⬡ Vulnerabilities & CVEs May 23, 2026
CVE-2026-47280 | Microsoft Azure Resource Manager improper authentication

A vulnerability identified as critical has been detected in Microsoft Azure Resource Manager . This impacts an unknown function. The manipulation leads to improper authentication. This vulnerability i…

VulDB Read →
⬡ Vulnerabilities & CVEs May 23, 2026
CVE-2026-41147 | nukeviet CMS up to 4.5.7 Contact cross site scripting (GHSA-64rr-pp78-62ww)

A vulnerability labeled as problematic has been found in nukeviet CMS up to 4.5.7 . Affected is an unknown function of the component Contact Module . The manipulation results in cross site scripting. …

VulDB Read →
⬡ Vulnerabilities & CVEs May 23, 2026
CVE-2026-45659 | Microsoft SharePoint Enterprise Server deserialization

A vulnerability marked as critical has been reported in Microsoft SharePoint Enterprise Server . Affected by this vulnerability is an unknown functionality. This manipulation causes deserialization. T…

VulDB Read →
⬡ Vulnerabilities & CVEs May 23, 2026
CVE-2026-6419 | Wishlist Member Plugin up to 3.30.1 on WordPress Administrative API ajax_get_screen privileges management (EUVD-2026-31527)

A vulnerability described as critical has been identified in Wishlist Member Plugin up to 3.30.1 on WordPress. Affected by this issue is the function ajax_get_screen of the component Administrative AP…

VulDB Read →
⬡ Vulnerabilities & CVEs May 23, 2026
CVE-2026-6897 | Wishlist Member Plugin up to 3.30.1 on WordPress REST API Team_Accounts privileges management (EUVD-2026-31525)

A vulnerability classified as critical has been found in Wishlist Member Plugin up to 3.30.1 on WordPress. This affects the function Team_Accounts of the component REST API . Performing a manipulation…

VulDB Read →
⬡ Vulnerabilities & CVEs May 23, 2026
CVE-2026-6898 | Wishlist Member Plugin up to 3.30.1 on WordPress REST API generate_api_key privileges management (EUVD-2026-31523)

A vulnerability classified as critical was found in Wishlist Member Plugin up to 3.30.1 on WordPress. This vulnerability affects the function WishListMember3_Hooks::generate_api_key of the component R…

VulDB Read →
⬡ Vulnerabilities & CVEs May 23, 2026
CVE-2026-6895 | Wishlist Member Plugin up to 3.30.1 on WordPress REST API export_settings privileges management (EUVD-2026-31526)

A vulnerability, which was classified as critical , has been found in Wishlist Member Plugin up to 3.30.1 on WordPress. This issue affects the function export_settings of the component REST API . The …

VulDB Read →
⬡ Vulnerabilities & CVEs May 23, 2026
CVE-2026-9342 | SourceCodester Hospitals Patient Records Management System 1.0 view_history.php ID sql injection

A vulnerability, which was classified as critical , was found in SourceCodester Hospitals Patient Records Management System 1.0 . Impacted is an unknown function of the file /admin/patients/view_histo…

VulDB Read →
← Prev 465 / 1394 Next →