cyberintel.kalymoon.com · 20749 articles · updated every 4 hours · grows forever
A vulnerability categorized as critical has been discovered in smp46 pingvin-share-x up to 1.16.2 . This affects an unknown function. The manipulation results in improper authentication. This vulnerab…
A vulnerability identified as critical has been detected in Devolutions Server up to 2025.3.19.0/2026.1.15.0 . This impacts an unknown function of the component Notification Management Endpoint . This…
A vulnerability labeled as problematic has been found in horilla horilla-hr up to 1.5.0 . Affected is an unknown function of the component Notification Endpoint . Such manipulation leads to open redir…
A vulnerability marked as problematic has been reported in AntSwordProject antSword up to 2.1.15 . Affected by this vulnerability is the function noxss . Performing a manipulation results in cross sit…
A vulnerability described as critical has been identified in Cleanuparr up to 2.9.9 . Affected by this issue is some unknown functionality of the component X-Forwarded-For Handler . Executing a manipu…
A vulnerability classified as critical has been found in Intel QAT software drivers up to 1.12 on Windows. This affects an unknown part. The manipulation leads to out-of-bounds write. This vulnerabili…
A vulnerability classified as critical was found in Intel QAT software drivers up to 1.12 on Windows. This vulnerability affects unknown code. The manipulation results in improper input validation. Th…
A vulnerability, which was classified as critical , has been found in felippe-regazio ssrfcheck up to 1.3.0 . This issue affects the function isSSRFSafeURL of the component WHATWG URL Parser . This ma…
A vulnerability, which was classified as critical , was found in Cleanuparr up to 2.9.9 . Impacted is the function AllowCredentials of the component API Response Handler . Such manipulation leads to o…
A vulnerability has been found in dgtlmoon changedetection.io up to 0.55.0 and classified as problematic . The affected element is an unknown function of the component Backup Restore Handler . Perform…
A vulnerability was found in Pocketbase up to 0.22.41/0.37.3 and classified as critical . The impacted element is an unknown function of the component Password Reset Handler . Executing a manipulation…
A vulnerability was found in Shelf-nu shelf.nu up to 1.20.0 . It has been classified as problematic . This affects an unknown function of the file /assets of the component Query Parameter Handler . Th…
A vulnerability was found in LobeHub up to 2.1.47 . It has been declared as problematic . This impacts an unknown function of the file src/features/Portal/Artifacts/Body/Renderer/index.tsx of the comp…
A vulnerability was found in xibosignage xibo-cms up to 4.4.0 . It has been rated as critical . Affected is an unknown function. This manipulation causes server-side request forgery. This vulnerabilit…
Microsoft Incident Response investigated an attack operated through legitimate and trusted administrative mechanisms to blend seamlessly into routine operations and remain undetected demonstrating tha…
Read how to protect consumer websites and defend against modern DDoS attacks with layered security, resilient architecture, and graceful service degradation. The post Defending consumer web properties…
Google Says Criminals Used AI to Discover and Code Exploit A cybercriminal group came close to launching a mass attack earlier this year, armed with a software exploit that an AI model had built from …
German Financial Regulator Warns Sector to Step Up Defenses OpenAI is stepping up to do what arch-rival Anthropic still won't. The AI firm will give European authorities and companies access to its ne…
Every incident that damages a client starts with a moment of invisibility: a connection the SIEM didn’t flag, a domain the detection rules didn’t know about, an IOC that was active for two days before…
Ivanti has released its May 2026 Patch Tuesday security updates, disclosing vulnerabilities across four products while revealing that artificial intelligence tools are already helping its engineers un…
A single click can allow attackers to exploit a critical, unpatched flaw in Open WebUI to seize control of AI workspaces, execute remote code, hijack accounts, and steal sensitive chat histories. Disc…
A critical security flaw in Fortinet’s FortiSandbox platform is putting enterprise networks at serious risk, allowing unauthenticated attackers to execute arbitrary code or commands remotely, with no …
Fortinet released security advisories on May 12, 2026, addressing five vulnerabilities spanning its wireless access point controllers, network operating system, and enterprise management platforms, in…