CyberIntel ⬡ News
★ Saved ◆ Cyber Reads

// Cyber
Intel Feed

cyberintel.kalymoon.com  ·  36782 articles  ·  updated every 4 hours · grows forever

36782Total
27348Full Text
Jul 16, 2026Latest
◈ Women in Cyber ◉ Threat Intelligence ◎ How-To & Tutorials ⬡ Vulnerabilities & CVEs 🔍 Digital Forensics ◍ Incident Response & DFIR ◆ Security Tools & Reviews ◇ Industry News & Leadership ✉ Email Security 🛡 Active Threats ⚠ Critical CVEs ◐ Insider Threat & DLP ◌ Quantum Computing ◬ AI & Machine Learning
🔥 Trending Topics · Last 48h
⬡ Vulnerabilities & CVEs May 20, 2026
CVE-2026-32741 | strukturag libheif up to 1.21.x AVIF File decode_mask_image heap-based overflow

A vulnerability classified as critical has been found in strukturag libheif up to 1.21.x . Affected by this vulnerability is the function MaskImageCodec::decode_mask_image of the component AVIF File H…

VulDB Read →
⬡ Vulnerabilities & CVEs May 20, 2026
CVE-2026-6009 | Jaspersoft JasperReports Library Community Edition up to 7.0.6 deserialization

A vulnerability classified as critical was found in Jaspersoft JasperReports Library Community Edition, Studio Community Edition, JasperReports Server, JasperReports Library Professional, Studio Profe…

VulDB Read →
⬡ Vulnerabilities & CVEs May 20, 2026
CVE-2026-8604 | ScadaBR 1.2.0 cross-site request forgery (icsa-26-139-03)

A vulnerability, which was classified as problematic , has been found in ScadaBR 1.2.0 . This affects an unknown part. This manipulation causes cross-site request forgery. The identification of this v…

VulDB Read →
⬡ Vulnerabilities & CVEs May 20, 2026
CVE-2026-33637 | lostisland faraday up to 2.14.2 build_exclusive_url server-side request forgery (GHSA-33mh-2634-fwr2)

A vulnerability, which was classified as critical , was found in lostisland faraday up to 2.14.2 . This vulnerability affects the function build_exclusive_url . Such manipulation leads to server-side …

VulDB Read →
⬡ Vulnerabilities & CVEs May 20, 2026
CVE-2026-47356 | Tenable Terrascan up to 1.18.3 File Scan Endpoint webhook_url server-side request forgery

A vulnerability has been found in Tenable Terrascan up to 1.18.3 and classified as critical . This issue affects some unknown processing of the file /v1/{iac}/{iacVersion}/{cloud}/local/file/scan of t…

VulDB Read →
⬡ Vulnerabilities & CVEs May 20, 2026
CVE-2026-47357 | Tenable Terrascan up to 1.18.3 Remote Directory Scan Endpoint remote_type remote_url server-side request forgery

A vulnerability was found in Tenable Terrascan up to 1.18.3 and classified as critical . Impacted is the function remote_type of the file /v1/{iac}/{iacVersion}/{cloud}/remote/dir/scan of the componen…

VulDB Read →
⬡ Vulnerabilities & CVEs May 20, 2026
CVE-2026-47358 | Tenable Terrascan up to 1.18.3 Remote Scan Endpoint Stack server-side request forgery

A vulnerability was found in Tenable Terrascan up to 1.18.3 . It has been classified as critical . The affected element is the function AWS::CloudFormation::Stack of the component Remote Scan Endpoint…

VulDB Read →
⬡ Vulnerabilities & CVEs May 20, 2026
CVE-2026-8603 | ScadaBR 1.2.0 os command injection (icsa-26-139-03)

A vulnerability was found in ScadaBR 1.2.0 . It has been declared as critical . The impacted element is an unknown function. The manipulation results in os command injection. This vulnerability is cat…

VulDB Read →
⬡ Vulnerabilities & CVEs May 20, 2026
CVE-2026-34216 | Ctrlpanel-gg panel up to 1.1.x Admin Settings Update Endpoint update settings_class externally-controlled input to select classes or code (EUVD-2026-30983)

A vulnerability was found in Ctrlpanel-gg panel up to 1.1.x . It has been rated as problematic . This affects the function update of the component Admin Settings Update Endpoint . This manipulation of…

VulDB Read →
⬡ Vulnerabilities & CVEs May 20, 2026
CVE-2026-34233 | Ctrlpanel-gg panel up to 1.1.x DataTable Endpoint /admin/ datatable access control (EUVD-2026-30985)

A vulnerability categorized as critical has been discovered in Ctrlpanel-gg panel up to 1.1.x . This impacts the function datatable of the file /admin/ of the component DataTable Endpoint . Such manip…

VulDB Read →
⬡ Vulnerabilities & CVEs May 20, 2026
CVE-2025-57798 | laurent22 joplin up to 3.7.0 Local Web Service API Title allocation of resources

A vulnerability identified as problematic has been detected in laurent22 joplin up to 3.7.0 . Affected is an unknown function of the component Local Web Service API . Performing a manipulation of the …

VulDB Read →
⬡ Vulnerabilities & CVEs May 20, 2026
CVE-2026-8706 | Mozilla Firefox up to 150.x on iOS Hosted Reader Mode information disclosure

A vulnerability labeled as problematic has been found in Mozilla Firefox up to 150.x on iOS. Affected by this vulnerability is an unknown functionality of the component Hosted Reader Mode . Executing …

VulDB Read →
⬡ Vulnerabilities & CVEs May 20, 2026
CVE-2026-8605 | ScadaBR 1.2.0 hard-coded credentials (icsa-26-139-03)

A vulnerability marked as critical has been reported in ScadaBR 1.2.0 . Affected by this issue is some unknown functionality. The manipulation leads to hard-coded credentials. This vulnerability is tr…

VulDB Read →
⬡ Vulnerabilities & CVEs May 20, 2026
CVE-2026-34234 | Ctrlpanel-gg panel up to 1.1.x os command injection (GHSA-jmhr-q9q5-fqwh)

A vulnerability described as critical has been identified in Ctrlpanel-gg panel up to 1.1.x . This affects an unknown part. The manipulation results in os command injection. This vulnerability is know…

VulDB Read →
⬡ Vulnerabilities & CVEs May 20, 2026
CVE-2026-34390 | mantisbt Mantis Bug Tracker up to 2.28.1 Custom Fields manage_proj_user_add.php access control (GHSA-frf7-jhp9-jxm6)

A vulnerability classified as critical has been found in mantisbt Mantis Bug Tracker up to 2.28.1 . This vulnerability affects unknown code of the file manage_proj_user_add.php of the component Custom…

VulDB Read →
⬡ Vulnerabilities & CVEs May 20, 2026
CVE-2026-34463 | mantisbt Mantis Bug Tracker up to 2.28.1 Project Name bug_report_page.php cross site scripting (GHSA-fvjf-68wh-rwp2)

A vulnerability classified as problematic was found in mantisbt Mantis Bug Tracker up to 2.28.1 . This issue affects some unknown processing of the file bug_report_page.php of the component Project Na…

VulDB Read →
⬡ Vulnerabilities & CVEs May 20, 2026
CVE-2026-34358 | Ctrlpanel-gg panel up to 1.1.x PATCH Request store/update access control (GHSA-pxmw-gj52-9p68 / EUVD-2026-30993)

A vulnerability, which was classified as critical , has been found in Ctrlpanel-gg panel up to 1.1.x . Impacted is the function store/update of the component PATCH Request Handler . Performing a manip…

VulDB Read →
⬡ Vulnerabilities & CVEs May 20, 2026
CVE-2026-34246 | Ctrlpanel-gg panel up to 1.1.x Admin Role Management Interface RoleController.php datatable role cross site scripting (GHSA-wpqj-xwhq-2mmh / EUVD-2026-30986)

A vulnerability, which was classified as problematic , was found in Ctrlpanel-gg panel up to 1.1.x . The affected element is the function datatable of the file app/Http/Controllers/Admin/RoleControlle…

VulDB Read →
⬡ Vulnerabilities & CVEs May 20, 2026
CVE-2025-15645 | Ledger Nano X/Flex/Stax up to 2.4.1 MCU Firmware Update reset_handler improper validation of specified quantity in input (EUVD-2025-209901)

A vulnerability has been found in Ledger Nano X, Flex and Stax up to 2.4.1 and classified as problematic . The impacted element is an unknown function of the component MCU Firmware Update Handler . Th…

VulDB Read →
⬡ Vulnerabilities & CVEs May 20, 2026
CVE-2026-5090 | TODDR Template::Plugin::HTML up to 3.102 on Perl HTML Attribute var HTML injection (Issue 327 / EUVD-2026-30995)

A vulnerability was found in TODDR Template::Plugin::HTML up to 3.102 on Perl and classified as problematic . This affects an unknown function of the component HTML Attribute Handler . The manipulatio…

VulDB Read →
⬡ Vulnerabilities & CVEs May 20, 2026
CVE-2024-36343 | AMD EPYC 4004 System Management Mode buffer underflow

A vulnerability was found in AMD EPYC 4004, EPYC 4005, Ryzen 6000 Processors with Radeon Graphics, Ryzen 7040 Mobile Processors with Radeon Graphics, Ryzen 7045 Mobile Processors with Radeon Graphics,…

VulDB Read →
⬡ Vulnerabilities & CVEs May 20, 2026
CVE-2023-7345 | Ledger ledgerhq/hw-app-eth/Live up to 6.34.6 Data Message type conversion (EUVD-2023-60576)

A vulnerability was found in Ledger ledgerhq, hw-app-eth and Live up to 6.34.6 . It has been declared as problematic . Affected is an unknown function of the component Data Message Handler . Such mani…

VulDB Read →
⬡ Vulnerabilities & CVEs May 20, 2026
CVE-2026-34241 | Ctrlpanel-gg panel up to 1.1.x newmessage cross site scripting (GHSA-cmrr-q3hw-3vqh)

A vulnerability was found in Ctrlpanel-gg panel up to 1.1.x . It has been rated as problematic . Affected by this vulnerability is an unknown functionality. Performing a manipulation of the argument n…

VulDB Read →
◇ Industry News & Leadership May 20, 2026
Non-Human Identities: The Next Security Blind Spot
Data Breach Today Read →
← Prev 645 / 1533 Next →