cyberintel.kalymoon.com · 20893 articles · updated every 4 hours · grows forever
A vulnerability categorized as problematic has been discovered in YAFNET YetAnotherForum.NET up to 3.2.11/4.0.4 . This impacts an unknown function. The manipulation results in cross site scripting. Th…
A vulnerability identified as critical has been detected in pocket-id Pocket ID up to 2.5.x . Affected is the function createTokenFromRefreshToken of the component Refresh Token Handler . This manipul…
A vulnerability labeled as critical has been found in HashiCorp Tooling up to 0.41.x . Affected by this vulnerability is an unknown functionality. Such manipulation leads to link following. This vulne…
A vulnerability marked as problematic has been reported in Ivanti Secure Access Client up to 22.8R5 . Affected by this issue is some unknown functionality. Performing a manipulation results in incorre…
A vulnerability described as critical has been identified in Aas-ee open-webSearch up to 2.1.6 . This affects an unknown part. Executing a manipulation can lead to server-side request forgery. This vu…
A vulnerability classified as critical has been found in Ivanti Xtraction up to 2026.1 . This vulnerability affects unknown code of the component HTML File Handler . The manipulation leads to file inc…
A vulnerability classified as problematic was found in OALDERS LWP::UserAgent up to 6.82 on Perl. This issue affects some unknown processing. The manipulation results in insufficiently protected crede…
A vulnerability, which was classified as critical , has been found in Ivanti Virtual Traffic Manager up to 22.9r3 . Impacted is an unknown function. This manipulation causes os command injection. The …
A vulnerability, which was classified as critical , was found in Ivanti Endpoint Manager up to 2024 SU5 . The affected element is an unknown function of the component Web Console . Such manipulation l…
A vulnerability has been found in Ivanti Endpoint Manager up to 2024 SU5 and classified as problematic . The impacted element is an unknown function of the component Core Server . Performing a manipul…
A vulnerability was found in Mozilla Firefox up to 150.0.2 and classified as critical . This affects an unknown function of the component Profile Backup Component . Executing a manipulation can lead t…
A vulnerability was found in Ivanti Secure Access Client up to 22.8R5 . It has been classified as critical . This impacts an unknown function. The manipulation leads to race condition. This vulnerabil…
A vulnerability was found in Ivanti Endpoint Manager up to 2024 SU5 . It has been declared as critical . Affected is an unknown function. The manipulation results in incorrect permission assignment. T…
A critical security flaw has been identified in the Cline Kanban server that allows threat actors to exfiltrate workspace data and execute arbitrary code silently and remotely. Security researcher The…
North Korean hackers have found a new way to hide malware inside the tools that software developers rely on every single day. Instead of sending phishing emails or planting fake links, they are now bu…
A new wave of cyberattacks is putting Microsoft Teams users on high alert across organizations worldwide. Hackers have been found hijacking Teams accounts to impersonate IT support staff and push a da…
On May 12, 2026, SAP released its highly anticipated monthly Security Patch Day updates, addressing numerous severe security flaws across its entire enterprise software portfolio. The most alarming di…
A new and highly stealthy campaign distributing Vidar Stealer has surfaced, targeting Windows users with a sophisticated attack chain designed to slip past endpoint defenses and harvest sensitive cred…
A series of newly discovered vulnerabilities in Zoom’s software ecosystem could hand local attackers the keys to your system. As organizations continue to rely heavily on virtual meetings, threat acto…
A new and growing wave of phishing attacks is making credential theft easier than ever before. Threat actors are now using Vercel, a legitimate AI-powered web development platform, to build convincing…
Apple begins rolling out end-to-end encrypted RCS messaging between iPhone and Android in iOS 26.5
Mini Shai-Hulud compromises TanStack npm packages and spreads across PyPI
With Daybreak, OpenAI wants its frontier AI models to be used to deploy secure by design software from the ground up
OpenAI has unveiled Daybreak, its answer to Anthropic’s Claude Mythos, amid a growing market for frontier AI-powered cyber defense platforms. The initiative combines OpenAI’s large language models, Co…