CyberIntel ⬡ News
★ Saved ◆ Cyber Reads

// Vulnerabilities & CVEs
Intel Feed

cyberintel.kalymoon.com  ·  10918 articles  ·  updated every 4 hours · grows forever

10918Total
4273Full Text
Jul 06, 2026Latest
◈ Women in Cyber ◉ Threat Intelligence ◎ How-To & Tutorials ⬡ Vulnerabilities & CVEs 🔍 Digital Forensics ◍ Incident Response & DFIR ◆ Security Tools & Reviews ◇ Industry News & Leadership ✉ Email Security 🛡 Active Threats ⚠ Critical CVEs ◐ Insider Threat & DLP ◌ Quantum Computing ◬ AI & Machine Learning
🔥 Trending Topics · Last 48h
⬡ Vulnerabilities & CVEs Jun 13, 2026
CVE-2026-12143 | form-data up to 2.5.5/3.0.4/4.0.5 crlf injection (GHSA-hmw2-7cc7-3qxx)

A vulnerability identified as critical has been detected in form-data up to 2.5.5/3.0.4/4.0.5 . Affected by this issue is some unknown functionality. Performing a manipulation results in crlf injectio…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 13, 2026
CVE-2026-48165 | MariaDB Server up to 12.3.1 os command injection (GHSA-7v3p-h23x-8hwv / EUVD-2026-36520)

A vulnerability labeled as critical has been found in MariaDB Server up to 10.6.26/10.11.17/11.4.11/11.8.7/12.3.1 . This affects an unknown part. Executing a manipulation can lead to os command inject…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 13, 2026
CVE-2026-48163 | MariaDB Server up to 12.3.1 joiner os command injection (GHSA-rpgv-q6gv-684r)

A vulnerability marked as critical has been reported in MariaDB Server up to 10.6.26/10.11.17/11.4.11/11.8.7/12.3.1 . This vulnerability affects unknown code of the component joiner Handler . The mani…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 13, 2026
CVE-2026-42932 | Naxclow Smart Doorbell X3/X Smart Home/V720/ix cam Device Identifier generation of predictable numbers or identifiers (icsa-26-162-02)

A vulnerability described as problematic has been identified in Naxclow Smart Doorbell X3, X Smart Home, V720 and ix cam . This issue affects some unknown processing of the component Device Identifier…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 13, 2026
CVE-2026-42947 | Naxclow Smart Doorbell X3/X Smart Home/V720/ix cam authorization (icsa-26-162-02)

A vulnerability classified as very critical has been found in Naxclow Smart Doorbell X3, X Smart Home, V720 and ix cam . Impacted is an unknown function. This manipulation causes authorization bypass.…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 13, 2026
CVE-2026-50244 | Naxclow Smart Doorbell X3/X Smart Home/V720/ix cam Registration Endpoint authorization (icsa-26-162-02)

A vulnerability classified as problematic was found in Naxclow Smart Doorbell X3, X Smart Home, V720 and ix cam . The affected element is an unknown function of the component Registration Endpoint . S…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 13, 2026
CVE-2026-42850 | kovidgoyal kitty up to 0.46.x command injection (GHSA-p64q-59hq-5q65 / EUVD-2026-36553)

A vulnerability, which was classified as critical , has been found in kovidgoyal kitty up to 0.46.x . The impacted element is an unknown function. Performing a manipulation results in command injectio…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 13, 2026
CVE-2026-54358 | MISP up to 2.5.39 Password Reset authorization (EUVD-2026-36550)

A vulnerability, which was classified as problematic , was found in MISP up to 2.5.39 . This affects an unknown function of the component Password Reset Handler . Executing a manipulation can lead to …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 13, 2026
CVE-2026-42604 | actualbudget actual up to 26.4.x Endpoint /openid/config authorization (GHSA-49v6-pqjq-xw55)

A vulnerability has been found in actualbudget actual up to 26.4.x and classified as critical . This impacts an unknown function of the file /openid/config of the component Endpoint . The manipulation…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 13, 2026
CVE-2026-28742 | Naxclow Smart Doorbell X3/X Smart Home/V720/ix cam Firmware Image hard-coded key (icsa-26-162-02)

A vulnerability was found in Naxclow Smart Doorbell X3, X Smart Home, V720 and ix cam and classified as very critical . Affected is an unknown function of the component Firmware Image Handler . The ma…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 13, 2026
CVE-2026-50099 | Naxclow Smart Doorbell X3/X Smart Home/V720/ix cam Setting file information disclosure (icsa-26-162-02)

A vulnerability was found in Naxclow Smart Doorbell X3, X Smart Home, V720 and ix cam . It has been classified as problematic . Affected by this vulnerability is an unknown functionality of the compon…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 13, 2026
CVE-2026-53724 | parse-community parse-server up to 8.6.78/9.9.1-alpha.3 Default File Upload Extension unrestricted upload (GHSA-7wqv-xjf3-x35v / EUVD-2026-36539)

A vulnerability was found in parse-community parse-server up to 8.6.78/9.9.1-alpha.3 . It has been declared as critical . Affected by this issue is some unknown functionality of the component Default …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 13, 2026
CVE-2026-50552 | Koel up to 9.7.0 Radio Station Creation Endpoint /api/radio/stations url server-side request forgery (GHSA-jr4p-4xjh-fwvw)

A vulnerability was found in Koel up to 9.7.0 . It has been rated as critical . This affects an unknown part of the file /api/radio/stations of the component Radio Station Creation Endpoint . Performi…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 13, 2026
CVE-2026-10715 | Camaleon CMS 2.9.2 Administrator Draft Autosave Endpoint /admin/post_type authorization

A vulnerability categorized as problematic has been discovered in Camaleon CMS 2.9.2 . This vulnerability affects unknown code of the file /admin/post_type of the component Administrator Draft Autosav…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 13, 2026
CVE-2026-54055 | kovidgoyal kitty up to 0.47.1 os.open link following (GHSA-q446-x7q6-vcxh / EUVD-2026-36556)

A vulnerability identified as critical has been detected in kovidgoyal kitty up to 0.47.1 . This issue affects the function os.open . The manipulation leads to link following. This vulnerability is re…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 13, 2026
CVE-2026-43872 | actualbudget actual up to 26.4.x path traversal (GHSA-4wf8-vhhr-4gpv)

A vulnerability labeled as critical has been found in actualbudget actual up to 26.4.x . Impacted is an unknown function. The manipulation results in path traversal. This vulnerability is identified a…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 13, 2026
CVE-2026-53408 | Zoom Workplace/Meeting SDK Custom URL Scheme improper authorization in handler for custom url scheme

A vulnerability marked as critical has been reported in Zoom Workplace and Meeting SDK . The affected element is an unknown function of the component Custom URL Scheme Handler . This manipulation caus…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 12, 2026
CVE-2026-45536 | Netty prior 4.1.135.Final/4.2.15.Final MSG_CTRUNC cmsg_len information disclosure

A vulnerability was found in Netty . It has been declared as problematic . The impacted element is an unknown function of the component MSG_CTRUNC Handler . Such manipulation of the argument cmsg_len …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 12, 2026
CVE-2026-7368 | Yarbo App/Cloud MQTT infrastructure prior 3.17.4 authorization (icsa-26-162-01)

A vulnerability was found in Yarbo App and Cloud MQTT infrastructure . It has been rated as critical . This affects an unknown function. Performing a manipulation results in missing authorization. Thi…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 12, 2026
CVE-2026-44894 | Netty up to 8.0 writeToken verification of source

A vulnerability categorized as problematic has been discovered in Netty up to 8.0 . This impacts the function writeToken . Executing a manipulation can lead to improper verification of source of a com…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 12, 2026
CVE-2026-47137 | patriksimek vm2 up to 3.11.3 Configuration dynamically-managed code resources

A vulnerability identified as critical has been detected in patriksimek vm2 up to 3.11.3 . Affected is an unknown function of the component Configuration Handler . The manipulation leads to dynamicall…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 12, 2026
CVE-2026-47139 | patriksimek vm2 up to 3.11.3 Configuration protection mechanism

A vulnerability labeled as problematic has been found in patriksimek vm2 up to 3.11.3 . Affected by this vulnerability is an unknown functionality of the component Configuration Handler . The manipula…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 12, 2026
CVE-2026-47140 | patriksimek vm2 up to 3.11.3 protection mechanism

A vulnerability marked as critical has been reported in patriksimek vm2 up to 3.11.3 . Affected by this issue is some unknown functionality. This manipulation causes protection mechanism failure. This…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 12, 2026
CVE-2026-47210 | patriksimek vm2 up to 3.11.3 Promise.prototype.finally dynamically-managed code resources

A vulnerability described as critical has been identified in patriksimek vm2 up to 3.11.3 . This affects the function Promise.prototype.finally . Such manipulation leads to dynamically-managed code re…

VulDB Read →
← Prev 100 / 455 Next →