CyberIntel ⬡ News
★ Saved ◆ Cyber Reads

// Vulnerabilities & CVEs
Intel Feed

cyberintel.kalymoon.com  ·  11120 articles  ·  updated every 4 hours · grows forever

11120Total
4287Full Text
Jul 08, 2026Latest
◈ Women in Cyber ◉ Threat Intelligence ◎ How-To & Tutorials ⬡ Vulnerabilities & CVEs 🔍 Digital Forensics ◍ Incident Response & DFIR ◆ Security Tools & Reviews ◇ Industry News & Leadership ✉ Email Security 🛡 Active Threats ⚠ Critical CVEs ◐ Insider Threat & DLP ◌ Quantum Computing ◬ AI & Machine Learning
🔥 Trending Topics · Last 48h
⬡ Vulnerabilities & CVEs Jun 09, 2026
CVE-2026-8882 | jdm-labs WP ApplicantStack Jobs Display Plugin up to 1.1.1 on WordPress Shortcode cross site scripting

A vulnerability classified as problematic was found in jdm-labs WP ApplicantStack Jobs Display Plugin up to 1.1.1 on WordPress. This affects an unknown function of the component Shortcode Handler . Th…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 09, 2026
CVE-2026-8902 | tierrainnovation AJAX Report Comments Plugin up to 2.0.4 on WordPress Setting already-reported rc_options_page cross-site request forgery

A vulnerability, which was classified as problematic , has been found in tierrainnovation AJAX Report Comments Plugin up to 2.0.4 on WordPress. This impacts the function rc_options_page of the file /f…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 09, 2026
CVE-2026-8907 | rahulbhangale WP-Ultimate-Map Plugin up to 1.1 on WordPress Setting process_init save-setting cross-site request forgery

A vulnerability, which was classified as problematic , was found in rahulbhangale WP-Ultimate-Map Plugin up to 1.1 on WordPress. Affected is the function process_init of the component Setting Handler …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 09, 2026
CVE-2026-8909 | rahulbhangale WpMobi Plugin up to 0.0.3 on WordPress Setting handleSaveGeneralSettings app_name cross-site request forgery

A vulnerability has been found in rahulbhangale WpMobi Plugin up to 0.0.3 on WordPress and classified as problematic . Affected by this vulnerability is the function handleSaveGeneralSettings of the c…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 09, 2026
CVE-2026-8910 | rahulbhangale WP Emoticon Rating Plugin up to 1.0.1 on WordPress Setting cross-site request forgery

A vulnerability was found in rahulbhangale WP Emoticon Rating Plugin up to 1.0.1 on WordPress and classified as problematic . Affected by this issue is some unknown functionality of the component Sett…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 09, 2026
CVE-2026-8977 | techjewel WP GDPR Cookie Consent Plugin up to 1.0.0 on WordPress Configuration handleAjaxCalls gdprConfig cross site scripting

A vulnerability was found in techjewel WP GDPR Cookie Consent Plugin up to 1.0.0 on WordPress. It has been classified as problematic . This affects the function handleAjaxCalls of the component Config…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 09, 2026
CVE-2026-9185 | sixstorage 6Storage Rentals Plugin up to 2.22.0 on WordPress Request six_storage_getUserInfo userId authorization

A vulnerability was found in sixstorage 6Storage Rentals Plugin up to 2.22.0 on WordPress. It has been declared as problematic . This vulnerability affects the function six_storage_getUserInfo of the …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 09, 2026
CVE-2026-8883 | helpstring Global Body Mass Index Calculator Plugin up to 1.2 on WordPress Shortcode GBMI_Calc_Widget::widget args cross site scripting

A vulnerability was found in helpstring Global Body Mass Index Calculator Plugin up to 1.2 on WordPress. It has been rated as problematic . This issue affects the function GBMI_Calc_Widget::widget of …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 09, 2026
CVE-2026-10553 | weaverlancegmailcom jQuery Hover Footnotes Plugin up to 1.4 on WordPress Setting update_option cross-site request forgery

A vulnerability categorized as problematic has been discovered in weaverlancegmailcom jQuery Hover Footnotes Plugin up to 1.4 on WordPress. Impacted is the function update_option of the component Sett…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 09, 2026
CVE-2026-41975 | Huawei HarmonyOS 6.0.0/6.1.0 Network Management permission

A vulnerability identified as critical has been detected in Huawei HarmonyOS 6.0.0/6.1.0 . The affected element is an unknown function of the component Network Management Module . Performing a manipul…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 09, 2026
CVE-2026-41978 | Huawei HarmonyOS 6.0.0/6.1.0 Clone permission

A vulnerability labeled as critical has been found in Huawei HarmonyOS 6.0.0/6.1.0 . The impacted element is an unknown function of the component Clone Module . Executing a manipulation can lead to pe…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 09, 2026
CVE-2026-41979 | Huawei HarmonyOS 6.0.0/6.1.0 Print

A vulnerability marked as problematic has been reported in Huawei HarmonyOS 6.0.0/6.1.0 . This affects an unknown function of the component Print Module . The manipulation leads to an unknown weakness…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 09, 2026
CVE-2026-41980 | Huawei HarmonyOS 6.0.0/6.1.0 File Preview information disclosure

A vulnerability described as problematic has been identified in Huawei HarmonyOS 6.0.0/6.1.0 . This impacts an unknown function of the component File Preview Module . The manipulation results in infor…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 09, 2026
CVE-2026-25688 | Apache Answer up to 2.0.0 AI Answer Rendering cross site scripting

A vulnerability classified as problematic has been found in Apache Answer up to 2.0.0 . Affected is an unknown function of the component AI Answer Rendering . This manipulation causes cross site scrip…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 09, 2026
CVE-2026-25699 | Apache Answer up to 2.0.0 Timeline API authorization

A vulnerability classified as problematic was found in Apache Answer up to 2.0.0 . Affected by this vulnerability is an unknown functionality of the component Timeline API . Such manipulation leads to…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 09, 2026
CVE-2026-33582 | Apache Answer up to 2.0.0 TIFF File unrestricted upload

A vulnerability, which was classified as critical , has been found in Apache Answer up to 2.0.0 . Affected by this issue is some unknown functionality of the component TIFF File Handler . Performing a…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 09, 2026
CVE-2026-34031 | Apache Answer up to 2.0.0 Custom Avatar unrestricted upload

A vulnerability, which was classified as critical , was found in Apache Answer up to 2.0.0 . This affects an unknown part of the component Custom Avatar Handler . Executing a manipulation can lead to …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 09, 2026
CVE-2026-34033 | hapijs content up to 2.0.0 Email cross site scripting

A vulnerability has been found in hapijs content up to 2.0.0 and classified as problematic . This vulnerability affects unknown code of the component Email Handler . The manipulation leads to cross si…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 09, 2026
CVE-2026-34905 | Apache Answer up to 2.0.0 API information disclosure

A vulnerability was found in Apache Answer up to 2.0.0 and classified as problematic . This issue affects some unknown processing of the component API . The manipulation results in information disclos…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 09, 2026
CVE-2026-4986 | WPForms Plugin 1.9.1.6/1.9.2.3/1.10.0.1 on WordPress Transaction authorization

A vulnerability was found in WPForms Plugin 1.9.1.6/1.9.2.3/1.10.0.1 on WordPress. It has been classified as critical . Impacted is an unknown function of the component Transaction Handler . This mani…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 09, 2026
CVE-2026-8981 | Custom Block Builder Plugin up to 4.2.x on WordPress Installation cross site scripting

A vulnerability was found in Custom Block Builder Plugin up to 4.2.x on WordPress. It has been declared as problematic . The affected element is an unknown function of the component Installation Handl…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 09, 2026
CVE-2026-11572 | degit up to 2.8.5/3.3.0 exec os command injection (SNYK-JS-DEGIT-17116207)

A vulnerability was found in degit up to 2.8.5/3.3.0 . It has been rated as critical . The impacted element is the function exec . Performing a manipulation results in os command injection. This vulne…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 09, 2026
CVE-2026-5067 | zephyrproject-rtos Zephyr up to 4.3.0 WebSocket Upgrade strlen null termination (GHSA-wgr4-9pwq-94vj)

A vulnerability categorized as very critical has been discovered in zephyrproject-rtos Zephyr up to 4.3.0 . This affects the function strlen of the component WebSocket Upgrade Handler . Executing a ma…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 09, 2026
CVE-2026-41539 | QNAP QTS/QuTS hero cross site scripting (qsa-26-31)

A vulnerability identified as problematic has been detected in QNAP QTS and QuTS hero . This impacts an unknown function. The manipulation leads to cross site scripting. This vulnerability is referenc…

VulDB Read →
← Prev 125 / 464 Next →