CyberIntel ⬡ News
★ Saved ◆ Cyber Reads

// Vulnerabilities & CVEs
Intel Feed

cyberintel.kalymoon.com  ·  11423 articles  ·  updated every 4 hours · grows forever

11423Total
4295Full Text
Jul 10, 2026Latest
◈ Women in Cyber ◉ Threat Intelligence ◎ How-To & Tutorials ⬡ Vulnerabilities & CVEs 🔍 Digital Forensics ◍ Incident Response & DFIR ◆ Security Tools & Reviews ◇ Industry News & Leadership ✉ Email Security 🛡 Active Threats ⚠ Critical CVEs ◐ Insider Threat & DLP ◌ Quantum Computing ◬ AI & Machine Learning
🔥 Trending Topics · Last 48h
⬡ Vulnerabilities & CVEs Jun 09, 2026
CVE-2026-41975 | Huawei HarmonyOS 6.0.0/6.1.0 Network Management permission

A vulnerability identified as critical has been detected in Huawei HarmonyOS 6.0.0/6.1.0 . The affected element is an unknown function of the component Network Management Module . Performing a manipul…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 09, 2026
CVE-2026-41978 | Huawei HarmonyOS 6.0.0/6.1.0 Clone permission

A vulnerability labeled as critical has been found in Huawei HarmonyOS 6.0.0/6.1.0 . The impacted element is an unknown function of the component Clone Module . Executing a manipulation can lead to pe…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 09, 2026
CVE-2026-41979 | Huawei HarmonyOS 6.0.0/6.1.0 Print

A vulnerability marked as problematic has been reported in Huawei HarmonyOS 6.0.0/6.1.0 . This affects an unknown function of the component Print Module . The manipulation leads to an unknown weakness…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 09, 2026
CVE-2026-41980 | Huawei HarmonyOS 6.0.0/6.1.0 File Preview information disclosure

A vulnerability described as problematic has been identified in Huawei HarmonyOS 6.0.0/6.1.0 . This impacts an unknown function of the component File Preview Module . The manipulation results in infor…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 09, 2026
CVE-2026-25688 | Apache Answer up to 2.0.0 AI Answer Rendering cross site scripting

A vulnerability classified as problematic has been found in Apache Answer up to 2.0.0 . Affected is an unknown function of the component AI Answer Rendering . This manipulation causes cross site scrip…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 09, 2026
CVE-2026-25699 | Apache Answer up to 2.0.0 Timeline API authorization

A vulnerability classified as problematic was found in Apache Answer up to 2.0.0 . Affected by this vulnerability is an unknown functionality of the component Timeline API . Such manipulation leads to…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 09, 2026
CVE-2026-33582 | Apache Answer up to 2.0.0 TIFF File unrestricted upload

A vulnerability, which was classified as critical , has been found in Apache Answer up to 2.0.0 . Affected by this issue is some unknown functionality of the component TIFF File Handler . Performing a…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 09, 2026
CVE-2026-34031 | Apache Answer up to 2.0.0 Custom Avatar unrestricted upload

A vulnerability, which was classified as critical , was found in Apache Answer up to 2.0.0 . This affects an unknown part of the component Custom Avatar Handler . Executing a manipulation can lead to …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 09, 2026
CVE-2026-34033 | hapijs content up to 2.0.0 Email cross site scripting

A vulnerability has been found in hapijs content up to 2.0.0 and classified as problematic . This vulnerability affects unknown code of the component Email Handler . The manipulation leads to cross si…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 09, 2026
CVE-2026-34905 | Apache Answer up to 2.0.0 API information disclosure

A vulnerability was found in Apache Answer up to 2.0.0 and classified as problematic . This issue affects some unknown processing of the component API . The manipulation results in information disclos…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 09, 2026
CVE-2026-4986 | WPForms Plugin 1.9.1.6/1.9.2.3/1.10.0.1 on WordPress Transaction authorization

A vulnerability was found in WPForms Plugin 1.9.1.6/1.9.2.3/1.10.0.1 on WordPress. It has been classified as critical . Impacted is an unknown function of the component Transaction Handler . This mani…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 09, 2026
CVE-2026-8981 | Custom Block Builder Plugin up to 4.2.x on WordPress Installation cross site scripting

A vulnerability was found in Custom Block Builder Plugin up to 4.2.x on WordPress. It has been declared as problematic . The affected element is an unknown function of the component Installation Handl…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 09, 2026
CVE-2026-11572 | degit up to 2.8.5/3.3.0 exec os command injection (SNYK-JS-DEGIT-17116207)

A vulnerability was found in degit up to 2.8.5/3.3.0 . It has been rated as critical . The impacted element is the function exec . Performing a manipulation results in os command injection. This vulne…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 09, 2026
CVE-2026-5067 | zephyrproject-rtos Zephyr up to 4.3.0 WebSocket Upgrade strlen null termination (GHSA-wgr4-9pwq-94vj)

A vulnerability categorized as very critical has been discovered in zephyrproject-rtos Zephyr up to 4.3.0 . This affects the function strlen of the component WebSocket Upgrade Handler . Executing a ma…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 09, 2026
CVE-2026-41539 | QNAP QTS/QuTS hero cross site scripting (qsa-26-31)

A vulnerability identified as problematic has been detected in QNAP QTS and QuTS hero . This impacts an unknown function. The manipulation leads to cross site scripting. This vulnerability is referenc…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 09, 2026
CVE-2026-46484 | tale headplane up to 0.6.2/0.7.0-beta.2 Headscale API path traversal

A vulnerability classified as critical was found in tale headplane up to 0.6.2/0.7.0-beta.2 . Affected by this vulnerability is an unknown functionality of the component Headscale API . Executing a ma…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 09, 2026
CVE-2026-47344 | TYPO3 HTML Sanitizer up to 2.3.1 cross site scripting

A vulnerability, which was classified as problematic , has been found in TYPO3 HTML Sanitizer up to 2.3.1 . Affected by this issue is some unknown functionality. The manipulation leads to cross site s…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 09, 2026
CVE-2026-47345 | TYPO3 HTML Sanitizer up to 2.3.1 cross site scripting

A vulnerability, which was classified as problematic , was found in TYPO3 HTML Sanitizer up to 2.3.1 . This affects an unknown part. The manipulation results in cross site scripting. This vulnerabilit…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 09, 2026
CVE-2026-40519 | NginxProxyManager nginx-proxy-manager up to 2.15.1 backend/setup.js setupCertbotPlugins dns_provider_credentials os command injection

A vulnerability has been found in NginxProxyManager nginx-proxy-manager up to 2.15.1 and classified as critical . This vulnerability affects the function setupCertbotPlugins of the file backend/setup.…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 09, 2026
CVE-2026-49141 | ArnasDon wacrm authorization

A vulnerability was found in ArnasDon wacrm and classified as problematic . This issue affects some unknown processing. Such manipulation leads to authorization bypass. This vulnerability is documente…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 09, 2026
CVE-2026-35058 | OpenVPN up to 2.6.19/2.7.1 Packet Length assertion

A vulnerability was found in OpenVPN up to 2.6.19/2.7.1 . It has been classified as problematic . Impacted is an unknown function of the component Packet Length Handler . Performing a manipulation res…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 09, 2026
CVE-2026-11618 | DTStack Taier up to 1.4.0 Source Connection Test Endpoint LoginInterceptor.java preHandle improper authentication (Issue 1194)

A vulnerability was found in DTStack Taier up to 1.4.0 . It has been declared as critical . The affected element is the function preHandle of the file taier-data-develop/src/main/java/com/dtstack/taie…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 09, 2026
CVE-2026-11619 | Dolibarr ERP CRM up to 23.0.2 Legacy Filemanager config.inc.php improper authorization

A vulnerability was found in Dolibarr ERP CRM up to 23.0.2 . It has been rated as critical . The impacted element is an unknown function of the file htdocs/core/filemanagerdol/connectors/php/config.in…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 09, 2026
CVE-2026-11620 | TOTOLINK EX200 4.0.3c.7646 vsftpd /etc/vsftpd.conf least privilege violation

A vulnerability categorized as critical has been discovered in TOTOLINK EX200 4.0.3c.7646 . This affects an unknown function of the file /etc/vsftpd.conf of the component vsftpd . The manipulation res…

VulDB Read →
← Prev 138 / 476 Next →