CyberIntel ⬡ News
★ Saved ◆ Cyber Reads

// Vulnerabilities & CVEs
Intel Feed

cyberintel.kalymoon.com  ·  11514 articles  ·  updated every 4 hours · grows forever

11514Total
4295Full Text
Jul 10, 2026Latest
◈ Women in Cyber ◉ Threat Intelligence ◎ How-To & Tutorials ⬡ Vulnerabilities & CVEs 🔍 Digital Forensics ◍ Incident Response & DFIR ◆ Security Tools & Reviews ◇ Industry News & Leadership ✉ Email Security 🛡 Active Threats ⚠ Critical CVEs ◐ Insider Threat & DLP ◌ Quantum Computing ◬ AI & Machine Learning
🔥 Trending Topics · Last 48h
⬡ Vulnerabilities & CVEs Jun 07, 2026
CVE-2026-11502 | JeecgBoot up to 3.9.2 Third-Party Login ThirdLoginController.java HttpServletResponse.sendRedirect state redirect (Issue 9639)

A vulnerability marked as problematic has been reported in JeecgBoot up to 3.9.2 . Impacted is the function HttpServletResponse.sendRedirect of the file jeecg-module-system/jeecg-system-biz/src/main/j…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 07, 2026
CVE-2026-11503 | Tenda CX12L 16.03.53.12 Wi-Fi Configuration Endpoint fast_setting_wifi_set form_fast_setting_wifi_set ssid stack-based overflow

A vulnerability described as critical has been identified in Tenda CX12L 16.03.53.12 . The affected element is the function form_fast_setting_wifi_set of the file /goform/fast_setting_wifi_set of the …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 07, 2026
CVE-2026-11504 | Tenda CX12L 16.03.53.12 Wi-Fi Schedule Configuration Endpoint /goform/openSchedWifi setSchedWifi schedStartTime/schedEndTime stack-based overflow

A vulnerability classified as critical has been found in Tenda CX12L 16.03.53.12 . The impacted element is the function setSchedWifi of the file /goform/openSchedWifi of the component Wi-Fi Schedule C…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 07, 2026
CVE-2026-11505 | GL.iNet XE3000 4.8.x glnassys hard-coded key

A vulnerability classified as critical was found in GL.iNet A1300, AX1800, AXT1800, MT2500, MT3000, MT6000, X3000 and XE3000 4.8.x . This affects an unknown function of the component glnassys . Execut…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 07, 2026
CVE-2026-11506 | CodeAstro Leave Management System 1.0 search_staff_for_deletion.php Name sql injection

A vulnerability, which was classified as critical , has been found in CodeAstro Leave Management System 1.0 . This impacts an unknown function of the file /admin/search_staff_for_deletion.php . The ma…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 07, 2026
CVE-2026-11507 | CodeAstro Leave Management System 1.0 delete_leave_type.php leave_type sql injection

A vulnerability, which was classified as critical , was found in CodeAstro Leave Management System 1.0 . Affected is an unknown function of the file /admin/delete_leave_type.php . The manipulation of …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 07, 2026
CVE-2026-11508 | CodeAstro Leave Management System 1.0 search_staff_to_assign_pc.php Name sql injection

A vulnerability has been found in CodeAstro Leave Management System 1.0 and classified as critical . Affected by this vulnerability is an unknown functionality of the file /admin/search_staff_to_assig…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 07, 2026
CVE-2026-11509 | CodeAstro Leave Management System 1.0 search_staff_for_updation.php Name sql injection

A vulnerability was found in CodeAstro Leave Management System 1.0 and classified as critical . Affected by this issue is some unknown functionality of the file /admin/search_staff_for_updation.php . …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 07, 2026
CVE-2026-11510 | CodeAstro Leave Management System 1.0 /admin/add_leave.php type_of_leave sql injection

A vulnerability was found in CodeAstro Leave Management System 1.0 . It has been classified as critical . This affects an unknown part of the file /admin/add_leave.php . Performing a manipulation of t…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 07, 2026
Cisco SD-WAN 7th Zero-Day 2026: CVE-2026-20245 Exploited, No Fix - abhs.in

Cisco SD-WAN 7th Zero-Day 2026: CVE-2026-20245 Exploited, No Fix abhs.in

abhs.in Read →
⬡ Vulnerabilities & CVEs Jun 07, 2026
CVE-2026-26422 | Clash Verge Rev clash-verge-service-ipc up to 2.2.x IPC Endpoint permission assignment

A vulnerability labeled as problematic has been found in Clash Verge Rev clash-verge-service-ipc up to 2.2.x . The affected element is an unknown function of the component IPC Endpoint . The manipulat…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 07, 2026
CVE-2026-11460 | Boost Serialization up to 1.91 improper validation of specified type of input (Issue 331)

A vulnerability marked as critical has been reported in Boost Serialization up to 1.91 . The impacted element is an unknown function. This manipulation causes improper validation of specified type of …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 07, 2026
CVE-2026-11461 | NousResearch hermes-agent up to 0.12.0 resume Endpoint hermes_state.py resolve_session_by_title Title authorization

A vulnerability described as critical has been identified in NousResearch hermes-agent up to 0.12.0 . This affects the function resolve_session_by_title of the file hermes_state.py of the component re…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 07, 2026
CVE-2026-11462 | Chengdu Everbrite Network Technology BeikeShop up to 1.6.0.22 Stripe Plugin StripeController.php callback Request improper authorization

A vulnerability classified as critical has been found in Chengdu Everbrite Network Technology BeikeShop up to 1.6.0.22 . This impacts the function callback of the file plugins/Stripe/Controllers/Strip…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 07, 2026
CVE-2026-11463 | USCiLab Cereal up to 1.3.2 Shared Pointer type confusion (Issue 870)

A vulnerability classified as critical was found in USCiLab Cereal up to 1.3.2 . Affected is an unknown function of the component Shared Pointer Handler . Executing a manipulation can lead to type con…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 07, 2026
CVE-2026-11455 | FoundationAgents MetaGPT up to 0.8.2 metagpt/utils/common.py check_cmd_exists mermaid.path command injection (Issue 2037)

A vulnerability was found in FoundationAgents MetaGPT up to 0.8.2 . It has been classified as critical . Affected by this issue is the function check_cmd_exists of the file metagpt/utils/common.py . T…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 07, 2026
CVE-2026-11456 | Chanjet CRM 1.0 HTTP GET Request jxf_dump_systable.php gblOrgID sql injection

A vulnerability was found in Chanjet CRM 1.0 . It has been declared as critical . This affects an unknown part of the file /tools/jxf_dump_systable.php of the component HTTP GET Request Handler . Such…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 07, 2026
CVE-2026-11457 | erzhongxmu JeeWMS up to 141740afb2ba14d441c82a833d0a418d07ca2d69 JimuReport test-connection Endpoint testConnection dbType/dbDriver/dbUrl/dbUsername/dbPassword injection

A vulnerability was found in erzhongxmu JeeWMS up to 141740afb2ba14d441c82a833d0a418d07ca2d69 . It has been rated as critical . This vulnerability affects unknown code of the file /base-boot/jmreport/…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 07, 2026
CVE-2026-11458 | erzhongxmu JeeWMS up to 141740afb2ba14d441c82a833d0a418d07ca2d69 Boot Actuator Endpoint /base-boot/actuator information disclosure

A vulnerability categorized as problematic has been discovered in erzhongxmu JeeWMS up to 141740afb2ba14d441c82a833d0a418d07ca2d69 . This issue affects some unknown processing of the file /base-boot/a…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 07, 2026
CVE-2026-11459 | SecureAge CatchPulse up to 10.9.1 IOCTL saappctl.sys information disclosure

A vulnerability identified as problematic has been detected in SecureAge CatchPulse up to 10.9.1 . Impacted is an unknown function in the library saappctl.sys of the component IOCTL Handler . The mani…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-10725 | CRUX Protocol::HTTP/2 up to 1.12 on Perl headers_decode HTTP/2 Bomb data amplification

A vulnerability identified as problematic has been detected in CRUX Protocol::HTTP2 up to 1.12 on Perl. This affects the function headers_decode . Performing a manipulation results in highly compresse…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-47730 | twigphp Twig Profiler HtmlDumper cross site scripting

A vulnerability labeled as problematic has been found in twigphp Twig . This vulnerability affects the function HtmlDumper of the component Profiler . Executing a manipulation can lead to cross site s…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-47732 | twigphp Twig __toString sandbox

A vulnerability marked as critical has been reported in twigphp Twig . This issue affects the function __toString . The manipulation leads to sandbox issue. This vulnerability is referenced as CVE-202…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-11447 | GL.iNet GL-MT3000 up to 4.4.5 MTK Backend iwinfo.so iwinfo_backend device command injection

A vulnerability described as critical has been identified in GL.iNet GL-MT3000 up to 4.4.5 . Impacted is the function iwinfo_backend of the file iwinfo.so of the component MTK Backend . The manipulati…

VulDB Read →
← Prev 148 / 480 Next →