CyberIntel ⬡ News
★ Saved ◆ Cyber Reads

// Vulnerabilities & CVEs
Intel Feed

cyberintel.kalymoon.com  ·  11545 articles  ·  updated every 4 hours · grows forever

11545Total
4296Full Text
Jul 10, 2026Latest
◈ Women in Cyber ◉ Threat Intelligence ◎ How-To & Tutorials ⬡ Vulnerabilities & CVEs 🔍 Digital Forensics ◍ Incident Response & DFIR ◆ Security Tools & Reviews ◇ Industry News & Leadership ✉ Email Security 🛡 Active Threats ⚠ Critical CVEs ◐ Insider Threat & DLP ◌ Quantum Computing ◬ AI & Machine Learning
🔥 Trending Topics · Last 48h
⬡ Vulnerabilities & CVEs Jun 07, 2026
CVE-2026-11495 | CodeAstro Ingredients Stock Management System 1.0 add_stock.php ID sql injection

A vulnerability was found in CodeAstro Ingredients Stock Management System 1.0 and classified as critical . This impacts an unknown function of the file /Ingredients-Stock/add_stock.php . The manipula…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 07, 2026
CVE-2026-49494 | Comodo Internet Security up to 12.3.4.8162 Inspect.sys integer underflow

A vulnerability was found in Comodo Internet Security up to 12.3.4.8162 . It has been classified as critical . Affected is an unknown function in the library Inspect.sys . This manipulation causes int…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 07, 2026
CVE-2026-11497 | D-Link DCS-5615 1.01.00 Boa Webserver /etc/conf.d/boa/boa.conf least privilege violation

A vulnerability was found in D-Link DCS-5615 1.01.00 . It has been declared as problematic . Affected by this vulnerability is an unknown functionality of the file /etc/conf.d/boa/boa.conf of the comp…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 07, 2026
CVE-2026-11498 | Tenda HG7HG9/HG10 300001138_en_xpon Web Management Interface /boaform/voip_other_set asp_voip_OtherSet funckey_transfer stack-based overflow

A vulnerability was found in Tenda HG7HG9 and HG10 300001138_en_xpon . It has been rated as critical . Affected by this issue is the function asp_voip_OtherSet of the file /boaform/voip_other_set of t…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 07, 2026
CVE-2026-11499 | Tenda HG7HG9/HG10 300001138_en_xpon /boaform/formDOMAINBLK blkDomain stack-based overflow

A vulnerability categorized as critical has been discovered in Tenda HG7HG9 and HG10 300001138_en_xpon . This affects the function formDOMAINBLK of the file /boaform/formDOMAINBLK . Executing a manipu…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 07, 2026
CVE-2026-11500 | Weaviate up to 1.37.7 Static API Key client.go validateConfig StaticApiKey authorization (Issue 11392)

A vulnerability identified as critical has been detected in Weaviate up to 1.37.7 . This vulnerability affects the function validateConfig of the file usecases/auth/authentication/apikey/client.go of …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 07, 2026
CVE-2026-11501 | SourceCodester Hospitals Patient Records Management System 1.0 Master.php?f=save_patient ID sql injection

A vulnerability labeled as critical has been found in SourceCodester Hospitals Patient Records Management System 1.0 . This issue affects some unknown processing of the file /classes/Master.php?f=save…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 07, 2026
CVE-2026-11502 | JeecgBoot up to 3.9.2 Third-Party Login ThirdLoginController.java HttpServletResponse.sendRedirect state redirect (Issue 9639)

A vulnerability marked as problematic has been reported in JeecgBoot up to 3.9.2 . Impacted is the function HttpServletResponse.sendRedirect of the file jeecg-module-system/jeecg-system-biz/src/main/j…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 07, 2026
CVE-2026-11503 | Tenda CX12L 16.03.53.12 Wi-Fi Configuration Endpoint fast_setting_wifi_set form_fast_setting_wifi_set ssid stack-based overflow

A vulnerability described as critical has been identified in Tenda CX12L 16.03.53.12 . The affected element is the function form_fast_setting_wifi_set of the file /goform/fast_setting_wifi_set of the …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 07, 2026
CVE-2026-11504 | Tenda CX12L 16.03.53.12 Wi-Fi Schedule Configuration Endpoint /goform/openSchedWifi setSchedWifi schedStartTime/schedEndTime stack-based overflow

A vulnerability classified as critical has been found in Tenda CX12L 16.03.53.12 . The impacted element is the function setSchedWifi of the file /goform/openSchedWifi of the component Wi-Fi Schedule C…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 07, 2026
CVE-2026-11505 | GL.iNet XE3000 4.8.x glnassys hard-coded key

A vulnerability classified as critical was found in GL.iNet A1300, AX1800, AXT1800, MT2500, MT3000, MT6000, X3000 and XE3000 4.8.x . This affects an unknown function of the component glnassys . Execut…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 07, 2026
CVE-2026-11506 | CodeAstro Leave Management System 1.0 search_staff_for_deletion.php Name sql injection

A vulnerability, which was classified as critical , has been found in CodeAstro Leave Management System 1.0 . This impacts an unknown function of the file /admin/search_staff_for_deletion.php . The ma…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 07, 2026
CVE-2026-11507 | CodeAstro Leave Management System 1.0 delete_leave_type.php leave_type sql injection

A vulnerability, which was classified as critical , was found in CodeAstro Leave Management System 1.0 . Affected is an unknown function of the file /admin/delete_leave_type.php . The manipulation of …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 07, 2026
CVE-2026-11508 | CodeAstro Leave Management System 1.0 search_staff_to_assign_pc.php Name sql injection

A vulnerability has been found in CodeAstro Leave Management System 1.0 and classified as critical . Affected by this vulnerability is an unknown functionality of the file /admin/search_staff_to_assig…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 07, 2026
CVE-2026-11509 | CodeAstro Leave Management System 1.0 search_staff_for_updation.php Name sql injection

A vulnerability was found in CodeAstro Leave Management System 1.0 and classified as critical . Affected by this issue is some unknown functionality of the file /admin/search_staff_for_updation.php . …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 07, 2026
CVE-2026-11510 | CodeAstro Leave Management System 1.0 /admin/add_leave.php type_of_leave sql injection

A vulnerability was found in CodeAstro Leave Management System 1.0 . It has been classified as critical . This affects an unknown part of the file /admin/add_leave.php . Performing a manipulation of t…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 07, 2026
Cisco SD-WAN 7th Zero-Day 2026: CVE-2026-20245 Exploited, No Fix - abhs.in

Cisco SD-WAN 7th Zero-Day 2026: CVE-2026-20245 Exploited, No Fix abhs.in

abhs.in Read →
⬡ Vulnerabilities & CVEs Jun 07, 2026
CVE-2026-26422 | Clash Verge Rev clash-verge-service-ipc up to 2.2.x IPC Endpoint permission assignment

A vulnerability labeled as problematic has been found in Clash Verge Rev clash-verge-service-ipc up to 2.2.x . The affected element is an unknown function of the component IPC Endpoint . The manipulat…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 07, 2026
CVE-2026-11460 | Boost Serialization up to 1.91 improper validation of specified type of input (Issue 331)

A vulnerability marked as critical has been reported in Boost Serialization up to 1.91 . The impacted element is an unknown function. This manipulation causes improper validation of specified type of …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 07, 2026
CVE-2026-11461 | NousResearch hermes-agent up to 0.12.0 resume Endpoint hermes_state.py resolve_session_by_title Title authorization

A vulnerability described as critical has been identified in NousResearch hermes-agent up to 0.12.0 . This affects the function resolve_session_by_title of the file hermes_state.py of the component re…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 07, 2026
CVE-2026-11462 | Chengdu Everbrite Network Technology BeikeShop up to 1.6.0.22 Stripe Plugin StripeController.php callback Request improper authorization

A vulnerability classified as critical has been found in Chengdu Everbrite Network Technology BeikeShop up to 1.6.0.22 . This impacts the function callback of the file plugins/Stripe/Controllers/Strip…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 07, 2026
CVE-2026-11463 | USCiLab Cereal up to 1.3.2 Shared Pointer type confusion (Issue 870)

A vulnerability classified as critical was found in USCiLab Cereal up to 1.3.2 . Affected is an unknown function of the component Shared Pointer Handler . Executing a manipulation can lead to type con…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 07, 2026
CVE-2026-11455 | FoundationAgents MetaGPT up to 0.8.2 metagpt/utils/common.py check_cmd_exists mermaid.path command injection (Issue 2037)

A vulnerability was found in FoundationAgents MetaGPT up to 0.8.2 . It has been classified as critical . Affected by this issue is the function check_cmd_exists of the file metagpt/utils/common.py . T…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 07, 2026
CVE-2026-11456 | Chanjet CRM 1.0 HTTP GET Request jxf_dump_systable.php gblOrgID sql injection

A vulnerability was found in Chanjet CRM 1.0 . It has been declared as critical . This affects an unknown part of the file /tools/jxf_dump_systable.php of the component HTTP GET Request Handler . Such…

VulDB Read →
← Prev 149 / 482 Next →