CyberIntel ⬡ News
★ Saved ◆ Cyber Reads

// Vulnerabilities & CVEs
Intel Feed

cyberintel.kalymoon.com  ·  11545 articles  ·  updated every 4 hours · grows forever

11545Total
4296Full Text
Jul 10, 2026Latest
◈ Women in Cyber ◉ Threat Intelligence ◎ How-To & Tutorials ⬡ Vulnerabilities & CVEs 🔍 Digital Forensics ◍ Incident Response & DFIR ◆ Security Tools & Reviews ◇ Industry News & Leadership ✉ Email Security 🛡 Active Threats ⚠ Critical CVEs ◐ Insider Threat & DLP ◌ Quantum Computing ◬ AI & Machine Learning
🔥 Trending Topics · Last 48h
⬡ Vulnerabilities & CVEs Jun 07, 2026
CVE-2026-11457 | erzhongxmu JeeWMS up to 141740afb2ba14d441c82a833d0a418d07ca2d69 JimuReport test-connection Endpoint testConnection dbType/dbDriver/dbUrl/dbUsername/dbPassword injection

A vulnerability was found in erzhongxmu JeeWMS up to 141740afb2ba14d441c82a833d0a418d07ca2d69 . It has been rated as critical . This vulnerability affects unknown code of the file /base-boot/jmreport/…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 07, 2026
CVE-2026-11458 | erzhongxmu JeeWMS up to 141740afb2ba14d441c82a833d0a418d07ca2d69 Boot Actuator Endpoint /base-boot/actuator information disclosure

A vulnerability categorized as problematic has been discovered in erzhongxmu JeeWMS up to 141740afb2ba14d441c82a833d0a418d07ca2d69 . This issue affects some unknown processing of the file /base-boot/a…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 07, 2026
CVE-2026-11459 | SecureAge CatchPulse up to 10.9.1 IOCTL saappctl.sys information disclosure

A vulnerability identified as problematic has been detected in SecureAge CatchPulse up to 10.9.1 . Impacted is an unknown function in the library saappctl.sys of the component IOCTL Handler . The mani…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-10725 | CRUX Protocol::HTTP/2 up to 1.12 on Perl headers_decode HTTP/2 Bomb data amplification

A vulnerability identified as problematic has been detected in CRUX Protocol::HTTP2 up to 1.12 on Perl. This affects the function headers_decode . Performing a manipulation results in highly compresse…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-47730 | twigphp Twig Profiler HtmlDumper cross site scripting

A vulnerability labeled as problematic has been found in twigphp Twig . This vulnerability affects the function HtmlDumper of the component Profiler . Executing a manipulation can lead to cross site s…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-47732 | twigphp Twig __toString sandbox

A vulnerability marked as critical has been reported in twigphp Twig . This issue affects the function __toString . The manipulation leads to sandbox issue. This vulnerability is referenced as CVE-202…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-11447 | GL.iNet GL-MT3000 up to 4.4.5 MTK Backend iwinfo.so iwinfo_backend device command injection

A vulnerability described as critical has been identified in GL.iNet GL-MT3000 up to 4.4.5 . Impacted is the function iwinfo_backend of the file iwinfo.so of the component MTK Backend . The manipulati…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-11448 | GL.iNet GL-MT3000 up to 4.4.5 Minidlna Service /rpc realpath kube. set command injection

A vulnerability classified as critical has been found in GL.iNet GL-MT3000 up to 4.4.5 . The affected element is the function realpath of the file /rpc of the component Minidlna Service . This manipul…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-11449 | GL.iNet GL-MT3000 4.4.5 LuCI JSON-RPC Interface /cgi-bin/luci/rpc rpc_sys command injection

A vulnerability classified as critical was found in GL.iNet GL-MT3000 4.4.5 . The impacted element is the function rpc_sys of the file /cgi-bin/luci/rpc of the component LuCI JSON-RPC Interface . Such…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-11450 | GL.iNet GL-MT3000 4.4.5 Path Normalization /usr/lib/oui-httpd/rpc/ dlopen dev_name command injection

A vulnerability, which was classified as critical , has been found in GL.iNet GL-MT3000 4.4.5 . This affects the function dlopen in the library /usr/lib/oui-httpd/rpc/ of the component Path Normalizat…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-11451 | GL.iNet GL-MT3000 4.4.5 FTP Protocol /cgi-bin/glc snprintf media_dir command injection

A vulnerability, which was classified as critical , was found in GL.iNet GL-MT3000 4.4.5 . This impacts the function snprintf of the file /cgi-bin/glc of the component FTP Protocol Handler . Executing…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-11452 | GL.iNet GL-MT3000 up to 4.4.5 SET_USER_PWD /cgi-bin/glc FUN_0042e200 Password command injection

A vulnerability has been found in GL.iNet GL-MT3000 up to 4.4.5 and classified as critical . Affected is the function FUN_0042e200 of the file /cgi-bin/glc of the component SET_USER_PWD Handler . The …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-11453 | Tiobon Employee Self-Service System up to 7.2 Login Endpoint /Blog/BlogSearch.aspx Keyword sql injection

A vulnerability was found in Tiobon Employee Self-Service System up to 7.2 and classified as critical . Affected by this vulnerability is an unknown functionality of the file /Blog/BlogSearch.aspx of …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
Orange Cyberdefense Becomes CVE Numbering Authority in Global Cybersecurity Program - TechAfrica News

Orange Cyberdefense Becomes CVE Numbering Authority in Global Cybersecurity Program TechAfrica News

TechAfrica News Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-8839 | chrisvrichardson MapPress Maps for WordPress Plugin up to 2.96.6 on WordPress REST API /wp-json/mapp/v1/maps rest_api_init authorization

A vulnerability was found in chrisvrichardson MapPress Maps for WordPress Plugin up to 2.96.6 on WordPress. It has been rated as critical . Impacted is the function Mappress_Api::rest_api_init of the …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-9829 | 10web Photo Gallery Plugin up to 1.8.41 on WordPress AJAX page sql injection

A vulnerability categorized as critical has been discovered in 10web Photo Gallery Plugin up to 1.8.41 on WordPress. The affected element is an unknown function of the component AJAX Handler . Executi…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2025-12656 | wpvividplugins WPvivid Plugin up to 0.9.128 on WordPress Path Validation delete_cancel_staging_site file inclusion

A vulnerability identified as problematic has been detected in wpvividplugins WPvivid Plugin up to 0.9.128 on WordPress. The impacted element is the function delete_cancel_staging_site of the componen…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-10038 | smub Charitable Plugin up to 1.8.11.1 on WordPress save_avatar authorization

A vulnerability labeled as critical has been found in smub Charitable Plugin up to 1.8.11.1 on WordPress. This affects the function save_avatar . The manipulation results in authorization bypass. This…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-8608 | awordpresslife Event Monster Plugin up to 2.1.0 on WordPress PayPal API capture_payment data authenticity

A vulnerability marked as critical has been reported in awordpresslife Event Monster Plugin up to 2.1.0 on WordPress. This impacts the function capture_payment of the component PayPal API . This manip…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-7565 | ThimPress LearnPress Plugin up to 4.1.4 on WordPress import-user-file path traversal

A vulnerability described as critical has been identified in ThimPress LearnPress Plugin up to 4.1.4 on WordPress. Affected is an unknown function. Such manipulation of the argument import-user-file l…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-7665 | wpdevteam Essential Addons for Elementor Plugin up to 6.6.4 on WordPress Elementor Template ajax_load_more authorization

A vulnerability classified as problematic has been found in wpdevteam Essential Addons for Elementor Plugin up to 6.6.4 on WordPress. Affected by this vulnerability is the function ajax_load_more of t…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-8502 | ThimPress LearnPress Plugin up to 4.3.6 on WordPress archive-course return_type authorization

A vulnerability classified as problematic was found in ThimPress LearnPress Plugin up to 4.3.6 on WordPress. Affected by this issue is some unknown functionality of the file /wp-json/lp/v1/courses/arc…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-8978 | crafium OptinCraft Plugin up to 1.2.0 on WordPress order_by sql injection

A vulnerability, which was classified as critical , has been found in crafium OptinCraft Plugin up to 1.2.0 on WordPress. This affects an unknown part. The manipulation of the argument order_by leads …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-8611 | klamra22 Klamra Paycal for Aspaclaria Plugin up to 1.1.4 on WordPress invoice_id authorization

A vulnerability, which was classified as problematic , was found in klamra22 Klamra Paycal for Aspaclaria Plugin up to 1.1.4 on WordPress. This vulnerability affects unknown code. The manipulation of …

VulDB Read →
← Prev 150 / 482 Next →