CyberIntel ⬡ News
★ Saved ◆ Cyber Reads

// Vulnerabilities & CVEs
Intel Feed

cyberintel.kalymoon.com  ·  11576 articles  ·  updated every 4 hours · grows forever

11576Total
4297Full Text
Jul 11, 2026Latest
◈ Women in Cyber ◉ Threat Intelligence ◎ How-To & Tutorials ⬡ Vulnerabilities & CVEs 🔍 Digital Forensics ◍ Incident Response & DFIR ◆ Security Tools & Reviews ◇ Industry News & Leadership ✉ Email Security 🛡 Active Threats ⚠ Critical CVEs ◐ Insider Threat & DLP ◌ Quantum Computing ◬ AI & Machine Learning
🔥 Trending Topics · Last 48h
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-8893 | payaddons Express Payment for Stripe Plugin up to 1.28.0 on WordPress Shortcode register_shortcode Type cross site scripting

A vulnerability was found in payaddons Express Payment for Stripe Plugin up to 1.28.0 on WordPress. It has been declared as problematic . Affected is the function register_shortcode of the component S…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-8900 | spyrosvl Simple SEO Slideshow Plugin up to 1.2.8 on WordPress Shortcode cross site scripting (fdff-4525-9272)

A vulnerability was found in spyrosvl Simple SEO Slideshow Plugin up to 1.2.8 on WordPress. It has been rated as problematic . Affected by this vulnerability is an unknown functionality of the compone…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-9719 | LatePoint Plugin up to 5.6.0 on WordPress Appointment change_status cross-site request forgery

A vulnerability categorized as problematic has been discovered in LatePoint Plugin up to 5.6.0 on WordPress. Affected by this issue is the function change_status of the component Appointment Handler .…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
Cisco Catalyst SD-WAN Manager CVE-2026-20245 Flaw Actively Exploited – No Patch Available - The Hacker News

Cisco Catalyst SD-WAN Manager CVE-2026-20245 Flaw Actively Exploited – No Patch Available The Hacker News

The Hacker News Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
Cisco warns zero-day flaw in SD-WAN is being exploited - Cybersecurity Dive

Cisco warns zero-day flaw in SD-WAN is being exploited Cybersecurity Dive

Cybersecurity Dive Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-46390 | haxtheweb haxcms-php up to 25.x authorization (GHSA-6434-8rch-w65c)

A vulnerability was found in haxtheweb haxcms-php up to 25.x . It has been rated as problematic . The impacted element is an unknown function. Performing a manipulation results in authorization bypass…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-46397 | haxtheweb haxcms-php/haxcms-nodejs up to 25.x saveOutline Endpoint site.json location path traversal (GHSA-7fr7-h4p3-jjr8)

A vulnerability categorized as critical has been discovered in haxtheweb haxcms-php and haxcms-nodejs up to 25.x . This affects an unknown function of the file site.json of the component saveOutline E…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-5415 | webfactory Advanced Google reCAPTCHA Plugin up to 5.38 on WordPress AJAX ajax_run_tool authentication bypass

A vulnerability identified as critical has been detected in webfactory Advanced Google reCAPTCHA Plugin up to 5.38 on WordPress. This impacts the function ajax_run_tool of the component AJAX Handler .…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-10580 | Hippoo Mobile App for WooCommerce Plugin up to 1.9.4 on WordPress REST Endpoint /wc-hippoo/v1/ext get_user_permissions improper authorization

A vulnerability labeled as critical has been found in Hippoo Mobile App for WooCommerce Plugin up to 1.9.4 on WordPress. Affected is the function HippooPermissions::get_user_permissions of the file /w…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-11423 | Altium Enterprise Server up to 8.1.0 Collaboration Service path traversal

A vulnerability marked as critical has been reported in Altium Enterprise Server up to 8.1.0 . Affected by this vulnerability is an unknown functionality of the component Collaboration Service . This …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-45300 | AsyncHttpClient async-http-client up to 2.14.x/3.0.9 Session Cookie Redirect30xInterceptor.java propagatedHeaders information disclosure (GHSA-fmxf-pm6p-7xgm)

A vulnerability described as problematic has been identified in AsyncHttpClient async-http-client up to 2.14.x/3.0.9 . Affected by this issue is the function propagatedHeaders of the file Redirect30xI…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-36785 | Tenda FH451 1.0.0.9 HTTP fromDhcpListClient page stack-based overflow

A vulnerability classified as critical has been found in Tenda FH451 1.0.0.9 . This affects the function fromDhcpListClient of the component HTTP Handler . Performing a manipulation of the argument pa…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-46393 | haxtheweb haxcms-nodejs/haxcms-php up to 25.x server-side request forgery (GHSA-q862-gcgq-5m6g)

A vulnerability classified as critical was found in haxtheweb haxcms-nodejs and haxcms-php up to 25.x . This vulnerability affects unknown code. Executing a manipulation can lead to server-side reques…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-46496 | haxtheweb haxcms-nodejs/video-player up to 25.x Source cross site scripting (GHSA-2m6p-hm3w-6jm3)

A vulnerability, which was classified as problematic , has been found in haxtheweb haxcms-nodejs and video-player up to 25.x . This issue affects some unknown processing. The manipulation of the argum…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-25621 | Arista Edge Threat Management 17.4.0 os command injection

A vulnerability, which was classified as critical , was found in Arista Edge Threat Management 17.4.0 . Impacted is an unknown function. The manipulation results in os command injection. This vulnerab…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-25620 | Arista Edge Threat Management 17.4.0 Captive Portal Application Framework os command injection

A vulnerability has been found in Arista Edge Threat Management 17.4.0 and classified as critical . The affected element is an unknown function of the component Captive Portal Application Framework . …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-25622 | Arista Edge Threat Management up to 17.4.0 User Interface os command injection

A vulnerability was found in Arista Edge Threat Management up to 17.4.0 and classified as critical . The impacted element is an unknown function of the component User Interface . Such manipulation lea…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-25623 | Arista Edge Threat Management up to 17.4.0 os command injection

A vulnerability was found in Arista Edge Threat Management up to 17.4.0 . It has been classified as critical . This affects an unknown function. Performing a manipulation results in os command injecti…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-11431 | Altium Enterprise Server/365 up to 8.1.0 Projects Service Download Endpoint path traversal

A vulnerability was found in Altium Enterprise Server and 365 up to 8.1.0 . It has been declared as critical . This impacts an unknown function of the component Projects Service Download Endpoint . Ex…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-46396 | haxtheweb haxcms-nodejs/video-player/iframe-loader up to 25.x src cross site scripting (GHSA-jh3h-rpxg-fr36)

A vulnerability was found in haxtheweb haxcms-nodejs, video-player and iframe-loader up to 25.x . It has been rated as problematic . Affected is an unknown function. The manipulation of the argument s…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-46389 | defenseunicorns uds-identity-config up to 0.26.0 Keycloak Token Endpoint improper authentication (GHSA-8mg2-6588-r4hw)

A vulnerability categorized as critical has been discovered in defenseunicorns uds-identity-config up to 0.26.0 . Affected by this vulnerability is an unknown functionality of the component Keycloak T…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-46493 | haxtheweb haxcms-php up to 26.0.0 weak prng (GHSA-xg43-xm47-74cp)

A vulnerability identified as problematic has been detected in haxtheweb haxcms-php up to 26.0.0 . Affected by this issue is some unknown functionality. This manipulation causes cryptographically weak…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-11424 | Altium Enterprise Server/365 up to 8.1.0 GraphQL Service server-side request forgery

A vulnerability labeled as critical has been found in Altium Enterprise Server and 365 up to 8.1.0 . This affects an unknown part of the component GraphQL Service . Such manipulation leads to server-s…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-11414 | Altium Enterprise Server up to 8.1.0 Vault Service hard-coded credentials

A vulnerability marked as critical has been reported in Altium Enterprise Server up to 8.1.0 . This vulnerability affects unknown code of the component Vault Service . Performing a manipulation result…

VulDB Read →
← Prev 153 / 483 Next →