CyberIntel ⬡ News
★ Saved ◆ Cyber Reads

// Vulnerabilities & CVEs
Intel Feed

cyberintel.kalymoon.com  ·  11606 articles  ·  updated every 4 hours · grows forever

11606Total
4297Full Text
Jul 11, 2026Latest
◈ Women in Cyber ◉ Threat Intelligence ◎ How-To & Tutorials ⬡ Vulnerabilities & CVEs 🔍 Digital Forensics ◍ Incident Response & DFIR ◆ Security Tools & Reviews ◇ Industry News & Leadership ✉ Email Security 🛡 Active Threats ⚠ Critical CVEs ◐ Insider Threat & DLP ◌ Quantum Computing ◬ AI & Machine Learning
🔥 Trending Topics · Last 48h
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-11431 | Altium Enterprise Server/365 up to 8.1.0 Projects Service Download Endpoint path traversal

A vulnerability was found in Altium Enterprise Server and 365 up to 8.1.0 . It has been declared as critical . This impacts an unknown function of the component Projects Service Download Endpoint . Ex…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-46396 | haxtheweb haxcms-nodejs/video-player/iframe-loader up to 25.x src cross site scripting (GHSA-jh3h-rpxg-fr36)

A vulnerability was found in haxtheweb haxcms-nodejs, video-player and iframe-loader up to 25.x . It has been rated as problematic . Affected is an unknown function. The manipulation of the argument s…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-46389 | defenseunicorns uds-identity-config up to 0.26.0 Keycloak Token Endpoint improper authentication (GHSA-8mg2-6588-r4hw)

A vulnerability categorized as critical has been discovered in defenseunicorns uds-identity-config up to 0.26.0 . Affected by this vulnerability is an unknown functionality of the component Keycloak T…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-46493 | haxtheweb haxcms-php up to 26.0.0 weak prng (GHSA-xg43-xm47-74cp)

A vulnerability identified as problematic has been detected in haxtheweb haxcms-php up to 26.0.0 . Affected by this issue is some unknown functionality. This manipulation causes cryptographically weak…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-11424 | Altium Enterprise Server/365 up to 8.1.0 GraphQL Service server-side request forgery

A vulnerability labeled as critical has been found in Altium Enterprise Server and 365 up to 8.1.0 . This affects an unknown part of the component GraphQL Service . Such manipulation leads to server-s…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-11414 | Altium Enterprise Server up to 8.1.0 Vault Service hard-coded credentials

A vulnerability marked as critical has been reported in Altium Enterprise Server up to 8.1.0 . This vulnerability affects unknown code of the component Vault Service . Performing a manipulation result…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-11422 | shd101wyy Markdown Preview Enhanced/crossnote window.eval eval injection (Issue 2315)

A vulnerability described as problematic has been identified in shd101wyy Markdown Preview Enhanced and crossnote . This issue affects the function window.eval . Executing a manipulation can lead to i…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-11416 | jxxghp MoviePilot up to 2.13.3 Remote Cloud Storage API path traversal

A vulnerability classified as critical has been found in jxxghp MoviePilot up to 2.13.3 . Impacted is an unknown function of the component Remote Cloud Storage API . The manipulation leads to path tra…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-25624 | Arista Edge Threat Management up to 17.4.0 Web User Interface cross site scripting

A vulnerability classified as problematic was found in Arista Edge Threat Management up to 17.4.0 . The affected element is an unknown function of the component Web User Interface . The manipulation r…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-11434 | FluentCMS 0.0.5 Blocks Plugin /admin/blocks cross site scripting

A vulnerability, which was classified as problematic , has been found in FluentCMS 0.0.5 . The impacted element is an unknown function of the file /admin/blocks of the component Blocks Plugin . This m…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-11435 | Jinher OA 1.0 nextselectplan.aspx httpOID sql injection

A vulnerability, which was classified as critical , was found in Jinher OA 1.0 . This affects an unknown function of the file nextselectplan.aspx . Such manipulation of the argument httpOID leads to s…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-11436 | Mage AI up to 0.9.79 Sign-in Flow index.tsx useMutation query.redirect_url cross site scripting

A vulnerability has been found in Mage AI up to 0.9.79 and classified as problematic . This impacts the function useMutation of the file mage_ai/frontend/components/Sessions/SignForm/index.tsx of the …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-11437 | perfree go-fastdfs-web up to 1.3.7 Installation Endpoint /install/checkServer server-side request forgery

A vulnerability was found in perfree go-fastdfs-web up to 1.3.7 and classified as critical . Affected is the function checkServer of the file /install/checkServer of the component Installation Endpoin…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-11438 | theonedev up to 15.0.5 /projects project.forkedFromId improper authorization

A vulnerability was found in theonedev onedev up to 15.0.5 . It has been classified as critical . Affected by this vulnerability is an unknown functionality of the file /projects . The manipulation of…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-11439 | theonedev up to 15.0.5 Parent Project /projects/ project.parentId improper authorization

A vulnerability was found in theonedev onedev up to 15.0.5 . It has been declared as critical . Affected by this issue is some unknown functionality of the file /projects/ of the component Parent Proj…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-11440 | theonedev up to 15.0.5 REST API default-branch project.defaultBranch improper authorization

A vulnerability was found in theonedev onedev up to 15.0.5 . It has been rated as critical . This affects an unknown part of the file /repositories/{projectId}/default-branch of the component REST API…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-11441 | theonedev up to 15.0.5 Pull Request /issues/ canAccessIssue issue improper authorization

A vulnerability categorized as critical has been discovered in theonedev onedev up to 15.0.5 . This vulnerability affects the function canAccessIssue of the file /issues/ of the component Pull Request…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
CVE-2026-35616: Fortinet FortiClientEMS improper access control vulnerability exploited in the wild - Security Boulevard

CVE-2026-35616: Fortinet FortiClientEMS improper access control vulnerability exploited in the wild Security Boulevard

Security Boulevard Read →
⬡ Vulnerabilities & CVEs Jun 06, 2026
Cisco zero-day under ongoing attack by persistent threat group - CyberScoop

Cisco zero-day under ongoing attack by persistent threat group CyberScoop

CyberScoop Read →
⬡ Vulnerabilities & CVEs Jun 05, 2026
CVE-2026-48103 | mcmilk 7-Zip up to 26.00 WimHandler.cpp SecurOffsets.Size out-of-bounds (GHSL-2026-115)

A vulnerability described as problematic has been identified in mcmilk 7-Zip up to 26.00 . Affected by this vulnerability is the function SecurOffsets.Size of the file CPP/7zip/Archive/Wim/WimHandler.…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 05, 2026
CVE-2026-48111 | mcmilk 7-Zip up to 26.0 UEFI Firmware Image Parser UefiHandler.cpp IInArchive::Open opcode out-of-bounds (GHSL-2026-115 / EUVD-2026-34854)

A vulnerability classified as problematic has been found in mcmilk 7-Zip up to 26.0 . Affected by this issue is the function IInArchive::Open of the file CPP/7zip/Archive/UefiHandler.cpp of the compon…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 05, 2026
CVE-2026-7473 | Arista EOS up to 4.36.0 Configuration incomplete comparison with missing factors (EUVD-2026-34858)

A vulnerability classified as problematic was found in Arista EOS up to 4.36.0 . This affects an unknown part of the component Configuration Handler . Such manipulation leads to incomplete comparison …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 05, 2026
CVE-2025-5088 | Arista EOS/CloudVision eXchange up to 4.34.1F Redis Service privileges management (EUVD-2025-210077)

A vulnerability, which was classified as critical , has been found in Arista EOS and CloudVision eXchange up to 4.30.x/4.31.8M/4.32.6M/4.33.4M/4.34.1F . This vulnerability affects unknown code of the …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 05, 2026
CVE-2025-5089 | Arista EOS/CloudVision eXchange up to 4.34.1F denial of service

A vulnerability, which was classified as problematic , was found in Arista EOS and CloudVision eXchange up to 4.30.x/4.31.8M/4.32.6M/4.33.4M/4.34.1F . This issue affects some unknown processing. Execu…

VulDB Read →
← Prev 155 / 484 Next →