CyberIntel ⬡ News
★ Saved ◆ Cyber Reads

// Vulnerabilities & CVEs
Intel Feed

cyberintel.kalymoon.com  ·  11658 articles  ·  updated every 4 hours · grows forever

11658Total
4297Full Text
Jul 11, 2026Latest
◈ Women in Cyber ◉ Threat Intelligence ◎ How-To & Tutorials ⬡ Vulnerabilities & CVEs 🔍 Digital Forensics ◍ Incident Response & DFIR ◆ Security Tools & Reviews ◇ Industry News & Leadership ✉ Email Security 🛡 Active Threats ⚠ Critical CVEs ◐ Insider Threat & DLP ◌ Quantum Computing ◬ AI & Machine Learning
🔥 Trending Topics · Last 48h
⬡ Vulnerabilities & CVEs Jun 05, 2026
CVE-2026-41249 | CoreShop up to 5.1.0-beta.1 Pull static.yml code injection (GHSA-q58j-g3f4-h26h)

A vulnerability labeled as critical has been found in CoreShop up to 5.1.0-beta.1 . Impacted is an unknown function of the file github/workflows/static.yml of the component Pull Handler . The manipula…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 05, 2026
CVE-2026-41522 | dfir-iris iris-web up to 2.4.27 REST API improper authorization (GHSA-3mxh-x92q-9r25)

A vulnerability marked as critical has been reported in dfir-iris iris-web up to 2.4.27 . The affected element is an unknown function of the component REST API . This manipulation causes improper auth…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 05, 2026
CVE-2026-11322 | nesquena Hermes WebUI up to 0.51.220 link following

A vulnerability described as critical has been identified in nesquena Hermes WebUI up to 0.51.220 . The impacted element is an unknown function. Such manipulation leads to link following. This vulnera…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 05, 2026
CVE-2026-5589 | zephyrproject-rtos Zephyr up to 4.3.0 solicitation.c bt_mesh_sol_recv out-of-bounds write (GHSA-4pm9-4v7f-x6gr / EUVD-2026-34322)

A vulnerability classified as critical has been found in zephyrproject-rtos Zephyr up to 4.3.0 . This affects the function bt_mesh_sol_recv of the file subsys/bluetooth/mesh/solicitation.c . Performin…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 05, 2026
CVE-2026-5066 | zephyrproject-rtos Zephyr up to 4.3 sockets_tls.c tls_session_store/tls_session_restore out-of-bounds write (GHSA-wgrc-jrf6-24f3 / EUVD-2026-34324)

A vulnerability classified as critical was found in zephyrproject-rtos Zephyr up to 4.3 . This impacts the function tls_session_store/tls_session_restore of the file subsys/net/lib/sockets/sockets_tls…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 05, 2026
CVE-2026-41518 | Chartbrew up to 5.0.0 Public Dashboard Chart.js ChartDatasetConfig.legend cross site scripting (GHSA-6q2j-365c-7gqf)

A vulnerability, which was classified as problematic , has been found in Chartbrew up to 5.0.0 . Affected is an unknown function of the file Chart.js of the component Public Dashboard Handler . The ma…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 05, 2026
CVE-2026-21404 | Navtor NavBox up to 4.16.1.20 SOAP Interface hard-coded credentials (icsa-26-155-01 / EUVD-2026-34321)

A vulnerability, which was classified as critical , was found in Navtor NavBox up to 4.16.1.20 . Affected by this vulnerability is an unknown functionality of the component SOAP Interface . The manipu…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 05, 2026
CVE-2026-42547 | dfir-iris iris-web up to 2.4.27 authorization (GHSA-8hwq-v6vm-9grr)

A vulnerability has been found in dfir-iris iris-web up to 2.4.27 and classified as critical . Affected by this issue is some unknown functionality. This manipulation causes incorrect authorization. T…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 05, 2026
CVE-2024-6858 | Arista EOS up to 4.28.10.1M/4.29.7M/4.30.5M/4.31.1F 802.1X Mode improper validation of specified type of input

A vulnerability was found in Arista EOS up to 4.28.10.1M/4.29.7M/4.30.5M/4.31.1F and classified as critical . This affects an unknown part of the component 802.1X Mode . Such manipulation leads to imp…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 05, 2026
CVE-2026-47644 | Microsoft Copilot Chat Downstream injection

A vulnerability was found in Microsoft Copilot Chat . It has been classified as critical . This vulnerability affects unknown code of the component Downstream . Performing a manipulation results in in…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 05, 2026
CVE-2026-48579 | Microsoft Exchange Online improper authorization

A vulnerability was found in Microsoft Exchange Online . It has been declared as critical . This issue affects some unknown processing. Executing a manipulation can lead to improper authorization. Thi…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 05, 2026
CVE-2026-20245 | Cisco Catalyst SD-WAN Manager up to 26.1.1_LI_Images File escape output (cisco-sa-sdwan-privesc-4uxFrdzx)

A vulnerability was found in Cisco Catalyst SD-WAN Manager . It has been rated as problematic . Impacted is an unknown function of the component File Handler . The manipulation leads to escaping of ou…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 05, 2026
CVE-2026-47655 | Microsoft Graph information disclosure

A vulnerability categorized as problematic has been discovered in Microsoft Graph . The affected element is an unknown function. The manipulation results in information disclosure. This vulnerability …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 05, 2026
CVE-2026-45497 | Microsoft 365 Copilot command injection

A vulnerability identified as critical has been detected in Microsoft 365 Copilot . The impacted element is an unknown function. This manipulation causes command injection. The identification of this …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 05, 2026
CVE-2024-27891 | Arista EOS up to 4.32.0.1F access control

A vulnerability labeled as critical has been found in Arista EOS up to 4.32.0.1F . This affects an unknown function. Such manipulation leads to improper access controls. This vulnerability is referenc…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 05, 2026
Medusa ransomware group using zero-days to launch attacks within 24 hours of breach, Microsoft says - The Record from Recorded Future News

Medusa ransomware group using zero-days to launch attacks within 24 hours of breach, Microsoft says The Record from Recorded Future News

The Record from Recorded Future News Read →
⬡ Vulnerabilities & CVEs Jun 04, 2026
CVE-2026-43986 | Tautulli up to 2.17.0 Endpoint server-side request forgery (GHSA-m6j6-rc2c-8vpm / EUVD-2026-34286)

A vulnerability classified as critical was found in Tautulli up to 2.17.0 . Affected by this vulnerability is an unknown functionality of the component Endpoint . Executing a manipulation can lead to …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 04, 2026
CVE-2026-50076 | Apache Fory up to 1.0.x bypass deserialization

A vulnerability, which was classified as critical , has been found in Apache Fory up to 1.0.x . Affected by this issue is the function bypass . The manipulation leads to deserialization. This vulnerab…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 04, 2026
CVE-2026-25550 | Seagull BarTender 2010/BarTender 2016/BarTender 2019 NET Remoting Service BtSystem.Service.exe WebClient missing authentication

A vulnerability, which was classified as critical , was found in Seagull BarTender 2010, BarTender 2016 and BarTender 2019 . This affects the function WebClient of the file BtSystem.Service.exe of the…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 04, 2026
CVE-2026-48040 | netty netty-incubator-codec-ohttp up to 0.0.22.Final OHTTP hasMemoryAddress out-of-bounds (EUVD-2026-34308)

A vulnerability has been found in netty netty-incubator-codec-ohttp up to 0.0.22.Final and classified as critical . This vulnerability affects the function hasMemoryAddress of the component OHTTP Hand…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 04, 2026
CVE-2026-36182 | GNCC GP5 7.1.76 excessive authentication

A vulnerability was found in GNCC GP5 7.1.76 and classified as problematic . This issue affects some unknown processing. Such manipulation leads to improper restriction of excessive authentication att…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 04, 2026
CVE-2026-43984 | Tautulli up to 2.17.0 Endpoint cross site scripting (GHSA-f4j7-pjwc-4jrr)

A vulnerability was found in Tautulli up to 2.17.0 . It has been classified as problematic . Impacted is an unknown function of the component Endpoint . Performing a manipulation results in cross site…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 04, 2026
CVE-2026-43985 | Tautulli up to 2.17.0 State-Changing Administrator Endpoint cross-site request forgery (GHSA-v622-pmjj-gpx3)

A vulnerability was found in Tautulli up to 2.17.0 . It has been declared as problematic . The affected element is an unknown function of the component State-Changing Administrator Endpoint . Executin…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 04, 2026
CVE-2026-41207 | netty netty-incubator-codec-ohttp prior 0.0.21.Final byte[] random values

A vulnerability was found in netty netty-incubator-codec-ohttp . It has been rated as problematic . The impacted element is an unknown function. The manipulation of the argument byte[] leads to insuff…

VulDB Read →
← Prev 162 / 486 Next →