CyberIntel ⬡ News
★ Saved ◆ Cyber Reads

// Vulnerabilities & CVEs
Intel Feed

cyberintel.kalymoon.com  ·  11688 articles  ·  updated every 4 hours · grows forever

11688Total
4297Full Text
Jul 11, 2026Latest
◈ Women in Cyber ◉ Threat Intelligence ◎ How-To & Tutorials ⬡ Vulnerabilities & CVEs 🔍 Digital Forensics ◍ Incident Response & DFIR ◆ Security Tools & Reviews ◇ Industry News & Leadership ✉ Email Security 🛡 Active Threats ⚠ Critical CVEs ◐ Insider Threat & DLP ◌ Quantum Computing ◬ AI & Machine Learning
🔥 Trending Topics · Last 48h
⬡ Vulnerabilities & CVEs Jun 05, 2026
CVE-2026-41235 | Froxlor 2.3.6 authorization (GHSA-gcv3-5v9q-fmhh)

A vulnerability was found in Froxlor 2.3.6 and classified as critical . Affected is an unknown function. The manipulation results in incorrect authorization. This vulnerability is known as CVE-2026-41…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 05, 2026
CVE-2026-41236 | Froxlor 2.3.6 link following (GHSA-mq5v-pxpm-8jw2)

A vulnerability was found in Froxlor 2.3.6 . It has been classified as critical . Affected by this vulnerability is an unknown functionality. This manipulation causes link following. This vulnerabilit…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 05, 2026
CVE-2026-36499 | Open vSwitch 3.6.90 udpif_set_threads denial of service

A vulnerability was found in Open vSwitch 3.6.90 . It has been declared as problematic . Affected by this issue is the function udpif_set_threads . Such manipulation leads to denial of service. This v…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 05, 2026
CVE-2026-41237 | Froxlor up to 2.3.6 injection (GHSA-j6fm-9rfm-j5hx)

A vulnerability was found in Froxlor up to 2.3.6 . It has been rated as critical . This affects an unknown part. Performing a manipulation results in injection. This vulnerability was named CVE-2026-4…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 05, 2026
CVE-2026-48480 | netty netty-incubator-codec-ohttp 0.0.21.Final missing cryptographic step (GHSA-r6fj-869h-4f6q)

A vulnerability categorized as problematic has been discovered in netty netty-incubator-codec-ohttp 0.0.21.Final . This vulnerability affects unknown code. Executing a manipulation can lead to missing…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 05, 2026
CVE-2025-65640 | Arket Globe Document Intelligence 5.0.0.559 Task in Progress Page cross site scripting

A vulnerability identified as problematic has been detected in Arket Globe Document Intelligence 5.0.0.559 . This issue affects some unknown processing of the component Task in Progress Page . The man…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 05, 2026
CVE-2026-41249 | CoreShop up to 5.1.0-beta.1 Pull static.yml code injection (GHSA-q58j-g3f4-h26h)

A vulnerability labeled as critical has been found in CoreShop up to 5.1.0-beta.1 . Impacted is an unknown function of the file github/workflows/static.yml of the component Pull Handler . The manipula…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 05, 2026
CVE-2026-41522 | dfir-iris iris-web up to 2.4.27 REST API improper authorization (GHSA-3mxh-x92q-9r25)

A vulnerability marked as critical has been reported in dfir-iris iris-web up to 2.4.27 . The affected element is an unknown function of the component REST API . This manipulation causes improper auth…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 05, 2026
CVE-2026-11322 | nesquena Hermes WebUI up to 0.51.220 link following

A vulnerability described as critical has been identified in nesquena Hermes WebUI up to 0.51.220 . The impacted element is an unknown function. Such manipulation leads to link following. This vulnera…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 05, 2026
CVE-2026-5589 | zephyrproject-rtos Zephyr up to 4.3.0 solicitation.c bt_mesh_sol_recv out-of-bounds write (GHSA-4pm9-4v7f-x6gr / EUVD-2026-34322)

A vulnerability classified as critical has been found in zephyrproject-rtos Zephyr up to 4.3.0 . This affects the function bt_mesh_sol_recv of the file subsys/bluetooth/mesh/solicitation.c . Performin…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 05, 2026
CVE-2026-5066 | zephyrproject-rtos Zephyr up to 4.3 sockets_tls.c tls_session_store/tls_session_restore out-of-bounds write (GHSA-wgrc-jrf6-24f3 / EUVD-2026-34324)

A vulnerability classified as critical was found in zephyrproject-rtos Zephyr up to 4.3 . This impacts the function tls_session_store/tls_session_restore of the file subsys/net/lib/sockets/sockets_tls…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 05, 2026
CVE-2026-41518 | Chartbrew up to 5.0.0 Public Dashboard Chart.js ChartDatasetConfig.legend cross site scripting (GHSA-6q2j-365c-7gqf)

A vulnerability, which was classified as problematic , has been found in Chartbrew up to 5.0.0 . Affected is an unknown function of the file Chart.js of the component Public Dashboard Handler . The ma…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 05, 2026
CVE-2026-21404 | Navtor NavBox up to 4.16.1.20 SOAP Interface hard-coded credentials (icsa-26-155-01 / EUVD-2026-34321)

A vulnerability, which was classified as critical , was found in Navtor NavBox up to 4.16.1.20 . Affected by this vulnerability is an unknown functionality of the component SOAP Interface . The manipu…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 05, 2026
CVE-2026-42547 | dfir-iris iris-web up to 2.4.27 authorization (GHSA-8hwq-v6vm-9grr)

A vulnerability has been found in dfir-iris iris-web up to 2.4.27 and classified as critical . Affected by this issue is some unknown functionality. This manipulation causes incorrect authorization. T…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 05, 2026
CVE-2024-6858 | Arista EOS up to 4.28.10.1M/4.29.7M/4.30.5M/4.31.1F 802.1X Mode improper validation of specified type of input

A vulnerability was found in Arista EOS up to 4.28.10.1M/4.29.7M/4.30.5M/4.31.1F and classified as critical . This affects an unknown part of the component 802.1X Mode . Such manipulation leads to imp…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 05, 2026
CVE-2026-47644 | Microsoft Copilot Chat Downstream injection

A vulnerability was found in Microsoft Copilot Chat . It has been classified as critical . This vulnerability affects unknown code of the component Downstream . Performing a manipulation results in in…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 05, 2026
CVE-2026-48579 | Microsoft Exchange Online improper authorization

A vulnerability was found in Microsoft Exchange Online . It has been declared as critical . This issue affects some unknown processing. Executing a manipulation can lead to improper authorization. Thi…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 05, 2026
CVE-2026-20245 | Cisco Catalyst SD-WAN Manager up to 26.1.1_LI_Images File escape output (cisco-sa-sdwan-privesc-4uxFrdzx)

A vulnerability was found in Cisco Catalyst SD-WAN Manager . It has been rated as problematic . Impacted is an unknown function of the component File Handler . The manipulation leads to escaping of ou…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 05, 2026
CVE-2026-47655 | Microsoft Graph information disclosure

A vulnerability categorized as problematic has been discovered in Microsoft Graph . The affected element is an unknown function. The manipulation results in information disclosure. This vulnerability …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 05, 2026
CVE-2026-45497 | Microsoft 365 Copilot command injection

A vulnerability identified as critical has been detected in Microsoft 365 Copilot . The impacted element is an unknown function. This manipulation causes command injection. The identification of this …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 05, 2026
CVE-2024-27891 | Arista EOS up to 4.32.0.1F access control

A vulnerability labeled as critical has been found in Arista EOS up to 4.32.0.1F . This affects an unknown function. Such manipulation leads to improper access controls. This vulnerability is referenc…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 05, 2026
Medusa ransomware group using zero-days to launch attacks within 24 hours of breach, Microsoft says - The Record from Recorded Future News

Medusa ransomware group using zero-days to launch attacks within 24 hours of breach, Microsoft says The Record from Recorded Future News

The Record from Recorded Future News Read →
⬡ Vulnerabilities & CVEs Jun 04, 2026
CVE-2026-43986 | Tautulli up to 2.17.0 Endpoint server-side request forgery (GHSA-m6j6-rc2c-8vpm / EUVD-2026-34286)

A vulnerability classified as critical was found in Tautulli up to 2.17.0 . Affected by this vulnerability is an unknown functionality of the component Endpoint . Executing a manipulation can lead to …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 04, 2026
CVE-2026-50076 | Apache Fory up to 1.0.x bypass deserialization

A vulnerability, which was classified as critical , has been found in Apache Fory up to 1.0.x . Affected by this issue is the function bypass . The manipulation leads to deserialization. This vulnerab…

VulDB Read →
← Prev 163 / 487 Next →