CyberIntel ⬡ News
★ Saved ◆ Cyber Reads

// Vulnerabilities & CVEs
Intel Feed

cyberintel.kalymoon.com  ·  11758 articles  ·  updated every 4 hours · grows forever

11758Total
4298Full Text
Jul 13, 2026Latest
◈ Women in Cyber ◉ Threat Intelligence ◎ How-To & Tutorials ⬡ Vulnerabilities & CVEs 🔍 Digital Forensics ◍ Incident Response & DFIR ◆ Security Tools & Reviews ◇ Industry News & Leadership ✉ Email Security 🛡 Active Threats ⚠ Critical CVEs ◐ Insider Threat & DLP ◌ Quantum Computing ◬ AI & Machine Learning
🔥 Trending Topics · Last 48h
⬡ Vulnerabilities & CVEs Jun 04, 2026
CVE-2026-43924 | FOSSBilling up to 0.7.x Redirect extension_meta redirect (GHSA-v8rf-g37v-vgpx)

A vulnerability was found in FOSSBilling up to 0.7.x . It has been declared as problematic . The affected element is the function extension_meta of the component Redirect Module . The manipulation res…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 04, 2026
CVE-2026-26824 | libxls up to 1.6.3 OLE Container Parser read_MSAT uninitialized pointer (Issue 155)

A vulnerability was found in libxls up to 1.6.3 . It has been rated as critical . The impacted element is the function read_MSAT of the component OLE Container Parser . This manipulation causes uninit…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 04, 2026
CVE-2026-26825 | libxls 1.6.3 XLS File Parser xls_parseWorkBook uninitialized pointer (Issue 156 / EUVD-2026-34179)

A vulnerability categorized as critical has been discovered in libxls 1.6.3 . This affects the function xls_parseWorkBook of the component XLS File Parser . Such manipulation leads to uninitialized po…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 04, 2026
CVE-2026-40495 | FOSSBilling up to 0.7.x API Endpoint hide_version_public information disclosure (GHSA-gqcp-g7rm-p5v6)

A vulnerability identified as problematic has been detected in FOSSBilling up to 0.7.x . This impacts an unknown function of the component API Endpoint . Performing a manipulation of the argument hide…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 04, 2026
CVE-2026-42061 | Acronis DeviceLock DLP 9.0.15051.93227 unnecessary privileges

A vulnerability labeled as critical has been found in Acronis DeviceLock DLP 9.0.15051.93227 . Affected is an unknown function. Executing a manipulation can lead to execution with unnecessary privileg…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 04, 2026
CVE-2026-44609 | Acronis DeviceLock DLP prior 9.0.15051.93227 uncontrolled search path

A vulnerability marked as critical has been reported in Acronis DeviceLock DLP . Affected by this vulnerability is an unknown functionality. The manipulation leads to uncontrolled search path. This vu…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 04, 2026
CVE-2026-44682 | Acronis DeviceLock DLP prior 9.0.15051.93227 uncontrolled search path

A vulnerability described as critical has been identified in Acronis DeviceLock DLP . Affected by this issue is some unknown functionality. The manipulation results in uncontrolled search path. This v…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 04, 2026
CVE-2026-50033 | Acronis DeviceLock DLP prior 9.0.15051.93227 uncontrolled search path

A vulnerability classified as critical has been found in Acronis DeviceLock DLP . This affects an unknown part. This manipulation causes uncontrolled search path. This vulnerability is tracked as CVE-…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 04, 2026
CVE-2026-37700 | MaxSite CMS 109.2 admin_page cross site scripting

A vulnerability classified as problematic was found in MaxSite CMS 109.2 . This vulnerability affects the function admin_page . Such manipulation leads to cross site scripting. This vulnerability is l…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 03, 2026
CVE-2026-36602 | Mercusys AC12G Kernel Memory Remote Code Execution

A vulnerability classified as critical has been found in Mercusys AC12G . This issue affects some unknown processing of the component Kernel Memory Handler . This manipulation causes Remote Code Execu…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 03, 2026
CVE-2026-36607 | Mercusys AC12G TDDP Password Change Endpoint excessive authentication

A vulnerability classified as problematic was found in Mercusys AC12G . Impacted is an unknown function of the component TDDP Password Change Endpoint . Such manipulation leads to improper restriction…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 03, 2026
CVE-2026-36610 | Mercusys AC12G DDNS Service channel accessible

A vulnerability, which was classified as critical , has been found in Mercusys AC12G . The affected element is an unknown function of the component DDNS Service . Performing a manipulation results in …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 03, 2026
CVE-2026-36604 | Mercusys AC12G HTTP Host Header cross-domain policy

A vulnerability, which was classified as problematic , was found in Mercusys AC12G . The impacted element is an unknown function of the component HTTP Host Header Handler . Executing a manipulation ca…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 03, 2026
CVE-2026-36609 | Mercusys AC12G missing encryption

A vulnerability has been found in Mercusys AC12G and classified as problematic . This affects an unknown function. The manipulation leads to missing encryption of sensitive data. This vulnerability is…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 03, 2026
CVE-2019-25720 | Dräger SC 6002XL/SC6802XL/SC 7000/SC8000/SC90000 XL Network Packet improper validation of syntactic correctness of input

A vulnerability was found in Dräger SC 6002XL, SC6802XL, SC 7000, SC8000 and SC90000 XL and classified as critical . This impacts an unknown function of the component Network Packet Handler . The mani…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 03, 2026
CVE-2026-36603 | Mercusys AC12G Admin Interface AddPortMapping/GetExternalIPAddress Remote Code Execution

A vulnerability was found in Mercusys AC12G . It has been classified as very critical . Affected is the function AddPortMapping/GetExternalIPAddress of the component Admin Interface . This manipulatio…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 03, 2026
CVE-2026-36606 | Mercusys AC12G ECB Mode risky encryption

A vulnerability was found in Mercusys AC12G . It has been declared as problematic . Affected by this vulnerability is an unknown functionality of the component ECB Mode . Such manipulation leads to ri…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 03, 2026
CVE-2026-45614 | OP-TEE optee_os up to 4.10.x on Arm X/Y signature verification (GHSA-g6qf-hwf7-mg9h)

A vulnerability was found in OP-TEE optee_os up to 4.10.x on Arm. It has been rated as problematic . Affected by this issue is some unknown functionality. Performing a manipulation of the argument X/Y…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 03, 2026
CVE-2026-45702 | OP-TEE optee_os up to 4.10.x type confusion (GHSA-86pj-8xgw-66p5)

A vulnerability categorized as problematic has been discovered in OP-TEE optee_os up to 4.10.x . This affects an unknown part. Executing a manipulation can lead to type confusion. The identification o…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 03, 2026
CVE-2026-42839 | Frappe ERPNext 16.16.0 Description item_name/description/image cross site scripting

A vulnerability identified as problematic has been detected in Frappe ERPNext 16.16.0 . This vulnerability affects unknown code of the component Description Handler . The manipulation of the argument …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 03, 2026
CVE-2026-7888 | Concrete CMS up to 9.5.1 unserialize deserialization

A vulnerability labeled as problematic has been found in Concrete CMS up to 9.5.1 . This issue affects the function unserialize . The manipulation results in deserialization. This vulnerability is ide…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 03, 2026
CVE-2026-42840 | Frappe ERPNext 16.16.0 email_id/mobile_no cross site scripting

A vulnerability marked as problematic has been reported in Frappe ERPNext 16.16.0 . Impacted is an unknown function. This manipulation of the argument email_id/mobile_no causes cross site scripting. T…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 03, 2026
CVE-2026-36611 | Mercusys AC12G POST Request SOAPAction uninitialized pointer

A vulnerability described as very critical has been identified in Mercusys AC12G . The affected element is an unknown function of the component POST Request Handler . Such manipulation of the argument…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 03, 2026
CVE-2026-36613 | Mercusys AC12G HTTP POST Request uninitialized pointer

A vulnerability classified as problematic has been found in Mercusys AC12G . The impacted element is an unknown function of the component HTTP POST Request Handler . Performing a manipulation results …

VulDB Read →
← Prev 172 / 490 Next →