CyberIntel ⬡ News
★ Saved ◆ Cyber Reads

// Vulnerabilities & CVEs
Intel Feed

cyberintel.kalymoon.com  ·  11779 articles  ·  updated every 4 hours · grows forever

11779Total
4299Full Text
Jul 13, 2026Latest
◈ Women in Cyber ◉ Threat Intelligence ◎ How-To & Tutorials ⬡ Vulnerabilities & CVEs 🔍 Digital Forensics ◍ Incident Response & DFIR ◆ Security Tools & Reviews ◇ Industry News & Leadership ✉ Email Security 🛡 Active Threats ⚠ Critical CVEs ◐ Insider Threat & DLP ◌ Quantum Computing ◬ AI & Machine Learning
🔥 Trending Topics · Last 48h
⬡ Vulnerabilities & CVEs Jun 03, 2026
CVE-2024-47263 | Synology Hyper Backup up to 4.1.2-4035 path traversal

A vulnerability, which was classified as critical , has been found in Synology Hyper Backup up to 4.1.2-4035 . This affects an unknown part. The manipulation leads to path traversal. This vulnerabilit…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 03, 2026
CVE-2026-35193 | djangoproject Django up to 5.2.14/6.0.5 django.middleware.cache.UpdateCacheMiddleware cache containing sensitive information

A vulnerability, which was classified as problematic , was found in djangoproject Django up to 5.2.14/6.0.5 . This vulnerability affects unknown code of the component django.middleware.cache.UpdateCac…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 03, 2026
CVE-2025-60477 | GPAC up to 26.1.x MP4Box filter_pid.c gf_filter_pid_resolve_file_template_ex null pointer dereference

A vulnerability has been found in GPAC up to 26.1.x and classified as problematic . This issue affects the function gf_filter_pid_resolve_file_template_ex of the file /filter_core/filter_pid.c of the …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 03, 2026
CVE-2025-70100 | gkostka lwext4 1.0.0 Fileystem Image src/ext4_blockdev.c ext4_block_set_lb_size denial of service (Issue 90)

A vulnerability was found in gkostka lwext4 1.0.0 and classified as problematic . Impacted is the function ext4_block_set_lb_size of the file src/ext4_blockdev.c of the component Fileystem Image Handl…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 03, 2026
CVE-2025-70101 | gkostka lwext4 1.0.0 Fileystem Image src/ext4_extent.c ext4_ext_binsearch_idx out-of-bounds (Issue 91)

A vulnerability was found in gkostka lwext4 1.0.0 . It has been classified as problematic . The affected element is the function ext4_ext_binsearch_idx of the file src/ext4_extent.c of the component F…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 03, 2026
CVE-2022-49042 | Synology Hyper Backup Explorer up to 3.0.1-0155 MinGW DLL inclusion of functionality from untrusted control sphere

A vulnerability was found in Synology Hyper Backup Explorer up to 3.0.1-0155 . It has been declared as critical . The impacted element is an unknown function of the component MinGW DLL . Executing a m…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 03, 2026
CVE-2026-10729 | Thinkst Applied Research Canarytokens prior sha-bfda4df Notification Email injection (GHSA-hmjv-pj8j-8fg7 / bfda4df)

A vulnerability was found in Thinkst Applied Research Canarytokens . It has been rated as critical . This affects an unknown function of the component Notification Email Handler . The manipulation lea…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 03, 2026
CVE-2023-52951 | Synology Note Station Client up to 2.2.4-702 cleartext transmission

A vulnerability categorized as problematic has been discovered in Synology Note Station Client up to 2.2.4-702 . This impacts an unknown function. The manipulation results in cleartext transmission of…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 03, 2026
CVE-2026-5241 | huggingface transformers up to 5.4.x Python AutoModel.from_pretrained trust_remote_code inclusion of functionality from untrusted control sphere

A vulnerability identified as problematic has been detected in huggingface transformers up to 5.4.x . Affected is the function AutoModel.from_pretrained of the component Python Module . This manipulat…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 03, 2026
CVE-2026-44545 | djangoproject daphne up to 4.2.1 WebSocket Message allocation of resources

A vulnerability labeled as problematic has been found in djangoproject daphne up to 4.2.1 . Affected by this vulnerability is an unknown functionality of the component WebSocket Message Handler . Such…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 03, 2026
CVE-2026-48587 | Django up to 5.2.14/6.0.5 Response Header django.utils.cache.has_vary_header incomplete comparison with missing factors

A vulnerability marked as problematic has been reported in Django up to 5.2.14/6.0.5 . Affected by this issue is the function django.utils.cache.has_vary_header of the component Response Header Handle…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 03, 2026
CVE-2026-6873 | Django up to 5.2.14/6.0.5 django.http.HttpRequest.get_signed_cookie salt signature verification

A vulnerability described as problematic has been identified in Django up to 5.2.14/6.0.5 . This affects the function django.http.HttpRequest.get_signed_cookie . Executing a manipulation of the argume…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 03, 2026
CVE-2026-7666 | Django up to 5.2.14/6.0.5 Email Content django.core.mail.backends.smtp.EmailBackend cleartext transmission

A vulnerability classified as problematic has been found in Django up to 5.2.14/6.0.5 . This vulnerability affects the function django.core.mail.backends.smtp.EmailBackend of the component Email Conte…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 03, 2026
CVE-2026-8404 | Django up to 5.2.14/6.0.5 django.middleware.cache.UpdateCacheMiddleware case sensitivity

A vulnerability classified as problematic was found in Django up to 5.2.14/6.0.5 . This issue affects some unknown processing of the component django.middleware.cache.UpdateCacheMiddleware . The manip…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 03, 2026
CVE-2026-47325 | ProjectsAndPrograms school-management-system weak credentials (6b6fae5)

A vulnerability, which was classified as problematic , has been found in ProjectsAndPrograms school-management-system . Impacted is an unknown function. This manipulation causes use of weak credential…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 03, 2026
CVE-2026-37460 | FRRouting FRR 10.0/10.6 BGP rfapi_rib.c rfapiRibBi2Ri denial of service

A vulnerability, which was classified as problematic , was found in FRRouting FRR 10.0/10.6 . The affected element is the function rfapiRibBi2Ri of the file rfapi_rib.c of the component BGP Handler . …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 03, 2026
CVE-2026-44546 | djangoproject daphne up to 4.2.1 Websocket Handshake splitlines request smuggling

A vulnerability has been found in djangoproject daphne up to 4.2.1 and classified as problematic . The impacted element is the function splitlines of the component Websocket Handshake Handler . Perfor…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 03, 2026
CVE-2026-47324 | ProjectsAndPrograms school-management-system cross site scripting (6b6fae5)

A vulnerability was found in ProjectsAndPrograms school-management-system and classified as problematic . This affects an unknown function. Executing a manipulation can lead to cross site scripting. T…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 03, 2026
CVE-2026-10766 | mlrun up to 1.12.0-rc3 DataFrame Hash mlrun/utils/helpers.py mlrun.utils.helpers.calculate_dataframe_hash weak hash (Issue 9691)

A vulnerability was found in mlrun up to 1.12.0-rc3 . It has been classified as problematic . This impacts the function mlrun.utils.helpers.calculate_dataframe_hash of the file mlrun/utils/helpers.py …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 03, 2026
CVE-2026-10771 | crmeb crmeb_java 1.4 base64 Qrcode Endpoint RestTemplateUtil.java RestTemplate.getForEntity url server-side request forgery (Issue 35)

A vulnerability was found in crmeb crmeb_java 1.4 . It has been declared as critical . Affected is the function RestTemplate.getForEntity of the file crmeb-common/src/main/java/com/zbkj/common/utils/R…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 03, 2026
Critical MongoDB Vulnerability Allow Attackers to Execute Arbitrary Code - CyberSecurityNews

Critical MongoDB Vulnerability Allow Attackers to Execute Arbitrary Code CyberSecurityNews

CyberSecurityNews Read →
⬡ Vulnerabilities & CVEs Jun 03, 2026
CVE-2026-5078 | morgan up to 1.10.1/1.10.x Authorization neutralization for logs (GHSA-4vj7-5mj6-jm8m / EUVD-2026-34067)

A vulnerability was found in morgan up to 1.10.1/1.10.x and classified as problematic . Affected is an unknown function of the component Authorization Handler . Executing a manipulation can lead to im…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 03, 2026
CVE-2025-15654 | Fox-themes Prague Plugin up to 2.2.8 on WordPress cross site scripting (EUVD-2025-210045)

A vulnerability was found in Fox-themes Prague Plugin up to 2.2.8 on WordPress. It has been classified as problematic . Affected by this vulnerability is an unknown functionality. The manipulation lea…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 03, 2026
CVE-2026-4035 | mlflow up to 3.10.x ENV_VAR insertion of sensitive information into sent data (EUVD-2026-34068)

A vulnerability was found in mlflow up to 3.10.x . It has been declared as problematic . Affected by this issue is some unknown functionality. The manipulation of the argument ENV_VAR results in inser…

VulDB Read →
← Prev 175 / 491 Next →