CyberIntel ⬡ News
★ Saved ◆ Cyber Reads

// Vulnerabilities & CVEs
Intel Feed

cyberintel.kalymoon.com  ·  11809 articles  ·  updated every 4 hours · grows forever

11809Total
4299Full Text
Jul 13, 2026Latest
◈ Women in Cyber ◉ Threat Intelligence ◎ How-To & Tutorials ⬡ Vulnerabilities & CVEs 🔍 Digital Forensics ◍ Incident Response & DFIR ◆ Security Tools & Reviews ◇ Industry News & Leadership ✉ Email Security 🛡 Active Threats ⚠ Critical CVEs ◐ Insider Threat & DLP ◌ Quantum Computing ◬ AI & Machine Learning
🔥 Trending Topics · Last 48h
⬡ Vulnerabilities & CVEs Jun 02, 2026
CVE-2026-9844 | Roche Diagnostics navify Digital Pathology up to 2.4.1 RabbitMQ Management Interface default credentials

A vulnerability described as critical has been identified in Roche Diagnostics navify Digital Pathology up to 2.4.1 . The impacted element is an unknown function of the component RabbitMQ Management I…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 02, 2026
CVE-2019-25719 | Dräger Infinity Acute Care System up to G4.0.3/G4.1/G4.1.1 message integrity

A vulnerability classified as critical has been found in Dräger Infinity Acute Care System and Standalone Infinity M540 patient monitor up to G4.0.3/G4.1/G4.1.1 . This affects an unknown function. Per…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 02, 2026
CVE-2026-10611 | MISP up to 2.5.38 Authentication Plugin improper authentication

A vulnerability classified as critical was found in MISP up to 2.5.38 . This impacts an unknown function of the component Authentication Plugin Handler . Executing a manipulation can lead to improper …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 02, 2026
CVE-2026-32685 | Gleam up to 1.16.x build/dev/docs/ documentation.pages[].path path traversal (GHSA-wjx8-7w8m-p4v7)

A vulnerability, which was classified as critical , has been found in Gleam up to 1.16.x . Affected is an unknown function of the file build/dev/docs/ . The manipulation of the argument documentation.…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 02, 2026
CVE-2026-42795 | Gleam up to 1.16.x compiler-cli/src/fs.rs gleam_files link following (GHSA-qhh5-fg4c-8gqc)

A vulnerability, which was classified as critical , was found in Gleam up to 1.16.x . Affected by this vulnerability is the function gleam_files of the file compiler-cli/src/fs.rs . The manipulation r…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 02, 2026
CVE-2026-10622 | Collibra Platform up to 2025.10.398/2026.03.355 REST API /rest/ missing authentication

A vulnerability has been found in Collibra Platform up to 2025.10.398/2026.03.355 and classified as critical . Affected by this issue is some unknown functionality of the file /rest/ of the component …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 02, 2026
CVE-2026-28116 | Emilia Projects Progress Planner Plugin up to 1.9.0 on WordPress cross site scripting

A vulnerability was found in Emilia Projects Progress Planner Plugin up to 1.9.0 on WordPress and classified as problematic . This affects an unknown part. Such manipulation leads to cross site script…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 02, 2026
CVE-2026-39555 | Elated-Themes Askka Plugin up to 1.3.1 on WordPress deserialization

A vulnerability was found in Elated-Themes Askka Plugin up to 1.3.1 on WordPress. It has been classified as problematic . This vulnerability affects unknown code. Performing a manipulation results in …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 02, 2026
CVE-2026-10650 | warmcat libwebsockets up to 4.5.8 SSH Protocol sshd.c lws_ssh_parse_plaintext msg_len resource consumption

A vulnerability was found in warmcat libwebsockets up to 4.5.8 . It has been declared as problematic . This issue affects the function lws_ssh_parse_plaintext of the file plugins/protocol_lws_ssh_base…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 02, 2026
CVE-2026-10661 | ahujasid blender-mcp up to 7636d13bded82eca58eb93c3f4cd8708dfdfbe8b server.py open input_image_url injection (Issue 202)

A vulnerability was found in ahujasid blender-mcp up to 7636d13bded82eca58eb93c3f4cd8708dfdfbe8b . It has been rated as critical . Impacted is the function Open of the file src/blender_mcp/server.py .…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 02, 2026
CVE-2026-10662 | ahujasid blender-mcp up to 7636d13bded82eca58eb93c3f4cd8708dfdfbe8b ZIP File server.py requests.get zip_file_url server-side request forgery (Issue 203)

A vulnerability categorized as critical has been discovered in ahujasid blender-mcp up to 7636d13bded82eca58eb93c3f4cd8708dfdfbe8b . The affected element is the function requests.get of the file src/b…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 02, 2026
CVE-2026-10688 | ahujasid blender-mcp up to 7636d13bded82eca58eb93c3f4cd8708dfdfbe8b server.py execute_blender_code code injection (Issue 201)

A vulnerability identified as critical has been detected in ahujasid blender-mcp up to 7636d13bded82eca58eb93c3f4cd8708dfdfbe8b . The impacted element is the function execute_blender_code of the file …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 02, 2026
CVE-2026-10690 | wonderwhy-er DesktopCommanderMCP 0.2.37 read_file src/tools/filesystem.ts readFileFromUrl url server-side request forgery (Issue 410)

A vulnerability labeled as critical has been found in wonderwhy-er DesktopCommanderMCP 0.2.37 . This affects the function readFileFromUrl of the file src/tools/filesystem.ts of the component read_file…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 02, 2026
CVE-2026-10691 | wonderwhy-er DesktopCommanderMCP up to 0.2.38 start_search src/search-manager.ts SearchResult[] redos (Issue 375)

A vulnerability marked as problematic has been reported in wonderwhy-er DesktopCommanderMCP up to 0.2.38 . This impacts an unknown function of the file src/search-manager.ts of the component start_sea…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 02, 2026
CVE-2026-10692 | johnhuang316 code-index-mcp up to 2.14.0 search_code_advanced is_safe_regex_pattern regex redos (Issue 84)

A vulnerability described as problematic has been identified in johnhuang316 code-index-mcp up to 2.14.0 . Affected is the function is_safe_regex_pattern of the component search_code_advanced . Execut…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 02, 2026
CVE-2026-10693 | SourceCodester Online Boat Reservation System 1.0 Administrative Endpoint improper authorization

A vulnerability classified as critical has been found in SourceCodester Online Boat Reservation System 1.0 . Affected by this vulnerability is an unknown functionality of the component Administrative …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 02, 2026
CVE-2026-10694 | SourceCodester Online Food Ordering System 2.0 /index.php include page file inclusion

A vulnerability classified as critical was found in SourceCodester Online Food Ordering System 2.0 . Affected by this issue is the function include of the file /index.php . The manipulation of the arg…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 02, 2026
Critical Vulnerability in Rancher Fleet Enables Full Cluster-Admin Privileges - gbhackers.com

Critical Vulnerability in Rancher Fleet Enables Full Cluster-Admin Privileges gbhackers.com

gbhackers.com Read →
⬡ Vulnerabilities & CVEs Jun 02, 2026
CVE-2026-4080 | zeshanb Easy Cart Plugin up to 1.8 on WordPress Shortcode ectp_add_to_cart cross site scripting

A vulnerability, which was classified as problematic , was found in zeshanb Easy Cart Plugin up to 1.8 on WordPress. Affected is the function ectp_add_to_cart of the component Shortcode Handler . Exec…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 02, 2026
CVE-2026-9234 | ntbyk JTL-Connector for WooCommerce Plugin up to 2.4.1 on WordPress Setting JtlConnectorAdmin::save authorization

A vulnerability has been found in ntbyk JTL-Connector for WooCommerce Plugin up to 2.4.1 on WordPress and classified as critical . Affected by this vulnerability is the function JtlConnectorAdmin::sav…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 02, 2026
CVE-2026-9723 | ddd2500 Google Plus One Bottom Plugin up to 0.0.2 on WordPress Setting googlePlusOneAdmin cross-site request forgery

A vulnerability was found in ddd2500 Google Plus One Bottom Plugin up to 0.0.2 on WordPress and classified as problematic . Affected by this issue is the function googlePlusOneAdmin of the component S…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 02, 2026
CVE-2026-4081 | jhdscript ZeM STL Plugin up to 1.0 on WordPress Shortcode esc_attr url/color/bgcolor cross site scripting

A vulnerability was found in jhdscript ZeM STL Plugin up to 1.0 on WordPress. It has been classified as problematic . This affects the function esc_attr of the component Shortcode Handler . This manip…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 02, 2026
CVE-2026-8422 | mr_mat Remove Meta Boxes per User Role Plugin up to 1.01 on WordPress cross-site request forgery

A vulnerability was found in mr_mat Remove Meta Boxes per User Role Plugin up to 1.01 on WordPress. It has been declared as problematic . This vulnerability affects unknown code. Such manipulation lea…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 02, 2026
CVE-2026-8885 | marcqueralt DeMomentSomTres Shortcodes Plugin up to 1.1.1 on WordPress Shortcode st_callout width/align cross site scripting

A vulnerability was found in marcqueralt DeMomentSomTres Shortcodes Plugin up to 1.1.1 on WordPress. It has been rated as problematic . This issue affects the function st_callout of the component Shor…

VulDB Read →
← Prev 181 / 493 Next →