CyberIntel ⬡ News
★ Saved ◆ Cyber Reads

// Vulnerabilities & CVEs
Intel Feed

cyberintel.kalymoon.com  ·  11809 articles  ·  updated every 4 hours · grows forever

11809Total
4299Full Text
Jul 13, 2026Latest
◈ Women in Cyber ◉ Threat Intelligence ◎ How-To & Tutorials ⬡ Vulnerabilities & CVEs 🔍 Digital Forensics ◍ Incident Response & DFIR ◆ Security Tools & Reviews ◇ Industry News & Leadership ✉ Email Security 🛡 Active Threats ⚠ Critical CVEs ◐ Insider Threat & DLP ◌ Quantum Computing ◬ AI & Machine Learning
🔥 Trending Topics · Last 48h
⬡ Vulnerabilities & CVEs Jun 02, 2026
CVE-2026-9599 | russellr Tectite Forms Plugin up to 1.3 on WordPress Setting admin_init cross-site request forgery

A vulnerability categorized as problematic has been discovered in russellr Tectite Forms Plugin up to 1.3 on WordPress. Impacted is the function admin_init of the component Setting Handler . Executing…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 02, 2026
CVE-2026-9722 | pcis Laiser Tag Plugin up to 1.2.5 on WordPress Setting addOptionsPageFields cross-site request forgery

A vulnerability identified as problematic has been detected in pcis Laiser Tag Plugin up to 1.2.5 on WordPress. The affected element is the function addOptionsPageFields of the component Setting Handl…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 02, 2026
CVE-2026-9730 | jamesmuga Remove NoFollow Commenter URL Plugin up to 1.0 on WordPress Setting gmz_comment_settings_save cross-site request forgery

A vulnerability labeled as problematic has been found in jamesmuga Remove NoFollow Commenter URL Plugin up to 1.0 on WordPress. The impacted element is the function gmz_comment_settings_save of the co…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 02, 2026
CVE-2026-41115 | Apache Kafka up to 4.3.0 improper authorization

A vulnerability marked as critical has been reported in Apache Kafka up to 4.3.0 . This affects an unknown function. This manipulation causes improper authorization. This vulnerability appears as CVE-…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 02, 2026
CVE-2026-34906 | Simple SA Wirtualna Uczelnia up to wu#2016.437.295#0#20260327_105545 Endpoint redirectToUrl redirectUrlParameter special elements used in a template engine

A vulnerability described as critical has been identified in Simple SA Wirtualna Uczelnia up to wu#2016.437.295#0#20260327_105545 . This impacts the function redirectToUrl of the component Endpoint . …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 02, 2026
CVE-2026-10549 | Yandex Database prior 25.3.1.25 Group Membership insufficient permissions or privileges

A vulnerability classified as critical has been found in Yandex Database . Affected is an unknown function of the component Group Membership Handler . Performing a manipulation results in improper han…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 02, 2026
CVE-2026-5422 | Jupyter jupyter_server up to 2.17.0 fileio.py _get_os_path path traversal

A vulnerability classified as problematic was found in Jupyter jupyter_server up to 2.17.0 . Affected by this vulnerability is the function _get_os_path of the file jupyter_server/services/contents/fi…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 02, 2026
CVE-2025-52766 | Printeers Print & Ship Plugin up to 1.17.0 on WordPress authorization

A vulnerability, which was classified as critical , has been found in Printeers Print & Ship Plugin up to 1.17.0 on WordPress. Affected by this issue is some unknown functionality. The manipulation le…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 02, 2026
CVE-2026-5191 | raja3c Tiled Gallery Carousel without JetPack Plugin up to 3.1 on WordPress data-image-title cross site scripting

A vulnerability, which was classified as problematic , was found in raja3c Tiled Gallery Carousel without JetPack Plugin up to 3.1 on WordPress. This affects an unknown part. The manipulation of the a…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 02, 2026
CVE-2025-52759 | UnboundStudio Accordion FAQ Plugin up to 2.2.1 on WordPress cross site scripting

A vulnerability has been found in UnboundStudio Accordion FAQ Plugin up to 2.2.1 on WordPress and classified as problematic . This vulnerability affects unknown code. This manipulation causes cross si…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 02, 2026
CVE-2026-34907 | Simple SA Wirtualna Uczelnia up to wu#2016.437.295#0#20260327_105545 locale cross site scripting

A vulnerability was found in Simple SA Wirtualna Uczelnia up to wu#2016.437.295#0#20260327_105545 and classified as problematic . This issue affects some unknown processing. Such manipulation of the a…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 02, 2026
CVE-2025-53345 | ThimPress Thim Core Plugin up to 2.3.3 on WordPress authorization

A vulnerability was found in ThimPress Thim Core Plugin up to 2.3.3 on WordPress. It has been classified as critical . Impacted is an unknown function. Performing a manipulation results in missing aut…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 02, 2026
CVE-2026-10606 | DedeCMS 5.7.88 Feedback /plus/feedback.php TrimMsg msg sql injection

A vulnerability was found in DedeCMS 5.7.88 . It has been declared as critical . The affected element is the function TrimMsg of the file /plus/feedback.php of the component Feedback Handler . Executi…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 02, 2026
CVE-2026-10607 | DedeCMS 5.7.88 /plus/flink.php dede_htmlspecialchars msg sql injection

A vulnerability was found in DedeCMS 5.7.88 . It has been rated as critical . The impacted element is the function dede_htmlspecialchars of the file /plus/flink.php . The manipulation of the argument …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 02, 2026
CVE-2026-10608 | DedeCMS 5.7.88 /plus/carbuyaction.php RemoveXSS postname/des sql injection

A vulnerability categorized as critical has been discovered in DedeCMS 5.7.88 . This affects the function RemoveXSS of the file /plus/carbuyaction.php . The manipulation of the argument postname/des r…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 02, 2026
CVE-2025-53440 | Axiomthemes Confidant Plugin up to 1.4 on WordPress filename control

A vulnerability identified as problematic has been detected in Axiomthemes Confidant Plugin up to 1.4 on WordPress. This impacts an unknown function. This manipulation causes improper control of filen…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 02, 2026
CVE-2025-58705 | Axiomthemes Crafti Plugin up to 1.12 on WordPress filename control

A vulnerability labeled as problematic has been found in Axiomthemes Crafti Plugin up to 1.12 on WordPress. Affected is an unknown function. Such manipulation leads to improper control of filename for…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 02, 2026
CVE-2026-42684 | Ahmad WP Job Portal Plugin up to 2.5.1 on WordPress sql injection

A vulnerability marked as critical has been reported in Ahmad WP Job Portal Plugin up to 2.5.1 on WordPress. Affected by this vulnerability is an unknown functionality. Performing a manipulation resul…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 02, 2026
CVE-2026-42670 | Etoile Web Design Incorporated Five Star Restaurant Reservations Plugin up to 2.7.14 on WordPress authorization

A vulnerability described as critical has been identified in Etoile Web Design Incorporated Five Star Restaurant Reservations Plugin up to 2.7.14 on WordPress. Affected by this issue is some unknown f…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 02, 2026
CVE-2026-8993 | Ditec D.Launcher 2 up to 2.0.6 URL injection

A vulnerability classified as critical has been found in Ditec D.Launcher 2 up to 2.0.6 . This affects an unknown part of the component URL Handler . The manipulation leads to injection. This vulnerab…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 02, 2026
CVE-2026-39550 | Elated-Themes Aperitif Plugin up to 1.6 on WordPress deserialization

A vulnerability classified as problematic was found in Elated-Themes Aperitif Plugin up to 1.6 on WordPress. This vulnerability affects unknown code. The manipulation results in deserialization. This …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 02, 2026
CVE-2026-39551 | Elated-Themes Töbel Plugin up to 1.8.1 on WordPress deserialization

A vulnerability, which was classified as problematic , has been found in Elated-Themes Töbel Plugin up to 1.8.1 on WordPress. This issue affects some unknown processing. This manipulation causes deser…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 02, 2026
CVE-2026-42669 | EventPrime Plugin up to 4.3.2.0 on WordPress authorization

A vulnerability, which was classified as critical , was found in EventPrime Plugin up to 4.3.2.0 on WordPress. Impacted is an unknown function. Such manipulation leads to missing authorization. This v…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 02, 2026
CVE-2026-42685 | Ahmad WP Job Portal Plugin up to 2.5.1 on WordPress cross site scripting

A vulnerability has been found in Ahmad WP Job Portal Plugin up to 2.5.1 on WordPress and classified as problematic . The affected element is an unknown function. Performing a manipulation results in …

VulDB Read →
← Prev 182 / 493 Next →