CyberIntel ⬡ News
★ Saved ◆ Cyber Reads

// Vulnerabilities & CVEs
Intel Feed

cyberintel.kalymoon.com  ·  12038 articles  ·  updated every 4 hours · grows forever

12038Total
4302Full Text
Jul 14, 2026Latest
◈ Women in Cyber ◉ Threat Intelligence ◎ How-To & Tutorials ⬡ Vulnerabilities & CVEs 🔍 Digital Forensics ◍ Incident Response & DFIR ◆ Security Tools & Reviews ◇ Industry News & Leadership ✉ Email Security 🛡 Active Threats ⚠ Critical CVEs ◐ Insider Threat & DLP ◌ Quantum Computing ◬ AI & Machine Learning
🔥 Trending Topics · Last 48h
⬡ Vulnerabilities & CVEs Jun 01, 2026
CVE-2026-20454 | MediaTek MT8910 geniezone toctou (MSV-6786 / ALPS10873936)

A vulnerability categorized as critical has been discovered in MediaTek MT6739, MT6761, MT6765, MT6768, MT6781, MT6789, MT6835, MT6853, MT6855, MT6877, MT6878, MT6879, MT6883, MT6885, MT6886, MT6889, …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 01, 2026
CVE-2026-20455 | MediaTek MT8910 geniezone out-of-bounds write (MSV-6784 / ALPS10873936)

A vulnerability identified as critical has been detected in MediaTek MT6739, MT6761, MT6765, MT6768, MT6781, MT6789, MT6835, MT6853, MT6855, MT6877, MT6878, MT6879, MT6883, MT6885, MT6886, MT6889, MT6…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 01, 2026
CVE-2026-20456 | MediaTek MT7902/MT7920/MT7921/MT7922/MT7925/MT7927 WLAN STA Driver out-of-bounds write (MSV-6338)

A vulnerability labeled as critical has been found in MediaTek MT7902, MT7920, MT7921, MT7922, MT7925 and MT7927 . Affected is an unknown function of the component WLAN STA Driver . The manipulation r…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 01, 2026
CVE-2026-48209 | OTRS Community Edition 7.0.x Request cross site scripting

A vulnerability marked as problematic has been reported in OTRS Community Edition 7.0.x . Affected by this vulnerability is an unknown functionality of the component Request Handler . This manipulatio…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 01, 2026
CVE-2026-35563 | Apache Directory LDAP API up to 2.1.7 certificate validation

A vulnerability described as problematic has been identified in Apache Directory LDAP API up to 2.1.7 . Affected by this issue is some unknown functionality. Such manipulation leads to improper certif…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 01, 2026
CVE-2026-42253 | Apache ActiveMQ JMS Message injection

A vulnerability classified as critical has been found in Apache ActiveMQ . This affects an unknown part of the component JMS Message Handler . Performing a manipulation results in injection. This vuln…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 01, 2026
CVE-2026-42588 | Apache ActiveMQ Jolokia addNetworkConnector privilege escalation

A vulnerability classified as critical was found in Apache ActiveMQ . This vulnerability affects the function addNetworkConnector of the component Jolokia . Executing a manipulation can lead to privil…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 01, 2026
CVE-2026-45192 | Apache Airflow up to 3.2.1 API Response information disclosure

A vulnerability, which was classified as problematic , has been found in Apache Airflow up to 3.2.1 . This issue affects some unknown processing of the component API Response Handler . The manipulatio…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 01, 2026
CVE-2026-45505 | Apache ActiveMQ Jolokia addNetworkConnector privilege escalation

A vulnerability, which was classified as problematic , was found in Apache ActiveMQ . Impacted is the function addNetworkConnector of the component Jolokia . The manipulation results in privilege esca…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 01, 2026
CVE-2026-46605 | Apache ActiveMQ Jolokia improper authorization

A vulnerability has been found in Apache ActiveMQ and classified as critical . The affected element is an unknown function of the component Jolokia . This manipulation causes improper authorization. T…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 01, 2026
CVE-2026-48827 | Apache MINA SSHD up to 2.17.0/3.0.0-M2 org.apache.sshd:sshd-git path traversal

A vulnerability was found in Apache MINA SSHD up to 2.17.0/3.0.0-M2 and classified as critical . The impacted element is an unknown function of the component org.apache.sshd:sshd-git . Such manipulati…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 01, 2026
CVE-2026-49157 | Apache ActiveMQ up to 5.19.6/6.2.5 Jolokia broker-management privilege escalation

A vulnerability was found in Apache ActiveMQ up to 5.19.6/6.2.5 . It has been classified as problematic . This affects an unknown function of the component Jolokia broker-management . Performing a man…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 01, 2026
CVE-2026-49267 | Apache Airflow up to 3.2.1 SMTP STARTTLS Connection certificate validation

A vulnerability was found in Apache Airflow up to 3.2.1 . It has been declared as problematic . This impacts an unknown function of the component SMTP STARTTLS Connection Handler . Executing a manipul…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 01, 2026
CVE-2026-49270 | Apache ActiveMQ BrokerInfo privilege escalation

A vulnerability was found in Apache ActiveMQ . It has been rated as problematic . Affected is an unknown function of the component BrokerInfo Handler . The manipulation leads to privilege escalation. …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 01, 2026
CVE-2026-49298 | Apache Airflow up to 3.2.1 KubernetesExecutor Command-Line Argument information disclosure

A vulnerability categorized as problematic has been discovered in Apache Airflow up to 3.2.1 . Affected by this vulnerability is an unknown functionality of the component KubernetesExecutor Command-Li…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 01, 2026
CVE-2026-49361 | Apache Fluss 0.8.0/0.9.0 Netty Frame Decoder memory allocation

A vulnerability identified as problematic has been detected in Apache Fluss 0.8.0/0.9.0 . Affected by this issue is some unknown functionality of the component Netty Frame Decoder . This manipulation …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 01, 2026
Critical Bamboo Data Centre and Server Flaw Enables Command Injection Attacks - gbhackers.com

Critical Bamboo Data Centre and Server Flaw Enables Command Injection Attacks gbhackers.com

gbhackers.com Read →
⬡ Vulnerabilities & CVEs Jun 01, 2026
Nine-year-old Linux Kernel Vulnerability Let Attackers Exfiltrate SSH Private Keys - CyberSecurityNews

Nine-year-old Linux Kernel Vulnerability Let Attackers Exfiltrate SSH Private Keys CyberSecurityNews

CyberSecurityNews Read →
⬡ Vulnerabilities & CVEs May 31, 2026
CVE-2026-10275 | OpenSC up to 0.26.1 pkcs11-tool Key Generation src/tools/pkcs11-tool.c test_kpgen_certwrite buffer overflow (Issue 3682)

A vulnerability marked as critical has been reported in OpenSC up to 0.26.1 . This affects the function test_kpgen_certwrite of the file src/tools/pkcs11-tool.c of the component pkcs11-tool Key Genera…

VulDB Read →
⬡ Vulnerabilities & CVEs May 31, 2026
CVE-2026-10276 | hekmon8 Jenkins-server-mcp 0.1.0 get_build_status/get_build_log/trigger_build src/index.ts jobPath server-side request forgery

A vulnerability described as critical has been identified in hekmon8 Jenkins-server-mcp 0.1.0 . This vulnerability affects the function jobPath of the file src/index.ts of the component get_build_stat…

VulDB Read →
⬡ Vulnerabilities & CVEs May 31, 2026
CVE-2026-10277 | j3k0 mcp-google-workspace up to 831790e7d5c2663325733d9f5579cc339a267c4c MCP Gmail Tool src/tools/gmail.ts saveToDisk access control

A vulnerability classified as critical has been found in j3k0 mcp-google-workspace up to 831790e7d5c2663325733d9f5579cc339a267c4c . This issue affects the function saveToDisk of the file src/tools/gma…

VulDB Read →
⬡ Vulnerabilities & CVEs May 31, 2026
CVE-2026-10278 | ishayoyo excel-mcp up to 1.0.2 read_file/write_file src/index.ts filePath/outputPath path traversal

A vulnerability classified as critical was found in ishayoyo excel-mcp up to 1.0.2 . Impacted is an unknown function of the file src/index.ts of the component read_file/write_file . Executing a manipu…

VulDB Read →
⬡ Vulnerabilities & CVEs May 31, 2026
CVE-2026-10279 | hiraishikentaro wezterm-mcp 0.1.0 switch_pane/write_to_specific_pane src/wezterm_executor.ts request.params.arguments.pane_id os command injection

A vulnerability, which was classified as critical , has been found in hiraishikentaro wezterm-mcp 0.1.0 . The affected element is an unknown function of the file src/wezterm_executor.ts of the compone…

VulDB Read →
⬡ Vulnerabilities & CVEs May 31, 2026
CVE-2026-10280 | horizon921 mcpilot 0.1.0 MCP API Call Endpoint route.ts serverBaseUrl server-side request forgery

A vulnerability, which was classified as critical , was found in horizon921 mcpilot 0.1.0 . The impacted element is an unknown function of the file client/src/app/api/mcp/call/route.ts of the componen…

VulDB Read →
← Prev 199 / 502 Next →