CyberIntel ⬡ News
★ Saved ◆ Cyber Reads

// Vulnerabilities & CVEs
Intel Feed

cyberintel.kalymoon.com  ·  12068 articles  ·  updated every 4 hours · grows forever

12068Total
4302Full Text
Jul 15, 2026Latest
◈ Women in Cyber ◉ Threat Intelligence ◎ How-To & Tutorials ⬡ Vulnerabilities & CVEs 🔍 Digital Forensics ◍ Incident Response & DFIR ◆ Security Tools & Reviews ◇ Industry News & Leadership ✉ Email Security 🛡 Active Threats ⚠ Critical CVEs ◐ Insider Threat & DLP ◌ Quantum Computing ◬ AI & Machine Learning
🔥 Trending Topics · Last 48h
⬡ Vulnerabilities & CVEs May 31, 2026
CVE-2026-10275 | OpenSC up to 0.26.1 pkcs11-tool Key Generation src/tools/pkcs11-tool.c test_kpgen_certwrite buffer overflow (Issue 3682)

A vulnerability marked as critical has been reported in OpenSC up to 0.26.1 . This affects the function test_kpgen_certwrite of the file src/tools/pkcs11-tool.c of the component pkcs11-tool Key Genera…

VulDB Read →
⬡ Vulnerabilities & CVEs May 31, 2026
CVE-2026-10276 | hekmon8 Jenkins-server-mcp 0.1.0 get_build_status/get_build_log/trigger_build src/index.ts jobPath server-side request forgery

A vulnerability described as critical has been identified in hekmon8 Jenkins-server-mcp 0.1.0 . This vulnerability affects the function jobPath of the file src/index.ts of the component get_build_stat…

VulDB Read →
⬡ Vulnerabilities & CVEs May 31, 2026
CVE-2026-10277 | j3k0 mcp-google-workspace up to 831790e7d5c2663325733d9f5579cc339a267c4c MCP Gmail Tool src/tools/gmail.ts saveToDisk access control

A vulnerability classified as critical has been found in j3k0 mcp-google-workspace up to 831790e7d5c2663325733d9f5579cc339a267c4c . This issue affects the function saveToDisk of the file src/tools/gma…

VulDB Read →
⬡ Vulnerabilities & CVEs May 31, 2026
CVE-2026-10278 | ishayoyo excel-mcp up to 1.0.2 read_file/write_file src/index.ts filePath/outputPath path traversal

A vulnerability classified as critical was found in ishayoyo excel-mcp up to 1.0.2 . Impacted is an unknown function of the file src/index.ts of the component read_file/write_file . Executing a manipu…

VulDB Read →
⬡ Vulnerabilities & CVEs May 31, 2026
CVE-2026-10279 | hiraishikentaro wezterm-mcp 0.1.0 switch_pane/write_to_specific_pane src/wezterm_executor.ts request.params.arguments.pane_id os command injection

A vulnerability, which was classified as critical , has been found in hiraishikentaro wezterm-mcp 0.1.0 . The affected element is an unknown function of the file src/wezterm_executor.ts of the compone…

VulDB Read →
⬡ Vulnerabilities & CVEs May 31, 2026
CVE-2026-10280 | horizon921 mcpilot 0.1.0 MCP API Call Endpoint route.ts serverBaseUrl server-side request forgery

A vulnerability, which was classified as critical , was found in horizon921 mcpilot 0.1.0 . The impacted element is an unknown function of the file client/src/app/api/mcp/call/route.ts of the componen…

VulDB Read →
⬡ Vulnerabilities & CVEs May 31, 2026
CVE-2026-10281 | Enderfga claw-orchestrator up to 3.5.5 API Endpoint src/embedded-server.ts EmbeddedServer missing authentication (Issue 61)

A vulnerability has been found in Enderfga claw-orchestrator up to 3.5.5 and classified as critical . This affects the function EmbeddedServer of the file src/embedded-server.ts of the component API E…

VulDB Read →
⬡ Vulnerabilities & CVEs May 31, 2026
CVE-2026-10282 | Bottelet DaybydayCRM up to 2.2.1 DocumentsController.php view improper authorization (Issue 347)

A vulnerability was found in Bottelet DaybydayCRM up to 2.2.1 and classified as problematic . This impacts the function view of the file app/Http/Controllers/DocumentsController.php . Such manipulatio…

VulDB Read →
⬡ Vulnerabilities & CVEs May 31, 2026
CVE-2026-10283 | Bottelet DaybydayCRM up to 2.2.1 Setting missing authentication

A vulnerability was found in Bottelet DaybydayCRM up to 2.2.1 . It has been classified as critical . Affected is an unknown function of the component Setting Handler . Performing a manipulation result…

VulDB Read →
⬡ Vulnerabilities & CVEs May 31, 2026
CVE-2026-10284 | DevaslanPHP project-management up to 2.0.0-beta1 Livewire ViewTicket.php editComment/doDeleteComment improper authorization (Issue 140)

A vulnerability was found in DevaslanPHP project-management up to 2.0.0-beta1 . It has been declared as critical . Affected by this vulnerability is the function editComment/doDeleteComment of the fil…

VulDB Read →
⬡ Vulnerabilities & CVEs May 31, 2026
CVE-2026-10285 | DevaslanPHP project-management up to 2.0.0-beta1 Ticket KanbanScrumHelper.php recordUpdated improper authorization (Issue 141)

A vulnerability was found in DevaslanPHP project-management up to 2.0.0-beta1 . It has been rated as critical . Affected by this issue is the function KanbanScrumHelper::recordUpdated of the file app/…

VulDB Read →
⬡ Vulnerabilities & CVEs May 31, 2026
CVE-2026-10286 | CodeAstro Payroll System 1.0 /home_employee.php emp_id sql injection

A vulnerability categorized as critical has been discovered in CodeAstro Payroll System 1.0 . This affects an unknown part of the file /home_employee.php . The manipulation of the argument emp_id resu…

VulDB Read →
⬡ Vulnerabilities & CVEs May 31, 2026
CVE-2026-10287 | SourceCodester SEO Meta Tag Extractor 1.0 /index.php get_headers url server-side request forgery

A vulnerability identified as critical has been detected in SourceCodester SEO Meta Tag Extractor 1.0 . This vulnerability affects the function get_headers of the file /index.php . This manipulation o…

VulDB Read →
⬡ Vulnerabilities & CVEs May 31, 2026
CVE-2026-10288 | code-projects Hotel and Tourism Reservation System 1.0 Admin Login /admin/login.php password_verify Password improper authentication

A vulnerability labeled as critical has been found in code-projects Hotel and Tourism Reservation System 1.0 . This issue affects the function password_verify of the file /admin/login.php of the compo…

VulDB Read →
⬡ Vulnerabilities & CVEs May 31, 2026
CVE-2026-10289 | code-projects Hotel and Tourism Reservation System 1.0 /ht/tour.php name /email /people /number cross site scripting

A vulnerability marked as problematic has been reported in code-projects Hotel and Tourism Reservation System 1.0 . Impacted is an unknown function of the file /ht/tour.php . Performing a manipulation…

VulDB Read →
⬡ Vulnerabilities & CVEs May 31, 2026
CVE-2026-10290 | code-projects Hotel and Tourism Reservation System 1.0 GET Parameter tour.php tour sql injection

A vulnerability described as critical has been identified in code-projects Hotel and Tourism Reservation System 1.0 . The affected element is an unknown function of the file tour.php of the component …

VulDB Read →
⬡ Vulnerabilities & CVEs May 31, 2026
CVE-2026-10291 | Enderfga claw-orchestrator up to 3.7.0 Session Grep Endpoint embedded-server.ts validateRegex body.pattern redos (Issue 64)

A vulnerability classified as problematic has been found in Enderfga claw-orchestrator up to 3.7.0 . The impacted element is the function validateRegex of the file claw-orchestrator/src/embedded-serve…

VulDB Read →
⬡ Vulnerabilities & CVEs May 31, 2026
CVE-2026-10292 | UTT HiPER 1200GW up to 2.5.3-170306 /goform/formTaskEdit strcpy stack-based overflow

A vulnerability classified as critical was found in UTT HiPER 1200GW up to 2.5.3-170306 . This affects the function strcpy of the file /goform/formTaskEdit . The manipulation results in stack-based bu…

VulDB Read →
⬡ Vulnerabilities & CVEs May 31, 2026
CVE-2026-10293 | UTT HiPER 1200GW up to 2.5.3-170306 /goform/formFireWall strcpy Profile stack-based overflow

A vulnerability, which was classified as critical , has been found in UTT HiPER 1200GW up to 2.5.3-170306 . This impacts the function strcpy of the file /goform/formFireWall . This manipulation of the…

VulDB Read →
⬡ Vulnerabilities & CVEs May 31, 2026
CVE-2026-10294 | PackageKit up to 1.3.5 API src/pk-transaction.c g_file_test frontend-socket improper authorization (Issue 969)

A vulnerability, which was classified as problematic , was found in PackageKit up to 1.3.5 . Affected is the function g_file_test of the file src/pk-transaction.c of the component API . Such manipulat…

VulDB Read →
⬡ Vulnerabilities & CVEs May 31, 2026
CVE-2026-10295 | SourceCodester Customer Review App 1.0 review_app.py add_review/save_review/get_all_reviews name/comment denial of service

A vulnerability has been found in SourceCodester Customer Review App 1.0 and classified as problematic . Affected by this vulnerability is the function add_review/save_review/get_all_reviews of the fi…

VulDB Read →
⬡ Vulnerabilities & CVEs May 31, 2026
CVE-2026-10296 | itsourcecode Fees Management System 1.0 /ajax.php Username sql injection

A vulnerability was found in itsourcecode Fees Management System 1.0 and classified as critical . Affected by this issue is some unknown functionality of the file /ajax.php . Executing a manipulation …

VulDB Read →
⬡ Vulnerabilities & CVEs May 31, 2026
CVE-2026-10297 | itsourcecode Fees Management System 1.0 /manage_course.php ID sql injection

A vulnerability was found in itsourcecode Fees Management System 1.0 . It has been classified as critical . This affects an unknown part of the file /manage_course.php . The manipulation of the argume…

VulDB Read →
⬡ Vulnerabilities & CVEs May 31, 2026
CVE-2026-10298 | ggml-org whisper.cpp up to 1.8.2 ggml/src/ggml.c whisper_model_load null pointer dereference (Issue 3807)

A vulnerability was found in ggml-org whisper.cpp up to 1.8.2 . It has been declared as problematic . This vulnerability affects the function whisper_model_load of the file ggml/src/ggml.c . The manip…

VulDB Read →
← Prev 201 / 503 Next →