CyberIntel ⬡ News
★ Saved ◆ Cyber Reads

// Vulnerabilities & CVEs
Intel Feed

cyberintel.kalymoon.com  ·  12103 articles  ·  updated every 4 hours · grows forever

12103Total
4302Full Text
Jul 15, 2026Latest
◈ Women in Cyber ◉ Threat Intelligence ◎ How-To & Tutorials ⬡ Vulnerabilities & CVEs 🔍 Digital Forensics ◍ Incident Response & DFIR ◆ Security Tools & Reviews ◇ Industry News & Leadership ✉ Email Security 🛡 Active Threats ⚠ Critical CVEs ◐ Insider Threat & DLP ◌ Quantum Computing ◬ AI & Machine Learning
🔥 Trending Topics · Last 48h
⬡ Vulnerabilities & CVEs May 31, 2026
CVE-2026-10252 | itsourcecode Online House Rental System 1.0 /manage_tenant.php ID sql injection

A vulnerability, which was classified as critical , has been found in itsourcecode Online House Rental System 1.0 . This affects an unknown function of the file /manage_tenant.php . The manipulation o…

VulDB Read →
⬡ Vulnerabilities & CVEs May 31, 2026
CVE-2026-10253 | itsourcecode Online House Rental System 1.0 /manage_payment.php ID sql injection

A vulnerability, which was classified as critical , was found in itsourcecode Online House Rental System 1.0 . This impacts an unknown function of the file /manage_payment.php . The manipulation of th…

VulDB Read →
⬡ Vulnerabilities & CVEs May 31, 2026
CVE-2026-8382 | wpengine Advanced Custom Fields Plugin up to 6.8.1 on WordPress Form Submission post_title authorization (EUVD-2026-33483)

A vulnerability has been found in wpengine Advanced Custom Fields Plugin up to 6.8.1 on WordPress and classified as critical . This impacts an unknown function of the component Form Submission Handler…

VulDB Read →
⬡ Vulnerabilities & CVEs May 31, 2026
CVE-2026-10197 | Assimp up to 6.0.4 TF File glTF2Importer.cpp ImportEmbeddedTextures null pointer dereference (Issue 6608)

A vulnerability was found in Assimp up to 6.0.4 and classified as problematic . Affected is the function glTF2Importer::ImportEmbeddedTextures in the library code/AssetLib/glTF2/glTF2Importer.cpp of t…

VulDB Read →
⬡ Vulnerabilities & CVEs May 31, 2026
CVE-2026-10198 | Assimp up to 6.0.4 glTFImporter glTFImporter.cpp ImportMeshes null pointer dereference (Issue 6609)

A vulnerability was found in Assimp up to 6.0.4 . It has been classified as problematic . Affected by this vulnerability is the function Assimp::glTFImporter::ImportMeshes of the file glTFImporter.cpp…

VulDB Read →
⬡ Vulnerabilities & CVEs May 31, 2026
CVE-2026-10199 | Assimp up to 6.0.4 glTF2Asset.h glTF2::LazyDict operator[] null pointer dereference (Issue 6611)

A vulnerability was found in Assimp up to 6.0.4 . It has been declared as problematic . Affected by this issue is the function glTF2::LazyDict in the library glTF2Asset.h . Such manipulation of the ar…

VulDB Read →
⬡ Vulnerabilities & CVEs May 31, 2026
CVE-2026-10200 | Assimp up to 6.0.4 4x4 Matrix Parser glTFCommon.h glTFCommon::CopyValue heap-based overflow (Issue 6612)

A vulnerability was found in Assimp up to 6.0.4 . It has been rated as critical . This affects the function glTFCommon::CopyValue in the library glTFCommon.h of the component 4x4 Matrix Parser . Perfo…

VulDB Read →
⬡ Vulnerabilities & CVEs May 31, 2026
CVE-2026-10201 | Assimp up to 6.0.4 UV Channel FBXExporter.cpp WriteObjects divide by zero (Issue 6613)

A vulnerability categorized as problematic has been discovered in Assimp up to 6.0.4 . This vulnerability affects the function FBXExporter::WriteObjects of the file FBXExporter.cpp of the component UV…

VulDB Read →
⬡ Vulnerabilities & CVEs May 31, 2026
CVE-2026-10202 | OFCMS 1.1.3 JSON Query Interface SystemDictController.java query sql injection (IJLIBT)

A vulnerability identified as critical has been detected in OFCMS 1.1.3 . This issue affects the function Query of the file \ofcms-admin\src\main\java\com\ofsoft\cms\admin\controller\system\SystemDict…

VulDB Read →
⬡ Vulnerabilities & CVEs May 31, 2026
CVE-2026-10203 | OFCMS 1.1.3 JSON Query Interface SystemParamController.java query sql injection (IJLIYP)

A vulnerability labeled as critical has been found in OFCMS 1.1.3 . Impacted is the function Query of the file \ofcms-admin\src\main\java\com\ofsoft\cms\admin\controller\system\SystemParamController.j…

VulDB Read →
⬡ Vulnerabilities & CVEs May 31, 2026
CVE-2026-10204 | OFCMS 1.1.3 JSON Query Interface SysUserController.java query sql injection (IJLL09)

A vulnerability marked as critical has been reported in OFCMS 1.1.3 . The affected element is the function Query of the file \ofcms-admin\src\main\java\com\ofsoft\cms\admin\controller\system\SysUserCo…

VulDB Read →
⬡ Vulnerabilities & CVEs May 31, 2026
CVE-2026-10205 | Metasoft 美特软件 MetaCRM 6.4.0 upload.jsp unrestricted upload

A vulnerability described as critical has been identified in Metasoft 美特软件 MetaCRM 6.4.0 . The impacted element is an unknown function of the file develop/systparam/softlogo/upload.jsp . Such manipula…

VulDB Read →
⬡ Vulnerabilities & CVEs May 31, 2026
CVE-2026-10206 | D-Link DI-8400 up to 16.07.26A1 /dbsrv.asp str stack-based overflow

A vulnerability classified as critical has been found in D-Link DI-8400 up to 16.07.26A1 . This affects an unknown function of the file /dbsrv.asp . Performing a manipulation of the argument str resul…

VulDB Read →
⬡ Vulnerabilities & CVEs May 31, 2026
CVE-2026-10208 | code-projects Online Hospital Management System 1.php login_1.php login_user Username sql injection

A vulnerability classified as critical was found in code-projects Online Hospital Management System 1.php . This impacts the function login_user of the file login_1.php . Executing a manipulation of t…

VulDB Read →
⬡ Vulnerabilities & CVEs May 31, 2026
CVE-2026-10209 | code-projects Online Hospital Management System 1.0 Appointment appointmentdetail.php editid sql injection

A vulnerability, which was classified as critical , has been found in code-projects Online Hospital Management System 1.0 . Affected is an unknown function of the file appointmentdetail.php of the com…

VulDB Read →
⬡ Vulnerabilities & CVEs May 31, 2026
CVE-2026-10210 | AstrBotDevs AstrBot 4.23.6 skill_manager.py _sanitize_prompt_description injection

A vulnerability, which was classified as critical , was found in AstrBotDevs AstrBot 4.23.6 . Affected by this vulnerability is the function _sanitize_prompt_description of the file astrbot/core/skill…

VulDB Read →
⬡ Vulnerabilities & CVEs May 31, 2026
CVE-2026-10211 | AstrBotDevs AstrBot 4.23.6 fs.py _normalize_rw_path authorization

A vulnerability has been found in AstrBotDevs AstrBot 4.23.6 and classified as critical . Affected by this issue is the function _normalize_rw_path of the file astrbot/core/tools/computer_tools/fs.py …

VulDB Read →
⬡ Vulnerabilities & CVEs May 31, 2026
CVE-2026-10212 | AstrBotDevs AstrBot 4.24.2 astr_main_agent.py astr_main_agent session_id authorization

A vulnerability was found in AstrBotDevs AstrBot 4.24.2 and classified as critical . This affects the function astr_main_agent of the file astrbot/core/astr_main_agent.py . Such manipulation of the ar…

VulDB Read →
⬡ Vulnerabilities & CVEs May 31, 2026
CVE-2026-10213 | AstrBotDevs AstrBot 4.23.6 API Endpoint /api/skills/delete Name path traversal

A vulnerability was found in AstrBotDevs AstrBot 4.23.6 . It has been classified as critical . This vulnerability affects unknown code of the file /api/skills/delete of the component API Endpoint . Pe…

VulDB Read →
⬡ Vulnerabilities & CVEs May 31, 2026
CVE-2026-10214 | zhayujie chatgpt-on-wechat up to 2.0.8 Bash Tool agent/tools/bash/bash.py _get_safety_warning os command injection (Issue 2803)

A vulnerability was found in zhayujie chatgpt-on-wechat up to 2.0.8 . It has been declared as critical . This issue affects the function _get_safety_warning of the file agent/tools/bash/bash.py of the…

VulDB Read →
⬡ Vulnerabilities & CVEs May 31, 2026
CVE-2026-10215 | Dolibarr ERP CRM up to 23.0.1 Leave Request REST API api_holidays.class.php checkUserAccessToObject improper authorization (Issue 37752)

A vulnerability was found in Dolibarr ERP CRM up to 23.0.1 . It has been rated as critical . Impacted is the function checkUserAccessToObject of the file htdocs/holiday/class/api_holidays.class.php of…

VulDB Read →
⬡ Vulnerabilities & CVEs May 31, 2026
CVE-2026-10216 | unitedbyai droidclaw up to 0.5.3 claim Endpoint pairing.ts excessive authentication (Issue 14)

A vulnerability categorized as problematic has been discovered in unitedbyai droidclaw up to 0.5.3 . The affected element is an unknown function of the file server/src/routes/pairing.ts of the compone…

VulDB Read →
⬡ Vulnerabilities & CVEs May 31, 2026
CVE-2026-10217 | nextlevelbuilder GoClaw up to 3.11.3 RoleAdmin Gateway tts_config.go handleSave privileges management (Issue 1118)

A vulnerability identified as critical has been detected in nextlevelbuilder GoClaw up to 3.11.3 . The impacted element is the function handleSave of the file internal/http/tts_config.go of the compon…

VulDB Read →
⬡ Vulnerabilities & CVEs May 31, 2026
CVE-2026-10218 | nextlevelbuilder GoClaw up to 3.11.3 evolution_handlers.go auth improper authorization (Issue 1120)

A vulnerability labeled as critical has been found in nextlevelbuilder GoClaw up to 3.11.3 . This affects the function auth of the file internal/http/evolution_handlers.go . Such manipulation leads to…

VulDB Read →
← Prev 206 / 505 Next →