CyberIntel ⬡ News
★ Saved ◆ Cyber Reads

// Vulnerabilities & CVEs
Intel Feed

cyberintel.kalymoon.com  ·  10467 articles  ·  updated every 4 hours · grows forever

10467Total
4239Full Text
Jul 02, 2026Latest
◈ Women in Cyber ◉ Threat Intelligence ◎ How-To & Tutorials ⬡ Vulnerabilities & CVEs 🔍 Digital Forensics ◍ Incident Response & DFIR ◆ Security Tools & Reviews ◇ Industry News & Leadership ✉ Email Security 🛡 Active Threats ⚠ Critical CVEs ◐ Insider Threat & DLP ◌ Quantum Computing ◬ AI & Machine Learning
🔥 Trending Topics · Last 48h
⬡ Vulnerabilities & CVEs Jun 25, 2026
CVE-2026-39948 | Cacti up to 1.2.30 Request Parameter lib/html_graph.php grv sql injection (GHSA-9jqv-4cpm-vm2c)

A vulnerability classified as critical has been found in Cacti up to 1.2.30 . The affected element is the function grv in the library lib/html_graph.php of the component Request Parameter Handler . Pe…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 25, 2026
CVE-2026-39955 | Cacti up to 1.2.30 graph_view.php sql injection (GHSA-gp82-qhrg-crv7)

A vulnerability classified as critical was found in Cacti up to 1.2.30 . The impacted element is an unknown function of the file graph_view.php . Executing a manipulation can lead to sql injection. Th…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 25, 2026
CVE-2026-39899 | Cacti up to 1.2.30 package_import.php filename path traversal (GHSA-pr9x-34w8-4mf7)

A vulnerability, which was classified as critical , has been found in Cacti up to 1.2.30 . This affects an unknown function of the file package_import.php . The manipulation of the argument filename l…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 25, 2026
CVE-2026-40079 | Cacti up to 1.2.30 lib/rrd.php escape_command os command injection (GHSA-xq98-376r-hv9j)

A vulnerability, which was classified as critical , was found in Cacti up to 1.2.30 . This impacts the function escape_command in the library lib/rrd.php . The manipulation of the argument command res…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 25, 2026
CVE-2026-47110 | ueberdosis tiptap-php up to 2.1.0 Database Entry Link::isAllowedUri attrs.href unexpected data type

A vulnerability has been found in ueberdosis tiptap-php up to 2.1.0 and classified as problematic . Affected is the function Link::isAllowedUri of the component Database Entry Handler . This manipulat…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 25, 2026
CVE-2026-53766 | ChromeDevTools chrome-devtools-mcp up to 1.0.x Symbolic Links McpContext.validatePath path traversal (GHSA-8qf9-62x2-82pp)

A vulnerability was found in ChromeDevTools chrome-devtools-mcp up to 1.0.x and classified as critical . Affected by this vulnerability is the function McpContext.validatePath of the component Symboli…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 25, 2026
CVE-2026-39894 | Cacti up to 1.2.30 rrdtool_function_update function with inconsistent implementations (ID 7011)

A vulnerability was found in Cacti up to 1.2.30 . It has been classified as problematic . Affected by this issue is the function rrdtool_function_update . Performing a manipulation results in use of f…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 25, 2026
CVE-2026-23879 | miurahr py7zr up to 1.1.2 link following (GHSA-q6rc-2cgv-63h7)

A vulnerability was found in miurahr py7zr up to 1.1.2 . It has been declared as critical . This affects an unknown part. Executing a manipulation can lead to link following. This vulnerability is reg…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 25, 2026
CVE-2026-1840 | Hubbell Aclara Metrum Cellular Web Interface prior 2.1.0.105 missing authentication (icsa-26-174-07)

A vulnerability was found in Hubbell Aclara Metrum Cellular Web Interface . It has been rated as critical . This vulnerability affects unknown code of the component Metrum Cellular Web Interface . The…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 25, 2026
CVE-2026-33235 | Significant-Gravitas AutoGPT up to 0.6.51 resource consumption (GHSA-ppw9-h7rv-gwq9)

A vulnerability categorized as problematic has been discovered in Significant-Gravitas AutoGPT up to 0.6.51 . This issue affects some unknown processing. The manipulation results in resource consumpti…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 25, 2026
CVE-2026-39900 | Cacti up to 1.2.30 auth_profile.php tab cross site scripting (GHSA-34rf-frc3-v48r)

A vulnerability identified as problematic has been detected in Cacti up to 1.2.30 . Impacted is an unknown function of the file auth_profile.php . This manipulation of the argument tab causes cross si…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 25, 2026
CVE-2026-47389 | Mastodon up to 4.5.9 TCP Connection incomplete blacklist (GHSA-xx55-4rrg-8xg6)

A vulnerability labeled as critical has been found in Mastodon up to 4.5.9 . The affected element is an unknown function of the component TCP Connection Handler . Such manipulation leads to incomplete…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 25, 2026
CVE-2025-64719 | Gogs up to 0.14.2 Web Interface wiki.go denial of service (GHSA-3qq3-668m-v9mj)

A vulnerability marked as problematic has been reported in Gogs up to 0.14.2 . The impacted element is an unknown function of the file internal/route/repo/wiki.go of the component Web Interface . Perf…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 25, 2026
CVE-2026-25119 | Gogs up to 0.14.2 authentication spoofing (GHSA-w6j9-vw59-27wv)

A vulnerability described as critical has been identified in Gogs up to 0.14.2 . This affects an unknown function. Executing a manipulation can lead to authentication bypass by spoofing. This vulnerab…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 25, 2026
CVE-2026-52795 | Gogs up to 0.14.3 Access checkWatch API repoCtx.ViewerCanRead authorization (GHSA-v8w7-f6gc-cqc2)

A vulnerability classified as problematic has been found in Gogs up to 0.14.3 . This impacts the function repoCtx.ViewerCanRead of the component Access checkWatch API . The manipulation leads to incor…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 25, 2026
CVE-2026-11998 | Google AngularJS 1.2.0-rc.3 Regular Expression angularjs.org incomplete filtering of special elements

A vulnerability classified as critical was found in Google AngularJS 1.2.0-rc.3 . Affected is an unknown function of the file angularjs.org of the component Regular Expression Handler . The manipulati…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 25, 2026
CVE-2026-13201 | Red Hat OpenShift Virtualization 4 File Descriptor /proc/self/fd/N OpenAtNoFollow symlink

A vulnerability, which was classified as critical , has been found in Red Hat OpenShift Virtualization 4 . Affected by this vulnerability is the function OpenAtNoFollow of the file /proc/self/fd/N of …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 25, 2026
CVE-2026-8665 | Rapid7 InsightConnect TR Plugin up to 2.0.2 on Linux os command injection

A vulnerability, which was classified as critical , was found in Rapid7 InsightConnect TR Plugin up to 2.0.2 on Linux. Affected by this issue is some unknown functionality. Such manipulation leads to …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 25, 2026
CVE-2026-7570 | Quest NetVault Backup 14.0.0.19 sql injection (ZDI-26-368)

A vulnerability has been found in Quest NetVault Backup 14.0.0.19 and classified as critical . This affects an unknown part. Performing a manipulation results in sql injection. This vulnerability is i…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 25, 2026
CVE-2026-9781 | Quest NetVault Backup 14.0.0.19 sql injection (ZDI-26-370)

A vulnerability was found in Quest NetVault Backup 14.0.0.19 and classified as critical . This vulnerability affects unknown code. Executing a manipulation can lead to sql injection. This vulnerabilit…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 25, 2026
CVE-2026-9782 | Quest NetVault Backup 14.0.0.19 sql injection (ZDI-26-371)

A vulnerability was found in Quest NetVault Backup 14.0.0.19 . It has been classified as critical . This issue affects some unknown processing. The manipulation leads to sql injection. This vulnerabil…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 25, 2026
CVE-2026-9783 | Quest NetVault Backup 14.0.0.19 sql injection (ZDI-26-372)

A vulnerability was found in Quest NetVault Backup 14.0.0.19 . It has been declared as critical . Impacted is an unknown function. The manipulation results in sql injection. This vulnerability is cata…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 25, 2026
CVE-2026-9784 | Quest NetVault Backup 14.0.0.19 sql injection (ZDI-26-373)

A vulnerability was found in Quest NetVault Backup 14.0.0.19 . It has been rated as critical . The affected element is an unknown function. This manipulation causes sql injection. This vulnerability i…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 25, 2026
CVE-2026-9785 | Quest NetVault Backup 14.0.0.19 sql injection (ZDI-26-374)

A vulnerability categorized as critical has been discovered in Quest NetVault Backup 14.0.0.19 . The impacted element is an unknown function. Such manipulation leads to sql injection. This vulnerabili…

VulDB Read →
← Prev 34 / 437 Next →