CyberIntel ⬡ News
★ Saved ◆ Cyber Reads

// Vulnerabilities & CVEs
Intel Feed

cyberintel.kalymoon.com  ·  10468 articles  ·  updated every 4 hours · grows forever

10468Total
4240Full Text
Jul 02, 2026Latest
◈ Women in Cyber ◉ Threat Intelligence ◎ How-To & Tutorials ⬡ Vulnerabilities & CVEs 🔍 Digital Forensics ◍ Incident Response & DFIR ◆ Security Tools & Reviews ◇ Industry News & Leadership ✉ Email Security 🛡 Active Threats ⚠ Critical CVEs ◐ Insider Threat & DLP ◌ Quantum Computing ◬ AI & Machine Learning
🔥 Trending Topics · Last 48h
⬡ Vulnerabilities & CVEs Jun 25, 2026
CVE-2026-9785 | Quest NetVault Backup 14.0.0.19 sql injection (ZDI-26-374)

A vulnerability categorized as critical has been discovered in Quest NetVault Backup 14.0.0.19 . The impacted element is an unknown function. Such manipulation leads to sql injection. This vulnerabili…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 25, 2026
CVE-2026-9786 | Quest NetVault Backup 14.0.0.19 sql injection (ZDI-26-375)

A vulnerability identified as critical has been detected in Quest NetVault Backup 14.0.0.19 . This affects an unknown function. Performing a manipulation results in sql injection. This vulnerability i…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 25, 2026
CVE-2026-9787 | Quest NetVault Backup 14.0.0.19 os command injection (ZDI-26-376)

A vulnerability labeled as critical has been found in Quest NetVault Backup 14.0.0.19 . This impacts an unknown function. Executing a manipulation can lead to os command injection. This vulnerability …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 25, 2026
CVE-2026-10043 | MosaicML Composer 0.32.1 deserialization (ZDI-26-384)

A vulnerability marked as problematic has been reported in MosaicML Composer 0.32.1 . Affected is an unknown function. The manipulation leads to deserialization. This vulnerability is traded as CVE-20…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 25, 2026
CVE-2026-27708 | FOSSBilling up to 0.7.x Servicecustom Client API order_id access control (GHSA-p36w-9x66-488j)

A vulnerability described as critical has been identified in FOSSBilling up to 0.7.x . Affected by this vulnerability is an unknown functionality of the component Servicecustom Client API . The manipu…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 24, 2026
CVE-2026-13023 | Google Chrome up to 149.0.7827.155 GPU uninitialized variable (ID 517080)

A vulnerability labeled as problematic has been found in Google Chrome . This affects an unknown function of the component GPU . Such manipulation leads to use of uninitialized variable. This vulnerab…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 24, 2026
CVE-2026-13027 | Google Chrome up to 149.0.7827.155 Fileystem use after free (ID 520543)

A vulnerability marked as critical has been reported in Google Chrome . This impacts an unknown function of the component Fileystem . Performing a manipulation results in use after free. This vulnerab…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 24, 2026
CVE-2026-13026 | Google Chrome up to 149.0.7827.155 on macOS Digital Credentials use after free (ID 519728)

A vulnerability described as critical has been identified in Google Chrome on macOS. Affected is an unknown function of the component Digital Credentials . Executing a manipulation can lead to use aft…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 24, 2026
CVE-2026-13029 | Google Chrome up to 149.0.7827.155 Web Authentication use after free (ID 521495)

A vulnerability classified as critical has been found in Google Chrome . Affected by this vulnerability is an unknown functionality of the component Web Authentication . The manipulation leads to use …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 24, 2026
CVE-2026-13022 | Google Chrome up to 149.0.7827.155 Autofill cross-domain policy (ID 516734)

A vulnerability classified as problematic was found in Google Chrome . Affected by this issue is some unknown functionality of the component Autofill . The manipulation results in permissive cross-dom…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 24, 2026
CVE-2026-53943 | TryGhost up to 6.36.x Configuration cache containing sensitive information (GHSA-62q6-4hv4-vjrw)

A vulnerability, which was classified as critical , has been found in TryGhost Ghost up to 6.36.x . This affects an unknown part of the component Configuration Handler . This manipulation causes use o…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 24, 2026
CVE-2026-55611 | Mintplex-Labs anything-llm up to 1.14.0 /api/workspace authorization (GHSA-r872-gr59-vf5w)

A vulnerability, which was classified as problematic , was found in Mintplex-Labs anything-llm up to 1.14.0 . This vulnerability affects unknown code of the file /api/workspace . Such manipulation lea…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 24, 2026
CVE-2025-60471 | GPAC up to 26.1.x MP4Box filter_pid.c gf_filter_pid_reconfigure_task_discard use after free (Issue 3279)

A vulnerability has been found in GPAC up to 26.1.x and classified as critical . This issue affects the function gf_filter_pid_reconfigure_task_discard of the file /filter_core/filter_pid.c of the com…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 24, 2026
CVE-2026-53944 | TryGhost up to 6.21.0 incomplete blacklist (GHSA-wvp2-4qqp-4h3r)

A vulnerability was found in TryGhost Ghost up to 6.21.0 and classified as critical . Impacted is an unknown function. Executing a manipulation can lead to incomplete blacklist. This vulnerability is …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 24, 2026
CVE-2026-53946 | TryGhost up to 6.21.0 HTTP Request server-side request forgery (GHSA-g366-23fw-ggp6)

A vulnerability was found in TryGhost Ghost up to 6.21.0 . It has been classified as critical . The affected element is an unknown function of the component HTTP Request Handler . The manipulation lea…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 24, 2026
CVE-2026-49980 | Rclone up to 1.74.2 Configuration Remote missing authentication (GHSA-qw24-gh76-8rvv)

A vulnerability was found in Rclone up to 1.74.2 . It has been declared as critical . The impacted element is an unknown function of the component Configuration Handler . The manipulation of the argum…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 24, 2026
CVE-2026-48704 | warpdotdev warp up to 0.2023.10.24.08.03/0.2026.05.06.15.42 Markdown input validation (GHSA-589x-4mxh-jcrf)

A vulnerability was found in warpdotdev warp up to 0.2023.10.24.08.03/0.2026.05.06.15.42 . It has been rated as critical . This affects an unknown function of the component Markdown Handler . This man…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 24, 2026
CVE-2026-48720 | warpdotdev warp 0.2026.05.06.15.42 input validation (GHSA-5h96-jrrq-6hxq)

A vulnerability categorized as critical has been discovered in warpdotdev warp 0.2026.05.06.15.42 . This impacts an unknown function. Such manipulation leads to improper input validation. This vulnera…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 24, 2026
CVE-2026-48731 | warpdotdev warp up to 0.2024.02.20.08.01/0.2026.05.06.15.42 os command injection (GHSA-7xgc-mhc8-g7wc)

A vulnerability identified as critical has been detected in warpdotdev warp up to 0.2024.02.20.08.01/0.2026.05.06.15.42 . Affected is an unknown function. Performing a manipulation results in os comma…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 24, 2026
CVE-2026-53948 | TryGhost up to 6.21.0 API File Upload Endpoint unrestricted upload (GHSA-944x-pm95-3jpr)

A vulnerability labeled as critical has been found in TryGhost Ghost up to 6.21.0 . Affected by this vulnerability is an unknown functionality of the component API File Upload Endpoint . Executing a m…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 24, 2026
CVE-2026-53950 | TryGhost up to 3.0.x cross site scripting

A vulnerability marked as problematic has been reported in TryGhost Ghost up to 3.0.x . Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. This vulne…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 24, 2026
CVE-2026-48725 | warpdotdev warp up to up to 0.2024.03.12.08.02 default permission (GHSA-wgqj-4c26-7c4g)

A vulnerability described as critical has been identified in warpdotdev warp . This affects an unknown part. The manipulation results in incorrect default permissions. This vulnerability was named CVE…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 24, 2026
CVE-2026-49220 | Jellyfin up to 10.11.8 Access Tab cross site scripting (GHSA-fv79-gmhx-xh2v)

A vulnerability classified as problematic has been found in Jellyfin up to 10.11.8 . This vulnerability affects unknown code of the component Access Tab . This manipulation causes cross site scripting…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 24, 2026
CVE-2026-44020 | docling-project docling up to 2.73.x USPTO Patent XML Parser xml.sax.parseString xml entity expansion (GHSA-m88r-rg27-5xfg)

A vulnerability classified as problematic was found in docling-project docling up to 2.73.x . This issue affects the function xml.sax.parseString of the component USPTO Patent XML Parser . Such manipu…

VulDB Read →
← Prev 35 / 437 Next →