CyberIntel ⬡ News
★ Saved ◆ Cyber Reads

// Vulnerabilities & CVEs
Intel Feed

cyberintel.kalymoon.com  ·  10621 articles  ·  updated every 4 hours · grows forever

10621Total
4262Full Text
Jul 03, 2026Latest
◈ Women in Cyber ◉ Threat Intelligence ◎ How-To & Tutorials ⬡ Vulnerabilities & CVEs 🔍 Digital Forensics ◍ Incident Response & DFIR ◆ Security Tools & Reviews ◇ Industry News & Leadership ✉ Email Security 🛡 Active Threats ⚠ Critical CVEs ◐ Insider Threat & DLP ◌ Quantum Computing ◬ AI & Machine Learning
🔥 Trending Topics · Last 48h
⬡ Vulnerabilities & CVEs Jun 22, 2026
CVE-2026-56450 | ail project ail framework up to 6.8.0 excessive authentication

A vulnerability has been found in ail project ail framework up to 6.8.0 and classified as problematic . This vulnerability affects unknown code. The manipulation leads to improper restriction of exces…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 22, 2026
CVE-2026-56423 | MISP up to 2.5.41 deleteSelection relied User authorization

A vulnerability was found in MISP up to 2.5.41 and classified as critical . This issue affects the function EventReportsController::deleteSelection relied . The manipulation of the argument User resul…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 22, 2026
CVE-2026-56448 | ail project ail framework up to 6.8.0 Object path traversal

A vulnerability was found in ail project ail framework up to 6.8.0 . It has been classified as critical . Impacted is an unknown function of the component Object Handler . This manipulation causes pat…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 22, 2026
CVE-2026-5139 | Mattermost up to 11.7.x Slash Command authorization

A vulnerability was found in Mattermost up to 10.11.17/11.5.5/11.6.2/11.7.0/11.7.x . It has been declared as problematic . The affected element is an unknown function of the component Slash Command Ha…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 22, 2026
CVE-2026-6653 | GNOME libxml2 up to 2.10.x XML use after free

A vulnerability was found in GNOME libxml2 up to 2.10.x . It has been rated as critical . The impacted element is an unknown function of the component XML Handler . Performing a manipulation results i…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 22, 2026
CVE-2026-6673 | Mattermost up to 11.7.x missing authentication

A vulnerability categorized as critical has been discovered in Mattermost up to 10.11.17/11.5.5/11.6.2/11.7.0/11.7.x . This affects an unknown function. Executing a manipulation can lead to missing au…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 22, 2026
CVE-2026-8074 | Mattermost up to 10.11.17/11.7.0/11.7.x User Active Status Endpoint authorization

A vulnerability identified as problematic has been detected in Mattermost up to 10.11.17/11.7.0/11.7.x . This impacts an unknown function of the component User Active Status Endpoint . The manipulatio…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 22, 2026
CVE-2026-56424 | MISP up to 2.5.41 authorization

A vulnerability labeled as critical has been found in MISP up to 2.5.41 . Affected is an unknown function. The manipulation results in authorization bypass. This vulnerability is known as CVE-2026-564…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 22, 2026
CVE-2026-6062 | Mattermost up to 11.7.x Subscription Edit Endpoint authorization

A vulnerability marked as problematic has been reported in Mattermost up to 10.11.17/11.5.5/11.6.2/11.7.0/11.7.x . Affected by this vulnerability is an unknown functionality of the component Subscript…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 22, 2026
CVE-2026-7167 | Gaudire Assassin Game email access control

A vulnerability described as critical has been identified in Gaudire Assassin Game . Affected by this issue is some unknown functionality. Such manipulation of the argument email leads to improper acc…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 22, 2026
CVE-2026-9162 | Mattermost up to 11.7.x Websocket Connection session expiration

A vulnerability classified as problematic has been found in Mattermost up to 10.11.17/11.5.5/11.6.2/11.7.0/11.7.x . This affects an unknown part of the component Websocket Connection Handler . Perform…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 22, 2026
CVE-2026-56447 | MISP up to 2.5.41 INI File Kafka_rdkafka_config inclusion of functionality from untrusted control sphere

A vulnerability classified as problematic was found in MISP up to 2.5.41 . This vulnerability affects unknown code of the component INI File Handler . Executing a manipulation of the argument Kafka_rd…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 22, 2026
CVE-2026-7166 | Gaudire Assassin Game Phone Number information disclosure

A vulnerability, which was classified as problematic , has been found in Gaudire Assassin Game . This issue affects some unknown processing of the component Phone Number Handler . The manipulation lea…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 22, 2026
CVE-2026-7165 | Gaudire Assassin Game input validation

A vulnerability, which was classified as critical , was found in Gaudire Assassin Game . Impacted is an unknown function. The manipulation results in improper input validation. This vulnerability is i…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 22, 2026
CVE-2026-9029 | Grafana OSS 12.4.0 Template String sanitizeTextPanelContent cross site scripting

A vulnerability has been found in Grafana OSS 12.4.0 and classified as problematic . The affected element is the function sanitizeTextPanelContent of the component Template String Handler . This manip…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 22, 2026
CVE-2026-12581 | Digiwin EasyFlow .NET up to 8.1.4 session fixiation

A vulnerability was found in Digiwin EasyFlow .NET up to 8.1.4 . It has been rated as critical . Affected by this issue is some unknown functionality. The manipulation leads to session fixiation. This…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 22, 2026
CVE-2025-4994 | SafeLine SL6/SL6+ up to 4.96 Device Configuration authentication bypass

A vulnerability categorized as critical has been discovered in SafeLine SL6 and SL6+ up to 4.96 . This affects an unknown part of the component Device Configuration Handler . The manipulation results …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 22, 2026
CVE-2025-66336 | Apache Doris MCP Server up to 0.6.0 sql injection

A vulnerability identified as critical has been detected in Apache Doris MCP Server up to 0.6.0 . This vulnerability affects unknown code. This manipulation causes sql injection. This vulnerability is…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 22, 2026
CVE-2026-12862 | pretix Venueless input leader (0a35457f)

A vulnerability labeled as problematic has been found in pretix Venueless . This issue affects some unknown processing. Such manipulation leads to improper neutralization of input leaders. This vulner…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 22, 2026
CVE-2023-45796 | Pilz PMI v8xx/PASvisu Runtime cross site scripting (VDE-2023-050)

A vulnerability marked as problematic has been reported in Pilz PMI v8xx and PASvisu . Impacted is an unknown function of the component Runtime . Performing a manipulation results in cross site script…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 22, 2026
CVE-2026-12580 | Digiwin EasyFlow .NET up to 8.1.4 cross site scripting

A vulnerability described as problematic has been identified in Digiwin EasyFlow .NET up to 8.1.4 . The affected element is an unknown function. Executing a manipulation can lead to cross site scripti…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 22, 2026
CVE-2026-12863 | pretix Venueless Social Login redirect (d27864a7)

A vulnerability classified as problematic has been found in pretix Venueless . The impacted element is an unknown function of the component Social Login Handler . The manipulation leads to open redire…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 22, 2026
CVE-2023-45795 | Pilz PMI v8xx/PASvisu prior 1.14.1 Builder cross site scripting (VDE-2023-050)

A vulnerability classified as problematic was found in Pilz PMI v8xx and PASvisu . This affects an unknown function of the component Builder . The manipulation results in cross site scripting. This vu…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 22, 2026
Hackers Exploit Gravity SMTP WordPress Plugin Bug to Expose API Keys - The Hacker News

Hackers Exploit Gravity SMTP WordPress Plugin Bug to Expose API Keys The Hacker News

The Hacker News Read →
← Prev 52 / 443 Next →