CyberIntel ⬡ News
★ Saved ◆ Cyber Reads

// Vulnerabilities & CVEs
Intel Feed

cyberintel.kalymoon.com  ·  10714 articles  ·  updated every 4 hours · grows forever

10714Total
4265Full Text
Jul 04, 2026Latest
◈ Women in Cyber ◉ Threat Intelligence ◎ How-To & Tutorials ⬡ Vulnerabilities & CVEs 🔍 Digital Forensics ◍ Incident Response & DFIR ◆ Security Tools & Reviews ◇ Industry News & Leadership ✉ Email Security 🛡 Active Threats ⚠ Critical CVEs ◐ Insider Threat & DLP ◌ Quantum Computing ◬ AI & Machine Learning
🔥 Trending Topics · Last 48h
⬡ Vulnerabilities & CVEs Jun 20, 2026
CVE-2026-49339 | sentriz gonic up to 0.20.x ID path traversal (GHSA-2fp4-5v5c-4448)

A vulnerability, which was classified as critical , was found in sentriz gonic up to 0.20.x . Affected by this issue is some unknown functionality. Executing a manipulation of the argument ID can lead…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 20, 2026
CVE-2026-49293 | sunnyadn js-toml up to 1.1.0 TOML Parser load resource consumption (GHSA-wp3c-266w-4qfq)

A vulnerability has been found in sunnyadn js-toml up to 1.1.0 and classified as problematic . This affects the function Load of the component TOML Parser . The manipulation leads to resource consumpt…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 20, 2026
CVE-2026-49338 | sentriz gonic up to 0.20.x Subsonic API deletePlaylist.view improper authorization (GHSA-hmgp-w9jm-vp95)

A vulnerability was found in sentriz gonic up to 0.20.x and classified as critical . This vulnerability affects unknown code of the file /rest/deletePlaylist.view of the component Subsonic API . The m…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 20, 2026
CVE-2026-12726 | Red Hat Ansible Automation Platform 2 Trusted GitHub API Endpoint pull_request.statuses_url server-side request forgery

A vulnerability was found in Red Hat Ansible Automation Platform 2 . It has been classified as critical . This issue affects some unknown processing of the component Trusted GitHub API Endpoint . This…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 20, 2026
CVE-2026-49291 | doobidoo mcp-memory-service up to 10.65.2 HTTP MCP JSON-RPC Endpoint authorization (GHSA-2r68-g678-7qr3)

A vulnerability was found in doobidoo mcp-memory-service up to 10.65.2 . It has been declared as problematic . Impacted is an unknown function of the component HTTP MCP JSON-RPC Endpoint . Such manipu…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 20, 2026
CVE-2023-54357 | com_booking 2.4.9 on Joomla index.php getUserData ID information exposure (Exploit 51595 / EDB-51595)

A vulnerability was found in com_booking 2.4.9 on Joomla. It has been rated as problematic . The affected element is the function getUserData of the file index.php . Performing a manipulation of the a…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 20, 2026
CVE-2026-49288 | Statamic CMS up to 5.73.22/6.19.x Custom Fields information disclosure (GHSA-2497-6pwj-pwg7)

A vulnerability categorized as problematic has been discovered in Statamic CMS up to 5.73.22/6.19.x . The impacted element is an unknown function of the component Custom Fields Handler . Executing a m…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 20, 2026
CVE-2026-27878 | Grafana Enterprise Traces/Tempo prior 2.8.8 denial of service

A vulnerability identified as problematic has been detected in Grafana Enterprise Traces and Tempo . This affects an unknown function. The manipulation leads to denial of service. This vulnerability i…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 20, 2026
CVE-2026-49340 | sentriz gonic up to 0.20.x path traversal (GHSA-4gxv-p5g5-j7w7)

A vulnerability labeled as critical has been found in sentriz gonic up to 0.20.x . This impacts an unknown function. The manipulation results in path traversal. This vulnerability is known as CVE-2026…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 20, 2026
CVE-2026-48774 | sysown proxysql up to 3.0.8 /mcp/query incomplete blacklist (GHSA-7wh6-2vcc-gcm4 / EUVD-2026-38075)

A vulnerability marked as critical has been reported in sysown proxysql up to 3.0.8 . Affected is an unknown function of the file /mcp/query . This manipulation causes incomplete blacklist. This vulne…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 20, 2026
CVE-2026-48772 | sysown proxysql up to 3.0.8 PROXY Protocol client_addr less trusted source (GHSA-gw94-85m2-x8v2 / EUVD-2026-38074)

A vulnerability described as critical has been identified in sysown proxysql up to 3.0.8 . Affected by this vulnerability is an unknown functionality of the component PROXY Protocol . Such manipulatio…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 20, 2026
CVE-2026-49342 | lsegal yard up to 0.9.43 yard-cache-secret.html path traversal (GHSA-pxcc-8665-phx8)

A vulnerability classified as critical has been found in lsegal yard up to 0.9.43 . Affected by this issue is some unknown functionality of the file yard-cache-secret.html . Performing a manipulation …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 20, 2026
CVE-2026-48773 | sysown proxysql up to 3.0.8 recv out-of-bounds write (GHSA-58ww-865x-grpr / EUVD-2026-38073)

A vulnerability classified as critical was found in sysown proxysql up to 3.0.8 . This affects the function recv . Executing a manipulation can lead to out-of-bounds write. The identification of this …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 20, 2026
CVE-2026-48787 | flipped-aurora gin-vue-admin 2.9.1 /autoCode/addFunc identifier-related os command injection (GHSA-22cv-9jv2-6m62 / EUVD-2026-38077)

A vulnerability, which was classified as critical , has been found in flipped-aurora gin-vue-admin 2.9.1 . This vulnerability affects unknown code of the file /autoCode/addFunc . The manipulation of t…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 20, 2026
CVE-2026-48089 | l3montree-dev devguard up to 1.4.1 DevGuard API vex.json improper authorization (GHSA-6p54-fw2f-q7gf / EUVD-2026-38076)

A vulnerability, which was classified as critical , was found in l3montree-dev devguard up to 1.4.1 . This issue affects some unknown processing of the file vex.json of the component DevGuard API . Th…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 20, 2026
CVE-2026-48715 | radvd-project radvdump up to 2.20 Route Information Option Parser print_ff stack-based overflow (GHSA-52px-gh9p-m379)

A vulnerability has been found in radvd-project radvdump up to 2.20 and classified as critical . Impacted is the function print_ff of the component Route Information Option Parser . This manipulation …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 20, 2026
CVE-2026-48129 | kestra-io kestra up to 1.0.42/1.1.18/1.2.18/1.3.18 path traversal (GHSA-q3fw-mvgv-pjr2 / EUVD-2026-38081)

A vulnerability was found in kestra-io kestra up to 1.0.42/1.1.18/1.2.18/1.3.18 and classified as critical . The affected element is an unknown function. Such manipulation leads to path traversal. Thi…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 20, 2026
CVE-2026-49344 | sourcentis mercator up to 2025.05.18 /admin/queries/execute QueryController::execute hidden private personal information (GHSA-q3r8-3h7c-96w3)

A vulnerability was found in sourcentis mercator up to 2025.05.18 . It has been classified as problematic . The impacted element is the function QueryController::execute of the file /admin/queries/exe…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 20, 2026
CVE-2026-49345 | sourcentis mercator up to 2025.05.18 /admin/config/parameters testProvider server-side request forgery (GHSA-6q97-4q5r-96j6)

A vulnerability was found in sourcentis mercator up to 2025.05.18 . It has been declared as critical . This affects the function testProvider of the file /admin/config/parameters . Executing a manipul…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 20, 2026
CVE-2026-49295 | strukturag libde265 up to 1.0.19 libde265/decctx.cc process_reference_picture_set out-of-bounds write (GHSA-g2rg-wj66-w594 / EUVD-2026-38079)

A vulnerability was found in strukturag libde265 up to 1.0.19 . It has been rated as critical . This impacts the function decoder_context::process_reference_picture_set of the file libde265/decctx.cc …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 20, 2026
CVE-2026-47203 | authelia up to 4.39.19 case sensitivity (GHSA-hjj4-hfjm-fmrj)

A vulnerability categorized as problematic has been discovered in authelia up to 4.39.19 . Affected is an unknown function. The manipulation results in improper handling of case sensitivity. This vuln…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 20, 2026
CVE-2026-48794 | Authelia up to 4.39.19 Relevant Authorization Endpoint case sensitivity (GHSA-j748-h363-wqj8 / EUVD-2026-38083)

A vulnerability identified as problematic has been detected in Authelia up to 4.39.19 . Affected by this vulnerability is an unknown functionality of the component Relevant Authorization Endpoint . Th…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 20, 2026
CVE-2026-49337 | strukturag libde265 up to 1.0.19 Sequence libde265/decctx.cc read_slice_NAL allocation of resources (GHSA-g5hj-rf9f-7vxm / EUVD-2026-38078)

A vulnerability labeled as problematic has been found in strukturag libde265 up to 1.0.19 . Affected by this issue is the function decoder_context::read_slice_NAL of the file libde265/decctx.cc of the…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 20, 2026
CVE-2026-49346 | strukturag libde265 up to 1.0.x libde265/image.cc de265_image_get_buffer small integer overflow (GHSA-vv8h-932h-7r86 / EUVD-2026-38080)

A vulnerability marked as problematic has been reported in strukturag libde265 up to 1.0.x . This affects the function de265_image_get_buffer of the file libde265/image.cc . Performing a manipulation …

VulDB Read →
← Prev 63 / 447 Next →