CyberIntel ⬡ News
★ Saved ◆ Cyber Reads

// Vulnerabilities & CVEs
Intel Feed

cyberintel.kalymoon.com  ·  10744 articles  ·  updated every 4 hours · grows forever

10744Total
4265Full Text
Jul 04, 2026Latest
◈ Women in Cyber ◉ Threat Intelligence ◎ How-To & Tutorials ⬡ Vulnerabilities & CVEs 🔍 Digital Forensics ◍ Incident Response & DFIR ◆ Security Tools & Reviews ◇ Industry News & Leadership ✉ Email Security 🛡 Active Threats ⚠ Critical CVEs ◐ Insider Threat & DLP ◌ Quantum Computing ◬ AI & Machine Learning
🔥 Trending Topics · Last 48h
⬡ Vulnerabilities & CVEs Jun 20, 2026
CISA Alerts on Microsoft Windows Shell Zero-Day Under Active Exploitation - cyberpress.org

CISA Alerts on Microsoft Windows Shell Zero-Day Under Active Exploitation cyberpress.org

cyberpress.org Read →
⬡ Vulnerabilities & CVEs Jun 20, 2026
CVE-2026-50656 RoguePlanet Zero-Day Hits Windows Defender - The Cyber Express

CVE-2026-50656 RoguePlanet Zero-Day Hits Windows Defender The Cyber Express

The Cyber Express Read →
⬡ Vulnerabilities & CVEs Jun 20, 2026
CVE-2026-56210 | libaom Network-facing Service out-of-bounds (ID 503975)

A vulnerability described as critical has been identified in libaom . This affects an unknown function of the component Network-facing Service . The manipulation results in out-of-bounds read. This vu…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 20, 2026
CVE-2026-12238 | wpgmaps WP Go Maps Plugin up to 10.1.01 on WordPress Database Table CRUD-backed phpClass authorization

A vulnerability classified as critical has been found in wpgmaps WP Go Maps Plugin up to 10.1.01 on WordPress. This impacts the function CRUD-backed of the component Database Table Handler . This mani…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 20, 2026
CVE-2026-49336 | microsoft kiota-typescript up to 1.0.0-prev Request Header case sensitivity (GHSA-396q-4vc8-28x9)

A vulnerability classified as problematic was found in microsoft kiota-typescript up to 1.0.0-prev . Affected is an unknown function of the component Request Header Handler . Such manipulation leads t…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 20, 2026
CVE-2026-9375 | urllib3 Brotli up to 2.6.x HTTP response.py read resource consumption

A vulnerability, which was classified as problematic , has been found in urllib3 Brotli up to 2.6.x . Affected by this vulnerability is the function read of the file response.py of the component HTTP …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 20, 2026
CVE-2026-49339 | sentriz gonic up to 0.20.x ID path traversal (GHSA-2fp4-5v5c-4448)

A vulnerability, which was classified as critical , was found in sentriz gonic up to 0.20.x . Affected by this issue is some unknown functionality. Executing a manipulation of the argument ID can lead…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 20, 2026
CVE-2026-49293 | sunnyadn js-toml up to 1.1.0 TOML Parser load resource consumption (GHSA-wp3c-266w-4qfq)

A vulnerability has been found in sunnyadn js-toml up to 1.1.0 and classified as problematic . This affects the function Load of the component TOML Parser . The manipulation leads to resource consumpt…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 20, 2026
CVE-2026-49338 | sentriz gonic up to 0.20.x Subsonic API deletePlaylist.view improper authorization (GHSA-hmgp-w9jm-vp95)

A vulnerability was found in sentriz gonic up to 0.20.x and classified as critical . This vulnerability affects unknown code of the file /rest/deletePlaylist.view of the component Subsonic API . The m…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 20, 2026
CVE-2026-12726 | Red Hat Ansible Automation Platform 2 Trusted GitHub API Endpoint pull_request.statuses_url server-side request forgery

A vulnerability was found in Red Hat Ansible Automation Platform 2 . It has been classified as critical . This issue affects some unknown processing of the component Trusted GitHub API Endpoint . This…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 20, 2026
CVE-2026-49291 | doobidoo mcp-memory-service up to 10.65.2 HTTP MCP JSON-RPC Endpoint authorization (GHSA-2r68-g678-7qr3)

A vulnerability was found in doobidoo mcp-memory-service up to 10.65.2 . It has been declared as problematic . Impacted is an unknown function of the component HTTP MCP JSON-RPC Endpoint . Such manipu…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 20, 2026
CVE-2023-54357 | com_booking 2.4.9 on Joomla index.php getUserData ID information exposure (Exploit 51595 / EDB-51595)

A vulnerability was found in com_booking 2.4.9 on Joomla. It has been rated as problematic . The affected element is the function getUserData of the file index.php . Performing a manipulation of the a…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 20, 2026
CVE-2026-49288 | Statamic CMS up to 5.73.22/6.19.x Custom Fields information disclosure (GHSA-2497-6pwj-pwg7)

A vulnerability categorized as problematic has been discovered in Statamic CMS up to 5.73.22/6.19.x . The impacted element is an unknown function of the component Custom Fields Handler . Executing a m…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 20, 2026
CVE-2026-27878 | Grafana Enterprise Traces/Tempo prior 2.8.8 denial of service

A vulnerability identified as problematic has been detected in Grafana Enterprise Traces and Tempo . This affects an unknown function. The manipulation leads to denial of service. This vulnerability i…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 20, 2026
CVE-2026-49340 | sentriz gonic up to 0.20.x path traversal (GHSA-4gxv-p5g5-j7w7)

A vulnerability labeled as critical has been found in sentriz gonic up to 0.20.x . This impacts an unknown function. The manipulation results in path traversal. This vulnerability is known as CVE-2026…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 20, 2026
CVE-2026-48774 | sysown proxysql up to 3.0.8 /mcp/query incomplete blacklist (GHSA-7wh6-2vcc-gcm4 / EUVD-2026-38075)

A vulnerability marked as critical has been reported in sysown proxysql up to 3.0.8 . Affected is an unknown function of the file /mcp/query . This manipulation causes incomplete blacklist. This vulne…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 20, 2026
CVE-2026-48772 | sysown proxysql up to 3.0.8 PROXY Protocol client_addr less trusted source (GHSA-gw94-85m2-x8v2 / EUVD-2026-38074)

A vulnerability described as critical has been identified in sysown proxysql up to 3.0.8 . Affected by this vulnerability is an unknown functionality of the component PROXY Protocol . Such manipulatio…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 20, 2026
CVE-2026-49342 | lsegal yard up to 0.9.43 yard-cache-secret.html path traversal (GHSA-pxcc-8665-phx8)

A vulnerability classified as critical has been found in lsegal yard up to 0.9.43 . Affected by this issue is some unknown functionality of the file yard-cache-secret.html . Performing a manipulation …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 20, 2026
CVE-2026-48773 | sysown proxysql up to 3.0.8 recv out-of-bounds write (GHSA-58ww-865x-grpr / EUVD-2026-38073)

A vulnerability classified as critical was found in sysown proxysql up to 3.0.8 . This affects the function recv . Executing a manipulation can lead to out-of-bounds write. The identification of this …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 20, 2026
CVE-2026-48787 | flipped-aurora gin-vue-admin 2.9.1 /autoCode/addFunc identifier-related os command injection (GHSA-22cv-9jv2-6m62 / EUVD-2026-38077)

A vulnerability, which was classified as critical , has been found in flipped-aurora gin-vue-admin 2.9.1 . This vulnerability affects unknown code of the file /autoCode/addFunc . The manipulation of t…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 20, 2026
CVE-2026-48089 | l3montree-dev devguard up to 1.4.1 DevGuard API vex.json improper authorization (GHSA-6p54-fw2f-q7gf / EUVD-2026-38076)

A vulnerability, which was classified as critical , was found in l3montree-dev devguard up to 1.4.1 . This issue affects some unknown processing of the file vex.json of the component DevGuard API . Th…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 20, 2026
CVE-2026-48715 | radvd-project radvdump up to 2.20 Route Information Option Parser print_ff stack-based overflow (GHSA-52px-gh9p-m379)

A vulnerability has been found in radvd-project radvdump up to 2.20 and classified as critical . Impacted is the function print_ff of the component Route Information Option Parser . This manipulation …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 20, 2026
CVE-2026-48129 | kestra-io kestra up to 1.0.42/1.1.18/1.2.18/1.3.18 path traversal (GHSA-q3fw-mvgv-pjr2 / EUVD-2026-38081)

A vulnerability was found in kestra-io kestra up to 1.0.42/1.1.18/1.2.18/1.3.18 and classified as critical . The affected element is an unknown function. Such manipulation leads to path traversal. Thi…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 20, 2026
CVE-2026-49344 | sourcentis mercator up to 2025.05.18 /admin/queries/execute QueryController::execute hidden private personal information (GHSA-q3r8-3h7c-96w3)

A vulnerability was found in sourcentis mercator up to 2025.05.18 . It has been classified as problematic . The impacted element is the function QueryController::execute of the file /admin/queries/exe…

VulDB Read →
← Prev 64 / 448 Next →