CyberIntel ⬡ News
★ Saved ◆ Cyber Reads

// Vulnerabilities & CVEs
Intel Feed

cyberintel.kalymoon.com  ·  10793 articles  ·  updated every 4 hours · grows forever

10793Total
4266Full Text
Jul 05, 2026Latest
◈ Women in Cyber ◉ Threat Intelligence ◎ How-To & Tutorials ⬡ Vulnerabilities & CVEs 🔍 Digital Forensics ◍ Incident Response & DFIR ◆ Security Tools & Reviews ◇ Industry News & Leadership ✉ Email Security 🛡 Active Threats ⚠ Critical CVEs ◐ Insider Threat & DLP ◌ Quantum Computing ◬ AI & Machine Learning
🔥 Trending Topics · Last 48h
⬡ Vulnerabilities & CVEs Jun 18, 2026
CVE-2026-12136 | phppoet SysBasics Customize My Account for WooCommerce Plugin Shortcode wcmamtx_get_avatar_default cross site scripting (EUVD-2026-37859)

A vulnerability was found in phppoet SysBasics Customize My Account for WooCommerce Plugin up to 4.3.6 on WordPress. It has been declared as problematic . This affects the function wcmamtx_get_avatar_…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 18, 2026
CVE-2026-12137 | phppoet SysBasics Customize My Account for WooCommerce Plugin Admin Dashboard Page plugin_options_page cross site scripting (EUVD-2026-37861)

A vulnerability was found in phppoet SysBasics Customize My Account for WooCommerce Plugin up to 4.3.6 on WordPress. It has been rated as problematic . This impacts the function plugin_options_page of…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 18, 2026
CVE-2026-11395 | mariovalney CF7 to Webhook Plugin up to 5.0.0 on WordPress Placeholder server-side request forgery (EUVD-2026-37863)

A vulnerability categorized as critical has been discovered in mariovalney CF7 to Webhook Plugin up to 5.0.0 on WordPress. Affected is an unknown function of the component Placeholder Handler . Execut…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 18, 2026
CVE-2026-12098 | blubrry PowerPress Podcasting plugin by Blubrry up to 11.16.8 on WordPress update_post_meta cross site scripting (EUVD-2026-37862)

A vulnerability identified as problematic has been detected in blubrry PowerPress Podcasting plugin by Blubrry up to 11.16.8 on WordPress. Affected by this vulnerability is the function update_post_me…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 18, 2026
CVE-2026-28573 | Google Android 14/16 AndroidManifest.xml denial of service

A vulnerability labeled as critical has been found in Google Android 14/16 . Affected by this issue is some unknown functionality of the file AndroidManifest.xml . The manipulation results in denial o…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 18, 2026
CVE-2026-9815 | MagicForm Plugin up to 0.1.3 on WordPress PHP File unrestricted upload

A vulnerability marked as critical has been reported in MagicForm Plugin up to 0.1.3 on WordPress. This affects an unknown part of the component PHP File Handler . This manipulation causes unrestricte…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 18, 2026
CVE-2026-55746 | Cotonti 1.0.0 modules/pfs/inc/pfs.main htmlspecialchars cross site scripting (EUVD-2026-37858)

A vulnerability described as problematic has been identified in Cotonti 1.0.0 . This vulnerability affects the function htmlspecialchars of the file modules/pfs/inc/pfs.main . Such manipulation leads …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 18, 2026
CVE-2026-55745 | Cotonti 1.0.0 /pfs/inc/pfs cot_check_xg cross-site request forgery

A vulnerability classified as problematic has been found in Cotonti 1.0.0 . This issue affects the function cot_check_xg of the file /pfs/inc/pfs . Performing a manipulation results in cross-site requ…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 18, 2026
Ivanti Warns of Actively Exploited Endpoint Manager Mobile (EPMM) Zero-Day - LinkedIn

Ivanti Warns of Actively Exploited Endpoint Manager Mobile (EPMM) Zero-Day LinkedIn

LinkedIn Read →
⬡ Vulnerabilities & CVEs Jun 18, 2026
Microsoft Warns Public Release of Zero-Day Details Before Vendor Coordination - CyberSecurityNews

Microsoft Warns Public Release of Zero-Day Details Before Vendor Coordination CyberSecurityNews

CyberSecurityNews Read →
⬡ Vulnerabilities & CVEs Jun 18, 2026
CVE-2026-12566 | Black Lantern Security BBOT up to 2.8.4 Response Header realm server-side request forgery

A vulnerability classified as critical has been found in Black Lantern Security BBOT up to 2.8.4 . The affected element is an unknown function of the component Response Header Handler . Performing a m…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 18, 2026
CVE-2026-12568 | Black Lantern Security BBOT up to 2.8.5 Postman API path traversal

A vulnerability classified as critical was found in Black Lantern Security BBOT up to 2.8.5 . The impacted element is an unknown function of the component Postman API . Executing a manipulation can le…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 18, 2026
CVE-2026-45357 | harttle liquidjs up to 10.25.x src/util/underscore.ts pad/padStart resource consumption (GHSA-hh27-hf48-9f5q)

A vulnerability, which was classified as problematic , has been found in harttle liquidjs up to 10.25.x . This affects the function pad/padStart of the file src/util/underscore.ts . The manipulation l…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 18, 2026
CVE-2026-12567 | Black Lantern Security BBOT up to 2.8.4 github_workflows link following

A vulnerability, which was classified as critical , was found in Black Lantern Security BBOT up to 2.8.4 . This impacts an unknown function of the component github_workflows . The manipulation results…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 18, 2026
CVE-2026-44644 | harttle liquidjs up to 10.25.x cross site scripting (GHSA-2qv6-9wx5-cwv4)

A vulnerability has been found in harttle liquidjs up to 10.25.x and classified as problematic . Affected is an unknown function. This manipulation causes cross site scripting. This vulnerability is h…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 18, 2026
CVE-2026-53676 | ThingsBoard up to <=4.3.1.1 prototype pollution

A vulnerability was found in ThingsBoard up to and classified as problematic . Affected by this vulnerability is an unknown functionality. Such manipulation leads to improperly controlled modification…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 18, 2026
CVE-2026-48759 | baptisteArno typebot.io up to 3.15.x DeleteThemeTemplate authorization (GHSA-qv4p-4mp3-pvpv)

A vulnerability was found in baptisteArno typebot.io up to 3.15.x . It has been classified as problematic . Affected by this issue is some unknown functionality of the component DeleteThemeTemplate Ha…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 18, 2026
CVE-2026-50268 | SteeltoeOSS Steeltoe.Configuration.Encryption up to 4.1.x Setting OAEP credentials storage (GHSA-4j9m-h44m-2hv8)

A vulnerability was found in SteeltoeOSS Steeltoe.Configuration.Encryption up to 4.1.x . It has been declared as problematic . This affects an unknown part of the component Setting Handler . Executing…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 18, 2026
CVE-2026-12505 | cifs-utils Malicious NSS unnecessary privileges

A vulnerability was found in cifs-utils . It has been rated as critical . This vulnerability affects unknown code of the component Malicious NSS Module . The manipulation leads to execution with unnec…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 18, 2026
CVE-2026-54533 | vantage6 up to 4.x access control (ID 1932)

A vulnerability categorized as critical has been discovered in vantage6 up to 4.x . This issue affects some unknown processing. The manipulation results in improper access controls. This vulnerability…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 18, 2026
CVE-2026-8050 | SignalRGB up to 1.3.7.0 IOCTL null pointer dereference

A vulnerability identified as problematic has been detected in SignalRGB up to 1.3.7.0 . Impacted is an unknown function of the component IOCTL Handler . This manipulation causes null pointer derefere…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 18, 2026
CVE-2026-50202 | SteeltoeOSS Steeltoe.Security.Authentication.CloudFoundryBase up to 3.3.x JWT Signing Key exposure of resource (GHSA-7fqc-p256-7pwj)

A vulnerability labeled as problematic has been found in SteeltoeOSS Steeltoe.Security.Authentication.CloudFoundryBase, Steeltoe.Security.Authentication.JwtBearer and Steeltoe.Security.Authentication.…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 18, 2026
CVE-2026-50201 | SteeltoeOSS Steeltoe.Management.Endpoint up to 4.1.x AddAllActuators privileges management (GHSA-227r-jm2g-7cp4)

A vulnerability marked as critical has been reported in SteeltoeOSS Steeltoe.Management.Endpoint and Steeltoe.Management.EndpointBase up to 4.1.x . The impacted element is the function AddAllActuators…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 18, 2026
CVE-2026-48768 | baptisteArno typebot.io up to 3.16.x Content-Type generate-upload-url path traversal (GHSA-fp7x-6pqh-vhvf)

A vulnerability described as critical has been identified in baptisteArno typebot.io up to 3.16.x . This affects an unknown function of the file /api/blocks/file-input/v3/generate-upload-url of the co…

VulDB Read →
← Prev 74 / 450 Next →