CyberIntel ⬡ News
★ Saved ◆ Cyber Reads

// Vulnerabilities & CVEs
Intel Feed

cyberintel.kalymoon.com  ·  10807 articles  ·  updated every 4 hours · grows forever

10807Total
4266Full Text
Jul 05, 2026Latest
◈ Women in Cyber ◉ Threat Intelligence ◎ How-To & Tutorials ⬡ Vulnerabilities & CVEs 🔍 Digital Forensics ◍ Incident Response & DFIR ◆ Security Tools & Reviews ◇ Industry News & Leadership ✉ Email Security 🛡 Active Threats ⚠ Critical CVEs ◐ Insider Threat & DLP ◌ Quantum Computing ◬ AI & Machine Learning
🔥 Trending Topics · Last 48h
⬡ Vulnerabilities & CVEs Jun 18, 2026
CVE-2026-10029 | eventkoi Event Koi Lite Plugin up to 1.3.13.1 on WordPress Configuration authorization

A vulnerability identified as problematic has been detected in eventkoi Event Koi Lite Plugin up to 1.3.13.1 on WordPress. This affects an unknown function of the component Configuration Handler . Per…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 18, 2026
CVE-2026-12093 | wpinsider-1 Simple Membership Plugin up to 4.7.5 on WordPress Setting authorization

A vulnerability labeled as critical has been found in wpinsider-1 Simple Membership Plugin up to 4.7.5 on WordPress. This impacts an unknown function of the component Setting Handler . Executing a man…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 18, 2026
CVE-2026-11777 | 10web Form Maker Plugin up to 1.15.43 on WordPress Name sql injection

A vulnerability marked as critical has been reported in 10web Form Maker Plugin up to 1.15.43 on WordPress. Affected is an unknown function. The manipulation of the argument Name leads to sql injectio…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 18, 2026
CVE-2026-11358 | themeisle Orbit Fox Plugin up to 3.0.6 on WordPress cross site scripting

A vulnerability described as problematic has been identified in themeisle Orbit Fox Plugin up to 3.0.6 on WordPress. Affected by this vulnerability is an unknown functionality. The manipulation result…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 18, 2026
CVE-2026-11784 | optimole Optimole Plugin up to 4.2.6 on WordPress Link replace_file ID cross-site request forgery

A vulnerability classified as problematic has been found in optimole Optimole Plugin up to 4.2.6 on WordPress. Affected by this issue is the function replace_file of the component Link Handler . This …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 18, 2026
CVE-2026-11402 | bplugins Services Section Block Plugin up to 1.4.4 on WordPress cross site scripting

A vulnerability classified as problematic was found in bplugins Services Section Block Plugin up to 1.4.4 on WordPress. This affects an unknown part. Such manipulation leads to cross site scripting. T…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 18, 2026
Microsoft Working on Patch for ‘RoguePlanet’ Zero-Day - SecurityWeek

Microsoft Working on Patch for ‘RoguePlanet’ Zero-Day SecurityWeek

SecurityWeek Read →
⬡ Vulnerabilities & CVEs Jun 18, 2026
Critical Cisco Catalyst Vulnerability Exploited in the wild (CVE-2026-20127) - Rapid7

Critical Cisco Catalyst Vulnerability Exploited in the wild (CVE-2026-20127) Rapid7

Rapid7 Read →
⬡ Vulnerabilities & CVEs Jun 18, 2026
CVE-2026-0265: Authentication Bypass in Palo Alto Networks PAN-OS - Rapid7

CVE-2026-0265: Authentication Bypass in Palo Alto Networks PAN-OS Rapid7

Rapid7 Read →
⬡ Vulnerabilities & CVEs Jun 18, 2026
CVE-2026-55201 | Hackplayers evil-winrm up to 3.9 Configuration download_dir path traversal (EUVD-2026-37785)

A vulnerability, which was classified as critical , has been found in Hackplayers evil-winrm up to 3.9 . Affected is the function download_dir of the component Configuration Handler . The manipulation…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 18, 2026
CVE-2026-55202 | Tinyproxy up to 1.11.3 Header Host authentication spoofing (EUVD-2026-37786)

A vulnerability, which was classified as critical , was found in Tinyproxy up to 1.11.3 . Affected by this vulnerability is an unknown functionality of the component Header Handler . The manipulation …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 18, 2026
CVE-2026-55199 | libssh2 up to 1.11.1 SSH_MSG_EXT_INFO src/packet.c _libssh2_get_string infinite loop (EUVD-2026-37782)

A vulnerability has been found in libssh2 up to 1.11.1 and classified as problematic . Affected by this issue is the function _libssh2_get_string of the file src/packet.c of the component SSH_MSG_EXT_…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 18, 2026
CVE-2026-55200 | libssh2 up to 1.11.1 SSH ssh2_transport_read integer overflow (7acf3dfda80c91c3a8c9f2372546301d4a1a7a8 / EUVD-2026-37784)

A vulnerability was found in libssh2 up to 1.11.1 and classified as critical . This affects the function ssh2_transport_read of the component SSH Handler . Such manipulation leads to integer overflow …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 18, 2026
CVE-2026-10741 | Sonatype Nexus Repository Manager up to 3.92.x Configuration authorization (EUVD-2026-37783)

A vulnerability was found in Sonatype Nexus Repository Manager up to 3.92.x . It has been classified as problematic . This vulnerability affects unknown code of the component Configuration Handler . P…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 18, 2026
CVE-2026-10696 | Devolutions UniGetUI up to 2026.2.1 Pinget Backend name resolution (DEVO-2026-0019 / EUVD-2026-37781)

A vulnerability was found in Devolutions UniGetUI up to 2026.2.1 . It has been declared as critical . This issue affects some unknown processing of the component Pinget Backend . Executing a manipulat…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 17, 2026
CVE-2026-53875 | picklescan up to 1.0.2 torch.load eval injection

A vulnerability classified as critical has been found in picklescan up to 1.0.2 . This affects the function torch.load . The manipulation leads to improper neutralization of directives in dynamically …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 17, 2026
CVE-2026-32652 | Dell AIOps up to 1.18.3 Installation default credentials (dsa-2026-231)

A vulnerability classified as critical was found in Dell AIOps up to 1.18.3 . This vulnerability affects unknown code of the component Installation Handler . The manipulation results in use of default…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 17, 2026
CVE-2026-35069 | Dell PowerFlex sql injection (dsa-2026-066)

A vulnerability, which was classified as critical , has been found in Dell PowerFlex . This issue affects some unknown processing. This manipulation causes sql injection. The identification of this vu…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 17, 2026
CVE-2026-20178 | Cisco Webex App redirect (cisco-sa-webex-app-redirect-KOyxhffH)

A vulnerability, which was classified as problematic , was found in Cisco Webex App . Impacted is an unknown function. Such manipulation leads to open redirect. This vulnerability is referenced as CVE…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 17, 2026
CVE-2026-9678 | undici up to 7.27.x/8.4.x Shared-Cache Mode interceptors.cache cache containing sensitive information (GHSA-pr7r-676h-xcf6)

A vulnerability has been found in undici up to 7.27.x/8.4.x and classified as problematic . The affected element is the function interceptors.cache of the component Shared-Cache Mode . Performing a ma…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 17, 2026
CVE-2026-9697 | undici up to 7.27.x/8.4.x Setting servername certificate validation (GHSA-vmh5-mc38-953g)

A vulnerability was found in undici up to 7.27.x/8.4.x and classified as problematic . The impacted element is an unknown function of the component Setting Handler . Executing a manipulation of the ar…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 17, 2026
CVE-2026-53805 | nv-tlabs GEN3C Inference API pickle.loads deserialization

A vulnerability was found in nv-tlabs GEN3C . It has been classified as critical . This affects the function pickle.loads of the component Inference API . The manipulation leads to deserialization. Th…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 17, 2026
CVE-2026-11525 | undici up to 6.25.x/7.27.x/8.4.x Cookies Feature permissive list of allowed inputs (GHSA-g8m3-5g58-fq7m)

A vulnerability was found in undici up to 6.25.x/7.27.x/8.4.x . It has been declared as problematic . This impacts an unknown function of the component Cookies Feature . The manipulation results in pe…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 17, 2026
CVE-2026-9679 | undici up to 6.25.x/7.27.x/8.4.x HTTP Response Header getSetCookies crlf injection (GHSA-p88m-4jfj-68fv)

A vulnerability was found in undici up to 6.25.x/7.27.x/8.4.x . It has been rated as critical . Affected is an unknown function of the file /parseCookie/getSetCookies of the component HTTP Response He…

VulDB Read →
← Prev 76 / 451 Next →