CyberIntel ⬡ News
★ Saved ◆ Cyber Reads

// Vulnerabilities & CVEs
Intel Feed

cyberintel.kalymoon.com  ·  10807 articles  ·  updated every 4 hours · grows forever

10807Total
4266Full Text
Jul 05, 2026Latest
◈ Women in Cyber ◉ Threat Intelligence ◎ How-To & Tutorials ⬡ Vulnerabilities & CVEs 🔍 Digital Forensics ◍ Incident Response & DFIR ◆ Security Tools & Reviews ◇ Industry News & Leadership ✉ Email Security 🛡 Active Threats ⚠ Critical CVEs ◐ Insider Threat & DLP ◌ Quantum Computing ◬ AI & Machine Learning
🔥 Trending Topics · Last 48h
⬡ Vulnerabilities & CVEs Jun 17, 2026
CVE-2026-53869 | NousResearch hermes-agent up to 0.15.x on WebSocket WebSocket Endpoint /api/pty missing authentication

A vulnerability categorized as critical has been discovered in NousResearch hermes-agent up to 0.15.x on WebSocket. Affected by this vulnerability is an unknown functionality of the file /api/pty of t…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 17, 2026
CVE-2026-53871 | nesquena hermes-webui up to 0.51.367 get_profile_cookie cookie validation

A vulnerability identified as critical has been detected in nesquena hermes-webui up to 0.51.367 . Affected by this issue is the function get_profile_cookie . Performing a manipulation results in cook…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 17, 2026
CVE-2026-55196 | hermes-webui Hermes WebUI up to 0.51.408 options missing authentication

A vulnerability labeled as critical has been found in hermes-webui Hermes WebUI up to 0.51.408 . This affects an unknown part of the file /api/auth/passkey/register/options . Executing a manipulation …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 17, 2026
CVE-2026-2467 | RTI Connext Professional heap-based overflow

A vulnerability marked as critical has been reported in RTI Connext Professional . This vulnerability affects unknown code. The manipulation leads to heap-based buffer overflow. This vulnerability is …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 17, 2026
CVE-2026-55197 | nesquena hermes-webui up to 0.51.442 Conversation /api/session authorization

A vulnerability described as problematic has been identified in nesquena hermes-webui up to 0.51.442 . This issue affects some unknown processing of the file /api/session of the component Conversation…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 17, 2026
CVE-2026-20265 | Splunk AI Toolkit up to 5.7.3 Outbound Requests insecure default initialization of resource (SVD-2026-0613)

A vulnerability classified as problematic has been found in Splunk AI Toolkit up to 5.7.3 . Impacted is an unknown function of the component Outbound Requests Handler . This manipulation causes insecu…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 17, 2026
CVE-2026-20266 | Splunk AI Toolkit up to 5.7.3 Configuration os command injection (SVD-2026-0614)

A vulnerability classified as critical was found in Splunk AI Toolkit up to 5.7.3 . The affected element is an unknown function of the component Configuration Handler . Such manipulation leads to os c…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 17, 2026
CVE-2026-2674 | RTI Connext Professional prior 7.3.1.3/7.7.0 Queueing Service out-of-bounds write

A vulnerability, which was classified as critical , has been found in RTI Connext Professional . The impacted element is an unknown function of the component Queueing Service . Performing a manipulati…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 17, 2026
CVE-2026-3894 | RTI Connext Professional out-of-bounds

A vulnerability, which was classified as critical , was found in RTI Connext Professional . This affects an unknown function. Executing a manipulation can lead to out-of-bounds read. The identificatio…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 17, 2026
CVE-2026-6733 | undici up to 6.25.x/7.27.x/8.4.x Setting toctou (GHSA-35p6-xmwp-9g52)

A vulnerability has been found in undici up to 6.25.x/7.27.x/8.4.x and classified as problematic . This impacts an unknown function of the component Setting Handler . The manipulation leads to time-of…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 17, 2026
CVE-2026-6734 | undici up to 7.25.x/8.1.x Destination origin validation (GHSA-hm92-r4w5-c3mj)

A vulnerability was found in undici up to 7.25.x/8.1.x and classified as problematic . Affected is an unknown function of the component Destination Handler . The manipulation results in origin validat…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 17, 2026
CVE-2026-7300 | RTI Connext Professional Web Integration Service buffer overflow

A vulnerability was found in RTI Connext Professional . It has been classified as critical . Affected by this vulnerability is an unknown functionality of the component Web Integration Service . This …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 17, 2026
CVE-2026-48818 | Kludex starlette up to 1.0.x on Windows SMB Connection server-side request forgery

A vulnerability was found in Kludex starlette up to 1.0.x on Windows. It has been declared as critical . Affected by this issue is some unknown functionality of the component SMB Connection Handler . …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 17, 2026
CVE-2026-55198 | nesquena hermes-webui up to 0.51.442 Session Export Endpoint api/routes.py authorization

A vulnerability was found in nesquena hermes-webui up to 0.51.442 . It has been rated as problematic . This affects an unknown part of the file api/routes.py of the component Session Export Endpoint .…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 17, 2026
CVE-2026-2675 | RTI Connext Professional prior 7.3.1.3/7.7.0 missing authentication

A vulnerability categorized as critical has been discovered in RTI Connext Professional . This vulnerability affects unknown code. Executing a manipulation can lead to missing authentication. This vul…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 17, 2026
CVE-2026-30799 | RTI Connext Professional missing authentication

A vulnerability identified as critical has been detected in RTI Connext Professional . This issue affects some unknown processing. The manipulation leads to missing authentication. This vulnerability …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 17, 2026
CVE-2026-48591 | pragdave earmark up to 1.4.1 lib/earmark/transform.ex cross site scripting

A vulnerability labeled as problematic has been found in pragdave earmark up to 1.4.1 . Impacted is an unknown function in the library lib/earmark/transform.ex . The manipulation results in improper n…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 17, 2026
CVE-2026-53870 | NousResearch hermes-agent up to 0.15.x Conversation response_store.db default permission

A vulnerability marked as critical has been reported in NousResearch hermes-agent up to 0.15.x . The affected element is an unknown function of the file response_store.db of the component Conversation…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 17, 2026
CVE-2026-30802 | RTI Connext Micro up to 4.2.x out-of-bounds

A vulnerability described as critical has been identified in RTI Connext Micro up to 4.2.x . The impacted element is an unknown function. Such manipulation leads to out-of-bounds read. This vulnerabil…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 17, 2026
CVE-2026-30803 | RTI Connext Micro up to 4.2.x integer underflow

A vulnerability classified as critical has been found in RTI Connext Micro up to 4.2.x . This affects an unknown function. Performing a manipulation results in integer underflow. This vulnerability is…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 17, 2026
CVE-2026-39199 | Snes9X 1.63 ups File out-of-bounds write (Issue 1035)

A vulnerability classified as critical was found in Snes9X 1.63 . This impacts an unknown function of the component ups File Handler . Executing a manipulation can lead to out-of-bounds write. This vu…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 17, 2026
Microsoft Confirms RoguePlanet Defender Zero-Day, Says Patch is in Development - The Hacker News

Microsoft Confirms RoguePlanet Defender Zero-Day, Says Patch is in Development The Hacker News

The Hacker News Read →
⬡ Vulnerabilities & CVEs Jun 17, 2026
CVE-2026-40756 | Mikado-mes Zoya Plugin up to 1.4 on WordPress deserialization

A vulnerability was found in Mikado-mes Zoya Plugin up to 1.4 on WordPress and classified as problematic . The affected element is an unknown function. Such manipulation leads to deserialization. This…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 17, 2026
CVE-2026-40757 | Mikado-mes Château Plugin up to 1.2.1 on WordPress deserialization

A vulnerability was found in Mikado-mes Château Plugin up to 1.2.1 on WordPress. It has been classified as problematic . The impacted element is an unknown function. Performing a manipulation results …

VulDB Read →
← Prev 77 / 451 Next →