CyberIntel ⬡ News
★ Saved ◆ Cyber Reads

// Vulnerabilities & CVEs
Intel Feed

cyberintel.kalymoon.com  ·  10842 articles  ·  updated every 4 hours · grows forever

10842Total
4266Full Text
Jul 05, 2026Latest
◈ Women in Cyber ◉ Threat Intelligence ◎ How-To & Tutorials ⬡ Vulnerabilities & CVEs 🔍 Digital Forensics ◍ Incident Response & DFIR ◆ Security Tools & Reviews ◇ Industry News & Leadership ✉ Email Security 🛡 Active Threats ⚠ Critical CVEs ◐ Insider Threat & DLP ◌ Quantum Computing ◬ AI & Machine Learning
🔥 Trending Topics · Last 48h
⬡ Vulnerabilities & CVEs Jun 16, 2026
CVE-2026-48489 | Symfony Firewall authorization

A vulnerability was found in Symfony . It has been rated as critical . The affected element is an unknown function of the component Firewall . This manipulation causes incorrect authorization. This vu…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 16, 2026
CVE-2026-48736 | Symfony IpUtils::PRIVATE_SUBNETS server-side request forgery

A vulnerability categorized as critical has been discovered in Symfony . The impacted element is the function IpUtils::PRIVATE_SUBNETS . Such manipulation leads to server-side request forgery. This vu…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 16, 2026
CVE-2026-48747 | Symfony Mailer Webhook Parser downgrade

A vulnerability identified as problematic has been detected in Symfony . This affects an unknown function of the component Mailer Webhook Parser . Performing a manipulation results in algorithm downgr…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 16, 2026
CVE-2026-48760 | Symfony HtmlSanitizer URL Parser clickjacking

A vulnerability labeled as problematic has been found in Symfony . This impacts an unknown function of the component HtmlSanitizer URL Parser . Executing a manipulation can lead to clickjacking. This …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 16, 2026
CVE-2026-48761 | Symfony URL Attribute cross site scripting

A vulnerability marked as problematic has been reported in Symfony . Affected is an unknown function of the component URL Attribute Handler . The manipulation leads to cross site scripting. This vulne…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 16, 2026
CVE-2026-48784 | Symfony UrlGenerator encoding error

A vulnerability described as problematic has been identified in Symfony . Affected by this vulnerability is an unknown functionality of the component UrlGenerator . The manipulation results in encodin…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 16, 2026
CVE-2026-8443 | WP Review Slider Pro Plugin up to 12.6.8 on WordPress stripslashes wpdb sql injection

A vulnerability classified as critical has been found in WP Review Slider Pro Plugin up to 12.6.8 on WordPress. Affected by this issue is the function stripslashes . This manipulation of the argument …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 16, 2026
CVE-2026-6933 | Premmerce Dev Tools Plugin up to 2.0 on WordPress generatePluginHandler premmerce_plugin_namespace unrestricted upload

A vulnerability classified as critical was found in Premmerce Dev Tools Plugin up to 2.0 on WordPress. This affects the function generatePluginHandler . Such manipulation of the argument premmerce_plu…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 16, 2026
CVE-2026-10635 | zephyrproject zephyr up to 4.4.x Xtensa memory-domain de-initialization Feature ptables.c k_mem_domain_deinit use after free (GHSA-39v7-cx8j-gq82)

A vulnerability, which was classified as critical , has been found in zephyrproject zephyr up to 4.4.x . This vulnerability affects the function k_mem_domain_deinit of the file arch/xtensa/core/ptable…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 16, 2026
CVE-2026-9187 | zealopensource Abandoned Contact Form 7 Plugin up to 2.2 on WordPress action__remove_abandoned authorization

A vulnerability, which was classified as critical , was found in zealopensource Abandoned Contact Form 7 Plugin up to 2.2 on WordPress. This issue affects the function action__remove_abandoned . Execu…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 16, 2026
CVE-2026-10780 | mohammadtanzilurrahman Static Block Plugin up to 2.2 on WordPress Shortcode static_block_content ID authorization

A vulnerability has been found in mohammadtanzilurrahman Static Block Plugin up to 2.2 on WordPress and classified as problematic . Impacted is the function static_block_content of the component Short…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 16, 2026
CVE-2026-5149 | rometheme RTMKit Plugin up to 2.0.7 on WordPress AJAX Endpoint entries_id authorization

A vulnerability was found in rometheme RTMKit Plugin up to 2.0.7 on WordPress and classified as problematic . The affected element is an unknown function of the component AJAX Endpoint . The manipulat…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 16, 2026
CVE-2026-50255 | Sony Optical Disc Archive Software for Windows up to 5.5.3 on Windows default permission

A vulnerability was found in Sony Optical Disc Archive Software for Windows up to 5.5.3 on Windows. It has been classified as critical . The impacted element is an unknown function. This manipulation …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 16, 2026
CVE-2025-10262 | Nokia SR Linux up to 23.10.7/24.10.5/25.7.1 Local Privilege Escalation

A vulnerability was found in Nokia SR Linux up to 23.10.7/24.10.5/25.7.1 . It has been declared as problematic . This affects an unknown function. Such manipulation leads to Local Privilege Escalation…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 16, 2026
21 0-Day Vulnerabilities in FFmpeg Enables Remote Code Execution Attacks - CyberSecurityNews

21 0-Day Vulnerabilities in FFmpeg Enables Remote Code Execution Attacks CyberSecurityNews

CyberSecurityNews Read →
⬡ Vulnerabilities & CVEs Jun 16, 2026
Cydome flags NAVTOR NavBox path traversal and authentication flaws exposing vessel data, networks to cyber risk - Industrial Cyber

Cydome flags NAVTOR NavBox path traversal and authentication flaws exposing vessel data, networks to cyber risk Industrial Cyber

Industrial Cyber Read →
⬡ Vulnerabilities & CVEs Jun 16, 2026
Cisco fixes SD-WAN vManage flaw exploited in zero-day attacks - BleepingComputer

Cisco fixes SD-WAN vManage flaw exploited in zero-day attacks BleepingComputer

BleepingComputer Read →
⬡ Vulnerabilities & CVEs Jun 15, 2026
CVE-2025-15659 | liseperu Elizaibots Plugin up to 1.0.2 on WordPress cross site scripting

A vulnerability identified as problematic has been detected in liseperu Elizaibots Plugin up to 1.0.2 on WordPress. Impacted is an unknown function. The manipulation leads to cross site scripting. Thi…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 15, 2026
CVE-2026-10634 | zephyrproject zephyr up to 4.4.x subsys/net/ip/tcp.c net_tcp_foreach use after free (GHSA-6c57-xfhw-j26x)

A vulnerability labeled as critical has been found in zephyrproject zephyr up to 4.4.x . The affected element is the function net_tcp_foreach of the file subsys/net/ip/tcp.c . The manipulation results…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 15, 2026
CVE-2026-9595 | webpack-dev-server up to 5.2.4 origin validation (GHSA-mx8g-39q3-5c79)

A vulnerability marked as problematic has been reported in webpack-dev-server up to 5.2.4 . The impacted element is an unknown function. This manipulation causes origin validation error. This vulnerab…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 15, 2026
CVE-2026-9862 | Fortra Core Privileged Access Manager os command injection

A vulnerability described as critical has been identified in Fortra Core Privileged Access Manager . This affects an unknown function. Such manipulation leads to os command injection. This vulnerabili…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 15, 2026
CVE-2026-5038 | multer up to 2.1.x/3.0.0-alpha.1 Multipart Upload Readable.pipe cleanup (GHSA-3p4h-7m6x-2hcm)

A vulnerability classified as problematic has been found in multer up to 2.1.x/3.0.0-alpha.1 . This impacts the function Readable.pipe of the component Multipart Upload Handler . Performing a manipula…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 15, 2026
CVE-2026-9863 | Fortra Core Privileged Access Manager os command injection

A vulnerability classified as critical was found in Fortra Core Privileged Access Manager . Affected is an unknown function. Executing a manipulation can lead to os command injection. This vulnerabili…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 15, 2026
CVE-2026-8683 | Mattermost Desktop App up to 5.5.13/6.1.x window.open allocation of resources

A vulnerability, which was classified as problematic , has been found in Mattermost Desktop App up to 5.5.13/6.1.x . Affected by this vulnerability is the function window.open . The manipulation leads…

VulDB Read →
← Prev 90 / 452 Next →