CyberIntel ⬡ News
★ Saved ◆ Cyber Reads

// Vulnerabilities & CVEs
Intel Feed

cyberintel.kalymoon.com  ·  10865 articles  ·  updated every 4 hours · grows forever

10865Total
4266Full Text
Jul 06, 2026Latest
◈ Women in Cyber ◉ Threat Intelligence ◎ How-To & Tutorials ⬡ Vulnerabilities & CVEs 🔍 Digital Forensics ◍ Incident Response & DFIR ◆ Security Tools & Reviews ◇ Industry News & Leadership ✉ Email Security 🛡 Active Threats ⚠ Critical CVEs ◐ Insider Threat & DLP ◌ Quantum Computing ◬ AI & Machine Learning
🔥 Trending Topics · Last 48h
⬡ Vulnerabilities & CVEs Jun 14, 2026
CVE-2026-54413 | driftregion iso14229 up to 0.9.0 iso14229.c Handle_0x27_SecurityAccess integer underflow (EUVD-2026-36664)

A vulnerability categorized as critical has been discovered in driftregion iso14229 up to 0.9.0 . This vulnerability affects the function Handle_0x27_SecurityAccess of the file iso14229.c . Such manip…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 14, 2026
CVE-2026-54411 | Linux-PAM up to 1.7.2 pam_userdb.c strncmp timing discrepancy (EUVD-2026-36662)

A vulnerability identified as problematic has been detected in Linux-PAM up to 1.7.2 . This issue affects the function strncmp of the file modules/pam_userdb/pam_userdb.c . Performing a manipulation r…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 14, 2026
CVE-2026-12202 | Intelliants Subrion CMS up to 4.0.3 Blocks Endpoint CSS class name cross site scripting

A vulnerability described as problematic has been identified in Intelliants Subrion CMS up to 4.0.3 . Affected by this issue is some unknown functionality of the component Blocks Endpoint . Such manip…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 14, 2026
CVE-2026-12203 | HKUDS AI-Trader up to 74caf996f78dcc0c657df8365c8544678a16e215 Research Export /api/research/agents.csv information disclosure (Issue 242)

A vulnerability classified as problematic has been found in HKUDS AI-Trader up to 74caf996f78dcc0c657df8365c8544678a16e215 . This affects an unknown part of the file /api/research/agents.csv of the co…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 14, 2026
CVE-2026-12206 | Grit42 Grit up to 0.11.0 data_table_entity.rb DataTableEntity sql injection

A vulnerability, which was classified as critical , has been found in Grit42 Grit up to 0.11.0 . This issue affects the function Grit::Assays::DataTableEntity of the file modules/assays/backend/app/mo…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 14, 2026
CVE-2026-12207 | medkey-org medkey up to fc09b7ba9441ff590b72d428d5380834216b09ed HTTP REST API PatientController.php actionGetPatientById ID resource injection

A vulnerability, which was classified as critical , was found in medkey-org medkey up to fc09b7ba9441ff590b72d428d5380834216b09ed . Impacted is the function actionGetPatientById of the file app\module…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 14, 2026
CVE-2026-12208 | jsonata-js jsonata up to 2.2.0 Function Binding Frame System src/jsonata.js createFrame prototype pollution

A vulnerability has been found in jsonata-js jsonata up to 2.2.0 and classified as critical . The affected element is the function createFrame of the file src/jsonata.js of the component Function Bind…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 14, 2026
CVE-2026-12209 | RubyLouvre avalon up to 2.2.10 Template Filter src/filters/index.js prototype pollution

A vulnerability was found in RubyLouvre avalon up to 2.2.10 and classified as critical . The impacted element is an unknown function of the file src/filters/index.js of the component Template Filter H…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 14, 2026
CVE-2026-12210 | universal-tool-calling-protocol python-utcp 1.1.0 utcp-gql/utcp-websocket server-side request forgery (Issue 86)

A vulnerability was found in universal-tool-calling-protocol python-utcp 1.1.0 . It has been classified as critical . This affects an unknown function of the component utcp-gql/utcp-websocket . Perfor…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 14, 2026
CVE-2026-12211 | Intelbras iNVU 7016 FT 3.004.00IB000.0.T Build 2025-09-26 Web Interface /RPC2_Loadfile/syslog/ path traversal

A vulnerability was found in Intelbras iNVU 7016 FT 3.004.00IB000.0.T Build 2025-09-26 . It has been declared as critical . This impacts an unknown function of the file /RPC2_Loadfile/syslog/ of the c…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 14, 2026
CVE-2026-12212 | hcengineering Huly Platform up to 0.7.0 RPC Interface operations.ts getMailboxSecret access control

A vulnerability was found in hcengineering Huly Platform up to 0.7.0 . It has been rated as critical . Affected is the function getMailboxSecret of the file server/account/src/operations.ts of the com…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 14, 2026
CVE-2026-12213 | hcengineering Huly Platform up to 0.7.0 User Information operations.ts getAccountInfo improper authorization

A vulnerability categorized as critical has been discovered in hcengineering Huly Platform up to 0.7.0 . Affected by this vulnerability is the function getAccountInfo of the file server/account/src/op…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 14, 2026
CVE-2026-11526 | RURBAN GD up to 2.85 on Perl open filename os command injection

A vulnerability identified as critical has been detected in RURBAN GD up to 2.85 on Perl. Affected by this issue is the function Open . This manipulation of the argument filename causes os command inj…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 14, 2026
CVE-2026-11527 | SHLOMIF Config::IniFiles up to 3.999 on Perl open thing os command injection

A vulnerability labeled as critical has been found in SHLOMIF Config::IniFiles up to 3.999 on Perl. This affects the function Open . Such manipulation of the argument thing leads to os command injecti…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 14, 2026
CVE-2026-12214 | Qihoo 360 Total Security 6.0 Nucleus Engine Monitoring Logic RpcStringBindingComposeW NetworkAddr protection mechanism

A vulnerability marked as critical has been reported in Qihoo 360 Total Security 6.0 . This vulnerability affects the function RpcStringBindingComposeW of the component Nucleus Engine Monitoring Logic…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 14, 2026
CVE-2026-12216 | svaarala duktape up to 2.99.99 duk_api_bytecode.c count_instr memory corruption

A vulnerability described as critical has been identified in svaarala duktape up to 2.99.99 . This issue affects some unknown processing of the file duk_api_bytecode.c . Executing a manipulation of th…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 14, 2026
CVE-2026-12217 | DVDFab Virtual Drive 2.0.0.5 Signed Kernel Driver dvdfabio.sys privileges management

A vulnerability classified as critical has been found in DVDFab Virtual Drive 2.0.0.5 . Impacted is an unknown function in the library dvdfabio.sys of the component Signed Kernel Driver . The manipula…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 14, 2026
CVE-2026-12218 | Yealink SIP-T46U 108.87.50.1 Web FastCGI Service beforewifitest StartReportInformation port stack-based overflow

A vulnerability classified as critical was found in Yealink SIP-T46U 108.87.50.1 . The affected element is the function StartReportInformation of the file /api/inner/beforewifitest of the component We…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 14, 2026
CVE-2026-12219 | Yealink SIP-T46U 108.86.0.118 Web FastCGI Service /api/diagnosis/start mod_diagnose.CommandShellByType Time command injection

A vulnerability, which was classified as critical , has been found in Yealink SIP-T46U 108.86.0.118 . The impacted element is the function mod_diagnose.CommandShellByType of the file /api/diagnosis/st…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 14, 2026
CVE-2026-12220 | Yealink SIP-T46U 108.86.0.118 Firmware Chunk Upload handler accupgradebychunk mod_upgrade.SparePartsUpload uid stack-based overflow

A vulnerability, which was classified as critical , was found in Yealink SIP-T46U 108.86.0.118 . This affects the function mod_upgrade.SparePartsUpload of the file /api/upgrade/accupgradebychunk of th…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 14, 2026
CVE-2026-12221 | Yealink SIP-T46U 108.86.0.118 Firmware Chunk Upload /api/upgrade/upgrade sprintf uid/start_offset stack-based overflow

A vulnerability has been found in Yealink SIP-T46U 108.86.0.118 and classified as critical . This impacts the function sprintf of the file /api/upgrade/upgrade of the component Firmware Chunk Upload H…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 14, 2026
CVE-2026-12222 | Yealink SIP-T46U 108.86.0.118 Web FastCGI Service /api/inner/bttest mod_webd.BlueToothTest btMac/pin/reserved stack-based overflow

A vulnerability was found in Yealink SIP-T46U 108.86.0.118 and classified as critical . Affected is the function mod_webd.BlueToothTest of the file /api/inner/bttest of the component Web FastCGI Servi…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 14, 2026
CVE-2026-12223 | Yealink SIP-T46U 108.86.0.118 Web FastCGI Service tftpuploadiperf mod_webd.TFTPUploadIperf ip/port command injection

A vulnerability was found in Yealink SIP-T46U 108.86.0.118 . It has been classified as critical . Affected by this vulnerability is the function mod_webd.TFTPUploadIperf of the file /api/inner/tftpupl…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 14, 2026
Cisco FMC flaw was exploited by Interlock weeks before patch (CVE-2026-20131) - Help Net Security

Cisco FMC flaw was exploited by Interlock weeks before patch (CVE-2026-20131) Help Net Security

Help Net Security Read →
← Prev 94 / 453 Next →