CyberIntel ⬡ News
★ Saved ◆ Cyber Reads

// Vulnerabilities & CVEs
Intel Feed

cyberintel.kalymoon.com  ·  10865 articles  ·  updated every 4 hours · grows forever

10865Total
4266Full Text
Jul 06, 2026Latest
◈ Women in Cyber ◉ Threat Intelligence ◎ How-To & Tutorials ⬡ Vulnerabilities & CVEs 🔍 Digital Forensics ◍ Incident Response & DFIR ◆ Security Tools & Reviews ◇ Industry News & Leadership ✉ Email Security 🛡 Active Threats ⚠ Critical CVEs ◐ Insider Threat & DLP ◌ Quantum Computing ◬ AI & Machine Learning
🔥 Trending Topics · Last 48h
⬡ Vulnerabilities & CVEs Jun 14, 2026
CVE-2026-12183 | Nefteprodukttekhnika BUK TS-G Gas Station Automation System up to 2.10.2 on Linux System Configuration /php/ajax-login.php improper authentication (EUVD-2026-36653)

A vulnerability identified as critical has been detected in Nefteprodukttekhnika BUK TS-G Gas Station Automation System up to 2.10.2 on Linux. The affected element is an unknown function of the file /…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 14, 2026
CVE-2026-6428 | Koha up to 26.05.0 Reports reports/catalogue_out.pl strsth2 sql injection (EUVD-2026-36652)

A vulnerability labeled as critical has been found in Koha up to 26.05.0 . The impacted element is an unknown function of the file reports/catalogue_out.pl of the component Reports Module . Executing …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 14, 2026
CVE-2026-54421 | OpenStack Ironic up to 35.0.1 improper removal of sensitive information before storage or transfer (EUVD-2026-36658)

A vulnerability marked as problematic has been reported in OpenStack Ironic up to 35.0.1 . This affects an unknown function. The manipulation leads to improper removal of sensitive information before …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 14, 2026
CVE-2026-54420 | LiteSpeed cPanel Plugin up to 2.4.7 symlink (EUVD-2026-36657)

A vulnerability described as critical has been identified in LiteSpeed cPanel Plugin up to 2.4.7 . This impacts an unknown function. The manipulation results in symlink following. This vulnerability i…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 14, 2026
CVE-2026-12186 | GL.iNet GL-MT3000 up to 4.4.5 Tor Proxy Service Configuration tor replace_country command injection

A vulnerability classified as critical has been found in GL.iNet GL-MT3000 up to 4.4.5 . Affected is the function replace_country in the library /usr/lib/oui-httpd/rpc/tor of the component Tor Proxy S…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 14, 2026
CVE-2026-12187 | GL.iNet GL-MT3000 up to 4.4.5 Online Firmware Upgrade one_click_upgrade command injection

A vulnerability classified as critical was found in GL.iNet GL-MT3000 up to 4.4.5 . Affected by this vulnerability is an unknown functionality of the file /usr/bin/one_click_upgrade of the component O…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 14, 2026
CVE-2026-12188 | Grit42 Grit up to 0.11.0 GritEntityController grit_entity_controller.rb sql injection

A vulnerability, which was classified as critical , has been found in Grit42 Grit up to 0.11.0 . Affected by this issue is some unknown functionality of the file modules/core/backend/app/controllers/c…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 14, 2026
CVE-2026-12189 | Moovit Bus & Public Transit App 1.18 on Android com.tranzmate improper authorization in handler for custom url scheme

A vulnerability, which was classified as problematic , was found in Moovit Bus & Public Transit App 1.18 on Android. This affects an unknown part of the component com.tranzmate . Executing a manipulat…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 14, 2026
CVE-2026-12190 | Genspark AI Workspace App 2.8.4 on Android ai.mainfunc.genspark improper authorization in handler for custom url scheme

A vulnerability has been found in Genspark AI Workspace App 2.8.4 on Android and classified as problematic . This vulnerability affects unknown code of the component ai.mainfunc.genspark . The manipul…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 14, 2026
CVE-2026-12191 | Comma AI Openpilot 0.11 Pickle modeld.py pickle.load/pickle.loads deserialization

A vulnerability was found in Comma AI Openpilot 0.11 and classified as critical . This issue affects the function pickle.load/pickle.loads of the file selfdrive/modeld/modeld.py of the component Pickl…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 14, 2026
CVE-2026-12192 | GALAYOU Y4 1.0.0 Web Server buffer overflow

A vulnerability was found in GALAYOU Y4 1.0.0 . It has been classified as critical . Impacted is an unknown function of the component Web Server . This manipulation causes buffer overflow. This vulner…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 14, 2026
CVE-2026-12193 | VS Revo RevoUninstaller 2.5.x/2.6.x IOCTL RevoDetector.sys IOCtl_Handler heap-based overflow

A vulnerability was found in VS Revo RevoUninstaller 2.5.x/2.6.x . It has been declared as critical . The affected element is the function IOCtl_Handler in the library RevoDetector.sys of the componen…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 14, 2026
CVE-2026-12197 | Ruijie EG105G-P 2.340 JSON-RPC Diagnose Endpoint diagnose nslookup params.target command injection

A vulnerability was found in Ruijie EG105G-P 2.340 . It has been rated as critical . The impacted element is the function nslookup of the file /cgi-bin/luci/api/diagnose of the component JSON-RPC Diag…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 14, 2026
CVE-2026-12198 | Microweber up to 2.0.20 API Endpoint thumbnail_img userfiles_path cache_path_relative path traversal (Issue 1172)

A vulnerability categorized as critical has been discovered in Microweber up to 2.0.20 . This affects the function userfiles_path of the file /api_nosession/thumbnail_img of the component API Endpoint…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 13, 2026
CVE-2026-9062 | Store Locator WordPress Plugin up to 1.6.8 on WordPress information disclosure

A vulnerability classified as problematic was found in Store Locator WordPress Plugin up to 1.6.8 on WordPress. This affects an unknown function. The manipulation results in information disclosure. Th…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 13, 2026
CVE-2026-1291 | tigroumeow Meow Gallery Plugin up to 5.4.4 on WordPress REST API Endpoint authorization

A vulnerability, which was classified as critical , has been found in tigroumeow Meow Gallery Plugin up to 5.4.4 on WordPress. This impacts an unknown function of the component REST API Endpoint . Thi…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 13, 2026
CVE-2026-9109 | john-dagelmore GPTranslate Plugin up to 2.31 on WordPress Deterministically Derived API Key request gptApiKey cross site scripting

A vulnerability, which was classified as problematic , was found in john-dagelmore GPTranslate Plugin up to 2.31 on WordPress. Affected is an unknown function of the file /wp-json/gptranslate/v1/reque…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 13, 2026
CVE-2026-9134 | fooplugins Photo Gallery by FooGallery Plugin up to 3.1.31 on WordPress Shortcode foogallery_sanitize_javascript cross site scripting

A vulnerability has been found in fooplugins Photo Gallery by FooGallery Plugin up to 3.1.31 on WordPress and classified as problematic . Affected by this vulnerability is the function foogallery_sani…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 13, 2026
CVE-2026-11624 | Google MCP Toolbox for Databases up to 0.24.x origin validation (Issue 3113)

A vulnerability was found in Google MCP Toolbox for Databases up to 0.24.x and classified as critical . Affected by this issue is some unknown functionality. Executing a manipulation can lead to origi…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 13, 2026
CVE-2026-3297 | Softaculous Page Builder Plugin up to 2.0.9 on WordPress cross site scripting

A vulnerability was found in Softaculous Page Builder Plugin up to 2.0.9 on WordPress. It has been classified as problematic . This affects an unknown part. The manipulation leads to cross site script…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 13, 2026
CVE-2026-9629 | codesupplyco Canvas Plugin up to 2.5.2 on WordPress day cross site scripting

A vulnerability was found in codesupplyco Canvas Plugin up to 2.5.2 on WordPress. It has been declared as problematic . This vulnerability affects unknown code. The manipulation of the argument day re…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 13, 2026
CVE-2026-9061 | Store Locator Plugin up to 1.6.8 on WordPress cross site scripting

A vulnerability was found in Store Locator Plugin up to 1.6.8 on WordPress. It has been rated as problematic . This issue affects some unknown processing. This manipulation causes cross site scripting…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 13, 2026
CVE-2026-5513 | ladela Online Scheduling and Appointment Booking System Plugin setting cross site scripting

A vulnerability categorized as problematic has been discovered in ladela Online Scheduling and Appointment Booking System Plugin up to 27.2 on WordPress. Impacted is an unknown function of the compone…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 13, 2026
CVE-2026-53831 | OpenClaw up to 2026.5.17 on POSIX Configuration Data toctou (GHSA-mhq8-78pj-5j79)

A vulnerability described as critical has been identified in OpenClaw up to 2026.5.17 on POSIX. Affected by this vulnerability is an unknown functionality of the component Configuration Data Handler .…

VulDB Read →
← Prev 95 / 453 Next →