CyberIntel ⬡ News
★ Saved ◆ Cyber Reads

// Vulnerabilities & CVEs
Intel Feed

cyberintel.kalymoon.com  ·  10891 articles  ·  updated every 4 hours · grows forever

10891Total
4273Full Text
Jul 06, 2026Latest
◈ Women in Cyber ◉ Threat Intelligence ◎ How-To & Tutorials ⬡ Vulnerabilities & CVEs 🔍 Digital Forensics ◍ Incident Response & DFIR ◆ Security Tools & Reviews ◇ Industry News & Leadership ✉ Email Security 🛡 Active Threats ⚠ Critical CVEs ◐ Insider Threat & DLP ◌ Quantum Computing ◬ AI & Machine Learning
🔥 Trending Topics · Last 48h
⬡ Vulnerabilities & CVEs Jun 13, 2026
CVE-2026-45014 | apostrophecms apostrophe up to 4.29.0 User Display Name cross site scripting (GHSA-hvx2-4ghc-j37m)

A vulnerability was found in apostrophecms apostrophe up to 4.29.0 . It has been rated as problematic . Affected by this issue is some unknown functionality of the component User Display Name Handler …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 13, 2026
CVE-2026-53606 | apostrophecms apostrophe up to 2.17.4 API naughtyHref cross site scripting (GHSA-vccv-cmxp-4j9h)

A vulnerability categorized as problematic has been discovered in apostrophecms apostrophe up to 2.17.4 . This affects the function naughtyHref of the component API . The manipulation results in cross…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 13, 2026
CVE-2026-54393 | MISP up to 2.5.39 setHomePage Endpoint app/View/News/index.ctp setSettingInternal cross site scripting

A vulnerability identified as problematic has been detected in MISP up to 2.5.39 . This vulnerability affects the function setSettingInternal of the file app/View/News/index.ctp of the component setHo…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 13, 2026
CVE-2026-12174 | D-Link DCS-935L 1.10.01 HTTP /web/cgi-bin/greece/rhea snprintf data format string

A vulnerability labeled as critical has been found in D-Link DCS-935L 1.10.01 . This issue affects the function snprintf of the file /web/cgi-bin/greece/rhea of the component HTTP Handler . Such manip…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 13, 2026
CVE-2026-12175 | CodeAstro Student Attendance Management System 1.0 createStudents.php admissionNumber sql injection

A vulnerability marked as critical has been reported in CodeAstro Student Attendance Management System 1.0 . Impacted is an unknown function of the file /attendance-php/Admin/createStudents.php . Perf…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 13, 2026
CVE-2026-11769 | Grafana Operator up to 5.23.0 path traversal

A vulnerability described as critical has been identified in Grafana Operator up to 5.23.0 . The affected element is an unknown function. Executing a manipulation can lead to path traversal. This vuln…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 13, 2026
CVE-2026-12176 | SourceCodester CET Automated Grading System with AI Predictive Analytics /index.php cross site scripting

A vulnerability classified as problematic has been found in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0 . The impacted element is an unknown function of the file /inde…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 13, 2026
Critical Vulnerability Chain in LangGraph Allows Attackers to Gain Full Server Control - CyberSecurityNews

Critical Vulnerability Chain in LangGraph Allows Attackers to Gain Full Server Control CyberSecurityNews

CyberSecurityNews Read →
⬡ Vulnerabilities & CVEs Jun 13, 2026
CVE-2026-53725 | parse-community parse-server up to 9.9.1-alpha.4 Password Endpoint information disclosure (GHSA-75v4-m273-5j49)

A vulnerability labeled as problematic has been found in parse-community parse-server up to 9.9.1-alpha.4 . Affected is an unknown function of the component Password Endpoint . Such manipulation leads…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 13, 2026
CVE-2026-42890 | actualbudget actual up to 26.4.x Environment Variable code injection (GHSA-7rvm-xjpp-63r9)

A vulnerability marked as critical has been reported in actualbudget actual up to 26.4.x . Affected by this vulnerability is an unknown functionality of the component Environment Variable Handler . Pe…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 13, 2026
CVE-2026-47260 | Koel up to 9.3.4 DNS Resolution Http::sink server-side request forgery (GHSA-7j2f-6h2r-6cqc)

A vulnerability described as critical has been identified in Koel up to 9.3.4 . Affected by this issue is the function Http::sink of the component DNS Resolution Handler . Executing a manipulation can…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 13, 2026
CVE-2026-50287 | agenticmail mcp up to 0.9.26 missing authentication (GHSA-63gr-g7jc-v8rg)

A vulnerability classified as critical has been found in agenticmail mcp up to 0.9.26 . This affects an unknown part. The manipulation leads to missing authentication. This vulnerability is documented…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 13, 2026
CVE-2026-54357 | MISP up to 2.5.39 Setting authorization

A vulnerability classified as problematic was found in MISP up to 2.5.39 . This vulnerability affects unknown code of the component Setting Handler . The manipulation results in incorrect authorizatio…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 13, 2026
CVE-2026-54361 | MISP up to 2.5.39 edit authorization (EUVD-2026-36554)

A vulnerability, which was classified as critical , has been found in MISP up to 2.5.39 . This issue affects the function CollectionsController::edit . This manipulation causes authorization bypass. T…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 13, 2026
CVE-2026-44168 | MariaDB Server up to 12.3.1 joiner os command injection (GHSA-vwf7-w26c-9w5h / EUVD-2026-36514)

A vulnerability, which was classified as critical , was found in MariaDB Server up to 10.6.25/10.11.16/11.4.10/11.8.6/12.3.1 . Impacted is an unknown function of the component joiner Handler . Such ma…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 13, 2026
CVE-2026-44169 | MariaDB Server up to 11.4.10/11.8.6/12.3.1 authorization (GHSA-22xq-vq3f-87x2)

A vulnerability has been found in MariaDB Server up to 11.4.10/11.8.6/12.3.1 and classified as problematic . The affected element is an unknown function. Performing a manipulation results in incorrect…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 13, 2026
CVE-2026-44170 | MariaDB Server up to 12.3.1 on WIndows Command Line os command injection (GHSA-f835-cfjq-wf73)

A vulnerability was found in MariaDB Server up to 10.6.25/10.11.16/11.4.10/11.8.6/12.3.1 on WIndows and classified as critical . The impacted element is an unknown function of the component Command Li…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 13, 2026
CVE-2026-44171 | MariaDB Server up to 12.3.1 Archive path traversal (GHSA-9pjh-5hhw-65v9)

A vulnerability was found in MariaDB Server up to 10.6.25/10.11.16/11.4.10/11.8.6/12.3.1 . It has been classified as critical . This affects an unknown function of the component Archive Handler . The …

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 13, 2026
CVE-2026-44172 | MariaDB Server 3.3.18/3.4.8 mysql_real_escape_string sql injection (GHSA-pv9p-5w55-55jm / EUVD-2026-36517)

A vulnerability was found in MariaDB Server 3.3.18/3.4.8 . It has been declared as critical . This impacts the function mysql_real_escape_string . The manipulation results in sql injection. This vulne…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 13, 2026
CVE-2026-44173 | MariaDB Server up to 12.3.1 authorization (GHSA-667j-m53j-wpmc)

A vulnerability was found in MariaDB Server up to 10.6.25/10.11.16/11.4.10/11.8.6/12.3.1 . It has been rated as problematic . Affected is an unknown function. This manipulation causes incorrect author…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 13, 2026
CVE-2026-47223 | M2Team NanaZip up to 3.0.1000.0/6.0.1698.0/6.5.1742.0 Image Parser CByteBuffer::CopyFrom out-of-bounds (GHSA-qhc5-mh6j-4g75)

A vulnerability categorized as critical has been discovered in M2Team NanaZip up to 3.0.1000.0/6.0.1698.0/6.5.1742.0 . Affected by this vulnerability is the function CByteBuffer::CopyFrom of the compo…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 13, 2026
CVE-2026-12143 | form-data up to 2.5.5/3.0.4/4.0.5 crlf injection (GHSA-hmw2-7cc7-3qxx)

A vulnerability identified as critical has been detected in form-data up to 2.5.5/3.0.4/4.0.5 . Affected by this issue is some unknown functionality. Performing a manipulation results in crlf injectio…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 13, 2026
CVE-2026-48165 | MariaDB Server up to 12.3.1 os command injection (GHSA-7v3p-h23x-8hwv / EUVD-2026-36520)

A vulnerability labeled as critical has been found in MariaDB Server up to 10.6.26/10.11.17/11.4.11/11.8.7/12.3.1 . This affects an unknown part. Executing a manipulation can lead to os command inject…

VulDB Read →
⬡ Vulnerabilities & CVEs Jun 13, 2026
CVE-2026-48163 | MariaDB Server up to 12.3.1 joiner os command injection (GHSA-rpgv-q6gv-684r)

A vulnerability marked as critical has been reported in MariaDB Server up to 10.6.26/10.11.17/11.4.11/11.8.7/12.3.1 . This vulnerability affects unknown code of the component joiner Handler . The mani…

VulDB Read →
← Prev 98 / 454 Next →