Skip to main content
FreeIntelHub
Feed Threat Feed Search Trending
Intelligence CVE Priority Vulnerability IOC Lookup IOC Feed YARA Rules Phishing Lookup Exploit Lookup Pastes Dark Web
Adversaries Threat Groups Software Campaigns
Explore Dashboard Geo Map Heatmap MITRE ATT&CK
Browse Sources Vendors Categories Sectors
RSS API
FreeIntelHub
/
Sign In

CVE

20 articles

The Hacker News CVE Oracle May 25

Ghost CMS CVE-2026-26980 Exploited to Hijack 700+ Sites for ClickFix Attacks

Threat actors are exploiting a recently disclosed critical security flaw in Ghost CMS to inject malicious JavaScript code with an aim to fuel ClickFix attack...

1 IOC

The Hacker News →

GBHackers CVE Drupal May 25

CISA Warns Drupal Core SQL Injection Vulnerability Is Being Exploited in Attacks

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding a critical SQL injection vulnerability in Drupal Core, tra...

1 IOC

GBHackers →

GBHackers CVE F5 May 25

Nginx-poolslip Flaw Exposes Servers to DoS and Code Execution Attacks

NGINX users are facing a critical security issue after F5 disclosed a new vulnerability, tracked as CVE-2026-9256, affecting the widely used ngx_http_rewrite...

T1190 1 IOC

GBHackers →

BleepingComputer CVE Oracle May 24

Ghost CMS SQL injection flaw exploited in large-scale ClickFix campaign

A large-scale campaign is exploiting a critical SQL injection vulnerability (CVE-2026-26980) in Ghost CMS to inject malicious JavaScript code that triggers C...

1 IOC

BleepingComputer →

Security Affairs CVE Drupal May 24

Security Affairs newsletter Round 578 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box.

1 IOC

Security Affairs →

Security Affairs CVE Microsoft Drupal May 24

U.S. CISA adds a flaw in Drupal Core to its Known Exploited Vulnerabilities catalog

The U.S.

1 IOC

Security Affairs →

Security Affairs CVE Drupal May 23

CVE-2026-9082: Drupal’s Highly Critical SQL Injection Flaw Is Already Under Active Attack

Attackers began exploiting Drupal SQL injection flaw CVE-2026-9082 within 48 hours of patch release. Drupal issued a highly critical security patch on May 20...

1 IOC

Security Affairs →

The Hacker News CVE May 23

LiteSpeed cPanel Plugin CVE-2026-48172 Exploited to Run Scripts as Root

A maximum-severity security vulnerability impacting LiteSpeed User-End cPanel Plugin has come under active exploitation in the wild. The flaw, tracked as CVE...

1 IOC

The Hacker News →

The Hacker News CVE Drupal May 23

Drupal Core SQL Injection Bug Actively Exploited, Added to CISA KEV

The U.S.

1 IOC

The Hacker News →

SC Media CVE May 22

Ubiquiti patches three critical vulnerabilities in UniFi OS

The vulnerabilities, identified as CVE-2026-34908, CVE-2026-34909, and CVE-2026-34910, allow for unauthorized system changes, path traversal for accessing un...

T1059 3 IOCs

SC Media →

SC Media CVE Amazon Trend Micro May 22

CISA adds Trend Micro Apex One and Langflow flaws to exploited vulnerabilities catalog

The vulnerabilities added are CVE-2025-34291, an origin validation error in Langflow with a CVSS score of 9.4, and CVE-2026-34926, a directory traversal flaw...

2 IOCs

SC Media →

Rapid7 Blog CVE Cisco Rapid7 May 22

Metasploit Wrap Up 05/22/2026

Another week, another authentication bypass Our humble Metasploit weekly(ish) blog has been blessed with a new network component vulnerability. The dynamic d...

T1556 1 IOC

Rapid7 Blog →

SecurityWeek CVE Drupal May 22

Drupal Vulnerability in Hacker Crosshairs Shortly After Disclosure

Drupal is warning users that it has already seen attempts to exploit CVE-2026-9082 and security firms are seeing attacks against thousands of websites. The p...

1 IOC

SecurityWeek →

CISA Advisories CVE Drupal May 22

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-9082 Drupal Cor...

1 IOC

CISA Advisories →

GBHackers CVE May 22

CISA Adds Langflow Origin Validation Flaw to Known Exploited Vulnerabilities Catalog

The U.S.

1 IOC

GBHackers →

Security Affairs CVE Microsoft Amazon Trend Micro May 22

U.S. CISA adds Trend Micro Apex One and Langflow to its Known Exploited Vulnerabilities catalog

U.S.

1 IOC

Security Affairs →

GBHackers CVE Trend Micro May 22

CISA Warns Trend Micro Apex One Vulnerability Is Being Exploited in Attacks

CISA has added a newly disclosed vulnerability in Trend Micro Apex One to its Known Exploited Vulnerabilities (KEV) catalog, warning that the flaw is activel...

1 IOC

GBHackers →

The Hacker News CVE Amazon Trend Micro May 22

CISA Adds Exploited Langflow and Trend Micro Apex One Vulnerabilities to KEV

The U.S.

1 IOC

The Hacker News →

The Hacker News CVE Cisco May 22

Cisco Patches CVSS 10.0 Secure Workload REST API Flaw Enabling Data Access

Cisco has rolled out updates for a maximum-severity security flaw impacting Secure Workload that could allow an unauthenticated, remote attacker to access se...

1 IOC

The Hacker News →

CSO Online CVE May 21

Unpatched ChromaDB flaw leaves servers open to remote code execution

Researchers have published details about a critical vulnerability in ChromaDB that could allow unauthenticated attackers to execute arbitrary code and access...

T1190 1 IOC

CSO Online →

«Previous page 1 ... 20 21 22 23 24 ... 41 Next page»
FreeIntelHub · Open-source CTI platform

All articles belong to their respective owners. FreeIntelHub aggregates publicly available RSS feeds for informational purposes only. DMCA