Skip to main content
FreeIntelHub
Feed Threat Feed Search Trending
Intelligence CVE Priority Vulnerability IOC Lookup IOC Feed YARA Rules Phishing Lookup Exploit Lookup Pastes Dark Web
Adversaries Threat Groups Software Campaigns
Explore Dashboard Geo Map Heatmap MITRE ATT&CK
Browse Sources Vendors Categories Sectors
RSS API
FreeIntelHub
/
Sign In

Vulnerability Disclosure

20 articles

The Hacker News Vulnerability Disclosure Apple Jun 19

Unpatchable 'usbliter8' Exploit Breaks Apple A12 and A13 SecureROM Boot Chain

Security researchers at Paradigm Shift have published a working exploit, dubbed usbliter8, that achieves arbitrary code execution inside the SecureROM of App...

The Hacker News →

Rapid7 Blog Vulnerability Disclosure Microsoft Rapid7 Jun 19

Weekly Metasploit Update: NTLM Relay Priv Esc, MCP Server Integration, Paperclip AI RCE Chain, and more

This week's release includes five new modules, including a full unauthenticated RCE chain for Paperclip AI and a VS Code extension persistence technique.

T1548

Rapid7 Blog →

The Hacker News Vulnerability Disclosure Microsoft Oracle Jun 19

AutoJack Attack Lets One Web Page Hijack AI Agent for Host Code Execution

Microsoft researchers have detailed an exploit chain, named AutoJack, that turns an AI browsing agent into a delivery vehicle for remote code execution. Stee...

T1190

The Hacker News →

SecurityWeek Vulnerability Disclosure Jun 19

CryptoBandits Malware Doubles as a Backdoor, Abuses Tor

CryptoBandits uses a local SOCKS5 proxy for traffic routing, blending data theft with remote code execution. The post CryptoBandits Malware Doubles as a Back...

T1190 T1041

SecurityWeek →

Infosecurity Magazine Vulnerability Disclosure Amazon Jun 19

AWS Unveils 'Continuum,' an AI-Powered Vulnerability Management Platform

Working with frontier AI models, this new platform aims to help discovering, prioritizing, validating and remediating code vulnerabilities

Infosecurity Magazine →

GBHackers Vulnerability Disclosure Jun 19

UEFI DBX Update Guidance Targets Vulnerable Vendor-Signed Boot Applications

A recently disclosed vulnerability inc, which affects UEFI applications signed by multiple vendors, has prompted urgent recommendations to update the UEFI Fo...

GBHackers →

BleepingComputer Vulnerability Disclosure Splunk Jun 19

CISA: Splunk Enterprise flaw actively exploited, patch by Sunday

CISA has urged U.S.

BleepingComputer →

CSO Online Vulnerability Disclosure Microsoft Jun 19

Microsoft says web-enabled AI agents can trigger host-level RCE

Microsoft is warning of a novel remote code execution (RCE) path possible through web-enabled AI agents, demonstrating the technique against AutoGen Studio, ...

T1190 T1598

CSO Online →

GBHackers Vulnerability Disclosure Microsoft Jun 19

New Crypto Clipper Uses Windows Script Host and ActiveXObject for Remote Code Execution

A novel Windows-based cryptocurrency clipper that has been active since February 2026 and leverages Windows Script Host (WScript) and ActiveXObject calls to ...

T1190 T1041 T1598

GBHackers →

GBHackers Vulnerability Disclosure Salesforce Jun 19

Hackers Exploit Klue Integration to Steal Salesforce CRM Data Using OAuth Tokens

Hackers are actively exploiting a compromised Klue Battlecards integration to extract sensitive Salesforce CRM data by abusing OAuth tokens, according to new...

GBHackers →

GBHackers Vulnerability Disclosure Apple Jun 19

iPhone BootROM Vulnerability Opens Door to Full Apple SoC Trust Chain Compromise

A recently disclosed iPhone BootROM vulnerability, dubbed “usbliter8,” highlights a significant flaw in Apple’s SecureROM implementation. This vulnerability ...

GBHackers →

Microsoft Security Blog Vulnerability Disclosure Jun 19

AutoJack: How a single page can RCE the host running your AI agent 

AutoJack is a novel exploit chain showing how a single malicious webpage can turn an AI browsing agent into a remote code execution vector on the host machin...

T1190

Microsoft Security Blog →

Cloudflare Blog Vulnerability Disclosure Jun 18

Build your own vulnerability harness

We break down the technical architecture behind our multi-stage vulnerability discovery harness and automated triage loop. Learn how we manage state controls...

Cloudflare Blog →

Wordfence Blog Vulnerability Disclosure Intel WordPress Jun 18

Wordfence Intelligence Weekly WordPress Vulnerability Report (June 8, 2026 to June 14, 2026)

Last week, there were disclosed in and that have been added to the Wordfence Intelligence Vulnerability Database, and there were that contributed to WordPres...

Wordfence Blog →

Wordfence Blog Vulnerability Disclosure WordPress Jun 18

Critical Unauthenticated Arbitrary File Deletion Vulnerability Patched in Avada Builder WordPress Plugin

On May 13th, 2026, we received a submission for a critical Unauthenticated Arbitrary File Deletion vulnerability in Avada Builder, a premium WordPress plugin...

T1190

Wordfence Blog →

GBHackers Vulnerability Disclosure Amazon F5 Jun 18

F5 Patches NGINX Vulnerability Enabling Code Execution and DoS Attacks

F5 has released an out-of-band security notification addressing multiple high‑severity vulnerabilities in NGINX components that can enable remote code execut...

T1190 T1498

GBHackers →

CISA Advisories Vulnerability Disclosure Jun 18

Mitsubishi Electric MELSEC iQ-F Series

View CSAF Summary Successful exploitation of this vulnerability could allow a remote attacker to cause a denial-of-service (DoS) condition in the affected pr...

CISA Advisories →

CISA Advisories Vulnerability Disclosure Jun 18

Mitsubishi Electric Co.'s MELSEC iQ-F Series FX5-ENET/IP Ethernet Module

View CSAF Summary Successful exploitation of this vulnerability could allow a remote attacker to cause a denial-of-service (DoS) condition in the affected pr...

CISA Advisories →

SecurityWeek Vulnerability Disclosure Cisco Jun 18

Critical Command Execution Vulnerability Patched in Cisco ISE

Insufficient validation of user input allows an attacker to gain access to the underlying OS and elevate their privileges to root. The post Critical Command ...

SecurityWeek →

GBHackers Vulnerability Disclosure Fortinet Jun 18

FortiBleed Exploit Campaign Hits 70,000+ Fortinet Firewalls Worldwide

A large-scale cyber espionage campaign dubbed “FortiBleed” has compromised more than 70,000 Fortinet firewalls and VPN gateways worldwide, exposing enterpris...

GBHackers →

«Previous page 1 ... 9 10 11 12 13 ... 44 Next page»
FreeIntelHub · Open-source CTI platform

All articles belong to their respective owners. FreeIntelHub aggregates publicly available RSS feeds for informational purposes only. DMCA