Skip to main content
FreeIntelHub
Feed Threat Feed Search Trending
Intelligence CVE Priority Vulnerability IOC Lookup IOC Feed YARA Rules Phishing Lookup Exploit Lookup Pastes Dark Web
Adversaries Threat Groups Software Campaigns
Explore Dashboard Geo Map Heatmap MITRE ATT&CK
Browse Sources Vendors Categories Sectors
RSS API
FreeIntelHub
/
Sign In

Vulnerability Disclosure

20 articles

SC Media Vulnerability Disclosure Jun 12

10-year-old phpBB vulnerability allows admin account takeover

The vulnerability, introduced 10 years ago, affects all versions of the 3.x and 4.

SC Media →

BleepingComputer Vulnerability Disclosure Jun 12

phpBB forum fixes auth bypass bug lurking for a decade

A 10-year-old authentication bypass vulnerability discovered in the phpBB forum software allows an attacker to log in as any user, including administrators. [.

T1556

BleepingComputer →

Cyberscoop Vulnerability Disclosure Oracle Jun 12

ShinyHunters is actively extorting universities after exploiting an unpatched Oracle flaw

Oracle still hasn't patched the vulnerability the group has been using in its attacks since late May. The post ShinyHunters is actively extorting universitie...

Cyberscoop →

GBHackers Vulnerability Disclosure Jun 12

Hackers Abuse NinjaOne RMM Agent to Gain Remote Access to Brazilian Organizations

An active phishing campaign that weaponizes a legitimate NinjaOne Remote Monitoring and Management (RMM) agent to gain persistent remote access to Brazilian ...

T1566 T1204

GBHackers →

The Hacker News Vulnerability Disclosure Amazon Intel Jun 12

LangGraph Flaw Chain Exposes Self-Hosted AI Agents to Remote Code Execution

Cybersecurity researchers have disclosed details of three now-patched security flaws impacting LangGraph, including a critical vulnerability chain that could...

T1190

The Hacker News →

SecurityWeek Vulnerability Disclosure Ivanti Jun 12

Ivanti Sentry Exploitation Attempts Hitting Honeypots

The critical-severity OS command injection vulnerability allows attackers to execute arbitrary code with root privileges. The post Ivanti Sentry Exploitation...

T1059

SecurityWeek →

GBHackers Vulnerability Disclosure Google Amazon Jun 12

Researcher Uses AI to Hack Google, Earns $500,000 Bug Bounty

Researcher Arvin Shivram has earned $500,000 in bug bounties from Google’s Vulnerability Reward Program (VRP) by deploying an AI-powered fuzzing framework ag...

GBHackers →

GBHackers Vulnerability Disclosure Jun 12

CISA Orders Federal Agencies to Patch Critical Vulnerabilities Within 3 Days

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a new Binding Operational Directive, BOD 26-04, mandating that federal civilian agenci...

GBHackers →

Tenable Blog Vulnerability Disclosure Jun 11

CISA BOD 26-04: Frequently asked questions about the new risk-based patching directive

CISA issued BOD 26-04, which replaces BOD 22-01 with a four-variable vulnerability prioritization model requiring federal agencies to patch the most dangerou...

Tenable Blog →

The Hacker News Vulnerability Disclosure Microsoft Jun 11

New GreatXML Exploit Bypasses Windows BitLocker via Recovery Partition XML Files

Security researcher Chaotic Eclipse (aka Nightmare-Eclipse and MSNightmare) has released a new Windows BitLocker bypass dubbed GreatXML, a day after they pub...

The Hacker News →

Wordfence Blog Vulnerability Disclosure Intel WordPress Jun 11

Wordfence Intelligence Weekly WordPress Vulnerability Report (June 1, 2026 to June 7, 2026)

Last week, there were disclosed in and that have been added to the Wordfence Intelligence Vulnerability Database, and there were that contributed to WordPres...

Wordfence Blog →

Help Net Security Vulnerability Disclosure Jun 11

CISA orders federal agencies to “patch smarter”

The US Cybersecurity and Infrastructure Security Agency (CISA) has issued a Binding Operational Directive that will change how the US federal government appr...

T1598

Help Net Security →

Check Point Research Vulnerability Disclosure Check Point Jun 11

From SQLi to RCE – Exploiting LangGraph’s Checkpointer

By Yarden Porat AI agents need memory. Frameworks like LangGraph provide it through checkpointers – persistence layers that store execution state.

Check Point Research →

CSO Online Vulnerability Disclosure ServiceNow Jun 11

ServiceNow fixes API issue after reports of suspicious tenant activity

ServiceNow is notifying customers after discovering and remediating a vulnerability that could have exposed data via an unauthenticated API endpoint on affec...

CSO Online →

SecurityWeek Vulnerability Disclosure Jun 11

CISA Directs Federal Agencies to Prioritize Security Patches Based on Risk

The new BOD 26-04 requires agencies to review and update vulnerability management policies with a focus on KEV catalog entries. The post CISA Directs Federal...

SecurityWeek →

SecurityWeek Vulnerability Disclosure Jun 11

Hackers Exploit Langflow Vulnerability for Remote Code Execution

Disclosed in March, the security defect enables unauthenticated attackers to write files to arbitrary locations on the system. The post Hackers Exploit Langf...

T1190

SecurityWeek →

GBHackers Vulnerability Disclosure Jun 11

Hackers Exploit SniperDz PhaaS for Brand Spoofing and Browser Hijacking

A wave of phishing campaigns across the Middle East and North Africa exposes a sophisticated, centralized fraud ecosystem operating under the SniperDz banner.

T1566

GBHackers →

The Hacker News Vulnerability Disclosure Jun 11

AI Broke Vulnerability Management. That's Why CISOs Are Moving Budget to BAS.

For thirty years, vulnerability management ran on a buffer: the months between when a vulnerability was found and when someone could figure out how to weapon...

The Hacker News →

CSO Online Vulnerability Disclosure Jun 11

China-linked recon botnet outpaces enterprise defenses

A botnet made up of compromised small office and Internet of Things devices has grown into a larger reconnaissance network capable of rapidly identifying vul...

T1592

CSO Online →

GBHackers Vulnerability Disclosure Jun 11

Cybercriminals Exploit Chinese Guarantee Markets to Sell Stolen Credentials

Chinese-language “guarantee” marketplaces hosted mainly on Telegram have become a core conduit for buying, selling, and laundering stolen credentials and a w...

T1078 T1598

GBHackers →

«Previous page 1 ... 12 13 14 15 16 ... 44 Next page»
FreeIntelHub · Open-source CTI platform

All articles belong to their respective owners. FreeIntelHub aggregates publicly available RSS feeds for informational purposes only. DMCA