Threat Intelligence Feed

Aggregating 2408 articles from trusted cybersecurity sources

/
LATEST CVEs
CVE-2026-35468 nimiq/core-rs-albatross is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus a CVE-2026-34954 PraisonAI is a multi-agent teams system. Prior to version 1.5.95, FileTools.download_file() in praisonaiagents validates CVE-2026-34953 PraisonAI is a multi-agent teams system. Prior to version 4.5.97, OAuthManager.validate_token() returns True for any tok CVE-2026-34952 PraisonAI is a multi-agent teams system. Prior to version 4.5.97, the PraisonAI Gateway server accepts WebSocket connect CVE-2026-34939 PraisonAI is a multi-agent teams system. Prior to version 4.5.90, MCPToolIndex.search_tools() compiles a caller-supplied CVE-2026-34938 PraisonAI is a multi-agent teams system. Prior to version 1.5.90, execute_code() in praisonai-agents runs attacker-contr CVE-2026-34937 PraisonAI is a multi-agent teams system. Prior to version 1.5.90, run_python() in praisonai constructs a shell command s CVE-2026-34936 PraisonAI is a multi-agent teams system. Prior to version 4.5.90, passthrough() and apassthrough() in praisonai accept a CVE-2026-34935 PraisonAI is a multi-agent teams system. From version 4.5.15 to before version 4.5.69, the --mcp CLI argument is passed CVE-2026-34934 PraisonAI is a multi-agent teams system. Prior to version 4.5.90, the get_all_user_threads function constructs raw SQL q CVE-2026-34933 Avahi is a system which facilitates service discovery on a local network via the mDNS/DNS-SD protocol suite. Prior to ve CVE-2026-34824 Mesop is a Python-based UI framework that allows users to build web applications. From version 1.2.3 to before version 1 CVE-2026-34788 Emlog is an open source website building system. In versions 2.6.2 and prior, a SQL injection vulnerability exists in in CVE-2026-34787 Emlog is an open source website building system. In versions 2.6.2 and prior, a Local File Inclusion (LFI) vulnerability CVE-2026-34612 Kestra is an open-source, event-driven orchestration platform. Prior to version 1.3.7, Kestra (default docker-compose de CVE-2026-34607 Emlog is an open source website building system. In versions 2.6.2 and prior, a path traversal vulnerability exists in t CVE-2026-34229 Emlog is an open source website building system. Prior to version 2.6.8, there is a stored cross-site scripting (XSS) vu CVE-2026-34228 Emlog is an open source website building system. Prior to version 2.6.8, the backend upgrade interface accepts remote SQ CVE-2026-34061 nimiq/core-rs-albatross is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus a CVE-2026-34052 LTI JupyterHub Authenticator is a JupyterHub authenticator for LTI. Prior to version 1.6.3, the LTI 1.1 validator stores CVE-2026-33184 nimiq/core-rs-albatross is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus a CVE-2021-4477 Hirschmann HiLCOS OpenBAT and BAT450 products contain a firewall bypass vulnerability in IPv6 IPsec deployments that all CVE-2018-25236 Hirschmann HiOS and HiSecOS products RSP, RSPE, RSPS, RSPL, MSP, EES, EESX, GRS, OS, RED, EAGLE contain an authenticatio CVE-2017-20238 Hirschmann Industrial HiVision versions 06.0.00 and 07.0.00 prior to 06.0.06 and 07.0.01 contains an improper authorizat CVE-2017-20236 ProSoft Technology ICX35-HWC versions 1.3 and prior cellular gateways contain an input validation vulnerability in the w CVE-2017-20235 ProSoft Technology ICX35-HWC version 1.3 and prior cellular gateways contain an authentication bypass vulnerability in t CVE-2017-20234 GarrettCom Magnum 6K and 10K managed switches contain an authentication bypass vulnerability that allows unauthenticated CVE-2017-20233 Hirschmann HiLCOS products OpenBAT, BAT450, WLC, BAT867 contains a firewall filtering vulnerability that fails to correc CVE-2026-34990 OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 CVE-2026-34980 OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 CVE-2026-34979 OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 CVE-2026-34978 OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 CVE-2026-34947 Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.3, 2026.2.0-latest to be CVE-2026-33709 JupyterHub is software that allows one to create a multi-user server for Jupyter notebooks. Prior to version 5.4.4, an o CVE-2026-33175 OAuthenticator is software that allows OAuth2 identity providers to be plugged in and used with JupyterHub. Prior to ver CVE-2026-28797 RAGFlow is an open-source RAG (Retrieval-Augmented Generation) engine. In versions 0.24.0 and prior, a Server-Side Templ CVE-2026-27885 Piwigo is an open source photo gallery application for the web. Prior to version 16.3.0, a SQL Injection vulnerability w CVE-2026-27834 Piwigo is an open source photo gallery application for the web. Prior to version 16.3.0, a SQL Injection vulnerability e CVE-2026-27833 Piwigo is an open source photo gallery application for the web. Prior to version 16.3.0, the pwg.history.search API meth CVE-2026-27634 Piwigo is an open source photo gallery application for the web. Prior to version 16.3.0, the four date filter parameters
1029 General 335 CVE 283 Vulnerability Disclosure 174 Campaigns 131 Malware 117 Data Breach

Trending Vendors

Microsoft (165) Google (149) Apple (113) Amazon (95) Cisco (79) Intel (73) Linux (28) GitHub (25) Rapid7 (25) Check Point (24) Cloudflare (22) Oracle (21) Palo Alto Networks (21) F5 (19) Citrix (16)

Latest News

US-CERT Alerts Ransomware

#StopRansomware: Interlock

Summary Note: This joint Cybersecurity Advisory is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ...

US-CERT Alerts →

Data Breaches