Threat Intelligence Feed

Aggregating 4644 articles from trusted cybersecurity sources

/
LATEST CVEs
CVE-2026-7194 A weakness has been identified in SourceCodester Pharmacy Sales and Inventory System 1.0. This impacts an unknown functi CVE-2026-7183 A vulnerability has been found in aligungr UERANSIM up to 3.2.7. The affected element is the function rls::DecodeRlsMess CVE-2026-7179 A security vulnerability has been detected in OSPG binwalk up to 2.4.3. This vulnerability affects the function read_nul CVE-2026-40971 When configured to use an SSL bundle, Spring Boot's RabbitMQ auto-configuration does not perform hostname verification w CVE-2026-28747 A weak key generation vulnerability exists in specific firmware versions of Milesight AIOT cameras allows authorization CVE-2026-7178 A weakness has been identified in ChatGPTNextWeb NextChat up to 2.16.1. This affects the function storeUrl of the file a CVE-2026-7177 A security flaw has been discovered in ChatGPTNextWeb NextChat up to 2.16.1. Affected by this issue is the function prox CVE-2026-7160 A vulnerability was determined in Tenda HG3 2.0. This vulnerability affects the function formTracert of the file /boafor CVE-2026-7159 A vulnerability was found in douinc mkdocs-mcp-plugin up to 0.4.1. This affects the function read_document/list_document CVE-2026-7191 Improper use of the static-eval npm package in the open source solution qnabot-on-aws versions 7.2.4 and earlier may all CVE-2026-7158 A vulnerability has been found in dmitryglhf mcp-url-downloader up to 4b8cf2de55f6e8864a77d108e8a94a5b8e4394c6. Affected CVE-2026-7157 A flaw has been found in disler aider-mcp-server up to b2516fa466d0d851932da92ee6d0e66946db9efc. Affected by this vulner CVE-2026-7156 A vulnerability was detected in Totolink A8000RU 7.1cu.643_b20200521. Affected is the function CsteSystem of the file /c CVE-2026-7155 A security vulnerability has been detected in Totolink A8000RU 7.1cu.643_b20200521. This impacts the function setLoginPa CVE-2026-7154 A weakness has been identified in Totolink A8000RU 7.1cu.643_b20200521. This affects the function setAdvancedInfoShow of CVE-2026-5362 An authenticated attacker with permission to edit document content can store crafted HTML/JavaScript in a Document embed CVE-2026-3087 If `shutil.unpack_archive()` is given a ZIP archive with an absolute Windows path containing a drive (`C:\\...`) then th CVE-2026-29971 A reflected cross-site scripting (XSS) vulnerability exists in WebFileSys version 2.31.1. User-controlled input is refle CVE-2024-46636 NASA Earth Observing System Data and Information System (EOSDIS) MODAPS v8.1 was discovered to contain a SQL injection v CVE-2026-7153 A security flaw has been discovered in Totolink A8000RU 7.1cu.643_b20200521. The impacted element is the function setMin CVE-2026-7152 A vulnerability was identified in Totolink A8000RU 7.1cu.643_b20200521. The affected element is the function setTelnetCf CVE-2026-7151 A vulnerability was determined in Tenda HG3 2.0. Impacted is the function formUploadConfig of the file /boaform/formIPv6 CVE-2026-6741 The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to Privilege Esca CVE-2026-5394 An authenticated administrative user who can import or save DataObject class definitions can inject attacker-controlled CVE-2026-7150 A vulnerability was found in dh1011 auto-favicon up to f189116a9259950c2393f114dbcb94dde0ad864b. This issue affects the CVE-2026-7149 A vulnerability has been found in dexhunter kaggle-mcp up to 406127ffcb2b91b8c10e20e6c2ca787fbc1dc92d. This vulnerabilit CVE-2026-7148 A flaw has been found in CodeAstro Online Classroom 1.0. This affects an unknown part of the file /addnewfaculty. Execut CVE-2026-7147 A vulnerability was detected in JoeCastrom mcp-chat-studio up to 1.5.0. Affected by this issue is some unknown functiona CVE-2026-40970 When configured to use an SSL bundle, Spring Boot's Elasticsearch auto-configuration does not perform hostname verificat CVE-2026-35903 MERCURY MIPC252W IP camera 1.0.5 Build 230306 Rel.79931n contains an improper authentication vulnerability in the RTSP s CVE-2026-35902 The RTSP service of MERCURY IP camera MIPC252W 1.0.5 Build 230306 has an issue handling failed Digest authentication att CVE-2026-35901 A handling issue in the RTSP service of the Mercury MIPC252W 1.0.5 Build 230306 Rel.79931n allows an authenticated attac CVE-2026-32655 Dell Alienware Command Center (AWCC), versions prior to 6.13.8.0, contain a Least Privilege Violation vulnerability. A l CVE-2026-31256 A null pointer dereference vulnerability exists in the RTSP service of the MERCURY MIPC252W 1.0.5 Build 230306 Rel.79931 CVE-2026-31255 A command injection vulnerability exists in Tenda AC18 V15.03.05.05_multi. The vulnerability is located in the /goform/S CVE-2025-69428 An issue in Pro-Bit before v1.77.4 allows unauthenticated attackers to directly access sensitive directory and its subdi CVE-2021-36438 SQL Injection vulnerability exists in Sourcecodester Online Job Portal phppdo 1.0 ivia the category parameter in /jobpor CVE-2026-7146 A security vulnerability has been detected in AlejandroArciniegas mcp-data-vis up to de5a51525a69822290eaee569a1ab447b49 CVE-2026-7145 A weakness has been identified in mettle sendportal up to 3.0.1. Affected is the function destroy of the file app/Http/C CVE-2026-7144 A security flaw has been discovered in 1000 Projects Portfolio Management System MCA 1.0. This impacts an unknown functi
1988 General 534 Vulnerability Disclosure 525 CVE 383 Campaigns 273 Data Breach 255 Malware

Trending Vendors

Microsoft (447) Google (278) Apple (203) Amazon (182) Intel (154) Cisco (116) GitHub (56) Cloudflare (48) Linux (47) Fortinet (44) Oracle (41) Palo Alto Networks (36) WordPress (34) Check Point (32) F5 (31)

Latest News

Data Breaches