Threat Intelligence Feed

Aggregating 5169 articles from trusted cybersecurity sources

/
LATEST CVEs
CVE-2026-7670 A flaw has been found in Jinher OA 1.0. The affected element is an unknown function of the file /C6/JHSoft.Web.PlanSumma CVE-2026-6481 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. CVE-2026-7669 A vulnerability was detected in sgl-project SGLang up to 0.5.9. Impacted is the function get_tokenizer of the file pytho CVE-2026-7668 A vulnerability was identified in MikroTik RouterOS 6.49.8. This vulnerability affects the function ASN1_STRING_data in CVE-2026-7653 A security flaw has been discovered in r-huijts mcp-server-rijksmuseum up to 1.0.4. Affected is the function open_image_ CVE-2026-7645 A vulnerability was found in ruvnet sublinear-time-solver 1.5.0. Affected by this vulnerability is the function export_s CVE-2026-7644 A vulnerability has been found in ChatGPTNextWeb NextChat up to 2.16.1. Affected is the function addMcpServer of the fil CVE-2026-7643 A flaw has been found in ChatGPTNextWeb NextChat up to 2.16.1. This impacts an unknown function of the file Next.js of t CVE-2026-7642 A vulnerability was detected in pskill9 website-downloader up to 0.1.0. This affects the function download_website of th CVE-2026-7633 A vulnerability was identified in Totolink N300RH 6.1c.1353_B20190305. This impacts the function setUploadSetting of the CVE-2026-7632 A vulnerability was determined in code-projects Online Hospital Management System 1.0. This affects an unknown function CVE-2026-7631 A vulnerability was found in code-projects Online Hospital Management System 1.0. The impacted element is an unknown fun CVE-2026-7630 A vulnerability has been found in innocommerce InnoShop up to 0.7.8. The affected element is the function InstallService CVE-2026-7629 A flaw has been found in kleneway awesome-cursor-mpc-server up to 2.0.1. Impacted is the function runCodeReviewTool of t CVE-2026-3504 The Dokan: AI Powered WooCommerce Multivendor Marketplace Solution plugin for WordPress is vulnerable to Sensitive Infor CVE-2026-2554 The WCFM – Frontend Manager for WooCommerce along with Bookings Subscription Listings Compatible plugin for WordPress is CVE-2026-0703 The NextMove Lite – Thank You Page for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via CVE-2026-7628 A vulnerability was detected in crazyrabbitLTC mcp-code-review-server up to 0.1.0. This issue affects the function execu CVE-2026-6817 The Quiz Maker by AYS plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'rate_reason' parameter CVE-2026-6525 IEEE 802.11 protocol dissector crash in Wireshark 4.6.0 to 4.6.4 CVE-2026-6320 The Salon Booking System – Free Version plugin for WordPress is vulnerable to Arbitrary File Read in versions up to, and CVE-2026-4790 The Premium Addons for Elementor – Powerful Elementor Templates & Widgets plugin for WordPress is vulnerable to Stored C CVE-2026-4100 The Paid Memberships Pro plugin for WordPress is vulnerable to unauthorized modification and disruption of Stripe webhoo CVE-2026-4062 The Geo Mashup plugin for WordPress is vulnerable to Time-Based SQL Injection via the 'object_ids' and 'exclude_object_i CVE-2026-4061 The Geo Mashup plugin for WordPress is vulnerable to Time-Based SQL Injection via the 'map_post_type' parameter in all v CVE-2026-4060 The Geo Mashup plugin for WordPress is vulnerable to Time-Based SQL Injection via the 'sort' parameter in all versions u CVE-2026-7627 A security vulnerability has been detected in 8nite metatrader-4-mcp 1.0.0. This vulnerability affects the function Call CVE-2026-7612 A vulnerability was determined in itsourcecode Courier Management System 1.0. Affected is an unknown function of the fil CVE-2026-7611 A vulnerability was found in TRENDnet TEW-821DAP up to 1.12B01. This impacts the function platform_do_upgrade_cameo_dev CVE-2026-7610 A vulnerability has been found in TRENDnet TEW-821DAP 1.12B01. This affects an unknown function of the file /www/cgi/ssi CVE-2026-7609 A flaw has been found in TRENDnet TEW-821DAP up to 1.12B01. The impacted element is the function tools_diagnostic of the CVE-2026-7491 School App developed by Zyosoft has an Insecure Direct Object Reference vulnerability, allowing authenticated remote att CVE-2026-7490 CTMS and CPAS developed by Sunnet has an Arbitrary File Upload vulnerability, allowing privileged remote attackers to up CVE-2026-7489 CTMS developed by Sunnet has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary CVE-2026-5077 The Total theme for WordPress is vulnerable to Stored Cross-Site Scripting via post titles in versions up to, and includ CVE-2026-7608 A vulnerability was detected in TRENDnet TEW-821DAP up to 1.12B01. The affected element is the function tools_diagnostic CVE-2026-5324 The Brizy – Page Builder plugin for WordPress is vulnerable to Unauthenticated Stored Cross-Site Scripting in all versio CVE-2026-4024 The Royal Addons for Elementor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing CVE-2026-7649 The ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup plugin for WordPress is CVE-2026-7607 A security vulnerability has been detected in TRENDnet TEW-821DAP 1.12B01. Impacted is the function auto_update_firmware
2233 General 604 Vulnerability Disclosure 562 CVE 432 Campaigns 308 Data Breach 271 Malware

Trending Vendors

Microsoft (505) Google (293) Apple (207) Amazon (206) Intel (174) Cisco (121) GitHub (76) Linux (65) Cloudflare (51) Fortinet (44) Oracle (43) Palo Alto Networks (39) WordPress (38) Rapid7 (34) Check Point (33)

Latest News

Data Breaches

BleepingComputer Data Breach

Story retracted

BleepingComputer initially published a story about a new data breach at Instructure. Shortly after publication, we determined that the information was incorr...

BleepingComputer →