/

Threat Intelligence Feed

Aggregating 3540 articles from trusted cybersecurity sources

/
All General Vulnerability Disclosure CVE Campaigns Data Breach Malware Ransomware Zero-Day
LATEST CVEs
HIGH · CVE-2018-25405 eNdonesia Portal 8.7 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to execute arb HIGH · CVE-2026-10120 A vulnerability was detected in TRENDnet TEW-432BRP 3.10B20. The affected element is the function formSetFirewallRule of HIGH · CVE-2026-10119 A security vulnerability has been detected in TRENDnet TEW-432BRP 3.10B20. Impacted is the function formSetMACFilter of CVE-2026-46242 In the Linux kernel, the following vulnerability has been resolved: eventpoll: fix ep_remove struct eventpoll / struct MED · CVE-2026-10117 A weakness has been identified in Open5GS up to 2.7.7. This issue affects the function ogs_pool_id_calloc in the library MED · CVE-2026-10116 A security flaw has been discovered in Open5GS up to 2.7.7. This vulnerability affects the function ogs_sbi_xact_add in MED · CVE-2026-10115 A vulnerability was identified in Open5GS up to 2.7.7. This affects an unknown part in the library lib/sbi/nnrf-handler. MED · CVE-2026-10114 A vulnerability was determined in Open5GS up to 2.7.7. Affected by this issue is the function handle_scp_info in the lib HIGH · CVE-2026-9757 The GEO my WP plugin for WordPress is vulnerable to SQL Injection via the 'swlatlng' and 'nelatlng' parameters in all ve HIGH · CVE-2026-7465 The Spectra Gutenberg Blocks – Website Builder for the Block Editor plugin for WordPress is vulnerable to Remote Code Ex HIGH · CVE-2026-7459 The Simple History – Track, Log, and Audit WordPress Changes plugin for WordPress is vulnerable to authenticated (Subscr MED · CVE-2026-10113 A vulnerability was found in Open5GS up to 2.7.7. Affected by this vulnerability is an unknown functionality in the libr MED · CVE-2026-5071 The SocketCAN implementation validates the length of a user-provided buffer containing a socketcan_frame object using on CVE-2026-10112 A vulnerability has been found in sambitraj STUDENT-MANAGEMENT-SYSTEM 1.0. Affected is an unknown function of the compon HIGH · CVE-2026-10111 A flaw has been found in sambitraj STUDENT-MANAGEMENT-SYSTEM 1.0. This impacts an unknown function of the component Logi HIGH · CVE-2026-10110 A vulnerability was detected in code-projects Student Details Management System 1.0. This affects an unknown function of MED · CVE-2026-48840 Exim 4.88 before 4.99.4, in some proxy configurations, mishandles certain short payloads, leading to disclosure of unini MED · CVE-2026-9831 A race condition in the shared Extreme Platform ONE IAM Gateway API-key authentication path could, under specific high-c CVE-2026-4387 StrongDM Desktop Application before 23.74.0 (Desktop Client before 53.77.0) on Microsoft Windows stores authentication s MED · CVE-2026-48811 FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to 1.8.221, FreeScout allows a MED · CVE-2026-48810 FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to 1.8.221, while investigating HIGH · CVE-2026-48557 Spatie Laravel Media Library before version 11.23.0 contains a file upload restriction bypass in FileAdder::defaultSanit HIGH · CVE-2026-48555 Spatie Laravel Media Library before version 11.23.0 contains a server-side request forgery vulnerability that allows rem CVE-2026-47266 Formie is a Craft CMS plugin for creating forms. Prior to 2.2.21 and 3.1.26, unauthenticated users could modify existing HIGH · CVE-2026-47123 FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to 1.8.220, the email processin CVE-2026-46599 The TIFF decoder does not place a limit on the size of PackBits-compressed data. A maliciously-crafted image can exploit CVE-2026-46527 cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.44.0, When the server has c CVE-2026-46385 iskorotkov/avro is a fast Go Avro codec. Prior to 2.33.0, the Avro array and map decoders looped over an attacker-contro CVE-2026-46384 iskorotkov/avro is a fast Go Avro codec. Prior to 2.33.0, several Avro decoder paths read attacker-controlled 64-bit val CVE-2026-45700 FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, FreeRDP's planar bitmap decoder has an CRIT · CVE-2026-45697 Formie is a Craft CMS plugin for creating forms. Prior to 2.2.20 and 3.1.24, unauthenticated users could submit crafted CVE-2026-45613 Rizin is a UNIX-like reverse engineering framework and command-line toolset. There is a heap-buffer-overflow in librz/bi CRIT · CVE-2026-45372 cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.44.0, when cpp-httplib's se MED · CVE-2026-45352 cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.43.4, negative chunk-size i CVE-2026-45324 Rizin is a UNIX-like reverse engineering framework and command-line toolset. There is a double free in librz/core/cmd/cm MED · CVE-2026-45294 FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to 1.8.219, the password reset CVE-2026-45151 NanoMQ MQTT Broker (NanoMQ) is an all-around Edge Messaging Platform. In 0.24.8 and earlier, quic_stream_recv can derefe MED · CVE-2026-45149 The brace-expansion library generates arbitrary strings containing a common prefix and suffix. From 5.0.0 to before 5.0. MED · CVE-2026-44640 NanoMQ MQTT Broker (NanoMQ) is an all-around Edge Messaging Platform. Prior to 0.24.14, aio->prov_data is stored as nni_ HIGH · CVE-2026-44422 FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, FreeRDP's RDPEAR NDR parser accepts on
1459 General 455 Vulnerability Disclosure 442 CVE 265 Campaigns 201 Data Breach 185 Malware

Trending Vendors

Microsoft (414) Google (205) Amazon (151) Intel (99) Apple (95) Linux (91) Cisco (82) GitHub (76) Palo Alto Networks (72) Oracle (33) Cloudflare (25) Rapid7 (25) Check Point (23) F5 (23) Trend Micro (23)

Latest News

Data Breaches

FreeIntelHub · Open-source CTI platform

All articles belong to their respective owners. FreeIntelHub aggregates publicly available RSS feeds for informational purposes only. DMCA