CVE-2025-0520

Overview

ShowDoc
ShowDoc

29 Apr 2025

Published

19 Nov 2025

Updated

CVSS v4.0

CRITICAL (9.4)

EPSS

2.03%

MITRE

KEV

Description

An unrestricted file upload vulnerability in ShowDoc caused by improper validation of file extension allows execution of arbitrary PHP, leading to remote code execution.This issue affects ShowDoc: before 2.8.7.

Statistics

3 Posts
3 Interactions

Last activity: 17 hours ago

Fediverse

Hackread.com @Hackread

📢⚠️ Hackers are exploiting a 5-year-old #ShowDoc vulnerability (CVE-2025-0520) to deploy web shells, enabling RCE and full server takeover worldwide.

Read: https://hackread.com/showdoc-vulnerability-patch-2020-server-takeover/

#CyberSecurity #Vulnerability #CyberAttacks

0
0
1
17h ago

Bluesky

Hackread.com @hackread.bsky.social

📢⚠️ Hackers are exploiting a 5-year-old #ShowDoc vulnerability (CVE-2025-0520) to deploy web shells, enabling RCE and full server takeover worldwide. Read: hackread.com/showdoc-vuln... #CyberSecurity #Vulnerability #CyberAttacks

1
2
0
17h ago

CVE-2024-3721

Overview

TBK
DVR-4104

13 Apr 2024

Published

01 Aug 2024

Updated

CVSS v3.1

MEDIUM (6.3)

EPSS

83.86%

MITRE

KEV

Description

A vulnerability was found in TBK DVR-4104 and DVR-4216 up to 20240412 and classified as critical. This issue affects some unknown processing of the file /device.rsp?opt=sys&cmd=___S_O_S_T_R_E_A_MAX___. The manipulation of the argument mdb/mdc leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-260573 was assigned to this vulnerability.

Statistics

2 Posts
1 Interaction

Last activity: 21 hours ago

Fediverse

HackerWorkspace @hackerworkspace

Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnet

https://thehackernews.com/2026/04/mirai-variant-nexcorium-exploits-cve.html

Read on HackerWorkspace: https://hackerworkspace.com/article/mirai-variant-nexcorium-exploits-cve-2024-3721-to-hijack-tbk-dvrs-for-ddos-botnet

#malware #cybersecurity #vulnerability

0
0
0
23h ago

Bluesky

Ninja Owl @ninjaowl.ai

Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnet #cybersecurity #hacking #news #infosec #security #technology #privacy thehackernews.com/20...

0
1
0
21h ago

CVE-2026-39987

Overview

marimo-team
marimo

09 Apr 2026

Published

09 Apr 2026

Updated

CVSS v4.0

CRITICAL (9.3)

EPSS

3.20%

MITRE

KEV

Description

marimo is a reactive Python notebook. Prior to 0.23.0, Marimo has a Pre-Auth RCE vulnerability. The terminal WebSocket endpoint /terminal/ws lacks authentication validation, allowing an unauthenticated attacker to obtain a full PTY shell and execute arbitrary system commands. Unlike other WebSocket endpoints (e.g., /ws) that correctly call validate_auth() for authentication, the /terminal/ws endpoint only checks the running mode and platform support before accepting connections, completely skipping authentication verification. This vulnerability is fixed in 0.23.0.

Statistics

3 Posts

Last activity: 15 hours ago

Fediverse

elhacker.NET @elhackernet

Atacantes aprovechan CVE-2026-39987 para difundir puerta trasera basada en blockchain mediante Hugging Face

https://blog.elhacker.net/2026/04/atacantes-aprovechan-cve-2026-39987.html

0
0
1
23h ago

ThreatNoir @threatnoir

⚠️ CRITICAL: Hackers exploit Marimo flaw to deploy NKAbuse malware from Hugging Face

Attackers are actively exploiting CVE-2026-39987, a critical RCE vulnerability in Marimo Python notebooks, to deploy NKAbuse malware hosted on Hugging Face. The malware acts as a RAT with credential theft and lateral movement capabilities. Exploitation started within 10 hours of disclosure across m…

https://threatnoir.com/focus

#infosec #cybersecurity

0
0
0
15h ago

CVE-2026-34197

Overview

Apache Software Foundation
Apache ActiveMQ Broker
org.apache.activemq:activemq-broker

07 Apr 2026

Published

17 Apr 2026

Updated

CVSS

Pending

EPSS

46.64%

MITRE

KEV

Description

Improper Input Validation, Improper Control of Generation of Code ('Code Injection') vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ. Apache ActiveMQ Classic exposes the Jolokia JMX-HTTP bridge at /api/jolokia/ on the web console. The default Jolokia access policy permits exec operations on all ActiveMQ MBeans (org.apache.activemq:*), including BrokerService.addNetworkConnector(String) and BrokerService.addConnector(String). An authenticated attacker can invoke these operations with a crafted discovery URI that triggers the VM transport's brokerConfig parameter to load a remote Spring XML application context using ResourceXmlApplicationContext. Because Spring's ResourceXmlApplicationContext instantiates all singleton beans before the BrokerService validates the configuration, arbitrary code execution occurs on the broker's JVM through bean factory methods such as Runtime.exec(). This issue affects Apache ActiveMQ Broker: before 5.19.4, from 6.0.0 before 6.2.3; Apache ActiveMQ All: before 5.19.4, from 6.0.0 before 6.2.3; Apache ActiveMQ: before 5.19.4, from 6.0.0 before 6.2.3. Users are recommended to upgrade to version 5.19.4 or 6.2.3, which fixes the issue

Statistics

1 Post
6 Interactions

Last activity: 22 hours ago

Fediverse

N_{Dario Fadda} @nuke

CISA Adds Apache ActiveMQ CVE-2026-34197 to KEV Catalog as Active Exploitation Surges
#CyberSecurity
https://securebulletin.com/cisa-adds-apache-activemq-cve-2026-34197-to-kev-catalog-as-active-exploitation-surges/

6
0
0
22h ago

CVE-2026-40342

Overview

FirebirdSQL
firebird

17 Apr 2026

Published

17 Apr 2026

Updated

CVSS v3.1

CRITICAL (10.0)

EPSS

0.08%

MITRE

KEV

Description

Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, the external engine plugin loader concatenates a user-supplied engine name into a filesystem path without filtering path separators or .. components. An authenticated user with CREATE FUNCTION privileges can use a crafted ENGINE name to load an arbitrary shared library from anywhere on the filesystem via path traversal. The library's initialization code executes immediately during loading, before Firebird validates the module, achieving code execution as the server's OS account. This issue has been fixed in versions 5.0.4, 4.0.7 and 3.0.14.

Statistics

1 Post
4 Interactions

Last activity: 12 hours ago

Fediverse

Jernej Simončič � @jernej__s

Hey, @cR0w, another ../ for you: https://vuldb.com/cve/CVE-2026-40342

1
3
0
12h ago

CVE-2025-4802

Overview

The GNU C Library
glibc

16 May 2025

Published

26 Feb 2026

Updated

CVSS

Pending

EPSS

0.04%

MITRE

KEV

Description

Untrusted LD_LIBRARY_PATH environment variable vulnerability in the GNU C Library version 2.27 to 2.38 allows attacker controlled loading of dynamically shared library in statically compiled setuid binaries that call dlopen (including internal dlopen calls after setlocale or calls to NSS functions such as getaddrinfo).

Statistics

1 Post
2 Interactions

Last activity: 17 hours ago

Bluesky

0xor0ne @0xor0ne.bsky.social

Analysis of CVE-2025-4802: glibc 2.27-2.38 fails to sanitize LD_LIBRARY_PATH before dlopen() in statically linked SUID binaries, allowing arbitrary library loading and LPE. allelesecurity.com/libc-vuln-an... Infosec

1
1
0
17h ago

CVE-2026-3055

Overview

NetScaler
ADC

23 Mar 2026

Published

31 Mar 2026

Updated

CVSS v4.0

CRITICAL (9.3)

EPSS

55.71%

MITRE

KEV

Description

Insufficient input validation in NetScaler ADC and NetScaler Gateway when configured as a SAML IDP leading to memory overread

Statistics

2 Posts
3 Interactions

Last activity: 16 hours ago

Fediverse

Javvad Malik :verified: @Javvad

NetScaler is doing it again. Third time in three years we're patching memory leaks that hand attackers your session tokens on a plate. CISA's already got it on the emergency list. If you run one, stop reading this and patch now.

https://cybersec.picussecurity.com/s/cve-2026-3055-cve-2026-4368-inside-the-netscaler-citrixbleed-3-memory-overread-26799

1
0
0
16h ago

Bluesky

Javvad Malik @j4vv4d.com

NetScaler is doing it again. Third time in three years we're patching memory leaks that hand attackers your session tokens on a plate. CISA's already got it on the emerg... https://cybersec.picussecurity.com/s/cve-2026-3055-cve-2026-4368-inside-the-netscaler-citrixbleed-3-memory-overread-26799

0
2
0
16h ago

CVE-2026-4368

Overview

NetScaler
ADC

23 Mar 2026

Published

24 Mar 2026

Updated

CVSS v4.0

HIGH (7.7)

EPSS

0.02%

MITRE

KEV

Description

Race Condition in NetScaler ADC and NetScaler Gateway when appliance is configured as Gateway (SSL VPN, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server leading to User Session Mixup

Statistics

2 Posts
3 Interactions

Last activity: 16 hours ago

Fediverse

Javvad Malik :verified: @Javvad

NetScaler is doing it again. Third time in three years we're patching memory leaks that hand attackers your session tokens on a plate. CISA's already got it on the emergency list. If you run one, stop reading this and patch now.

https://cybersec.picussecurity.com/s/cve-2026-3055-cve-2026-4368-inside-the-netscaler-citrixbleed-3-memory-overread-26799

1
0
0
16h ago

Bluesky

Javvad Malik @j4vv4d.com

NetScaler is doing it again. Third time in three years we're patching memory leaks that hand attackers your session tokens on a plate. CISA's already got it on the emerg... https://cybersec.picussecurity.com/s/cve-2026-3055-cve-2026-4368-inside-the-netscaler-citrixbleed-3-memory-overread-26799

0
2
0
16h ago

CVE-2026-0868

Overview

turn2honey
EMC – Easily Embed Calendly Scheduling

19 Apr 2026

Published

19 Apr 2026

Updated

CVSS v3.1

MEDIUM (6.4)

EPSS

Pending

MITRE

KEV

Description

The EMC – Easily Embed Calendly Scheduling Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's calendly shortcode in all versions up to, and including, 4.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

Statistics

1 Post

Last activity: 3 hours ago

Fediverse

OffSequence @offseq

MEDIUM severity alert: CVE-2026-0868 (CVSS 6.4) in EMC – Easily Embed Calendly Scheduling WP plugin (≤4.4) allows contributor-level XSS attacks. No patch yet — restrict access, monitor updates. https://radar.offseq.com/threat/cve-2026-0868-cwe-79-improper-neutralization-of-in-3458e49a #OffSeq #WordPress #Infosec #XSS

0
0
0
3h ago

CVE-2026-32288

Overview

Go standard library
archive/tar
archive/tar

08 Apr 2026

Published

13 Apr 2026

Updated

CVSS

Pending

EPSS

0.00%

MITRE

KEV

Description

tar.Reader can allocate an unbounded amount of memory when reading a maliciously-crafted archive containing a large number of sparse regions encoded in the "old GNU sparse map" format.

Statistics

1 Post

Last activity: 20 hours ago

Bluesky

Lambda Watchdog @lambdawatchdog.bsky.social

🔍 Lambda Watchdog detected that CVE-2026-32288 is no longer present in latest AWS Lambda base image scans. https://github.com/aws/aws-lambda-base-images/issues/461 #AWS #Lambda #Security #CVE #DevOps #SecOps

0
0
0
20h ago