24h | 7d | 30d

Overview

  • 0xJacky
  • nginx-ui

05 Mar 2026
Published
06 Mar 2026
Updated

CVSS v3.1
CRITICAL (9.8)
EPSS
0.05%

KEV

Description

Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.3, the /api/backup endpoint is accessible without authentication and discloses the encryption keys required to decrypt the backup in the X-Backup-Security response header. This allows an unauthenticated attacker to download a full system backup containing sensitive data (user credentials, session tokens, SSL private keys, Nginx configurations) and decrypt it immediately. This issue has been patched in version 2.3.3.

Statistics

  • 4 Posts
  • 1 Interaction

Last activity: Last hour

Fediverse

Profile picture fallback

Critical Nginx UI Vulnerability Exposes Server Backups and Sensitive Data
thecyberexpress.com/cve-2026-2

Posted into Cybersecurity Today @cybersecurity-today-rhudaur

  • 1
  • 0
  • 0
  • 4h ago

Bluesky

Profile picture fallback
重大なNginx UIの欠陥CVE-2026-27944により、サーバーのバックアップが危険にさらされる Critical Nginx UI flaw CVE-2026-27944 exposes server backups #SecurityAffairs (Mar 8) securityaffairs.com/189123/secur...
  • 0
  • 0
  • 0
  • 21h ago
Profile picture fallback
Critical Nginx UI flaw CVE-2026-27944 exposes server backups https://securityaffairs.com/189123/security/critical-nginx-ui-flaw-cve-2026-27944-exposes-server-backups.html
  • 0
  • 0
  • 0
  • 13h ago
Profile picture fallback
VulnWatch Monday: CVE-2026-27944 🔓 A critical vulnerability in Nginx UI allows unauthenticated attackers to download and decrypt full system backups. It affects all versions before 2.3.2.
  • 0
  • 0
  • 0
  • Last hour

Overview

  • Pending

Pending
Published
Pending
Updated

CVSS
Pending
EPSS
Pending

KEV

Description

This candidate has been reserved by a CVE Numbering Authority (CNA). This record will be updated by the assigning CNA once details are available.

Statistics

  • 4 Posts
  • 4 Interactions

Last activity: Last hour

Fediverse

Profile picture fallback

@cdn0x12 感觉CVE-2026-28432这个问题长毛象前年(?)似乎也有类似的,后来修好了。

  • 0
  • 0
  • 0
  • 14h ago
Profile picture fallback
Misskey/Sharkey "extremely severe" vulnerabilities

https://www.openwall.com/lists/oss-security/2026/03/09/7

#Fediverse #ActivityPub #misskey #sharkey

CVE-2026-28431
CVE-2026-28432
CVE-2026-28433
  • 2
  • 0
  • 0
  • Last hour
Profile picture fallback

Moe.Pub更新完成!

今回のアップデートでは重大な脆弱性を修正しています。可及的速やかにアップデートしてください。
This update contains serious vulnerability fixes. Please update to this or the latest version of Misskey as soon as possible.
本次更新修复了多个重要漏洞。请尽快更新至此版本或最新版本的 Misskey。

Release2026.3.1:github.com/misskey-dev/misskey
非官方公告:transfem.social/notes/ajkq30j9
Docker更新:misskey-hub.net/cn/docs/for-ad
更新日志:github.com/misskey-dev/misskey
实例:moe.pub / mk.moe.pub
开放注册:True

#fediverse #misskey #CVE202628431 #CVE202628432 #CVE202628433 #CVE #Update

  • 0
  • 2
  • 0
  • 13h ago

Bluesky

Profile picture fallback
Misskey/Sharkey "extremely severe" vulnerabilities www.openwall.com -> #Fediverse #ActivityPub #misskey #sharkey CVE-2026-28431 CVE-2026-28432 CVE-2026-28433 Original->
  • 0
  • 0
  • 0
  • Last hour

Overview

  • Tenda
  • i3

09 Mar 2026
Published
09 Mar 2026
Updated

CVSS v4.0
HIGH (8.7)
EPSS
0.05%

KEV

Description

A security flaw has been discovered in Tenda i3 1.0.0.6(2204). This vulnerability affects the function formWifiMacFilterSet of the file /goform/WifiMacFilterSet. The manipulation of the argument index results in stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been released to the public and may be used for attacks.

Statistics

  • 2 Posts
  • 1 Interaction

Last activity: Last hour

Fediverse

Profile picture fallback

⚠️ HIGH severity: CVE-2026-3804 in Tenda i3 v1.0.0.6(2204) enables remote stack-based buffer overflow via /goform/WifiMacFilterSet. Exploit is public — prioritize mitigation or isolation. radar.offseq.com/threat/cve-20

  • 0
  • 1
  • 0
  • 12h ago

Bluesky

Profile picture fallback
📌 CVE-2026-3804 - A security flaw has been discovered in Tenda i3 1.0.0.6(2204). This vulnerability affects the function formWifiMacFilterSet of the file /goform/WifiMa... https://www.cyberhub.blog/cves/CVE-2026-3804
  • 0
  • 0
  • 0
  • Last hour

Overview

  • DeltaWW
  • COMMGR2

09 Mar 2026
Published
09 Mar 2026
Updated

CVSS v3.1
CRITICAL (9.8)
EPSS
0.04%

KEV

Description

Delta Electronics COMMGR2 has Stack-based Buffer Overflow vulnerability.

Statistics

  • 3 Posts

Last activity: 5 hours ago

Fediverse

Profile picture fallback

🔴 CVE-2026-3630: CRITICAL stack-based buffer overflow in DeltaWW COMMGR2 (ver 0) enables unauthenticated RCE. No patch available. Segment networks, enable IDS/IPS, & monitor for exploitation. Details: radar.offseq.com/threat/cve-20

  • 0
  • 0
  • 1
  • 13h ago

Bluesky

Profile picture fallback
🚨 CVE-2026-3630 – CRITICAL (9.8) Stack-Based Buffer Overflow in Delta Electronics COMMGR2. A memory handling flaw could allow attackers to overwrite stack memory and potentially execute arbitrary code. Full report: basefortify.eu/cve_reports/... #CVE #IndustrialSecurity #CyberSecurity #InfoSec
  • 0
  • 0
  • 0
  • 5h ago

Overview

  • Mozilla
  • Firefox

24 Feb 2026
Published
06 Mar 2026
Updated

CVSS
Pending
EPSS
0.06%

KEV

Description

JIT miscompilation in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 148 and Thunderbird < 148.

Statistics

  • 1 Post
  • 3 Interactions

Last activity: 1 hour ago

Fediverse

Profile picture fallback
It's a bit hard to find in the announcement publications, but this is the technical analysis of one of the #Firefox bugs Anthropic's #LLM agents found (CVE-2026-2796):

https://red.anthropic.com/2026/exploit/
  • 3
  • 0
  • 0
  • 1h ago

Overview

  • Microsoft
  • Windows 10 Version 1607

10 Feb 2026
Published
27 Feb 2026
Updated

CVSS v3.1
HIGH (7.8)
EPSS
2.74%

Description

Improper privilege management in Windows Remote Desktop allows an authorized attacker to elevate privileges locally.

Statistics

  • 1 Post
  • 2 Interactions

Last activity: 4 hours ago

Fediverse

Profile picture fallback

Wie lukrativ der Handel mit Exploits ist, wird anhand einer aktuellen #Sicherheitslücke für das #Microsoft Betriebssystem #Windows deutlich: So wird im Darknet offenbar ein #Exploit für rund 220.000 US-Dollar angeboten.

Laut den verfügbaren Berichten geht es um eine #Schwachstelle in den Remote Desktop Services, die Windows 10, Windows 11 und mehrere Server-Versionen betreffen soll und mit welcher der Angreifer seine Systemrechte unbefugt ausweiten kann:

connect.de/news/windows-sicher #cybersecurity

  • 1
  • 1
  • 0
  • 4h ago

Overview

  • Microsoft
  • Windows Notepad

10 Feb 2026
Published
27 Feb 2026
Updated

CVSS v3.1
HIGH (7.8)
EPSS
0.10%

KEV

Description

Improper neutralization of special elements used in a command ('command injection') in Windows Notepad App allows an unauthorized attacker to execute code locally.

Statistics

  • 1 Post
  • 2 Interactions

Last activity: Last hour

Fediverse

Profile picture fallback

Vulnerabilidad grave en la fantástica nueva versión de Bloc de notas:

El CVE:
👉 cve.org/CVERecord?id=CVE-2026-

La explicación:

Si abres un archivo de texto MarkDown (MD) que tenga un enlace... dicho enlace puede EJECUTAR CUALQUIER COSA en la máquina.

La URL que hay adentro del enlace, al cual puedes hacer click, la ejecuta Bloc de notas a pelo utilizando "ShellExecuteExW":

👉 learn.microsoft.com/en-us/wind

#ciberseguridad #cybersecurity #windows #notepad #blocdenotas

  • 1
  • 1
  • 0
  • Last hour

Overview

  • Tenda
  • F453

08 Mar 2026
Published
08 Mar 2026
Updated

CVSS v4.0
HIGH (8.7)
EPSS
0.05%

KEV

Description

A security vulnerability has been detected in Tenda F453 1.0.0.3. Affected by this vulnerability is the function formWrlExtraSet of the file /goform/WrlExtraSet. The manipulation of the argument GO leads to stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used.

Statistics

  • 1 Post
  • 1 Interaction

Last activity: 15 hours ago

Fediverse

Profile picture fallback

🚩 CVE-2026-3768 (HIGH, CVSS 8.7): Stack buffer overflow in Tenda F453 v1.0.0.3 — remote, unauthenticated exploit possible. Public exploit code released. Patch ASAP or restrict remote access! radar.offseq.com/threat/cve-20

  • 1
  • 0
  • 0
  • 15h ago

Overview

  • Pending

Pending
Published
Pending
Updated

CVSS
Pending
EPSS
Pending

KEV

Description

This candidate has been reserved by a CVE Numbering Authority (CNA). This record will be updated by the assigning CNA once details are available.

Statistics

  • 3 Posts
  • 4 Interactions

Last activity: Last hour

Fediverse

Profile picture fallback
Misskey/Sharkey "extremely severe" vulnerabilities

https://www.openwall.com/lists/oss-security/2026/03/09/7

#Fediverse #ActivityPub #misskey #sharkey

CVE-2026-28431
CVE-2026-28432
CVE-2026-28433
  • 2
  • 0
  • 0
  • Last hour
Profile picture fallback

Moe.Pub更新完成!

今回のアップデートでは重大な脆弱性を修正しています。可及的速やかにアップデートしてください。
This update contains serious vulnerability fixes. Please update to this or the latest version of Misskey as soon as possible.
本次更新修复了多个重要漏洞。请尽快更新至此版本或最新版本的 Misskey。

Release2026.3.1:github.com/misskey-dev/misskey
非官方公告:transfem.social/notes/ajkq30j9
Docker更新:misskey-hub.net/cn/docs/for-ad
更新日志:github.com/misskey-dev/misskey
实例:moe.pub / mk.moe.pub
开放注册:True

#fediverse #misskey #CVE202628431 #CVE202628432 #CVE202628433 #CVE #Update

  • 0
  • 2
  • 0
  • 13h ago

Bluesky

Profile picture fallback
Misskey/Sharkey "extremely severe" vulnerabilities www.openwall.com -> #Fediverse #ActivityPub #misskey #sharkey CVE-2026-28431 CVE-2026-28432 CVE-2026-28433 Original->
  • 0
  • 0
  • 0
  • Last hour

Overview

  • Pending

Pending
Published
Pending
Updated

CVSS
Pending
EPSS
Pending

KEV

Description

This candidate has been reserved by a CVE Numbering Authority (CNA). This record will be updated by the assigning CNA once details are available.

Statistics

  • 3 Posts
  • 4 Interactions

Last activity: Last hour

Fediverse

Profile picture fallback
Misskey/Sharkey "extremely severe" vulnerabilities

https://www.openwall.com/lists/oss-security/2026/03/09/7

#Fediverse #ActivityPub #misskey #sharkey

CVE-2026-28431
CVE-2026-28432
CVE-2026-28433
  • 2
  • 0
  • 0
  • Last hour
Profile picture fallback

Moe.Pub更新完成!

今回のアップデートでは重大な脆弱性を修正しています。可及的速やかにアップデートしてください。
This update contains serious vulnerability fixes. Please update to this or the latest version of Misskey as soon as possible.
本次更新修复了多个重要漏洞。请尽快更新至此版本或最新版本的 Misskey。

Release2026.3.1:github.com/misskey-dev/misskey
非官方公告:transfem.social/notes/ajkq30j9
Docker更新:misskey-hub.net/cn/docs/for-ad
更新日志:github.com/misskey-dev/misskey
实例:moe.pub / mk.moe.pub
开放注册:True

#fediverse #misskey #CVE202628431 #CVE202628432 #CVE202628433 #CVE #Update

  • 0
  • 2
  • 0
  • 13h ago

Bluesky

Profile picture fallback
Misskey/Sharkey "extremely severe" vulnerabilities www.openwall.com -> #Fediverse #ActivityPub #misskey #sharkey CVE-2026-28431 CVE-2026-28432 CVE-2026-28433 Original->
  • 0
  • 0
  • 0
  • Last hour
Showing 1 to 10 of 40 CVEs