Overview
- handlebars-lang
- handlebars.js
Description
Statistics
- 1 Post
Fediverse
⚠️ CRITICAL: handlebars.js v4.0.0 – 4.7.8 vulnerable (CVE-2026-33937). Type confusion in compile() lets attackers inject JS & gain RCE via crafted AST. Upgrade to 4.7.9+, validate inputs, use runtime-only build if possible. https://radar.offseq.com/threat/cve-2026-33937-cwe-843-access-of-resource-using-in-5708b559 #OffSeq #CVE202633937 #infosec
Overview
- brainstormforce
- SureForms – Contact Form, Payment Form & Other Custom Form Builder
Description
Statistics
- 1 Post
Fediverse
CVE-2026-4987 (HIGH): SureForms for WordPress lets unauthenticated attackers bypass payment validation via form_id=0. All versions vulnerable — financial loss risk. Patch when available or apply server-side validation. https://radar.offseq.com/threat/cve-2026-4987-cwe-20-improper-input-validation-in--6438ea07 #OffSeq #WordPress #Vuln
Overview
- zephyrproject-rtos
- Zephyr
- Zephyr
Description
Statistics
- 1 Post
Fediverse
CVE-2026-1679: HIGH severity buffer overflow in Zephyr RTOS (all versions). Local attackers can trigger kernel memory corruption via eswifi socket offload driver. Patch ASAP, enforce access controls. Details: https://radar.offseq.com/threat/cve-2026-1679-buffer-copy-without-checking-size-of-5ca8f17f #OffSeq #ZephyrRTOS #IoTSecurity #CVE
Overview
- Kubernetes
- Kubernetes
Description
Statistics
- 2 Posts
Overview
- langflow-ai
- langflow
Description
Statistics
- 1 Post
Fediverse
⚠️ CRITICAL vuln in langflow-ai langflow < 1.9.0 (CVE-2026-33873): Agentic Assistant allows remote code injection via LLM-generated Python. Patch to 1.9.0+ or restrict feature access immediately. Details: https://radar.offseq.com/threat/cve-2026-33873-cwe-94-improper-control-of-generati-cafbe4ee #OffSeq #CVE202633873 #AIsecurity
Overview
- PTC
- Windchill PDMLink
Description
Statistics
- 1 Post
Overview
- streetwriters
- Notesnook Web/Desktop
Description
Statistics
- 1 Post
Fediverse
🚨CRITICAL: CVE-2026-33976 in Notesnook Web/Desktop <3.3.11 — stored XSS in Web Clipper leads to RCE via Electron misconfig. Patch ASAP & review Electron security settings. More: https://radar.offseq.com/threat/cve-2026-33976-cwe-79-improper-neutralization-of-i-cedece5d #OffSeq #XSS #CyberSecurity #RCE
Overview
- LabRedesCefetRJ
- WeGIA
Description
Statistics
- 1 Post
Fediverse
⚠️ CVE-2026-33991: HIGH severity SQL Injection in WeGIA < 3.6.7. Vulnerable PHP code in deletar_tag.php lets attackers inject SQL remotely — risking data theft & disruption for charities. Patch to 3.6.7 or mitigate ASAP. https://radar.offseq.com/threat/cve-2026-33991-cwe-89-improper-neutralization-of-s-585124c0 #OffSeq #SQLInjection #Infosec
Overview
- strongSwan
- strongSwan
Description
Statistics
- 1 Post