24h | 7d | 30d

CVE-2026-5217

Overview

  • optimole
  • Optimole – Optimize Images in Real Time
11 Apr 2026
Published
11 Apr 2026
Updated
CVSS v3.1
HIGH (7.2)
EPSS
0.08%
KEV

Description

The Optimole – Optimize Images | Convert WebP & AVIF | CDN & Lazy Load | Image Optimization plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 4.2.2. This is due to insufficient input sanitization and output escaping on the user-supplied 's' parameter (srcset descriptor) in the unauthenticated /wp-json/optimole/v1/optimizations REST endpoint. The endpoint validates requests using an HMAC signature and timestamp, but these values are exposed directly in the frontend HTML making them accessible to any visitor. The plugin uses sanitize_text_field() on the descriptor value of rest.php, which strips HTML tags but does not escape double quotes. The poisoned descriptor is then stored via transients (backed by the WordPress options table) and later retrieved and injected verbatim into the srcset attribute of tag_replacer.php without proper escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts into pages that will execute whenever a user accesses the injected page.

Statistics

  • 1 Post
Last activity: 6 hours ago

Fediverse

Profile picture fallback
OffSequence @offseq

🚨 HIGH risk: Optimole WordPress plugin (≤4.2.2) vulnerable to unauthenticated stored XSS via /wp-json/optimole/v1/optimizations. HMAC bypassed. Disable plugin until patch. CVE-2026-5217 radar.offseq.com/threat/cve-20

  • 0
  • 0
  • 0
  • 6h ago

CVE-2026-6114

Overview

  • Totolink
  • A7100RU
12 Apr 2026
Published
12 Apr 2026
Updated
CVSS v4.0
CRITICAL (9.3)
EPSS
Pending
KEV

Description

A vulnerability was detected in Totolink A7100RU 7.4cu.2313_b20191024. Affected by this issue is the function setNetworkCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulation of the argument proto results in os command injection. The attack may be initiated remotely. The exploit is now public and may be used.

Statistics

  • 1 Post
Last activity: 1 hour ago

Fediverse

Profile picture fallback
OffSequence @offseq

Totolink A7100RU (7.4cu.2313_b20191024) faces a CRITICAL OS command injection (CVE-2026-6114, CVSS 9.3). Remote, unauthenticated code execution possible. No patch yet — disable remote mgmt & watch for updates. radar.offseq.com/threat/cve-20

  • 0
  • 0
  • 0
  • 1h ago

CVE-2026-31845

Overview

  • Rukovoditel
  • Rukovoditel CRM
11 Apr 2026
Published
11 Apr 2026
Updated
CVSS v4.0
CRITICAL (9.3)
EPSS
Pending
KEV

Description

A reflected cross-site scripting (XSS) vulnerability exists in Rukovoditel CRM version 3.6.4 and earlier in the Zadarma telephony API endpoint (/api/tel/zadarma.php). The application directly reflects user-supplied input from the 'zd_echo' GET parameter into the HTTP response without proper sanitization, output encoding, or content-type restrictions. The vulnerable code is: if (isset($_GET['zd_echo'])) exit($_GET['zd_echo']); An unauthenticated attacker can exploit this issue by crafting a malicious URL containing JavaScript payloads. When a victim visits the link, the payload executes in the context of the application within the victim's browser, potentially leading to session hijacking, credential theft, phishing, or account takeover. The issue is fixed in version 3.7, which introduces proper input validation and output encoding to prevent script injection.

Statistics

  • 1 Post
Last activity: 11 hours ago

Fediverse

Profile picture fallback
OffSequence @offseq

🚨 CRITICAL XSS in Rukovoditel CRM 3.6.4 (CVE-2026-31845): Pre-auth reflected XSS in the Zadarma API (/api/tel/zadarma.php) lets attackers inject JS via 'zd_echo'. Patch or restrict access! radar.offseq.com/threat/cve-20

  • 0
  • 0
  • 0
  • 11h ago

CVE-2026-33466

Overview

  • Elastic
  • Logstash
08 Apr 2026
Published
10 Apr 2026
Updated
CVSS v3.1
HIGH (8.1)
EPSS
0.28%
KEV

Description

Improper Limitation of a Pathname to a Restricted Directory (CWE-22) in Logstash can lead to arbitrary file write and potentially remote code execution via Relative Path Traversal (CAPEC-139). The archive extraction utilities used by Logstash do not properly validate file paths within compressed archives. An attacker who can serve a specially crafted archive to Logstash through a compromised or attacker-controlled update endpoint can write arbitrary files to the host filesystem with the privileges of the Logstash process. In certain configurations where automatic pipeline reloading is enabled, this can be escalated to remote code execution.

Statistics

  • 2 Posts
Last activity: 12 hours ago

Fediverse

Profile picture fallback
geeknik @geeknik

I'm the original reporter of the Logstash CVE-2026-33466 bug. 😎

discuss.elastic.co/t/logstash-

  • 0
  • 0
  • 1
  • 12h ago

CVE-2026-1116

Overview

  • parisneo
  • parisneo/lollms
12 Apr 2026
Published
12 Apr 2026
Updated
CVSS v3.0
HIGH (8.2)
EPSS
Pending
KEV

Description

A Cross-site Scripting (XSS) vulnerability was identified in the `from_dict` method of the `AppLollmsMessage` class in parisneo/lollms prior to version 2.2.0. The vulnerability arises from the lack of sanitization or HTML encoding of the `content` field when deserializing user-provided data. This allows an attacker to inject malicious HTML or JavaScript payloads, which can be executed in the context of another user's browser. Exploitation of this vulnerability can lead to account takeover, session hijacking, or wormable attacks.

Statistics

  • 1 Post
Last activity: 3 hours ago

Fediverse

Profile picture fallback
OffSequence @offseq

🚨 HIGH severity XSS (CVE-2026-1116) in parisneo/lollms pre-2.2.0: Improper input sanitization in from_dict allows attackers to inject malicious scripts. Update ASAP! radar.offseq.com/threat/cve-20

  • 0
  • 0
  • 0
  • 3h ago

CVE-2026-6116

Overview

  • Totolink
  • A7100RU
12 Apr 2026
Published
12 Apr 2026
Updated
CVSS v4.0
CRITICAL (9.3)
EPSS
Pending
KEV

Description

A vulnerability has been found in Totolink A7100RU 7.4cu.2313_b20191024. This vulnerability affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument ip leads to os command injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used.

Statistics

  • 1 Post
Last activity: Last hour

Fediverse

Profile picture fallback
OffSequence @offseq

Totolink A7100RU (fw 7.4cu.2313_b20191024) suffers CRITICAL OS command injection (CVE-2026-6116, CVSS 9.3). Remote, unauthenticated RCE is possible. No patch yet — disable remote access or isolate device! radar.offseq.com/threat/cve-20

  • 0
  • 0
  • 0
  • Last hour

CVE-2025-55182

Overview

  • Meta
  • react-server-dom-webpack
03 Dec 2025
Published
26 Feb 2026
Updated
CVSS v3.1
CRITICAL (10.0)
EPSS
84.89%
KEV

Description

A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1.1, and 19.2.0 including the following packages: react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. The vulnerable code unsafely deserializes payloads from HTTP requests to Server Function endpoints.

Statistics

  • 1 Post
Last activity: 3 hours ago

Bluesky

Profile picture fallback
CyberVeille @cyberveille-ch.bsky.social
📢 Kubernetes : escalade de privilèges via vol de tokens et exploitation de CVE-2025-55182 📝 ## 🔍 Contexte Publié le 6 avril 2026 par Unit 42 (… https://cyberveille.ch/posts/2026-04-12-kubernetes-escalade-de-privileges-via-vol-de-tokens-et-exploitation-de-cve-2025-55182/ #CVE_2025_55182 #Cyberveille
  • 0
  • 0
  • 0
  • 3h ago

CVE-2026-5809

Overview

  • tomdever
  • wpForo Forum
11 Apr 2026
Published
11 Apr 2026
Updated
CVSS v3.1
HIGH (7.1)
EPSS
0.03%
KEV

Description

The wpForo Forum plugin for WordPress is vulnerable to Arbitrary File Deletion in versions up to and including 3.0.2. This is due to a two-step logic flaw: the topic_add() and topic_edit() action handlers accept arbitrary user-supplied data[*] arrays from $_REQUEST and store them as postmeta without restricting which fields may contain array values. Because 'body' is included in the allowed topic fields list, an attacker can supply data[body][fileurl] with an arbitrary file path (e.g., wp-config.php or an absolute server path). This poisoned fileurl is persisted to the plugin's custom postmeta database table. Subsequently, when the attacker submits wpftcf_delete[]=body on a topic_edit request, the add_file() method retrieves the stored postmeta record, extracts the attacker-controlled fileurl, passes it through wpforo_fix_upload_dir() which only rewrites legitimate wpforo upload paths and returns all other paths unchanged, and then calls wp_delete_file() on the unvalidated path. This makes it possible for authenticated attackers, with subscriber-level access and above, to delete arbitrary files writable by the PHP process on the server, including critical files such as wp-config.

Statistics

  • 2 Posts
Last activity: 21 hours ago

Fediverse

Profile picture fallback
OffSequence @offseq

🛡️ CVE-2026-5809: HIGH severity vuln in wpForo Forum plugin ≤3.0.2 lets subscriber+ users delete arbitrary files (e.g., wp-config.php). No patch yet — restrict permissions & monitor topic edits for abuse. radar.offseq.com/threat/cve-20

  • 0
  • 0
  • 1
  • 21h ago

CVE-2025-53779

Overview

  • Microsoft
  • Windows Server 2025
12 Aug 2025
Published
26 Feb 2026
Updated
CVSS v3.1
HIGH (7.2)
EPSS
0.51%
KEV

Description

Relative path traversal in Windows Kerberos allows an authorized attacker to elevate privileges over a network.

Statistics

  • 2 Posts
Last activity: 15 hours ago

Fediverse

Profile picture fallback
0xdf @0xdf

Eighteen from HackTheBox is an assume breach Windows Server 2025 box featuring MSSQL impersonation, Werkzeug hash cracking, password spraying, and Bad Successor (CVE-2025-53779) to abuse dMSA migration for domain admin.

0xdf.gitlab.io/2026/04/11/htb-

  • 0
  • 0
  • 1
  • 15h ago

CVE-2026-4149

Overview

  • Sonos
  • Era 300
11 Apr 2026
Published
11 Apr 2026
Updated
CVSS v3.0
CRITICAL (10.0)
EPSS
1.27%
KEV

Description

Sonos Era 300 SMB Response Out-Of-Bounds Access Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sonos Era 300. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the DataOffset field within SMB responses. The issue results from the lack of proper validation of user-supplied data, which can result in a memory access past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the kernel. Was ZDI-CAN-28345.

Statistics

  • 1 Post
Last activity: 17 hours ago

Fediverse

Profile picture fallback
OffSequence @offseq

⚠️ CVE-2026-4149: Sonos Era 300 (v17.5) has a CRITICAL remote code execution vulnerability via SMB, allowing kernel-level compromise without auth. No patch yet — restrict SMB access! radar.offseq.com/threat/cve-20

  • 0
  • 0
  • 0
  • 17h ago
Showing 11 to 20 of 23 CVEs