24h | 7d | 30d

CVE-2022-1040

Overview

  • Sophos
  • Sophos Firewall
25 Mar 2022
Published
21 Oct 2025
Updated
CVSS v3.1
CRITICAL (9.8)
EPSS
94.44%
KEV

Description

An authentication bypass vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v18.5 MR3 and older.

Statistics

  • 1 Post
  • 3 Interactions
Last activity: 22 hours ago

Fediverse

Profile picture fallback
GreyNoise @greynoise

Here's a taste of what GreyNoise customers got in this week's At The Edge intelligence brief.

268M sessions. 540K unique IPs. Four findings that matter.

→ Sophos CVE-2022-1040 surged 435% — second consecutive week
→ 9.1M RDP sessions from two IPs, one JA4T fingerprint
→ VPN siege Week 6 — vendors rotating after our published analysis
→ Scanning landscape collapsed. Enterprise campaigns didn't.

Full brief: IOCs, attribution, recommendations.

🔗 greynoise.io/resources/at-the-

greynoise.io/contact

  • 1
  • 2
  • 0
  • 22h ago

CVE-2025-59536

Overview

  • anthropics
  • claude-code
03 Oct 2025
Published
03 Oct 2025
Updated
CVSS v4.0
HIGH (8.7)
EPSS
0.04%
KEV

Description

Claude Code is an agentic coding tool. Versions before 1.0.111 were vulnerable to Code Injection due to a bug in the startup trust dialog implementation. Claude Code could be tricked to execute code contained in a project before the user accepted the startup trust dialog. Exploiting this requires a user to start Claude Code in an untrusted directory. Users on standard Claude Code auto-update will have received this fix automatically. Users performing manual updates are advised to update to the latest version. This issue is fixed in version 1.0.111.

Statistics

  • 1 Post
  • 1 Interaction
Last activity: 1 hour ago

Fediverse

Profile picture fallback
Daniel Kuhl ✌🏻☮️☕️ @daniel1820815

Research has discovered critical in ’s Code that allow attackers to achieve remote code execution and steal API credentials through malicious project configurations. Stolen keys can provide access to shared Workspaces for file access and tampering. Anthropic patched the issues, including CVE-2025-59536.

research.checkpoint.com/2026/r

  • 1
  • 0
  • 0
  • 1h ago

CVE-2026-27836

Overview

  • thorsten
  • phpMyFAQ
27 Feb 2026
Published
03 Mar 2026
Updated
CVSS v3.1
HIGH (7.5)
EPSS
0.04%
KEV

Description

phpMyFAQ is an open source FAQ web application. Prior to version 4.0.18, the WebAuthn prepare endpoint (`/api/webauthn/prepare`) creates new active user accounts without any authentication, CSRF protection, captcha, or configuration checks. This allows unauthenticated attackers to create unlimited user accounts even when registration is disabled. Version 4.0.18 fixes the issue.

Statistics

  • 1 Post
  • 1 Interaction
Last activity: 10 hours ago

Bluesky

Profile picture fallback
CyberHub @cyberhub.blog
📌 CVE-2026-27836 - phpMyFAQ is an open source FAQ web application. Prior to version 4.0.18, the WebAuthn prepare endpoint (`/api/webauthn/prepare`) creates new active us... https://www.cyberhub.blog/cves/CVE-2026-27836
  • 0
  • 1
  • 0
  • 10h ago

CVE-2026-28414

Overview

  • gradio-app
  • gradio
27 Feb 2026
Published
02 Mar 2026
Updated
CVSS v3.1
HIGH (7.5)
EPSS
0.18%
KEV

Description

Gradio is an open-source Python package designed for quick prototyping. Prior to version 6.7, Gradio apps running on Window with Python 3.13+ are vulnerable to an absolute path traversal issue that enables unauthenticated attackers to read arbitrary files from the file system. Python 3.13+ changed the definition of `os.path.isabs` so that root-relative paths like `/windows/win.ini` on Windows are no longer considered absolute paths, resulting in a vulnerability in Gradio's logic for joining paths safely. This can be exploited by unauthenticated attackers to read arbitrary files from the Gradio server, even when Gradio is set up with authentication. Version 6.7 fixes the issue.

Statistics

  • 1 Post
  • 1 Interaction
Last activity: 2 hours ago

Bluesky

Profile picture fallback
CyberHub @cyberhub.blog
📌 CVE-2026-28414 - Gradio is an open-source Python package designed for quick prototyping. Prior to version 6.7, Gradio apps running on Window with Python 3.13+ are vuln... https://www.cyberhub.blog/cves/CVE-2026-28414
  • 0
  • 1
  • 0
  • 2h ago

CVE-2026-24898

Overview

  • openemr
  • openemr
03 Mar 2026
Published
04 Mar 2026
Updated
CVSS v3.1
CRITICAL (10.0)
EPSS
0.19%
KEV

Description

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to 8.0.0, an unauthenticated token disclosure vulnerability in the MedEx callback endpoint allows any unauthenticated visitor to obtain the practice's MedEx API tokens, leading to complete third-party service compromise, PHI exfiltration, unauthorized actions on the MedEx platform, and HIPAA violations. The vulnerability exists because the endpoint bypasses authentication ($ignoreAuth = true) and performs a MedEx login whenever $_POST['callback_key'] is provided, returning the full JSON response including sensitive API tokens. This vulnerability is fixed in 8.0.0.

Statistics

  • 1 Post
  • 1 Interaction
Last activity: 19 hours ago

Bluesky

Profile picture fallback
CyberHub @cyberhub.blog
📌 CVE-2026-24898 - OpenEMR is a free and open source electronic health records and medical practice management application. Prior to 8.0.0, an unauthenticated token disc... https://www.cyberhub.blog/cves/CVE-2026-24898
  • 0
  • 1
  • 0
  • 19h ago

CVE-2026-27820

Overview

  • Pending
Pending
Published
Pending
Updated
CVSS
Pending
EPSS
Pending
KEV

Description

This candidate has been reserved by a CVE Numbering Authority (CNA). This record will be updated by the assigning CNA once details are available.

Statistics

  • 1 Post
  • 1 Interaction
Last activity: 10 hours ago

Fediverse

Profile picture fallback
circl @circl

CVE-2026-27820: Buffer overflow vulnerability in Zlib::GzipReader Ruby.

ruby-lang.org/en/news/2026/03/

vulnerability.circl.lu/vuln/CV

#ruby #cybersecurity #vulnerabilitymanagement

  • 0
  • 1
  • 0
  • 10h ago

CVE-2026-26336

Overview

  • Hyland
  • Alfresco Enterprise
19 Feb 2026
Published
05 Mar 2026
Updated
CVSS v4.0
HIGH (8.7)
EPSS
0.06%
KEV

Description

Hyland Alfresco allows unauthenticated attackers to read arbitrary files from protected directories (like WEB-INF) via the "/share/page/resource/" endpoint, thus leading to the disclosure of sensitive configuration files.

Statistics

  • 1 Post
  • 1 Interaction
Last activity: 4 hours ago

Bluesky

Profile picture fallback
CyberHub @cyberhub.blog
📌 CVE-2026-26336 - Hyland Alfresco allows unauthenticated attackers to read arbitrary files from protected directories (like WEB-INF) via the "/share/page/resource/" end... https://www.cyberhub.blog/cves/CVE-2026-26336
  • 0
  • 1
  • 0
  • 4h ago

CVE-2026-28416

Overview

  • gradio-app
  • gradio
27 Feb 2026
Published
02 Mar 2026
Updated
CVSS v3.1
HIGH (8.2)
EPSS
0.04%
KEV

Description

Gradio is an open-source Python package designed for quick prototyping. Prior to version 6.6.0, a Server-Side Request Forgery (SSRF) vulnerability in Gradio allows an attacker to make arbitrary HTTP requests from a victim's server by hosting a malicious Gradio Space. When a victim application uses `gr.load()` to load an attacker-controlled Space, the malicious `proxy_url` from the config is trusted and added to the allowlist, enabling the attacker to access internal services, cloud metadata endpoints, and private networks through the victim's infrastructure. Version 6.6.0 fixes the issue.

Statistics

  • 1 Post
  • 1 Interaction
Last activity: 4 hours ago

Bluesky

Profile picture fallback
CyberHub @cyberhub.blog
📌 CVE-2026-28416 - Gradio is an open-source Python package designed for quick prototyping. Prior to version 6.6.0, a Server-Side Request Forgery (SSRF) vulnerability in ... https://www.cyberhub.blog/cves/CVE-2026-28416
  • 0
  • 1
  • 0
  • 4h ago

CVE-2026-1731

Overview

  • BeyondTrust
  • Remote Support(RS) & Privileged Remote Access(PRA)
06 Feb 2026
Published
26 Feb 2026
Updated
CVSS v4.0
CRITICAL (9.9)
EPSS
64.61%
KEV

Description

BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote Access (PRA) contain a critical pre-authentication remote code execution vulnerability. By sending specially crafted requests, an unauthenticated remote attacker may be able to execute operating system commands in the context of the site user.

Statistics

  • 1 Post
Last activity: 13 hours ago

Bluesky

Profile picture fallback
piggo @pigondrugs.bsky.social
~Cybergcca~ A critical pre-auth RCE (CVE-2026-1731) in BeyondTrust RS and PRA is being exploited in the wild. Patch immediately. - IOCs: CVE-2026-1731 - #BeyondTrust #CVE20261731 #ThreatIntel
  • 0
  • 0
  • 0
  • 13h ago

CVE-2026-28403

Overview

  • f
  • textream
02 Mar 2026
Published
02 Mar 2026
Updated
CVSS v3.1
HIGH (7.6)
EPSS
0.02%
KEV

Description

Textream is a free macOS teleprompter app. Prior to version 1.5.1, the `DirectorServer` WebSocket server (`ws://127.0.0.1:<httpPort+1>`) accepts connections from any origin without validating the HTTP `Origin` header during the WebSocket handshake. A malicious web page visited in the same browser session can silently connect to the local WebSocket server and send arbitrary `DirectorCommand` payloads, allowing full remote control of the teleprompter content. Version 1.5.1 fixes the issue.

Statistics

  • 1 Post
Last activity: 6 hours ago

Bluesky

Profile picture fallback
CyberHub @cyberhub.blog
📌 CVE-2026-28403 - Textream is a free macOS teleprompter app. Prior to version 1.5.1, the `DirectorServer` WebSocket server (`ws://127.0.0.1:`) accepts conne... https://www.cyberhub.blog/cves/CVE-2026-28403
  • 0
  • 0
  • 0
  • 6h ago
Showing 11 to 20 of 73 CVEs