Overview
Description
Statistics
- 1 Post
- 1 Interaction
Bluesky
Overview
- notepad-plus-plus
- notepad-plus-plus
Description
Statistics
- 1 Post
Overview
- Rapid7
- Vulnerability Management
Description
Statistics
- 1 Post
Overview
- risesoft-y9
- Digital-Infrastructure
Description
Statistics
- 1 Post
Fediverse
Our autonomous verification engine detected and validated a SQL Injection (CVE-2026-1050) in Digital-Infrastructure in versions <= 9.6.7.
Key Findings:
Vulnerability: SQL Injection (SQLi).
Endpoint: /server-platform/services/rest/auth/authenticate3
Root Cause: Lack of prepared statements in Y9PlatformUtil.
Impact: Attackers can manipulate database queries to access unauthorized tenant data or compromise the server.
The vulnerability was confirmed with Zero False Positives using an executable Proof of Concept (PoC). We recommend immediate remediation by implementing parameterized queries.
Vulnerability details: https://github.com/risesoft-y9/Digital-Infrastructure/issues/2
Overview
- VibeThemes
- WPLMS Learning Management System for WordPress, WordPress LMS
Description
Statistics
- 1 Post
Overview
Description
Statistics
- 1 Post
Bluesky
Overview
Description
Statistics
- 1 Post
Bluesky
Overview
- QOS.CH Sarl
- Logback-core
Description
Statistics
- 1 Post
Overview
Description
Statistics
- 1 Post
Overview
Description
Statistics
- 2 Posts
- 3 Interactions
Fediverse
‼️ CISA has added 4 vulnerabilities to the KEV Catalog
https://darkwebinformer.com/cisa-kev-catalog/
CVE-2025-40551: SolarWinds Web Help Desk Deserialization of Untrusted Data Vulnerability
CVE-2019-19006: Sangoma FreePBX Improper Authentication Vulnerability
CVE-2025-64328: Sangoma FreePBX OS Command Injection Vulnerability
CVE-2021-39935: GitLab Community and Enterprise Editions Server-Side Request Forgery (SSRF) Vulnerability