Overview
- @fastify/accepts-serializer
- @fastify/accepts-serializer
Description
Statistics
- 2 Posts
Overview
- WebPros
- Comet Backup
Description
Statistics
- 1 Post
Fediverse
🚨 CVE-2026-29200: CRITICAL IDOR in WebPros Comet Backup (20.11.0 – 26.1.1, 26.2.1) lets tenant admins impersonate any end user on the server. No patch yet — restrict admin access and monitor for suspicious cross-tenant activity. https://radar.offseq.com/threat/cve-2026-29200-cwe-639-insecure-direct-object-refe-d3747bfb #OffSeq #infosec #CVE202629200
Overview
Description
Statistics
- 1 Post
Fediverse
⚠️ CVE-2026-7712: MEDIUM severity deserialization vuln in MindsDB ≤26.01 (pickle.loads). Public exploit available, remote attack possible. No vendor response yet. Check your exposure. https://radar.offseq.com/threat/cve-2026-7712-deserialization-in-mindsdb-da28edb5 #OffSeq #MindsDB #Vuln #Deserialization
Overview
- Totolink
- WA300
Description
Statistics
- 1 Post
Fediverse
Totolink WA300 (5.2cu.7112_B20190227) faces a CRITICAL buffer overflow (CVE-2026-7719) via http_host in /cgi-bin/cstecgi.cgi. Public exploit out, no patch yet. Limit exposure, monitor closely. https://radar.offseq.com/threat/cve-2026-7719-buffer-overflow-in-totolink-wa300-e943f95d #OffSeq #Vuln #IoTSecurity #CVE20267719
Overview
- VEGA Grieshaber
- VEGAPULS 6X Two-wire PROFINET, Modbus TCP, OPC UA (Ethernet-APL)
Description
Statistics
- 3 Posts
Fediverse
#OT #Advisory VDE-2026-046
VEGA: Unsecured Configuration Interface Allows Unauthorized Access Leading to Privilege Escalation
Vulnerable components expose sensitive information to unauthorized actors through an unsecured configuration interface. Vulnerable firmware releases contain an unsecured configuration interface that allows retrieval of sensitive information such as hashed credentials.
#CVE CVE-2026-3323
https://certvde.com/en/advisories/vde-2026-046/
#CSAF https://vega.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-046.json
Overview
- GeoVision Inc.
- GV-VMS V20.0.2
Description
Statistics
- 1 Post
Fediverse
🚨 CRITICAL: CVE-2026-42370 affects GeoVision GV-VMS V20.0.2. Stack overflow in WebCam Server Login allows unauthenticated remote code execution via crafted HTTP requests. Patch urgently! https://radar.offseq.com/threat/cve-2026-42370-cwe-787-out-of-bounds-write-in-geov-cb9b994f #OffSeq #GeoVision #Vulnerability
Overview
- Totolink
- N300RH
Description
Statistics
- 1 Post
Fediverse
🔴 CRITICAL: CVE-2026-7747 in Totolink N300RH (v3.2.4-B20220812) — remote, unauthenticated buffer overflow via /cgi-bin/cstecgi.cgi Password param. Exploit is public; no patch yet. Restrict mgmt access! https://radar.offseq.com/threat/cve-2026-7747-buffer-overflow-in-totolink-n300rh-d88a1f5e #OffSeq #CVE20267747 #IoTSecurity
Overview
- Microsoft
- Microsoft 365 Copilot
Description
Statistics
- 1 Post
Fediverse
Copirate 365 at DEF CON: Plundering in the Depths of Microsoft Copilot (CVE-2026-24299) https://embracethered.com/blog/posts/2026/defcon-talk-copirate-365/
Overview
- Synway Information Engineering Co., Ltd.
- Synway SMG Gateway Management Software
Description
Statistics
- 1 Post
Bluesky
Overview
Description
Statistics
- 1 Post
Fediverse
After AIxCC wrapped in 2025, @DARPA worked with Xint and the other top performers to ensure the innovation continued even after the contest was done to secure the internet's open source infrastructure. Here is story of CVE-2026-31789
https://xint.io/blog/170315