24h | 7d | 30d

CVE-2026-33306

Overview

  • Pending
Pending
Published
Pending
Updated
CVSS
Pending
EPSS
Pending
KEV

Description

This candidate has been reserved by a CVE Numbering Authority (CNA). This record will be updated by the assigning CNA once details are available.

Statistics

  • 2 Posts
  • 11 Interactions
Last activity: 23 hours ago

Fediverse

Profile picture fallback
The JRuby Team @JRuby

Earlier today the JRuby team was informed of a low-severity vulnerability in the bcrypt-ruby gem. We worked with the library's maintainers to arrange a fix and disclosure. The issue is now fixed in versions 3.1.22 and higher. Exposure risk is low, but upgrading is recommended.

CVE-2026-33306: Integer Overflow Causes Zero Key-Strengthening Iterations at Cost=31 on JRuby

github.com/bcrypt-ruby/bcrypt-

  • 3
  • 5
  • 0
  • 23h ago

Bluesky

Profile picture fallback
The JRuby Project @jrubyproject.bsky.social
Today we were informed of a low-severity vulnerability in the bcrypt-ruby gem. We worked with the maintainers to arrange a fix. Upgrading is recommended. CVE-2026-33306: Integer Overflow Causes Zero Key-Strengthening Iterations at Cost=31 on JRuby github.com/bcrypt-ruby/...
  • 2
  • 1
  • 0
  • 23h ago

CVE-2017-11882

Overview

  • Microsoft Corporation
  • Microsoft Office
15 Nov 2017
Published
21 Oct 2025
Updated
CVSS
Pending
EPSS
94.38%
KEV

Description

Microsoft Office 2007 Service Pack 3, Microsoft Office 2010 Service Pack 2, Microsoft Office 2013 Service Pack 1, and Microsoft Office 2016 allow an attacker to run arbitrary code in the context of the current user by failing to properly handle objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11884.

Statistics

  • 2 Posts
  • 9 Interactions
Last activity: 1 hour ago

Fediverse

Profile picture fallback
Brad @malware_traffic

or some similar BS from an Excel file attached to a message sent to my blog email address. Final malware seems to be an AgentTesla/SnakeKeyLogger/VIP Recovery variant. Sample at:

bazaar.abuse.ch/sample/263b3f3

Calls for follow-up files at:

- hxxp[:]//91.92.242[.]3:7777/noesisllc.online/wealt1818/wealtt/nerdfwiqtwqhdgfrwt6fntdwrgonht.js

- hxxp[:]//91.92.242[.]3:7777/noesisllc.online/wealt1818/ENCRYPT.Ps1

Samples of these follow-up files at:

- bazaar.abuse.ch/sample/c47d92d

- bazaar.abuse.ch/sample/dd737de

  • 3
  • 6
  • 0
  • 2h ago

Bluesky

Profile picture fallback
Brad @malware-traffic-analysis.net
#CVE_2017_11882 in this day and age? Saw this or some similar very old exploit from an Excel file attached to a message sent to my blog email address. Sample available at bazaar.abuse.ch/sample/263b3... It's for a #Snake KeyLogger infection. Thanks to @jamesinthebox.bsky.social for identifying it!
  • 0
  • 0
  • 0
  • 1h ago

CVE-2026-22729

Overview

  • VMware
  • Spring AI
  • Spring AI
18 Mar 2026
Published
18 Mar 2026
Updated
CVSS v3.1
HIGH (8.6)
EPSS
0.05%
KEV

Description

A JSONPath injection vulnerability in Spring AI's AbstractFilterExpressionConverter allows authenticated users to bypass metadata-based access controls through crafted filter expressions. User-controlled input passed to FilterExpressionBuilder is concatenated into JSONPath queries without proper escaping, enabling attackers to inject arbitrary JSONPath logic and access unauthorized documents. This vulnerability affects applications using vector stores that extend AbstractFilterExpressionConverter for multi-tenant isolation, role-based access control, or document filtering based on metadata. The vulnerability occurs when user-supplied values in filter expressions are not escaped before being inserted into JSONPath queries. Special characters like ", ||, and && are passed through unescaped, allowing injection of arbitrary JSONPath logic that can alter the intended query semantics.

Statistics

  • 4 Posts
  • 1 Interaction
Last activity: 3 hours ago

Bluesky

Profile picture fallback
/r/netsec @r-netsec-bot.bsky.social
CVE-2026-22729: JSONPath Injection in Spring AI’s PgVectorStore
  • 0
  • 0
  • 1
  • 10h ago
Profile picture fallback
piggo @pigondrugs.bsky.social
~Cybergcca~ CCCS released security advisories for vulnerabilities in Spring AI and GitHub Enterprise Server. - IOCs: CVE-2026-22730, CVE-2026-22729 - #GitHub #SpringAI #ThreatIntel #Vulnerability
  • 0
  • 1
  • 0
  • 3h ago
Profile picture fallback
セキュリティ対策Lab @securitylab-jp.bsky.social
Java Spring AIにSQLインジェクションとJSONPathインジェクションの脆弱性(CVE-2026-22730、CVE-2026-22729) rocket-boys.co.jp/security-mea... #セキュリティ対策Lab #セキュリティ #Security #CybersecurityNews
  • 0
  • 0
  • 0
  • 21h ago

CVE-2026-22730

Overview

  • VMware
  • Spring AI
  • Spring AI
18 Mar 2026
Published
19 Mar 2026
Updated
CVSS v3.1
HIGH (8.8)
EPSS
0.04%
KEV

Description

A critical SQL injection vulnerability in Spring AI's MariaDBFilterExpressionConverter allows attackers to bypass metadata-based access controls and execute arbitrary SQL commands. The vulnerability exists due to missing input sanitization.

Statistics

  • 6 Posts
  • 1 Interaction
Last activity: 3 hours ago

Bluesky

Profile picture fallback
/r/netsec @r-netsec-bot.bsky.social
CVE-2026-22730: SQL Injection in Spring AI’s MariaDB Vector Store
  • 0
  • 0
  • 3
  • 14h ago
Profile picture fallback
piggo @pigondrugs.bsky.social
~Cybergcca~ CCCS released security advisories for vulnerabilities in Spring AI and GitHub Enterprise Server. - IOCs: CVE-2026-22730, CVE-2026-22729 - #GitHub #SpringAI #ThreatIntel #Vulnerability
  • 0
  • 1
  • 0
  • 3h ago
Profile picture fallback
セキュリティ対策Lab @securitylab-jp.bsky.social
Java Spring AIにSQLインジェクションとJSONPathインジェクションの脆弱性(CVE-2026-22730、CVE-2026-22729) rocket-boys.co.jp/security-mea... #セキュリティ対策Lab #セキュリティ #Security #CybersecurityNews
  • 0
  • 0
  • 0
  • 21h ago

CVE-2025-43520

Overview

  • Apple
  • macOS
12 Dec 2025
Published
19 Mar 2026
Updated
CVSS
Pending
EPSS
0.02%
KEV

Description

A memory corruption issue was addressed with improved memory handling. This issue is fixed in watchOS 26.1, iOS 18.7.2 and iPadOS 18.7.2, macOS Tahoe 26.1, visionOS 26.1, tvOS 26.1, macOS Sonoma 14.8.2, macOS Sequoia 15.7.2, iOS 26.1 and iPadOS 26.1. A malicious application may be able to cause unexpected system termination or write kernel memory.

Statistics

  • 2 Posts
  • 6 Interactions
Last activity: 20 hours ago

Fediverse

Profile picture fallback
Zhuowei Zhang @zhuowei
wen eta KFD for iOS 26.0.1???????

Seriously, any iOS experts looked into if CVE-2025-43520 from the DarkSword vulns could be used for KFD/MacDirtyCow-style file modding?

https://cloud.google.com/blog/topics/threat-intelligence/darksword-ios-exploit-chain
  • 3
  • 1
  • 0
  • 21h ago
Profile picture fallback
Zhuowei Zhang @zhuowei

According to TAG’s analysis, DarkSword “uses CVE-2025-43520, a kernel-mode race condition in XNU’s virtual filesystem (VFS) implementation” I’m guessing it’s https://github.com/apple-oss-distributions/xnu/blob/bbb1b6f9e71b8cdde6e5cd6f4841f207dee3d828/bsd/vfs/vfs_cluster.c#L3700 ? There’s several VFS changes; not sure if this is the right one.

If it is this one, I guess you’d somehow

  • Make a contiguous memory region,
  • start reading a file into it,
  • then switch it to a non-contiguous region after it’s validated the region, but before it actually starts reading the file,
  • so it ends up writing what it thinks is your contiguous area, but actually is the first part of your area followed by some other memory?
  • 1
  • 1
  • 0
  • 20h ago

CVE-2026-32731

Overview

  • apostrophecms
  • import-export
18 Mar 2026
Published
19 Mar 2026
Updated
CVSS v3.1
CRITICAL (10.0)
EPSS
0.06%
KEV

Description

ApostropheCMS is an open-source content management framework. Prior to version 3.5.3 of `@apostrophecms/import-export`, The `extract()` function in `gzip.js` constructs file-write paths using `fs.createWriteStream(path.join(exportPath, header.name))`. `path.join()` does not resolve or sanitise traversal segments such as `../`. It concatenates them as-is, meaning a tar entry named `../../evil.js` resolves to a path outside the intended extraction directory. No canonical-path check is performed before the write stream is opened. This is a textbook Zip Slip vulnerability. Any user who has been granted the Global Content Modify permission — a role routinely assigned to content editors and site managers — can upload a crafted `.tar.gz` file through the standard CMS import UI and write attacker-controlled content to any path the Node.js process can reach on the host filesystem. Version 3.5.3 of `@apostrophecms/import-export` fixes the issue.

Statistics

  • 2 Posts
  • 2 Interactions
Last activity: 23 hours ago

Fediverse

Profile picture fallback
Offensive Sequence @offseq

🚨 CRITICAL: CVE-2026-32731 in ApostropheCMS import-export (<3.5.3) allows path traversal via crafted .tar.gz uploads — attackers can write files anywhere the Node.js process can. Upgrade to 3.5.3+ ASAP! radar.offseq.com/threat/cve-20

  • 1
  • 1
  • 1
  • 23h ago

CVE-2026-32698

Overview

  • opf
  • openproject
18 Mar 2026
Published
19 Mar 2026
Updated
CVSS v3.1
CRITICAL (9.1)
EPSS
0.03%
KEV

Description

OpenProject is an open-source, web-based project management software. Versions prior to 16.6.9, 17.0.6, 17.1.3, and 17.2.1 are vulnerable to an SQL injection attack via a custom field's name. When that custom field was used in a Cost Report, the custom field's name was injected into the SQL query without proper sanitation. This allowed an attacker to execute arbitrary SQL commands during the generation of a Cost Report. As custom fields can only be generated by users with full administrator privileges, the attack surface is somewhat reduced. Together with another bug in the Repositories_module, that used the project identifier without sanitation to generate the checkout path for a git repository in the filesystem, this allowed an attacker to checkout a git repository to an arbitrarily chosen path on the server. If the checkout is done within certain paths within the OpenProject application, upon the next restart of the application, this allows the attacker to inject ruby code into the application. As the project identifier cannot be manually edited to any string containing special characters like dots or slashes, this needs to be changed via the SQL injection described above. Versions 16.6.9, 17.0.6, 17.1.3, and 17.2.1 fix the issue.

Statistics

  • 1 Post
  • 1 Interaction
Last activity: 18 hours ago

Fediverse

Profile picture fallback
Offensive Sequence @offseq

🚨 CRITICAL: CVE-2026-32698 in OpenProject (CVSS 9.1) enables SQL injection via admin-created custom fields, leading to potential RCE if chained with repo module bug. Patch to 16.6.9/17.0.6/17.1.3/17.2.1+ now! radar.offseq.com/threat/cve-20

  • 0
  • 1
  • 0
  • 18h ago

CVE-2026-3029

Overview

  • Artifex Software Inc. *PyMuPDF*
  • PyMuPDF
19 Mar 2026
Published
19 Mar 2026
Updated
CVSS
Pending
EPSS
Pending
KEV

Description

A path traversal and arbitrary file write vulnerability exist in the embedded get function in '_main_.py' in PyMuPDF version, 1.26.5.

Statistics

  • 1 Post
  • 1 Interaction
Last activity: 6 hours ago

Fediverse

Profile picture fallback
const_data @const_data

#infosec #cybersecurity

CVE-2026-3029

A path traversal and arbitrary file write vulnerability exist in the embedded get function in '_main_.py' in PyMuPDF version, 1.26.5.

  • 0
  • 1
  • 0
  • 6h ago

CVE-2024-12345

Overview

  • INW
  • Krbyyyzo
27 Jan 2025
Published
12 Feb 2025
Updated
CVSS v4.0
MEDIUM (6.7)
EPSS
0.05%
KEV

Description

A vulnerability classified as problematic was found in INW Krbyyyzo 25.2002. Affected by this vulnerability is an unknown functionality of the file /gbo.aspx of the component Daily Huddle Site. The manipulation of the argument s leads to resource consumption. It is possible to launch the attack on the local host. Other endpoints might be affected as well.

Statistics

  • 1 Post
  • 1 Interaction
Last activity: 15 hours ago

Bluesky

Profile picture fallback
Undercode Testing @undercode.bsky.social
Critical RCE Flaw in Windows Print Spooler (CVE-2024-12345) – Full Mitigation and Detection Guide + Video Introduction: A newly disclosed critical vulnerability in the Windows Print Spooler service (CVE-2024-12345) allows unauthenticated remote attackers to execute arbitrary code with SYSTEM…
  • 0
  • 1
  • 0
  • 15h ago

CVE-2026-23554

Overview

  • Pending
Pending
Published
Pending
Updated
CVSS
Pending
EPSS
Pending
KEV

Description

This candidate has been reserved by a CVE Numbering Authority (CNA). This record will be updated by the assigning CNA once details are available.

Statistics

  • 1 Post
  • 1 Interaction
Last activity: 3 hours ago

Bluesky

Profile picture fallback
piggo @pigondrugs.bsky.social
~Cybergcca~ 11 security advisories released including a critical GNU flaw and updates for Apple, Atlassian, Chrome, and VMware. - IOCs: CVE-2026-23554 - #Patch #ThreatIntel #Vulnerability
  • 0
  • 1
  • 0
  • 3h ago
Showing 11 to 20 of 55 CVEs