24h | 7d | 30d

Overview

  • SUSE
  • Rancher
  • Rancher

30 Jun 2026
Published
01 Jul 2026
Updated

CVSS v3.1
HIGH (8.8)
EPSS
Pending

KEV

Description

Incorrect authentication caching in the team member ship expansion of the Rancher Github authentication provider caused it granting principal access to any logged in user, in 2.13 before 2.13.6 and 2.14 before 2.14.2.

Statistics

  • 1 Post
  • 1 Interaction

Last activity: 6 hours ago

Fediverse

Profile picture fallback

A severe vulnerability was disclosed for SUSE Rancher (CVE-2026-41053) vuldb.com/vuln/374808

  • 1
  • 0
  • 0
  • 6h ago

Overview

  • TP-Link Systems Inc.
  • TL-WR802N v4

13 Mar 2026
Published
17 Mar 2026
Updated

CVSS v4.0
HIGH (8.5)
EPSS
1.10%

KEV

Description

A command injection vulnerability was identified in TP-Link TL-WR802N v4, TL-WR841N v14, and TL-WR840N v6 due to improper neutralization of special elements used in an OS command. In the router configuration import function allows an authenticated attacker to upload a crafted configuration file that results in execution of OS commands with root privileges during port-trigger processing. Successful exploitation allows an authenticated attacker to execute system commands with root privileges, leading to full device compromise.

Statistics

  • 1 Post
  • 1 Interaction

Last activity: Last hour

Bluesky

Profile picture fallback
The latest update for #Foresiet includes "Phone Bombing Attacks 2026: A Complete Guide" and "TP-Link CVE-2026-3227: Authenticated Command Injection via Configuration Import". #cybersecurity #infosec https://opsmtrs.com/3J3CMGz
  • 1
  • 0
  • 0
  • Last hour

Overview

  • Microsoft
  • Microsoft 365 Copilot

04 Jun 2026
Published
26 Jun 2026
Updated

CVSS v3.1
MEDIUM (6.5)
EPSS
7.64%

KEV

Description

Missing authentication for critical function in M365 Copilot allows an unauthorized attacker to disclose information over a network.

Statistics

  • 1 Post
  • 1 Interaction

Last activity: 13 hours ago

Fediverse

Profile picture fallback

The @varonis Threat Labs teams demonstrated that enterprise assistants can be turned into a precision data exfiltration tool via a crafted link. -2026-42824 AKA is a huge vulnerability chain in Microsoft 365 Copilot. HT HT @Kiteworks. cybersec.kiteworks.com/s/micro

  • 1
  • 0
  • 0
  • 13h ago

Overview

  • Google
  • Chrome

30 Jun 2026
Published
30 Jun 2026
Updated

CVSS
Pending
EPSS
Pending

KEV

Description

Use after free in Extensions in Google Chrome prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. (Chromium security severity: Critical)

Statistics

  • 1 Post

Last activity: 3 hours ago

Fediverse

Profile picture fallback

The latest Chrome security update patches 382 vulnerabilities, including 15 critical use-after-free flaws. Update Chrome now to stay protected.

securityonline.info/chrome-sec

  • 0
  • 0
  • 0
  • 3h ago

Overview

  • NLnet Labs
  • NSD

25 Jun 2026
Published
25 Jun 2026
Updated

CVSS v4.0
HIGH (8.7)
EPSS
0.30%

KEV

Description

If NSD is configured as secondary for a zone, the primary of that zone can crash NSD with an AXFR containing a DNS message with a special crafted SVCB RR with an rdata size of 65512, that let's an (uint16_t) variable that is used to allocate space needed for the RR wrap (because total size > 65535), causing a heap overflow. The attacker can perform a controlled (RCE class) head write of up to 65509 bytes

Statistics

  • 1 Post

Last activity: 17 hours ago

Fediverse

Profile picture fallback

NLnet Labs patched critical NSD DNS vulnerabilities, including CVE-2026-12244. Update now to protect your multi-tenant secondary DNS deployments.

securityonline.info/nsd-dns-vu

  • 0
  • 0
  • 0
  • 17h ago

Overview

  • NetScaler
  • ADC

30 Jun 2026
Published
30 Jun 2026
Updated

CVSS v4.0
HIGH (7.1)
EPSS
Pending

KEV

Description

Arbitrary File Read (Unauthenticated) in NetScaler ADC and NetScaler Gateway if the access to NSIP, Cluster Management IP or SNIP with management access is enabled

Statistics

  • 1 Post

Last activity: 15 hours ago

Fediverse

Profile picture fallback

Arbitrary File Read (Unauthenticated) in NetScaler ADC and NetScaler Gateway if the access to NSIP, Cluster Management IP or SNIP with management access is enabled

#netscaler #citrix #vulnerabilitymanagement #cybersecurity

vulnerability.circl.lu/vuln/CV

  • 0
  • 0
  • 0
  • 15h ago

Overview

  • Pending

11 Mar 2026
Published
24 Jun 2026
Updated

CVSS
Pending
EPSS
1.13%

Description

An issue was discovered in Lantronix EDS5000 2.1.0.0R3. The HTTP RPC module executes a shell command to write logs when user's authantication fails. The username is directly concatenated with the command without any sanitization. This allow attackers to inject arbitrary OS commands into the username parameter. Injected commands are executed with root privileges.

Statistics

  • 2 Posts

Last activity: 12 hours ago

Bluesky

Profile picture fallback
Patch-and-pray doesn't work in OT. Attackers reverse-engineered a Lantronix fix and exploited CVE-2025-67038 before the research even went public. Your patch is their roadmap.
  • 0
  • 0
  • 1
  • 12h ago

Overview

  • Google
  • Chrome

30 Jun 2026
Published
01 Jul 2026
Updated

CVSS
Pending
EPSS
Pending

KEV

Description

Incorrect security UI in Views in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)

Statistics

  • 1 Post

Last activity: Last hour

Bluesky

Profile picture fallback
Уязвимость CVE-2026-14144 в Google Chrome: что это значит для пользователей? https://kripta.biz/posts/9B01E4A0-EA4C-4BE2-8DCB-19D6A970A1CE
  • 0
  • 0
  • 0
  • Last hour

Overview

  • Google
  • Chrome

30 Jun 2026
Published
30 Jun 2026
Updated

CVSS
Pending
EPSS
Pending

KEV

Description

Use after free in GFX in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)

Statistics

  • 1 Post

Last activity: Last hour

Fediverse

Profile picture fallback

A new vulnerability with increased severity was disclosed for Google Chrome (CVE-2026-13805) vuldb.com/vuln/374987

  • 0
  • 0
  • 0
  • Last hour

Overview

  • Google
  • Chrome

30 Jun 2026
Published
01 Jul 2026
Updated

CVSS
Pending
EPSS
Pending

KEV

Description

Inappropriate implementation in DevTools in Google Chrome prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to perform UI spoofing via a crafted Chrome Extension. (Chromium security severity: Low)

Statistics

  • 1 Post

Last activity: Last hour

Bluesky

Profile picture fallback
Уязвимость CVE-2026-14154 в Google Chrome: что это значит и как защититься https://kripta.biz/posts/278A2A89-B78E-4E27-B83E-541AC1B31FA8
  • 0
  • 0
  • 0
  • Last hour
Showing 31 to 40 of 99 CVEs