Overview
- sandboxie-plus
- Sandboxie
Description
Statistics
- 1 Post
Fediverse
🚨 CVE-2026-34458: Sandboxie-Plus (<=1.17.2) has a CRITICAL CRLF injection bug. Local users can inject config, escape sandboxes, and escalate to SYSTEM. Patch to 1.17.3 ASAP! https://radar.offseq.com/threat/cve-2026-34458-cwe-93-improper-neutralization-of-c-e575dfc0 #OffSeq #SandboxiePlus #Vuln #PrivilegeEscalation
Overview
Description
Statistics
- 1 Post
Fediverse
If you run MariaDB in production, take action now. Any user who can open a SQL session — whether through stolen credentials, SQL injection, or lateral movement — can reach this code path with a single function SQL statement: From our work with @wiz_io as part of zeroday.cloud looking into MariaDB, one of the most widely deployed open-source relational databases, powering production workloads across cloud providers, managed services, and on-prem infrastructure
https://www.zeroday.cloud/blog/mariadb-cve-2026-32710-deep-dive
Overview
Description
Statistics
- 1 Post
Overview
Description
Statistics
- 1 Post
Overview
- fast-uri
- fast-uri
Description
Statistics
- 2 Posts
Overview
- dataease
- SQLBot
Description
Statistics
- 1 Post
Fediverse
🚨 CRITICAL: dataease SQLBot <1.7.1 (CVE-2026-33324) is vulnerable to SQL injection via prompt injection. Authenticated users can trigger RCE on PostgreSQL. Upgrade to 1.7.1+ now! https://radar.offseq.com/threat/cve-2026-33324-cwe-89-improper-neutralization-of-s-5605c7fd #OffSeq #SQLInjection #Vuln
Overview
- ahmadgb
- GeekyBot — AI Copilot, Chatbot, WooCommerce Lead Gen & Zero-Prompt Content
Description
Statistics
- 1 Post
Fediverse
🚨 CRITICAL: CVE-2026-5294 in Geeky Bot WP plugin (≤1.2.2) allows unauthenticated RCE by installing arbitrary plugins via an exposed AJAX endpoint. Disable or remove plugin & monitor for patches. https://radar.offseq.com/threat/cve-2026-5294-cwe-862-missing-authorization-in-ahm-a69c64e2 #OffSeq #WordPress #Vuln #InfoSec
Overview
- Shenzhen Yipu Commercial and Trading Co., Ltd
- WDR201A WiFi Extender
Description
Statistics
- 1 Post
Fediverse
🛑 CRITICAL: CVE-2026-41925 in WDR201A WiFi Extender (HW V2.1, FW LFMZX28040922V1.02) enables unauth OS command injection via reboot_time param. No patch yet — disable remote mgmt or isolate device. https://radar.offseq.com/threat/cve-2026-41925-improper-neutralization-of-special--d33e9e36 #OffSeq #Infosec #IoTSecurity
Overview
Description
Statistics
- 1 Post
- 2 Interactions
Fediverse
RE: https://mastodon.kodesumber.com/@redis_release_watcher/116522696579501450
Yang punya redis, ada security patch buat CVE-2026-25243 dan CVE-2026-23479.
Overview
Description
Statistics
- 1 Post
- 2 Interactions
Fediverse
RE: https://mastodon.kodesumber.com/@redis_release_watcher/116522696579501450
Yang punya redis, ada security patch buat CVE-2026-25243 dan CVE-2026-23479.