24h | 7d | 30d

Overview

  • mailcow
  • mailcow-dockerized

20 May 2026
Published
20 May 2026
Updated

CVSS v4.0
HIGH (7.4)
EPSS
0.05%

KEV

Description

mailcow-dockerized contains a stored cross-site scripting vulnerability in the administrator Queue Manager. The Queue Manager fetches mail queue entries from /api/v1/get/mailq/all, copies server-controlled Postfix queue fields into DataTables rows, and renders several of those fields as HTML without adequate output encoding. This issue affects mailcow-dockerized: 2026-03b.

Statistics

  • 1 Post

Last activity: 19 hours ago

Bluesky

Profile picture fallback
CVE-2026-7460 mailcow-dockerized: 2026-03bの脆弱性をわかりやすく解説|影響範囲と対策まとめ CVE-2026-7460 mailcow-dockerizedには、管理者のQueue Managerにおける保存型クロスサイトスクリプティング(XSS)脆弱性が存在します。
  • 0
  • 0
  • 0
  • 19h ago

Overview

  • OpenSC

01 Jun 2026
Published
01 Jun 2026
Updated

CVSS v4.0
LOW (2.3)
EPSS
0.06%

KEV

Description

A flaw has been found in OpenSC up to 0.26.1. This affects the function test_kpgen_certwrite of the file src/tools/pkcs11-tool.c of the component pkcs11-tool Key Generation Module. This manipulation causes buffer overflow. The attack is possible to be carried out remotely. The complexity of an attack is rather high. It is indicated that the exploitability is difficult. The exploit has been published and may be used. Patch name: 814f745b3b6d100295f65f1935edd33d520d33ab. It is recommended to apply a patch to fix this issue.

Statistics

  • 1 Post

Last activity: 17 hours ago

Bluesky

Profile picture fallback
opensc: fix CVE-2026-10275 https://github.com/NixOS/nixpkgs/pull/527058 https://tracker.security.nixos.org/issues/NIXPKGS-2026-1817 #security
  • 0
  • 0
  • 0
  • 17h ago

Overview

  • SQLite
  • SQLite
  • expr.c

15 Jul 2025
Published
29 Apr 2026
Updated

CVSS v4.0
HIGH (7.2)
EPSS
1.62%

KEV

Description

There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue. We recommend upgrading to version 3.50.2 or above.

Statistics

  • 1 Post

Last activity: 1 hour ago

Fediverse

Profile picture fallback
According to GrapheneOS, the SQLite issue marked as exploited in the wild in the June Android Security Bulletin was originally patched in SQLite 3.44.5 from July 2025:
https://grapheneos.social/@GrapheneOS/116681501156712831
https://github.com/sqlite/sqlite/commit/710858bca3e6f0cc1d5d74101a1b444b3c7214ff

However, searching for this commit shows that patch is for CVE-2025-6965.

I guess CVE-2025-48615 is a duplicate/variant?

You may remember CVE-2025-6965 as the bug that Project Zero's "Big Sleep" AI discovered, after Project Zero received reports of a bug "known only to threat actors and was at risk of being exploited", (https://blog.google/innovation-and-ai/technology/safety-security/cybersecurity-updates-summer-2025/)

I guess that explains why it's marked as exploited in the wild in the bulletin.
  • 0
  • 0
  • 0
  • 1h ago

Overview

  • Google
  • Android

08 Dec 2025
Published
01 Jun 2026
Updated

CVSS
Pending
EPSS
0.01%

KEV

Description

In getComponentName of MediaButtonReceiverHolder.java, there is a possible desync in persistence due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Statistics

  • 1 Post

Last activity: 1 hour ago

Fediverse

Profile picture fallback
According to GrapheneOS, the SQLite issue marked as exploited in the wild in the June Android Security Bulletin was originally patched in SQLite 3.44.5 from July 2025:
https://grapheneos.social/@GrapheneOS/116681501156712831
https://github.com/sqlite/sqlite/commit/710858bca3e6f0cc1d5d74101a1b444b3c7214ff

However, searching for this commit shows that patch is for CVE-2025-6965.

I guess CVE-2025-48615 is a duplicate/variant?

You may remember CVE-2025-6965 as the bug that Project Zero's "Big Sleep" AI discovered, after Project Zero received reports of a bug "known only to threat actors and was at risk of being exploited", (https://blog.google/innovation-and-ai/technology/safety-security/cybersecurity-updates-summer-2025/)

I guess that explains why it's marked as exploited in the wild in the bulletin.
  • 0
  • 0
  • 0
  • 1h ago

Overview

  • Pending

Pending
Published
Pending
Updated

CVSS
Pending
EPSS
Pending

KEV

Description

This candidate has been reserved by a CVE Numbering Authority (CNA). This record will be updated by the assigning CNA once details are available.

Statistics

  • 1 Post
  • 1 Interaction

Last activity: 4 hours ago

Bluesky

Profile picture fallback
Rancher Kubernetesプラットフォームに3件の重大な脆弱性(CVE-2026-44939,CVE-2026-41052,CVE-2026-41053) rocket-boys.co.jp/security-mea... #セキュリティ対策Lab #security #securitynews
  • 0
  • 1
  • 0
  • 4h ago

Overview

  • Pending

Pending
Published
Pending
Updated

CVSS
Pending
EPSS
Pending

KEV

Description

This candidate has been reserved by a CVE Numbering Authority (CNA). This record will be updated by the assigning CNA once details are available.

Statistics

  • 1 Post
  • 1 Interaction

Last activity: 4 hours ago

Bluesky

Profile picture fallback
Rancher Kubernetesプラットフォームに3件の重大な脆弱性(CVE-2026-44939,CVE-2026-41052,CVE-2026-41053) rocket-boys.co.jp/security-mea... #セキュリティ対策Lab #security #securitynews
  • 0
  • 1
  • 0
  • 4h ago

Overview

  • Pending

Pending
Published
Pending
Updated

CVSS
Pending
EPSS
Pending

KEV

Description

This candidate has been reserved by a CVE Numbering Authority (CNA). This record will be updated by the assigning CNA once details are available.

Statistics

  • 1 Post
  • 1 Interaction

Last activity: 4 hours ago

Bluesky

Profile picture fallback
Rancher Kubernetesプラットフォームに3件の重大な脆弱性(CVE-2026-44939,CVE-2026-41052,CVE-2026-41053) rocket-boys.co.jp/security-mea... #セキュリティ対策Lab #security #securitynews
  • 0
  • 1
  • 0
  • 4h ago

Overview

  • ABB
  • T-MAC Plus

03 Jun 2026
Published
03 Jun 2026
Updated

CVSS v3.1
HIGH (8.8)
EPSS
0.04%

KEV

Description

Authorization bypass through User-Controlled key vulnerability in ABB T-MAC Plus. This issue affects T-MAC Plus: 4.0-24.

Statistics

  • 1 Post

Last activity: 14 hours ago

Bluesky

Profile picture fallback
~Cybergcca~ CCCS issued 3 advisories for vulnerabilities in Google Chrome, ABB T-MAC Plus, and Phoenix Contact CHARX SEC-3xxx. - IOCs: CVE-2025-14771, CVE-2025-14772, CVE-2025-14773 - #CyberSecurity #ThreatIntel #Vulnerability
  • 0
  • 0
  • 0
  • 14h ago

Overview

  • ABB
  • T-MAC Plus

03 Jun 2026
Published
03 Jun 2026
Updated

CVSS v3.1
HIGH (8.0)
EPSS
0.04%

KEV

Description

Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in ABB T-MAC Plus. This issue affects T-MAC Plus: 4.0-24.

Statistics

  • 1 Post

Last activity: 14 hours ago

Bluesky

Profile picture fallback
~Cybergcca~ CCCS issued 3 advisories for vulnerabilities in Google Chrome, ABB T-MAC Plus, and Phoenix Contact CHARX SEC-3xxx. - IOCs: CVE-2025-14771, CVE-2025-14772, CVE-2025-14773 - #CyberSecurity #ThreatIntel #Vulnerability
  • 0
  • 0
  • 0
  • 14h ago
Showing 41 to 49 of 49 CVEs