24h | 7d | 30d

Overview

  • Microsoft
  • Microsoft Defender Antimalware Platform

20 May 2026
Published
19 Jun 2026
Updated

CVSS v3.1
MEDIUM (4.0)
EPSS
63.08%

Description

Microsoft Defender Denial of Service Vulnerability

Statistics

  • 1 Post

Last activity: 1 hour ago

Bluesky

Profile picture fallback
🚨 Alerta: Explotación activa de vulnerabilidades críticas en Microsoft Defender | CVE-2026-4109 | CVE-2026-45498 | www.newstecnicas.com/2026/06/aler...
  • 0
  • 0
  • 0
  • 1h ago

Overview

  • ivanti
  • Sentry

09 Jun 2026
Published
12 Jun 2026
Updated

CVSS v3.1
CRITICAL (10.0)
EPSS
99.04%

Description

An OS Command Injection vulnerability in Ivanti Sentry before the R10.5.2, R10.6.2 and R10.7.1 versions allows a remote unauthenticated user to achieve root-level remote code execution

Statistics

  • 1 Post

Last activity: 3 hours ago

Bluesky

Profile picture fallback
🛡️ Manual Técnico de Mitigación: Vulnerabilidades CVE-2026-10520 y CVE-2026-10523 en Ivanti Sentry www.newstecnicas.com/2026/06/manu...
  • 0
  • 0
  • 0
  • 3h ago

Overview

  • balbooa.com
  • balbooa.com Balbooa Forms extension for Joomla

09 Jul 2026
Published
09 Jul 2026
Updated

CVSS v4.0
CRITICAL (10.0)
EPSS
0.84%

Description

The Joomla extension Balbooa Forms is vulnerable to an unauthenticated arbitrary file upload that allows uploading executable files and leads to full RCE.

Statistics

  • 1 Post

Last activity: 1 hour ago

Fediverse

Profile picture fallback

📰 CISA Adds Two Actively Exploited Joomla Plugin Flaws to KEV Catalog

📢 CISA KEV UPDATE: Two Joomla plugin vulnerabilities are now listed as actively exploited. CVE-2026-48939 (iCagenda) & CVE-2026-56291 (Balbooa Forms) allow file uploads and server takeover. Patch immediately! #CISA #KEV #Joomla #Vulnerability

🌐 cyber[.]netsecops[.]io

🔗 cyber.netsecops.io/articles/ci

  • 0
  • 0
  • 0
  • 1h ago

Overview

  • arraytics
  • Eventin – Event Calendar, Event Registration, Tickets & Booking (AI Powered)

14 Apr 2026
Published
14 Apr 2026
Updated

CVSS v3.1
MEDIUM (4.3)
EPSS
0.18%

KEV

Description

The Eventin – Events Calendar, Event Booking, Ticket & Registration (AI Powered) plugin for WordPress is vulnerable to unauthorized access of data due to a improper capability check on the get_item_permissions_check() function in all versions up to, and including, 4.1.8. This makes it possible for authenticated attackers, with Subscriber-level access and above, to read arbitrary order data including customer PII (name, email, phone) by iterating order IDs.

Statistics

  • 1 Post

Last activity: 1 hour ago

Bluesky

Profile picture fallback
🚨 Alerta: Explotación activa de vulnerabilidades críticas en Microsoft Defender | CVE-2026-4109 | CVE-2026-45498 | www.newstecnicas.com/2026/06/aler...
  • 0
  • 0
  • 0
  • 1h ago

Overview

  • icagenda.com
  • iCagenda extension for Joomla

20 Jun 2026
Published
20 Jun 2026
Updated

CVSS v4.0
CRITICAL (10.0)
EPSS
1.50%

Description

A vulnerability in the iCagenda extension for Joomla allows the upload of arbitrary files in the file attachment feature, ultimately resulting in PHP code upload and execution.

Statistics

  • 1 Post

Last activity: 1 hour ago

Fediverse

Profile picture fallback

📰 CISA Adds Two Actively Exploited Joomla Plugin Flaws to KEV Catalog

📢 CISA KEV UPDATE: Two Joomla plugin vulnerabilities are now listed as actively exploited. CVE-2026-48939 (iCagenda) & CVE-2026-56291 (Balbooa Forms) allow file uploads and server takeover. Patch immediately! #CISA #KEV #Joomla #Vulnerability

🌐 cyber[.]netsecops[.]io

🔗 cyber.netsecops.io/articles/ci

  • 0
  • 0
  • 0
  • 1h ago

Overview

  • ivanti
  • Sentry

09 Jun 2026
Published
10 Jun 2026
Updated

CVSS v3.1
CRITICAL (9.9)
EPSS
47.19%

KEV

Description

An Authentication Bypass vulnerability (CWE-288) in Ivanti Sentry before the R10.5.2, R10.6.2 and R10.7.1 versions allows a remote unauthenticated attacker to create arbitrary administrative accounts and obtain full administrative access

Statistics

  • 1 Post

Last activity: 3 hours ago

Bluesky

Profile picture fallback
🛡️ Manual Técnico de Mitigación: Vulnerabilidades CVE-2026-10520 y CVE-2026-10523 en Ivanti Sentry www.newstecnicas.com/2026/06/manu...
  • 0
  • 0
  • 0
  • 3h ago

Overview

  • The GNU C Library
  • glibc

28 Apr 2026
Published
19 Jun 2026
Updated

CVSS
Pending
EPSS
0.31%

KEV

Description

The deprecated functions ns_printrrf, ns_printrr and fp_nquery in the GNU C Library version 2.0.1 to version 2.43 fail to validate the RDATA content against the RDATA length in a DNS response when processing A6, CERT, LOC, TKEY or TSIG records, which may allow an attacker to craft a DNS response, causing a target application to crash or read uninitialized memory. These functions are for application debugging only and hence not in the path of code executed by the DNS resolver. Further, they have been deprecated since version 2.34 and should not be used by any new applications. Applications should consider porting away from these interfaces since they may be removed in future versions.

Statistics

  • 1 Post

Last activity: 21 hours ago

Bluesky

Profile picture fallback
[Backport staging-26.05] glibc: fix CVE-2026-5435 and CVE-2026-6238 https://github.com/NixOS/nixpkgs/pull/540777 #security
  • 0
  • 0
  • 0
  • 21h ago
Showing 31 to 37 of 37 CVEs