24h | 7d | 30d

CVE-2026-21307

Overview

  • Adobe
  • Substance3D - Designer
13 Jan 2026
Published
13 Jan 2026
Updated
CVSS v3.1
HIGH (7.8)
EPSS
Pending
KEV

Description

Substance3D - Designer versions 15.0.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Statistics

  • 1 Post
Last activity: 4 hours ago

Fediverse

Profile picture
TheHackerWire @thehackerwire

๐ŸŸ  CVE-2026-21307 - High (7.8)

Substance3D - Designer versions 15.0.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that ...

๐Ÿ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

  • 0
  • 0
  • 0
  • 4h ago

CVE-2026-21306

Overview

  • Adobe
  • Substance3D - Sampler
13 Jan 2026
Published
13 Jan 2026
Updated
CVSS v3.1
HIGH (7.8)
EPSS
Pending
KEV

Description

Substance3D - Sampler versions 5.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Statistics

  • 1 Post
Last activity: 4 hours ago

Fediverse

Profile picture
TheHackerWire @thehackerwire

๐ŸŸ  CVE-2026-21306 - High (7.8)

Substance3D - Sampler versions 5.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a ...

๐Ÿ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

  • 0
  • 0
  • 0
  • 4h ago

CVE-2025-11669

Overview

  • Zohocorp
  • ManageEngine PAM360
13 Jan 2026
Published
13 Jan 2026
Updated
CVSS v3.1
HIGH (8.1)
EPSS
Pending
KEV

Description

Zohocorpย ManageEngine PAM360 versions before 8202; Password Manager Proย versions before 13221; Access Manager Plus versions prior to 4401 are vulnerable to an authorization issue in the initiate remote session functionality.

Statistics

  • 1 Post
Last activity: 10 hours ago

Fediverse

Profile picture
TheHackerWire @thehackerwire

๐ŸŸ  CVE-2025-11669 - High (8.1)

Zohocorp ManageEngine PAM360 versions before 8202; Password Manager Pro versions before 13221; Access Manager Plus versions prior to 4401 are vulnerable to an authorization issue in the initiate remote session functionality.

๐Ÿ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

  • 0
  • 0
  • 0
  • 10h ago

CVE-2026-20957

Overview

  • Microsoft
  • Office Online Server
13 Jan 2026
Published
13 Jan 2026
Updated
CVSS v3.1
HIGH (7.8)
EPSS
Pending
KEV

Description

Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

Statistics

  • 2 Posts
Last activity: 6 hours ago

Fediverse

Profile picture
TheHackerWire @thehackerwire

๐ŸŸ  CVE-2026-20957 - High (7.8)

Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

๐Ÿ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

  • 0
  • 0
  • 1
  • 6h ago

CVE-2026-21268

Overview

  • Adobe
  • Dreamweaver Desktop
13 Jan 2026
Published
13 Jan 2026
Updated
CVSS v3.1
HIGH (8.6)
EPSS
Pending
KEV

Description

Dreamweaver Desktop versions 21.6 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file and scope is changed.

Statistics

  • 1 Post
Last activity: 5 hours ago

Fediverse

Profile picture
TheHackerWire @thehackerwire

๐ŸŸ  CVE-2026-21268 - High (8.6)

Dreamweaver Desktop versions 21.6 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that...

๐Ÿ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

  • 0
  • 0
  • 0
  • 5h ago

CVE-2026-21305

Overview

  • Adobe
  • Substance3D - Painter
13 Jan 2026
Published
13 Jan 2026
Updated
CVSS v3.1
HIGH (7.8)
EPSS
Pending
KEV

Description

Substance3D - Painter versions 11.0.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Statistics

  • 1 Post
Last activity: 4 hours ago

Fediverse

Profile picture
TheHackerWire @thehackerwire

๐ŸŸ  CVE-2026-21305 - High (7.8)

Substance3D - Painter versions 11.0.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a...

๐Ÿ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

  • 0
  • 0
  • 0
  • 4h ago

CVE-2024-3990

Overview

  • devitemsllc
  • HT Mega โ€“ Absolute Addons For Elementor
09 May 2024
Published
01 Aug 2024
Updated
CVSS v3.1
MEDIUM (6.4)
EPSS
0.22%
KEV

Description

The HT Mega โ€“ Absolute Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Tooltip & Popover Widget in all versions up to, and including, 2.5.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

Statistics

  • 1 Post
Last activity: 20 hours ago

Bluesky

Profile picture
CyberHub @cyberhub.blog
๐Ÿ“Œ CISA Orders Federal Agencies to Patch Critical Gogs RCE Vulnerability (CVE-2024-3990) Exploited in Zero-Day Attacks https://www.cyberhub.blog/article/17955-cisa-orders-federal-agencies-to-patch-critical-gogs-rce-vulnerability-cve-2024-3990-exploited-in-zero-day-attacks
  • 0
  • 0
  • 0
  • 20h ago

CVE-2026-21275

Overview

  • Adobe
  • InDesign Desktop
13 Jan 2026
Published
13 Jan 2026
Updated
CVSS v3.1
HIGH (7.8)
EPSS
Pending
KEV

Description

InDesign Desktop versions 21.0, 19.5.5 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Statistics

  • 1 Post
Last activity: 5 hours ago

Fediverse

Profile picture
TheHackerWire @thehackerwire

๐ŸŸ  CVE-2026-21275 - High (7.8)

InDesign Desktop versions 21.0, 19.5.5 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interact...

๐Ÿ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

  • 0
  • 0
  • 0
  • 5h ago

CVE-2026-0891

Overview

  • Mozilla
  • Firefox
13 Jan 2026
Published
13 Jan 2026
Updated
CVSS
Pending
EPSS
Pending
KEV

Description

Memory safety bugs present in Firefox ESR 140.6, Thunderbird ESR 140.6, Firefox 146 and Thunderbird 146. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 147 and Firefox ESR < 140.7.

Statistics

  • 1 Post
Last activity: 9 hours ago

Fediverse

Profile picture
TheHackerWire @thehackerwire

๐ŸŸ  CVE-2026-0891 - High (8.1)

Memory safety bugs present in Firefox ESR 140.6, Thunderbird ESR 140.6, Firefox 146 and Thunderbird 146. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run ...

๐Ÿ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

  • 0
  • 0
  • 0
  • 9h ago

CVE-2026-21281

Overview

  • Adobe
  • InCopy
13 Jan 2026
Published
13 Jan 2026
Updated
CVSS v3.1
HIGH (7.8)
EPSS
Pending
KEV

Description

InCopy versions 21.0, 19.5.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Statistics

  • 1 Post
Last activity: 5 hours ago

Fediverse

Profile picture
TheHackerWire @thehackerwire

๐ŸŸ  CVE-2026-21281 - High (7.8)

InCopy versions 21.0, 19.5.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a vi...

๐Ÿ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

  • 0
  • 0
  • 0
  • 5h ago
Showing 71 to 80 of 131 CVEs