CVE-2026-32267

Overview

craftcms
cms

16 Mar 2026

Published

17 Mar 2026

Updated

CVSS v4.0

HIGH (7.7)

EPSS

0.02%

MITRE

KEV

Description

Craft CMS is a content management system (CMS). From version 4.0.0-RC1 to before version 4.17.6 and from version 5.0.0-RC1 to before version 5.9.12, a low-privilege user (or an unauthenticated user who has been sent a shared URL) can escalate their privileges to admin by abusing UsersController->actionImpersonateWithToken. This issue has been patched in versions 4.17.6 and 5.9.12.

Statistics

1 Post

Last activity: 19 hours ago

Fediverse

Offensive Sequence @offseq

🚨 CRITICAL: CVE-2026-32267 in Craft CMS (4.x <4.17.6, 5.x <5.9.12) — incorrect auth allows privilege escalation to admin via shared URLs. Upgrade ASAP! Details: https://radar.offseq.com/threat/cve-2026-32267-cwe-863-incorrect-authorization-in--65bf3522 #OffSeq #CraftCMS #CVE202632267 #Vulnerability

0
0
0
19h ago

CVE-2026-4208

Overview

TYPO3
Extension "E-Mail MFA Provider"
ralffreit/mfa-email

17 Mar 2026

Published

17 Mar 2026

Updated

CVSS v4.0

HIGH (7.7)

EPSS

0.05%

MITRE

KEV

Description

The extension fails to properly reset the generated MFA code after successful authentication. This leads to a possible MFA bypass for future login attempts by providing an empty string as MFA code to the extensions MFA provider.

Statistics

1 Post

Last activity: 10 hours ago

Fediverse

Offensive Sequence @offseq

⚠️ HIGH severity: CVE-2026-4208 in TYPO3 "E-Mail MFA Provider" lets attackers bypass MFA by reusing/omitting codes due to faulty state reset. Patch or disable the extension and monitor logs for abuse. https://radar.offseq.com/threat/cve-2026-4208-cwe-639-in-typo3-extension-e-mail-mf-74236ea3 #OffSeq #TYPO3 #MFA #Vuln

0
0
0
10h ago

CVE-2025-15573

Overview

SolaX Power
Pocket WiFi 3.0

12 Feb 2026

Published

12 Feb 2026

Updated

CVSS

Pending

EPSS

0.03%

MITRE

KEV

Description

The affected devices do not validate the server certificate when connecting to the SolaX Cloud MQTTS server hosted in the Alibaba Cloud (mqtt001.solaxcloud.com, TCP 8883). This allows attackers in a man-in-the-middle position to act as the legitimate MQTT server and issue arbitrary commands to devices.

Statistics

1 Post

Last activity: 10 hours ago

Fediverse

Michael @themimitoof

Dans mon expérimentation solaire à la maison, je découvre que mon onduleur SolaX X1-Micro 2 en 1 est une petite merguez :
- qui n'expose pas API (voila pourquoi l'app est bancale)
- les settings ne sont pas accessibles
- probablement incapable de ce mettre à jour
- force l'utilisation du cloud SolaX et son MQTT pas très sécurisé (CVE-2025-15573) et avec une métrique toutes les 5 minutes.

J'ai trouvé ces deux ressources pour le moment :
- https://github.com/squishykid/solax/issues/191
- https://forum.hacf.fr/t/integration-pour-onduleurs-solaires-plug-and-play-solax-x1-micro-mqtt-local-sans-cloud/77398

0
0
0
10h ago

CVE-2026-3814

Overview

UTT
HiPER 810G

09 Mar 2026

Published

10 Mar 2026

Updated

CVSS v4.0

HIGH (8.7)

EPSS

0.08%

MITRE

KEV

Description

A security flaw has been discovered in UTT HiPER 810G up to 1.7.7-1711. Affected by this issue is the function strcpy of the file /goform/getOneApConfTempEntry. Performing a manipulation results in buffer overflow. It is possible to initiate the attack remotely. The exploit has been released to the public and may be used for attacks.

Statistics

1 Post

Last activity: 18 hours ago

Bluesky

SecQube | Harvey | AI Platform for MS Graph @secqube.com

CVE-2026-3814 - UTT HiPER 810G getOneApConfTempEntry strcpy buffer overflow scq.ms/3N8bDqk

0
0
0
18h ago

CVE-2023-22799

Overview

https://github.com/rails/globalid

09 Feb 2023

Published

02 Aug 2024

Updated

CVSS

Pending

EPSS

1.63%

MITRE

KEV

Description

A ReDoS based DoS vulnerability in the GlobalID <1.0.1 which could allow an attacker supplying a carefully crafted input can cause the regular expression engine to take an unexpected amount of time. All users running an affected release should either upgrade or use one of the workarounds immediately.

Statistics

1 Post

Last activity: 23 hours ago

Bluesky

ferramentaslinux.bsky.social @ferramentaslinux.bsky.social

Heads up, #openSUSE community! A new security advisory (openSUSE-SU-2026:10347-1) is out for Tumbleweed addressing CVE-2023-22799 in the GlobalID gem (ruby4.0-rubygem-globalid). Read more: 👉 tinyurl.com/2e3f2k7y #Security

0
0
0
23h ago

CVE-2026-25866

Overview

Mobatek
MobaXterm

09 Mar 2026

Published

11 Mar 2026

Updated

CVSS v4.0

HIGH (8.5)

EPSS

0.02%

MITRE

KEV

Description

MobaXterm versions prior to 26.1 contain an uncontrolled search path element vulnerability. The application calls WinExec to execute Notepad++ without a fully qualified executable path when opening remote files. An attacker can exploit the search path behavior by placing a malicious executable earlier in the search order, resulting in arbitrary code execution in the context of the affected user.

Statistics

1 Post

Last activity: 10 hours ago

Bluesky

SecQube | Harvey | AI Platform for MS Graph @secqube.com

CVE-2026-25866 - MobaXterm < 26.1 Notepad++ Unquoted Service Path scq.ms/3Nuc1zv

0
0
0
10h ago

CVE-2026-2413

Overview

elemntor
Ally – Web Accessibility & Usability

11 Mar 2026

Published

11 Mar 2026

Updated

CVSS v3.1

HIGH (7.5)

EPSS

14.93%

MITRE

KEV

Description

The Ally – Web Accessibility & Usability plugin for WordPress is vulnerable to SQL Injection via the URL path in all versions up to, and including, 4.0.3. This is due to insufficient escaping on the user-supplied URL parameter in the `get_global_remediations()` method, where it is directly concatenated into an SQL JOIN clause without proper sanitization for SQL context. While `esc_url_raw()` is applied for URL safety, it does not prevent SQL metacharacters (single quotes, parentheses) from being injected. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database via time-based blind SQL injection techniques. The Remediation module must be active, which requires the plugin to be connected to an Elementor account.

Statistics

1 Post

Last activity: 2 hours ago

Fediverse

RS Web Solutions (RSWEBSOLS) @rswebsols

SQL Injection Vulnerability in Elementor Ally Plugin Affects Over 250,000 WordPress Websites #wordpress

A critical SQL injection vulnerability in the Elementor Ally plugin could affect over 250,000 WordPress sites. Upgrade to Ally 4.1.0 and update WordPress to 6.9.2 to mitigate CVE-2026-2413 and related risks. Learn more: https://ift.tt/VzNblEM

Source: https://ift.tt/VzNblEM | Image: https://ift.tt/ONFHV64

0
0
0
2h ago

CVE-2025-32463

Overview

Sudo project
Sudo

30 Jun 2025

Published

26 Feb 2026

Updated

CVSS v3.1

CRITICAL (9.3)

EPSS

26.52%

MITRE

KEV

Description

Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option.

Statistics

1 Post

Last activity: 2 hours ago

Fediverse

KL3FT3Z @toxy4ny

Internal redteam, 8h, no tools except one exploit.
Result: VP account, full AD control. SOC: 0 alerts.

https://github.com/toxy4ny/semetsky---VP

Why it matters: PXE-boot Linux, unmonitored, unpatched since 2023.
CVE-2025-32463 → bash_history with plaintext creds → RDP hop →
custom AD delegation. All "legitimate" actions, no SOC triggers.

What's your "Yuri Semetsky" story? (obfuscated, of course)

#redteam #internalpentest #ad #soc #linux

0
0
0
2h ago