Overview
- Sangfor
- Operation and Maintenance Management System
Description
Statistics
- 3 Posts
Fediverse
🔴 CVE-2025-15500 - Critical (9.8)
A vulnerability was found in Sangfor Operation and Maintenance Management System up to 3.0.8. This issue affects some unknown processing of the file /isomp-protocol/protocol/getHis of the component HTTP POST Request Handler. The manipulation of th...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-15500/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda
Overview
Description
Statistics
- 1 Post
Fediverse
🟠CVE-2026-0830 - High (7.8)
Processing specially crafted workspace folder names could allow for arbitrary command injection in the Kiro GitLab Merge-Request helper in Kiro IDE before version 0.6.18 when opening maliciously crafted workspaces.
To mitigate, users should updat...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-0830/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda
Overview
Description
Statistics
- 1 Post
Fediverse
🟠CVE-2025-67070 - High (8.2)
A vulnerability exists in Intelbras CFTV IP NVD 9032 R Ftd V2.800.00IB00C.0.T, which allows an unauthenticated attacker to bypass the multi-factor authentication (MFA) mechanism during the password recovery process. This results in the ability to ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-67070/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda
Overview
- remix-run
- react-router
Description
Statistics
- 1 Post
Fediverse
🟠CVE-2026-22029 - High (8)
React Router is a router for React. In @remix-run/router version prior to 1.23.2. and react-router 7.0.0 through 7.11.0, React Router (and Remix v1/v2) SPA open navigation redirects originating from loaders or actions in Framework Mode, Data Mode,...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-22029/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
Overview
- opf
- openproject
Description
Statistics
- 1 Post
Fediverse
🔴 CVE-2026-22600 - Critical (9.1)
OpenProject is an open-source, web-based project management software. A Local File Read (LFR) vulnerability exists in the work package PDF export functionality of OpenProject prior to version 16.6.4. By uploading a specially crafted SVG file (disg...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-22600/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda
Overview
Description
Statistics
- 1 Post
Fediverse
🔴 CVE-2025-68715 - Critical (9.1)
An issue was discovered in Panda Wireless PWRU0 devices with firmware 2.2.9 that exposes multiple HTTP endpoints (/goform/setWan, /goform/setLan, /goform/wirelessBasic) that do not enforce authentication. A remote unauthenticated attacker can modi...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-68715/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda
Overview
- TryGhost
- Ghost
Description
Statistics
- 1 Post
Fediverse
🟠CVE-2026-22595 - High (8.1)
Ghost is a Node.js content management system. In versions 5.121.0 through 5.130.5 and 6.0.0 through 6.10.3, a vulnerability in Ghost's handling of Staff Token authentication allowed certain endpoints to be accessed that were only intended to be ac...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-22595/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
Overview
Description
Statistics
- 1 Post
- 1 Interaction
Fediverse
InputPlumber: Lack of D-Bus Authorization and Input Verification allows UI Input Injection and Denial-of-Service (CVE-2025-66005, CVE-2025-14338)
https://security.opensuse.org/2026/01/09/inputplumber-lack-of-dbus-auth.html
Overview
Description
Statistics
- 1 Post
- 1 Interaction
Fediverse
InputPlumber: Lack of D-Bus Authorization and Input Verification allows UI Input Injection and Denial-of-Service (CVE-2025-66005, CVE-2025-14338)
https://security.opensuse.org/2026/01/09/inputplumber-lack-of-dbus-auth.html
Overview
Description
Statistics
- 2 Posts
- 17 Interactions
Fediverse
🚨 Kritische Schwachstellen in n8n
In den letzten drei Wochen wurden vier kritische Schwachstellen (CVE-2025-68613, CVE-2025-68668, CVE-2026-21858, CVE-2026-21877) in der Open-Source Workflow-Automatisierungsplattform n8n gemeldet, die von Angreifenden ausgenutzt werden können, um beliebigen Programmcode auszuführen und die Systeme ggf. vollständig zu kompromittieren.
Betroffene Systeme sollten zeitnah auf eine aktuelle Version gebracht werden.
Details zu den einzelnen Schwachstellen:
CVE-2025-68613 (betrifft Versionen vor 1.20.4)
https://github.com/n8n-io/n8n/security/advisories/GHSA-v98v-ff95-f3cp
CVE-2025-68668 (betrifft Versionen vor 2.0.0)
https://github.com/n8n-io/n8n/security/advisories/GHSA-62r4-hw23-cc8v
CVE-2026-21858 (betrifft Versionen vor 1.121.0)
https://github.com/n8n-io/n8n/security/advisories/GHSA-v4pr-fm98-w9pg
CVE-2026-21877 (betrifft Versionen vor 1.121.3)
https://github.com/n8n-io/n8n/security/advisories/GHSA-v364-rw7m-3263