24h | 7d | 30d

CVE-2026-11912

Overview

  • eemitch
  • Simple File List
20 Jun 2026
Published
20 Jun 2026
Updated
CVSS v3.1
HIGH (7.5)
EPSS
Pending
KEV

Description

The Simple File List plugin for WordPress is vulnerable to arbitrary file modification due to insufficient authorization checks in all versions up to, and including, 6.3.7. This makes it possible for unauthenticated attackers to delete and modify files on the serve. This vulnerability is exploitable even when the administrator has not enabled the AllowFrontManage setting, because the is_admin() check unconditionally short-circuits the guard before that setting is evaluated.

Statistics

  • 1 Post
Last activity: 20 hours ago

Fediverse

Profile picture fallback
OffSequence @offseq

CVE-2026-11912: HIGH severity vulnerability in eemitch Simple File List ≤6.3.7 lets unauthenticated attackers modify/delete server files due to missing auth checks. No patch yet — restrict or disable plugin. radar.offseq.com/threat/cve-20

  • 0
  • 0
  • 0
  • 20h ago

CVE-2026-32208

Overview

  • Microsoft
  • Microsoft Edge (Chromium-based)
19 Jun 2026
Published
19 Jun 2026
Updated
CVSS v3.1
HIGH (8.8)
EPSS
Pending
KEV

Description

Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Edge (Chromium-based) allows an authorized attacker to perform spoofing over a network.

Statistics

  • 1 Post
Last activity: 20 hours ago

Fediverse

Profile picture fallback
Hugo | DevOps | Cybersecurity @hugovalters

CVE-2026-32208 - XSS flaw in Microsoft Edge allows spoofing. CVSS 8.8. No patch yet. Update when available. #CVE #MicrosoftEdge #infosec

valtersit.com/cve/CVE-2026-322

  • 0
  • 0
  • 0
  • 20h ago

CVE-2026-56142

Overview

  • JetBrains
  • Hub
19 Jun 2026
Published
19 Jun 2026
Updated
CVSS v3.1
CRITICAL (9.6)
EPSS
Pending
KEV

Description

In JetBrains Hub before 2026.1.13757, 2025.3.148033, 2025.2.148048, 2025.1.148120, 2024.3.148430, 2024.2.148429 privilege escalation by attaching authentication details to accounts was possible

Statistics

  • 1 Post
Last activity: 18 hours ago

Fediverse

Profile picture fallback
Hugo | DevOps | Cybersecurity @hugovalters

CVE-2026-56142 - Critical privilege escalation in JetBrains Hub. CVSS 9.6. Attackers can attach auth details to accounts. No patch yet. Monitor and restrict access now. #CVE #JetBrains #infosec

valtersit.com/cve/CVE-2026-561

  • 0
  • 0
  • 0
  • 18h ago

CVE-2026-10520

Overview

  • ivanti
  • Sentry
09 Jun 2026
Published
12 Jun 2026
Updated
CVSS v3.1
CRITICAL (10.0)
EPSS
59.52%
KEV

Description

An OS Command Injection vulnerability in Ivanti Sentry before the R10.5.2, R10.6.2 and R10.7.1 versions allows a remote unauthenticated user to achieve root-level remote code execution

Statistics

  • 1 Post
Last activity: Last hour

Fediverse

Profile picture fallback
Patrick C Miller :donor: @patrickcmiller

More Evidence That Words Don't Mean What We Thought They Meant (Ivanti Sentry Pre-Auth OS Command Injection CVE-2026-10520) labs.watchtowr.com/more-eviden

  • 0
  • 0
  • 0
  • Last hour
Showing 21 to 24 of 24 CVEs