24h | 7d | 30d

Overview

  • Python Software Foundation
  • CPython

13 Apr 2026
Published
29 Apr 2026
Updated

CVSS v4.0
HIGH (7.0)
EPSS
0.02%

KEV

Description

Mitgation of CVE-2026-4519 was incomplete. If the URL contained "%action" the mitigation could be bypassed for certain browser types the "webbrowser.open()" API could have commands injected into the underlying shell. See CVE-2026-4519 for details.

Statistics

  • 2 Posts

Last activity: 14 hours ago

Fediverse

Profile picture fallback

Latest Python 3.14.5 release (including fixes for CVE-2026-1502, CVE-2026-4786, and CVE-2026-5713) is now available to #SavOS PPA users of #Ubuntu #Linux at ppa:savoury1/python-3.14 (launchpad.net/~savoury1/+archi) for all PPA supported LTS releases.

  • 0
  • 0
  • 1
  • 14h ago

Overview

  • zhblue
  • hustoj

27 Jan 2026
Published
27 Jan 2026
Updated

CVSS v4.0
CRITICAL (9.3)
EPSS
56.51%

KEV

Description

HUSTOF is an open source online judge based on PHP/C++/MySQL/Linux for ACM/ICPC and NOIP training. Prior to version 26.01.24, the problem_import_qduoj.php and problem_import_hoj.php modules fail to properly sanitize filenames within uploaded ZIP archives. Attackers can craft a malicious ZIP file containing files with path traversal sequences (e.g., ../../shell.php). When extracted by the server, this allows writing files to arbitrary locations in the web root, leading to Remote Code Execution (RCE). Version 26.01.24 contains a fix for the issue.

Statistics

  • 1 Post

Last activity: 18 hours ago

Fediverse

Profile picture fallback

Metasploit's latest release includes working exploits for CVE-2023-7102 (Barracuda RCE), CVE-2026-20182 (Cisco SD-WAN auth bypass), CVE-2026-41940 (cPanel root escalation), and CVE-2026-24479 (HUSTOJ zip-slip)....

captechgroup.com/about-us/thre

  • 0
  • 0
  • 0
  • 18h ago

Overview

  • WebPros
  • cPanel

29 Apr 2026
Published
06 May 2026
Updated

CVSS v4.0
CRITICAL (9.3)
EPSS
84.37%

Description

cPanel and WHM versions after 11.40 contain an authentication bypass vulnerability in the login flow that allows unauthenticated remote attackers to gain unauthorized access to the control panel.

Statistics

  • 1 Post

Last activity: 18 hours ago

Fediverse

Profile picture fallback

Metasploit's latest release includes working exploits for CVE-2023-7102 (Barracuda RCE), CVE-2026-20182 (Cisco SD-WAN auth bypass), CVE-2026-41940 (cPanel root escalation), and CVE-2026-24479 (HUSTOJ zip-slip)....

captechgroup.com/about-us/thre

  • 0
  • 0
  • 0
  • 18h ago

Overview

  • Cisco
  • Cisco Catalyst SD-WAN Manager

14 May 2026
Published
15 May 2026
Updated

CVSS v3.1
CRITICAL (10.0)
EPSS
77.32%

Description

May 2026: This security advisory provides the details and fix information for a vulnerability that was discovered and fixed after the was disclosed in February 2026. This new advisory is for a new vulnerability in the control connection handshaking. The section of this advisory includes Show Control Connections guidance to help with system checks.  A vulnerability in the peering authentication in Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an unauthenticated, remote attacker to bypass authentication and obtain administrative privileges on an affected system. This vulnerability exists because the peering authentication mechanism in an affected system is not working properly. An attacker could exploit this vulnerability by sending crafted requests to the affected system. A successful exploit could allow the attacker to log in to an affected Cisco Catalyst SD-WAN Controller as an internal, high-privileged, non-root user account. Using this account, the attacker could access NETCONF, which would then allow the attacker to manipulate network configuration for the SD-WAN fabric.

Statistics

  • 1 Post

Last activity: 18 hours ago

Fediverse

Profile picture fallback

Metasploit's latest release includes working exploits for CVE-2023-7102 (Barracuda RCE), CVE-2026-20182 (Cisco SD-WAN auth bypass), CVE-2026-41940 (cPanel root escalation), and CVE-2026-24479 (HUSTOJ zip-slip)....

captechgroup.com/about-us/thre

  • 0
  • 0
  • 0
  • 18h ago

Overview

  • Barracuda Networks Inc.
  • Barracuda ESG Appliance

24 Dec 2023
Published
02 Aug 2024
Updated

CVSS
Pending
EPSS
82.49%

KEV

Description

Use of a Third Party library produced a vulnerability in Barracuda Networks Inc. Barracuda ESG Appliance which allowed Parameter Injection.This issue affected Barracuda ESG Appliance, from 5.1.3.001 through 9.2.1.001, until Barracuda removed the vulnerable logic.

Statistics

  • 1 Post

Last activity: 18 hours ago

Fediverse

Profile picture fallback

Metasploit's latest release includes working exploits for CVE-2023-7102 (Barracuda RCE), CVE-2026-20182 (Cisco SD-WAN auth bypass), CVE-2026-41940 (cPanel root escalation), and CVE-2026-24479 (HUSTOJ zip-slip)....

captechgroup.com/about-us/thre

  • 0
  • 0
  • 0
  • 18h ago
Showing 41 to 45 of 45 CVEs