24h | 7d | 30d

Overview

  • OpenPrinting
  • cups

11 Sep 2025
Published
04 Nov 2025
Updated

CVSS v3.1
HIGH (8.0)
EPSS
0.05%

KEV

Description

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.12 and earlier, when the `AuthType` is set to anything but `Basic`, if the request contains an `Authorization: Basic ...` header, the password is not checked. This results in authentication bypass. Any configuration that allows an `AuthType` that is not `Basic` is affected. Version 2.4.13 fixes the issue.

Statistics

  • 1 Post

Last activity: 5 hours ago

Bluesky

Profile picture fallback
The #SUSE CUPS vulnerability (CVE-2025-58060) is a textbook case of legacy complexity haunting modern infrastructure. Heap overflow, local to root pivot, and it affects the IPP stack. Read more: 👉 tinyurl.com/3fewkb33 #Security
  • 0
  • 0
  • 0
  • 5h ago

Overview

  • Microsoft
  • GitHub Copilot Plugin for JetBrains IDEs

10 Feb 2026
Published
11 Feb 2026
Updated

CVSS v3.1
HIGH (8.8)
EPSS
0.04%

KEV

Description

Improper neutralization of special elements used in a command ('command injection') in Github Copilot allows an unauthorized attacker to execute code over a network.

Statistics

  • 1 Post

Last activity: 10 hours ago

Bluesky

Profile picture fallback
🚨 CVE-2026-21516 (CVSS 8.8 HIGH) Command Injection in GitHub Copilot allows an unauthorized attacker to execute code over a network due to improper neutralization of special elements in commands. Full analysis: basefortify.eu/cve_reports/... #CVE #GitHubCopilot #Microsoft #CyberSecurity #AppSec
  • 0
  • 0
  • 0
  • 10h ago

Overview

  • Apple
  • iOS and iPadOS

17 Dec 2025
Published
18 Dec 2025
Updated

CVSS
Pending
EPSS
0.03%

Description

A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 26.2, Safari 26.2, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, visionOS 26.2, tvOS 26.2. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 26. CVE-2025-14174 was also issued in response to this report.

Statistics

  • 2 Posts
  • 6 Interactions

Last activity: Last hour

Fediverse

Profile picture fallback

📣 EMERGENCY UPDATES 📣

Apple pushed updates for 1 new zero-day that may have been actively exploited and is linked to CVE-2025-14174 and CVE-2025-43529 which were fixed in iOS 26.2.

🐛 CVE-2026-20700 (dyld):
- iOS and iPadOS 26.3
- macOS Tahoe 26.3
- tvOS 26.3
- visionOS 26.3
- watchOS 26.3

  • 3
  • 2
  • 0
  • Last hour

Bluesky

Profile picture fallback
🐛 CVE-2025-14174 (dyld) additional patches, 🐛 CVE-2025-43529 (dyld) additional patches, 🐛 CVE-2026-20700 (dyld): - iOS and iPadOS 26.3 - macOS Tahoe 26.3 - tvOS 26.3 - visionOS 26.3 - watchOS 26.3 #apple #infosec
  • 0
  • 1
  • 0
  • Last hour

Overview

  • Pending

Pending
Published
Pending
Updated

CVSS
Pending
EPSS
Pending

KEV

Description

This candidate has been reserved by a CVE Numbering Authority (CNA). This record will be updated by the assigning CNA once details are available.

Statistics

  • 2 Posts
  • 6 Interactions

Last activity: Last hour

Fediverse

Profile picture fallback

📣 EMERGENCY UPDATES 📣

Apple pushed updates for 1 new zero-day that may have been actively exploited and is linked to CVE-2025-14174 and CVE-2025-43529 which were fixed in iOS 26.2.

🐛 CVE-2026-20700 (dyld):
- iOS and iPadOS 26.3
- macOS Tahoe 26.3
- tvOS 26.3
- visionOS 26.3
- watchOS 26.3

  • 3
  • 2
  • 0
  • Last hour

Bluesky

Profile picture fallback
🐛 CVE-2025-14174 (dyld) additional patches, 🐛 CVE-2025-43529 (dyld) additional patches, 🐛 CVE-2026-20700 (dyld): - iOS and iPadOS 26.3 - macOS Tahoe 26.3 - tvOS 26.3 - visionOS 26.3 - watchOS 26.3 #apple #infosec
  • 0
  • 1
  • 0
  • Last hour

Overview

  • Google
  • Chrome

12 Dec 2025
Published
16 Dec 2025
Updated

CVSS
Pending
EPSS
0.65%

Description

Out of bounds memory access in ANGLE in Google Chrome on Mac prior to 143.0.7499.110 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)

Statistics

  • 2 Posts
  • 6 Interactions

Last activity: Last hour

Fediverse

Profile picture fallback

📣 EMERGENCY UPDATES 📣

Apple pushed updates for 1 new zero-day that may have been actively exploited and is linked to CVE-2025-14174 and CVE-2025-43529 which were fixed in iOS 26.2.

🐛 CVE-2026-20700 (dyld):
- iOS and iPadOS 26.3
- macOS Tahoe 26.3
- tvOS 26.3
- visionOS 26.3
- watchOS 26.3

  • 3
  • 2
  • 0
  • Last hour

Bluesky

Profile picture fallback
🐛 CVE-2025-14174 (dyld) additional patches, 🐛 CVE-2025-43529 (dyld) additional patches, 🐛 CVE-2026-20700 (dyld): - iOS and iPadOS 26.3 - macOS Tahoe 26.3 - tvOS 26.3 - visionOS 26.3 - watchOS 26.3 #apple #infosec
  • 0
  • 1
  • 0
  • Last hour

Overview

  • libexpat project
  • libexpat

23 Jan 2026
Published
23 Jan 2026
Updated

CVSS v3.1
LOW (2.9)
EPSS
0.00%

KEV

Description

In libexpat before 2.7.4, XML_ExternalEntityParserCreate does not copy unknown encoding handler user data.

Statistics

  • 1 Post

Last activity: 1 hour ago

Bluesky

Profile picture fallback
USN-8023-1: libxmltok flaws (CVE-2026-24515 & CVE-2026-25210) are now public. Key takeaway: CVE-2026-25210 = Integer Overflow → Heap Overflow → Potential RCE. ⚠️ Patches ONLY in #Ubuntu Pro/ESM repos. Read more: 👉 tinyurl.com/fd6dsmfu #Security
  • 0
  • 0
  • 0
  • 1h ago

Overview

  • Ivanti
  • Endpoint Manager

10 Feb 2026
Published
10 Feb 2026
Updated

CVSS v3.1
HIGH (8.6)
EPSS
0.16%

KEV

Description

An authentication bypass in Ivanti Endpoint Manager before version 2024 SU5 allows a remote unauthenticated attacker to leak specific stored credential data.

Statistics

  • 1 Post

Last activity: 6 hours ago

Bluesky

Profile picture fallback
Ivanti released patches for EPM fixing a high-severity authentication bypass (CVE-2026-1603) and a medium SQL injection (CVE-2026-1602).
  • 0
  • 0
  • 0
  • 6h ago

Overview

  • libexpat project
  • libexpat

30 Jan 2026
Published
03 Feb 2026
Updated

CVSS v3.1
MEDIUM (6.9)
EPSS
0.01%

KEV

Description

In libexpat before 2.7.4, the doContent function does not properly determine the buffer size bufSize because there is no integer overflow check for tag buffer reallocation.

Statistics

  • 1 Post

Last activity: 1 hour ago

Bluesky

Profile picture fallback
USN-8023-1: libxmltok flaws (CVE-2026-24515 & CVE-2026-25210) are now public. Key takeaway: CVE-2026-25210 = Integer Overflow → Heap Overflow → Potential RCE. ⚠️ Patches ONLY in #Ubuntu Pro/ESM repos. Read more: 👉 tinyurl.com/fd6dsmfu #Security
  • 0
  • 0
  • 0
  • 1h ago

Overview

  • Ivanti
  • Endpoint Manager

10 Feb 2026
Published
10 Feb 2026
Updated

CVSS v3.1
MEDIUM (6.5)
EPSS
0.05%

KEV

Description

SQL injection in Ivanti Endpoint Manager before version 2024 SU5 allows a remote authenticated attacker to read arbitrary data from the database.

Statistics

  • 1 Post

Last activity: 6 hours ago

Bluesky

Profile picture fallback
Ivanti released patches for EPM fixing a high-severity authentication bypass (CVE-2026-1603) and a medium SQL injection (CVE-2026-1602).
  • 0
  • 0
  • 0
  • 6h ago

Overview

  • n8n-io
  • n8n

07 Jan 2026
Published
12 Jan 2026
Updated

CVSS v3.1
CRITICAL (10.0)
EPSS
5.82%

KEV

Description

n8n is an open source workflow automation platform. Versions starting with 1.65.0 and below 1.121.0 enable an attacker to access files on the underlying server through execution of certain form-based workflows. A vulnerable workflow could grant access to an unauthenticated remote attacker, resulting in exposure of sensitive information stored on the system and may enable further compromise depending on deployment configuration and workflow usage. This issue is fixed in version 1.121.0.

Statistics

  • 1 Post

Last activity: 10 hours ago

Bluesky

Profile picture fallback
n8n Vulnerability Analysis: CVE-2025-68613, CVE-2026-21858, CVE-2026-25049
  • 0
  • 0
  • 0
  • 10h ago
Showing 31 to 40 of 40 CVEs