ARTIKEL SUCHE
Threat Feed QueryDurchsuche alle aggregierten Security-Artikel nach Schlagworten, CVE-IDs und Quellen.
Over 400,000 sites at risk as hackers exploit Breeze Cache plugin flaw (CVE-2026-3844)
Attackers exploit a Breeze Cache flaw (CVE-2026-3844) to upload files without login. Wordfence researchers detected over 170 attacks. Threat actors are exploiting a critical flaw, tracked as CVE-2026-3844 (CVSS score of
Hackers Can Abuse Entra Agent ID Administrator Role to Hijack Service Principals
A critical scope overreach vulnerability was recently identified in the Microsoft Entra Agent Identity Platform. The newly introduced Agent ID Administrator role allowed accounts to hijack arbitrary service principals an
CVE-2026-41680 - Marked: OOM Denial of Service via Infinite Recursion in marked Tokenizer
CVE ID :CVE-2026-41680 Published : April 24, 2026, 6:16 p.m. | 1 hour, 54 minutes ago Description :Marked is a markdown parser and compiler. From 18.0.0 to 18.0.1, a critical Denial of Service (DoS) vulnerability e
CVE-2026-21515 - Azure IoT Central Elevation of Privilege Vulnerability
CVE ID :CVE-2026-21515 Published : 24. April 2026 13:16 | 54 Minuten ago Description :Exposure of sensitive information to an unauthorized actor in Azure IOT Central allows an authorized attacker to elevate privile
Xiongmai IP Camera Vulnerability Let Attackers Bypass Authentication and have Remote Access
Security cameras are designed to keep commercial facilities safe. However, a newly disclosed critical vulnerability in Hangzhou Xiongmai Technology’s XM530 IP Cameras is putting networks at risk. Tracked under the alert
Hackers Can Exploit Ollama Model Uploads to Leak Sensitive Server Data
A critical, unpatched vulnerability has been discovered in Ollama, a widely used open-source platform for running Large Language Models locally. Tracked as CVE-2026-5757, this severe memory leak allows unauthenticated re
CVE-2026-1951 - No checking of the length of the buffer with the directory name in AS320T
CVE ID :CVE-2026-1951 Published : April 24, 2026, 7:16 a.m. | 54 minutes ago Description :Delta Electronics AS320T has no checking of the length of the buffer with the directory name vulnerability. Severity: 9
CVE-2026-1952 - Denial of service via the undocumented subfunction in AS320T
CVE ID :CVE-2026-1952 Published : April 24, 2026, 7:16 a.m. | 54 minutes ago Description :Delta Electronics AS320T has denial of service via the undocumented subfunction vulnerability. Severity: 9.8 | CRITICAL
CVE-2026-1949 - Incorrect calculation of buffer size on the stack in AS320T
CVE ID :CVE-2026-1949 Published : April 24, 2026, 5:50 a.m. | 19 minutes ago Description :Delta Electronics AS320T has incorrect calculation of the buffer size on the stack in the GET/PUT request handler of the web
CVE-2026-40620 - SenseLive X3050 Missing authentication for critical function
CVE ID :CVE-2026-40620 Published : April 24, 2026, 12:16 a.m. | 1 hour, 53 minutes ago Description :A vulnerability in SenseLive X3050’s embedded management service allows full administrative control to be establis
CVE-2026-40623 - SenseLive X3050 Missing Authorization
CVE ID :CVE-2026-40623 Published : April 24, 2026, 12:16 a.m. | 1 hour, 53 minutes ago Description :A vulnerability in SenseLive X3050's web management interface allows critical system and network configuration par
CVE-2026-27843 - SenseLive X3050 Missing authentication for critical function
CVE ID :CVE-2026-27843 Published : April 24, 2026, 12:16 a.m. | 1 hour, 53 minutes ago Description :A vulnerability exists in SenseLive X3050's web management interface that allows critical configuration parameters
CVE-2026-35064 - SenseLive X3050 Missing authentication for critical function
CVE ID :CVE-2026-35064 Published : April 24, 2026, 12:16 a.m. | 1 hour, 53 minutes ago Description :A vulnerability in SenseLive X3050’s management ecosystem allows unauthenticated discovery of deployed units throu
CVE-2026-25775 - SenseLive X3050 Missing authentication for critical function
CVE ID :CVE-2026-25775 Published : April 24, 2026, 12:16 a.m. | 1 hour, 53 minutes ago Description :A vulnerability in SenseLive X3050’s remote management service allows firmware retrieval and update operations to
CVE-2026-35431 - Microsoft Entra ID Entitlement Management Spoofing Vulnerability
CVE ID :CVE-2026-35431 Published : April 23, 2026, 9:37 p.m. | 32 minutes ago Description :None Severity: 10.0 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline,
CVE-2026-24303 - Microsoft Partner Center Elevation of Privilege Vulnerability
CVE ID :CVE-2026-24303 Published : April 23, 2026, 9:37 p.m. | 32 minutes ago Description :None Severity: 9.6 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, a
CVE-2026-33819 - Microsoft Bing Remote Code Execution Vulnerability
CVE ID :CVE-2026-33819 Published : April 23, 2026, 9:35 p.m. | 34 minutes ago Description :None Severity: 10.0 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline,
CVE-2026-33102 - Microsoft 365 Copilot Elevation of Privilege Vulnerability
CVE ID :CVE-2026-33102 Published : April 23, 2026, 9:35 p.m. | 34 minutes ago Description :None Severity: 9.3 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, a
CVE-2026-32210 - Microsoft Dynamics 365 (online) Spoofing Vulnerability
CVE ID :CVE-2026-32210 Published : April 23, 2026, 9:35 p.m. | 34 minutes ago Description :None Severity: 9.3 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, a
Hackers exploit file upload bug in Breeze Cache WordPress plugin
Hackers are actively exploiting a critical vulnerability in the Breeze Cache plugin for WordPress that allows uploading arbitrary files on the server without authentication. [...]