ARTIKEL SUCHE
Threat Feed QueryDurchsuche alle aggregierten Security-Artikel nach Schlagworten, CVE-IDs und Quellen.
Juniper Networks Default Password Vulnerability Let Attacker Take Full Control of the Device
A critical security alert warns of a severe default password vulnerability affecting Support Insights Virtual Lightweight Collector (vLWC) appliances. This flaw enables unauthenticated network-based attackers to gain ful
Marimo RCE Flaw CVE-2026-39987 Exploited Within 10 Hours of Disclosure
A critical security vulnerability in Marimo, an open-source Python notebook for data science and analysis, has been exploited within 10 hours of public disclosure, according to findings from Sysdig. The vulnerability in
CVE-2026-33788 - Junos OS Evolved: Local, authenticated attacker can gain privileged access to FPCs
CVE ID :CVE-2026-33788 Published : April 9, 2026, 10:16 p.m. | 22 minutes ago Description :A Missing Authentication for Critical Function vulnerability in the Flexible PIC Concentrators (FPCs) of Juniper Networks J
CVE-2026-4436 - GPL Odorizers GPL750 Missing Authentication for Critical Function
CVE ID :CVE-2026-4436 Published : April 9, 2026, 8:16 p.m. | 22 minutes ago Description :A low-privileged remote attacker can send Modbus packets to manipulate register values that are inputs to the odorant inject
CVE-2025-13926 - Contemporary Controls BASC 20T Reliance on Untrusted Inputs in a Security Decision
CVE ID :CVE-2025-13926 Published : April 9, 2026, 8:16 p.m. | 22 minutes ago Description :An attacker could use data obtained by sniffing the network traffic to forge packets in order to make arbitrary requests to
CVE-2026-35556 - Plaintext storage of a password in OpenPLC_V3
CVE ID :CVE-2026-35556 Published : April 9, 2026, 7:16 p.m. | 1 hour, 22 minutes ago Description :OpenPLC_V3 is vulnerable to a Plaintext Storage of a Password vulnerability that could allow an attacker to retrieve
CISA Warns of Critical Ivanti EPMM Code Injection Vulnerability Exploited in Attacks
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding a critical security flaw in Ivanti Endpoint Manager Mobile (EPMM). The agency recently added this flaw, tracked as CVE-20
Multiple SonicWall Vulnerabilities Enable SQL Injection and Privilege Escalation Attacks
SonicWall has released a critical security advisory addressing four vulnerabilities affecting its Secure Mobile Access (SMA) 1000 series appliances. These security flaws could allow remote attackers to escalate privilege
CVE-2026-34184 - Missing Authorization in Hydrosystem Control System
CVE ID :CVE-2026-34184 Published : April 9, 2026, 10:16 a.m. | 22 minutes ago Description :Hydrosystem Control System does not enforce authorization for some directories. This allows an unauthorized attacker to rea
CISA orders feds to patch exploited Ivanti EPMM flaw by Sunday
CISA has given U.S. government agencies four days to secure their systems against a critical-severity vulnerability in Ivanti Endpoint Manager Mobile (EPMM) that has been exploited in attacks since January. [...]
CVE-2025-30650 - Junos OS: Privileged local user can gain access to a Linux-based FPC as root
CVE ID :CVE-2025-30650 Published : April 8, 2026, 5:26 p.m. | 1 hour, 12 minutes ago Description :A Missing Authentication for Critical Function vulnerability in command processing of Juniper Networks Junos OS allo
IBM Identity and Verify Access Vulnerabilities Allow Remote Attacker to Access Sensitive Data
A critical security bulletin highlights multiple vulnerabilities in Verify Identity Access and Security Verify Access products. If left unpatched, these widespread security flaws could allow malicious actors to access se
CVE-2026-25776 - Six Apart Ltd Movable Type Perl Code Injection Vulnerability
CVE ID :CVE-2026-25776 Published : April 8, 2026, 9:16 a.m. | 1 hour, 22 minutes ago Description :Movable Type provided by Six Apart Ltd. contains a code injection vulnerability which may allow an attacker to execu
Claude Finds 13-Year-Old 0-Day RCE Vulnerability in Apache ActiveMQ in 10 Minutes
A critical remote code execution (RCE) vulnerability has been disclosed in Apache ActiveMQ Classic, a flaw that sat undetected for over a decade and was ultimately discovered not by a human researcher manually combing th
CUPS Vulnerability Chain Enables Remote Attacker to Execute Malicious Code as Root User
A critical vulnerability chain in the Common Unix Printing System (CUPS) that allows unauthenticated remote attackers to execute arbitrary malicious code with root system privileges. Security researcher Asim Viladi Oglu
Hackers exploit critical flaw in Ninja Forms WordPress plugin
A critical vulnerability in the Ninja Forms File Uploads premium add-on for WordPress allows uploading arbitrary files without authentication, which can lead to remote code execution. [...]
New BPFDoor Variants Use Stateless C2 and ICMP Relays to Evade Detection
A dangerous Linux backdoor called BPFDoor has returned in a more powerful form, with researchers uncovering new variants built to stay invisible inside critical network infrastructure. Linked to a China-nexus threat acto
Attackers exploit critical Flowise flaw CVE-2025-59528 for remote code execution
Attackers are exploiting a critical Flowise flaw, tracked as CVE-2025-59528 (CVSS score of 10), that lets them run malicious code and access systems due to poor validation of user-supplied JavaScript. Attackers are activ
CVE-2026-39355 - Genealogy is Missing Authorization in `TeamController::transferOwnership()` Allows Any Authenticated User to Hijack Any Team (Broken Access Control)
CVE ID :CVE-2026-39355 Published : April 7, 2026, 7:16 p.m. | 1 hour, 21 minutes ago Description :Genealogy is a family tree PHP application. Prior to 5.9.1, a critical broken access control vulnerability in the ge
CVE-2026-39337 - ChurchCRM Affected by Unauthenticated RCE in Install Wizard
CVE ID :CVE-2026-39337 Published : April 7, 2026, 6:16 p.m. | 21 minutes ago Description :ChurchCRM is an open-source church management system. Prior to 7.1.0, critical pre-authentication remote code execution vuln