ARTIKEL SUCHE
Threat Feed QueryDurchsuche alle aggregierten Security-Artikel nach Schlagworten, CVE-IDs und Quellen.
[Critical] CVE-2026-9311 – IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to remote code execu...
Critical CVE-2026-9311 IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to remote code execution caused by the bypass of security controls. CVSS: 9.0 · CWE: CWE-94 View on NVD
[Critical] CVE-2026-9319 – IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to potential remote ...
Critical CVE-2026-9319 IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to potential remote code execution due to deserialization of untrusted data via JAX-WS endpoints with WS-Security. CVSS: 9.0 · CWE: CWE-5
[Critical] CVE-2026-0072 – In addInputMethodListener of com.android.server.inputmethod.InputMethodManagerSe...
Critical CVE-2026-0072 In addInputMethodListener of com.android.server.inputmethod.InputMethodManagerService, there is a missing permission check. This could lead to local escalation of privilege with no additional execu
CVE-2026-8644 - IBM WebSphere Application Server is affected by an identity spoofing vulnerability
CVE ID :CVE-2026-8644 Published : June 1, 2026, 5:46 p.m. | 1 hour, 27 minutes ago Description :IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to identity spoofing. Severity: 9.1 | CRITICAL Vis
[Critical] CVE-2026-45132 – CloudPirates Open Source Helm Charts is a collection of Helm charts. Prior to co...
Critical CVE-2026-45132 CloudPirates Open Source Helm Charts is a collection of Helm charts. Prior to commit fcf9302, a GitHub Actions workflow (generate-schema.yaml) exposes sensitive credentials (Personal Access Token
[Critical] CVE-2026-44211 – Cline is an autonomous coding agent as an SDK, IDE extension, or CLI assistant. ...
Critical CVE-2026-44211 Cline is an autonomous coding agent as an SDK, IDE extension, or CLI assistant. In versions 2.13.0 and prior, there is a cross-origin WebSocket hijack vulnerability in Cline Kanban servers. At tim
[Critical] CVE-2026-42672 – Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti...
Critical CVE-2026-42672 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Wp Directory Kit WP Directory Kit allows Blind SQL Injection. This issue affects WP Directory
IBM WebSphere Server Vulnerable to Remote Code Execution Attack Via Crafted Request
IBM has disclosed a critical security vulnerability in its WebSphere Application Server ecosystem that could allow attackers to execute arbitrary code through specially crafted HTTP requests. The flaw, tracked as CVE-202
Critical Magento Cache Plugin Vulnerability Enables Remote Code Execution Attacks
A critical security vulnerability has been discovered in a widely used Magento caching plugin that allows attackers to remotely execute malicious code with no login, configuration changes, or admin access required. Secur
Critical MCP Toolbox Vulnerability Impacts Enterprise Database onnectors
A newly disclosed vulnerability, tracked as CVE-2026-9739, is raising security concerns across enterprise environments using MCP Toolbox, particularly those that rely on Server-Sent Events (SSE) for database connectivity
[Critical] CVE-2026-8931 – A critical Remote Code Execution (RCE) vulnerability exists in Disig Web Signer ...
Critical CVE-2026-8931 A critical Remote Code Execution (RCE) vulnerability exists in Disig Web Signer versions 2.0.3 through 2.5.3. CVSS: 9.4 · CWE: CWE-94 View on NVD
[Critical] CVE-2026-48866 – Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') v...
Critical CVE-2026-48866 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Rocketgenius Inc. Gravity Forms allows Path Traversal. This issue affects Gravity Forms: from n/a t
[Critical] CVE-2026-48879 – Incorrect Privilege Assignment vulnerability in Sergey AIWU allows Privilege Esc...
Critical CVE-2026-48879 Incorrect Privilege Assignment vulnerability in Sergey AIWU allows Privilege Escalation. This issue affects AIWU: from n/a through 1.4.17. CVSS: 9.8 · CWE: CWE-266 View on NVD
[Critical] CVE-2026-42682 – Missing Authorization vulnerability in Tomdever wpForo Forum allows Exploiting I...
Critical CVE-2026-42682 Missing Authorization vulnerability in Tomdever wpForo Forum allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects wpForo Forum: from n/a through 3.0.6. CVSS
[Critical] CVE-2026-42680 – Incorrect Privilege Assignment vulnerability in Wasiliy Strecker / ContestGaller...
Critical CVE-2026-42680 Incorrect Privilege Assignment vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery Pro allows Privilege Escalation. This issue affects Contest Gallery Pro: from n/a throu
[Critical] CVE-2026-0826 – In certain scenarios when the admin has enabled Interactive Connectivity Establi...
Critical CVE-2026-0826 In certain scenarios when the admin has enabled Interactive Connectivity Establishment (ICE), a buffer overflow could enable remote code execution on Poly Voice products on the Linux
Critical Windows Netlogon Vulnerability in Attackers’ Crosshairs
Organizations are advised to patch CVE-2026-41089 as soon as possible, given its severity, the potential ongoing exploitation. The post Critical Windows Netlogon Vulnerability in Attackers’ Crosshairs appeared first on S
CVE-2026-48879 - WordPress AIWU plugin <= 1.4.17 - Privilege Escalation vulnerability
CVE ID :CVE-2026-48879 Published : June 1, 2026, 2:38 p.m. | 35 minutes ago Description :Incorrect Privilege Assignment vulnerability in Sergey AIWU allows Privilege Escalation. This issue affects AIWU: from n/a t
CVE-2026-8931 - Critical RCE vulnerability in Disig Web Signer
CVE ID :CVE-2026-8931 Published : June 1, 2026, 2:31 p.m. | 42 minutes ago Description :A critical Remote Code Execution (RCE) vulnerability exists in Disig Web Signer versions 2.0.3 through 2.5.3. Severity: 9.4
Critical Windows Netlogon RCE flaw now exploited in attacks
The Centre for Cybersecurity Belgium (CCB), the country's national authority for cybersecurity, warned on Friday that threat actors are now exploiting a recently patched critical Windows Netlogon vulnerability in attacks