ARTIKEL SUCHE
Threat Feed QueryDurchsuche alle aggregierten Security-Artikel nach Schlagworten, CVE-IDs und Quellen.
Critical Plesk Vulnerability Let Users Execute Arbitrary Commands on the Server
A newly disclosed critical vulnerability in Plesk, tracked as CVE-2026-44962, is raising serious security concerns after researchers confirmed it can allow authenticated users to execute arbitrary operating system comman
[Critical] CVE-2026-7858 – A Deserialization of Untrusted Data vulnerability affecting Teamwork Cloud from ...
Critical CVE-2026-7858 A Deserialization of Untrusted Data vulnerability affecting Teamwork Cloud from No Magic Release 2022x through No Magic Release 2026x and Magic Collaboration Studio from CATIA Magic Release 2022x t
[Medium] CVE-2026-40547 – SOPlanning is vulnerable to Path Traversal in backup endpoints. Authenticated r...
Medium CVE-2026-40547 SOPlanning is vulnerable to Path Traversal in backup endpoints. Authenticated remote attacker is able to exploit a vulnerable endpoint and construct payloads that allow reading and executing files
[High] CVE-2026-27788 – Incorrect permission assignment for critical resource issue exists in ServerView...
High CVE-2026-27788 Incorrect permission assignment for critical resource issue exists in ServerView Agents for Windows V11.60.04 and earlier. If this vulnerability is exploited, a local authenticated attacker who can lo
CVE-2026-27788 - ServerView Agents for Windows Privilege Escalation Vulnerability
CVE ID :CVE-2026-27788 Published : June 1, 2026, 9:16 a.m. | 1 hour, 57 minutes ago Description :Incorrect permission assignment for critical resource issue exists in ServerView Agents for Windows V11.60.04 and ear
Critical WP Maps Pro Flaw Actively Exploited to Create Admin Accounts
Threat actors are attempting to actively exploit a critical security flaw impacting WP Maps Pro, a WordPress plugin that has had over 15,000 sales on the Envato Market, to create malicious administrator accounts on susce
[Critical] CVE-2026-48188 – An improper Input Validation vulnerability in OTRS or ((OTRS)) Community Edition...
Critical CVE-2026-48188 An improper Input Validation vulnerability in OTRS or ((OTRS)) Community Edition database layer module allows an unauthenticated SQL injection which can lead to an authentication bypass. This issu
Instagram Meta AI Vulnerability Allegedly Enables Password Reset for Accounts
A critical flaw in Meta’s AI-powered account recovery tool on Instagram allowed attackers to hijack high-value accounts by tricking the chatbot into forwarding password reset codes with no verification required. Security
Windows Netlogon 0-Click RCE Vulnerability Now Actively Exploited In The Wild
The critical Windows Netlogon remote code execution (RCE) vulnerability tracked as CVE-2026-41089 is now under active exploitation in the wild, significantly raising the risk profile for unpatched Windows Server environm
[Critical] CVE-2026-10187 – A vulnerability was detected in Totolink N300RH 6.1c.1353_B20190305. Affected by...
Critical CVE-2026-10187 A vulnerability was detected in Totolink N300RH 6.1c.1353_B20190305. Affected by this issue is the function setWiFiBasicConfig of the file wireless.so of the component Web Management Interface. Pe
Microsoft Releases KB5089573 for Windows 11 to Fix Patch Tuesday Install Issues
Microsoft has rolled out a new cumulative update, KB5089573, for Windows 11 versions 25H2 and 24H2, targeting a critical installation failure that affected users following the May 2026 Patch Tuesday release. The update b
[Critical] CVE-2018-25412 – Delta Sql 1.8.2 contains an arbitrary file upload vulnerability that allows unau...
Critical CVE-2018-25412 Delta Sql 1.8.2 contains an arbitrary file upload vulnerability that allows unauthenticated attackers to upload malicious files by sending POST requests to docs_upload.php with crafted multipart f
Exploit Code Published for Critical Flowise RCE Vulnerability
The one-click vulnerability allows attackers to execute arbitrary code on self-hosted Flowise servers by tricking users into importing a malicious chatflow. The post Exploit Code Published for Critical Flowise RCE Vulner
[Critical] CVE-2026-45697 – Formie is a Craft CMS plugin for creating forms. Prior to 2.2.20 and 3.1.24, una...
Critical CVE-2026-45697 Formie is a Craft CMS plugin for creating forms. Prior to 2.2.20 and 3.1.24, unauthenticated users could submit crafted values into Hidden fields (with Default value → Custom) that were evaluated
[Critical] CVE-2026-45372 – cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library...
Critical CVE-2026-45372 cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.44.0, when cpp-httplib's server parses an incoming request, it applies percent-decoding to every header
[Critical] CVE-2026-9051 – There is an authentication bypass vulnerability in the NI SystemLink Enterprise ...
Critical CVE-2026-9051 There is an authentication bypass vulnerability in the NI SystemLink Enterprise Dashboard application that may allow an unauthenticated remote attacker to bypass authentication controls leading to
[Critical] CVE-2026-47744 – Shopper is a Headless e-commerce Admin Panel. Prior to 2.8.0, two distinct autho...
Critical CVE-2026-47744 Shopper is a Headless e-commerce Admin Panel. Prior to 2.8.0, two distinct authorization defects in the team settings allowed any authenticated panel user to take over the RBAC system. Settings/Te
[Critical] CVE-2026-44649 – SillyTavern is a locally installed user interface that allows users to interact ...
Critical CVE-2026-44649 SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to 1.18
[Critical] CVE-2026-7786 – Jinan USR IOT Technology Limited (PUSR) USR-W610 RS232/485 to Wi-Fi/Ethernet Con...
Critical CVE-2026-7786 Jinan USR IOT Technology Limited (PUSR) USR-W610 RS232/485 to Wi-Fi/Ethernet Converter device firmware contains plaintext administrative credentials embedded in the firmware image. These credential
[Critical] CVE-2026-5386 – The affected KMW CCTV Security Cameras are vulnerable to a critical unauthentica...
Critical CVE-2026-5386 The affected KMW CCTV Security Cameras are vulnerable to a critical unauthenticated password reset. This flaw allows an attacker to remotely reset the administrator password to a known value withou