CVE ID :CVE-2026-9155 Published : June 25, 2026, 12:25 a.m. | 45 minutes ago Description :OS Command Injection vulnerability in Rapid7 InsightConnect Sed Plugin on Linux allows authenticated attackers to execute arbitrary OS…
CVE-2026-7569 – Quest NetVault Backup viewclient Cross-Site Scripting Authentication Bypass Vulnerability
CVE ID :CVE-2026-7569 Published : June 24, 2026, 11:15 p.m. | 1 hour, 55 minutes ago Description :Quest NetVault Backup viewclient Cross-Site Scripting Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication…
CVE-2026-9787 – Quest NetVault Backup NVBULogDaemon Command Injection Remote Code Execution Vulnerability
CVE ID :CVE-2026-9787 Published : June 24, 2026, 11:15 p.m. | 1 hour, 55 minutes ago Description :Quest NetVault Backup NVBULogDaemon Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute…
CVE-2026-9786 – Quest NetVault Backup NVBUDashboard SQL Injection Remote Code Execution Vulnerability
CVE ID :CVE-2026-9786 Published : June 24, 2026, 11:15 p.m. | 1 hour, 55 minutes ago Description :Quest NetVault Backup NVBUDashboard SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute…
CVE-2026-9785 – Quest NetVault Backup NVBULibrarySlot SQL Injection Remote Code Execution Vulnerability
CVE ID :CVE-2026-9785 Published : June 24, 2026, 11:14 p.m. | 1 hour, 56 minutes ago Description :Quest NetVault Backup NVBULibrarySlot SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute…
CVE-2026-7574 – Anthropic Claude Desktop Cowork VM Image Contents Not Validated Before Use
CVE ID :CVE-2026-7574 Published : June 23, 2026, 11:54 p.m. | 1 hour, 16 minutes ago Description :Anthropic Claude Desktop Cowork VM image handling (confirmed across v1.1348.0 through v1.2278.0, including v1.1348.0, v1.1617.0, and v1.2278.0)…
CVE-2026-56785 – FlatPress – Stored Cross-Site Scripting via Unescaped Comment and Contact Form Fields
CVE ID :CVE-2026-56785 Published : June 23, 2026, 10:09 p.m. | 3 hours, 1 minute ago Description :FlatPress versions prior to commit 10be83c, contains a stored cross-site scripting vulnerability in comment and contact forms…
CVE-2026-11972 – tarfile opened in streaming mode mishandles EOF
CVE ID :CVE-2026-11972 Published : June 23, 2026, 10:02 p.m. | 3 hours, 8 minutes ago Description :When using the “tarfile” module with a file opened in “streaming mode” (mode=”r|”) the tarfile module did…
CVE-2026-41862 – Spring Statemachine Deserialisation Vulnerability
CVE ID :CVE-2026-41862 Published : June 23, 2026, 8:59 p.m. | 4 hours, 11 minutes ago Description :Spring Statemachine’s Kryo-based persistence backends (JPA, MongoDB, Redis and ZooKeeper) deserialise persisted state-machine contexts without enforcing a…
CVE-2026-54512 – jackson-databind: PolymorphicTypeValidator bypass via generic type parameters allows arbitrary class instantiation
CVE ID :CVE-2026-54512 Published : June 23, 2026, 8:56 p.m. | 4 hours, 14 minutes ago Description :jackson-databind contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. From 2.10.0 until 2.18.8, 2.21.4,…