CVE ID :CVE-2026-48109 Published : June 22, 2026, 9:19 p.m. | 3 hours, 50 minutes ago Description :MessagePack for C# is a MessagePack serializer for C#. Prior to 2.5.301 and 3.1.7, A vulnerability exists…
CVE-2026-56348 – n8n – Credential Exfiltration via Allowed HTTP Request Domains Bypass in Dynamic Node Parameters Endpoint
CVE ID :CVE-2026-56348 Published : June 22, 2026, 9:04 p.m. | 4 hours, 5 minutes ago Description :n8n before 2.20.0 contains a credential exfiltration vulnerability in the POST /rest/dynamic-node-parameters/options endpoint that allows authenticated users…
CVE-2026-56324 – Capgo – Rate Limit Bypass via User-Controlled device_id Parameter
CVE ID :CVE-2026-56324 Published : June 22, 2026, 9:04 p.m. | 4 hours, 5 minutes ago Description :Capgo before 12.128.2 contains a rate limit bypass vulnerability in the channel_self endpoint that allows attackers to…
CVE-2026-56266 – Crawl4AI – Server-Side Request Forgery via Direct Crawl Endpoints
CVE ID :CVE-2026-56266 Published : June 22, 2026, 9:04 p.m. | 4 hours, 5 minutes ago Description :Crawl4AI before 0.8.7 contains a server-side request forgery vulnerability in the /crawl, /crawl/stream, /md, and /llm endpoints…
CVE-2025-71358 – picklescan – Remote Code Execution via idlelib.autocomplete.AutoComplete.get_entity
CVE ID :CVE-2025-71358 Published : June 22, 2026, 9:04 p.m. | 4 hours, 5 minutes ago Description :picklescan before 0.0.29 fails to detect malicious pickle files that exploit idlelib.autocomplete.AutoComplete.get_entity function in reduce methods. Attackers…
CVE-2026-12806 – Edimax BR-6478AC V2 POST Request formWlSiteSurvey buffer overflow
CVE ID :CVE-2026-12806 Published : June 21, 2026, 7:30 p.m. | 5 hours, 40 minutes ago Description :A vulnerability has been found in Edimax BR-6478AC V2 1.23. The impacted element is the function formWlSiteSurvey…
CVE-2026-56397 – SiYuan – Remote Code Execution via Malicious Bazaar Package Metadata and README
CVE ID :CVE-2026-56397 Published : June 21, 2026, 1:27 p.m. | 11 hours, 43 minutes ago Description :SiYuan before v3.6.1 fails to sanitize package metadata and README content in the Bazaar marketplace, allowing malicious…
CVE-2026-56396 – phpMyFAQ – Privilege Escalation via Missing Authorization in editUser() and updateUserRights()
CVE ID :CVE-2026-56396 Published : June 21, 2026, 1:27 p.m. | 11 hours, 43 minutes ago Description :phpMyFAQ before 4.1.4 contains missing authorization vulnerabilities in editUser() and updateUserRights() endpoints that allow authenticated administrators to…
CVE-2026-56395 – SiYuan – Remote Code Execution via Malicious Bazaar Package Metadata and README
CVE ID :CVE-2026-56395 Published : June 21, 2026, 1:27 p.m. | 11 hours, 43 minutes ago Description :SiYuan before v3.6.1 fails to sanitize package metadata and README content in the Bazaar marketplace, allowing malicious…
CVE-2026-56382 – Craft CMS – Remote Code Execution via Missing Config Sanitization in FieldsController
CVE ID :CVE-2026-56382 Published : June 21, 2026, 1:26 p.m. | 11 hours, 43 minutes ago Description :Craft CMS (composer package craftcms/cms) versions >= 5.5.0 and Severity: 8.6 | HIGH Visit the link for…