Skip to content

Menu
  • Home
Menu

CVE-2025-71358 – picklescan – Remote Code Execution via idlelib.autocomplete.AutoComplete.get_entity

Posted on June 23, 2026

CVE ID :CVE-2025-71358 Published : June 22, 2026, 9:04 p.m. | 4 hours, 5 minutes ago Description :picklescan before 0.0.29 fails to detect malicious pickle files that exploit idlelib.autocomplete.AutoComplete.get_entity function in reduce methods. Attackers…

CVE-2026-12806 – Edimax BR-6478AC V2 POST Request formWlSiteSurvey buffer overflow

Posted on June 22, 2026

CVE ID :CVE-2026-12806 Published : June 21, 2026, 7:30 p.m. | 5 hours, 40 minutes ago Description :A vulnerability has been found in Edimax BR-6478AC V2 1.23. The impacted element is the function formWlSiteSurvey…

CVE-2026-56397 – SiYuan – Remote Code Execution via Malicious Bazaar Package Metadata and README

Posted on June 22, 2026

CVE ID :CVE-2026-56397 Published : June 21, 2026, 1:27 p.m. | 11 hours, 43 minutes ago Description :SiYuan before v3.6.1 fails to sanitize package metadata and README content in the Bazaar marketplace, allowing malicious…

CVE-2026-56396 – phpMyFAQ – Privilege Escalation via Missing Authorization in editUser() and updateUserRights()

Posted on June 22, 2026

CVE ID :CVE-2026-56396 Published : June 21, 2026, 1:27 p.m. | 11 hours, 43 minutes ago Description :phpMyFAQ before 4.1.4 contains missing authorization vulnerabilities in editUser() and updateUserRights() endpoints that allow authenticated administrators to…

CVE-2026-56395 – SiYuan – Remote Code Execution via Malicious Bazaar Package Metadata and README

Posted on June 22, 2026

CVE ID :CVE-2026-56395 Published : June 21, 2026, 1:27 p.m. | 11 hours, 43 minutes ago Description :SiYuan before v3.6.1 fails to sanitize package metadata and README content in the Bazaar marketplace, allowing malicious…

CVE-2026-56382 – Craft CMS – Remote Code Execution via Missing Config Sanitization in FieldsController

Posted on June 22, 2026

CVE ID :CVE-2026-56382 Published : June 21, 2026, 1:26 p.m. | 11 hours, 43 minutes ago Description :Craft CMS (composer package craftcms/cms) versions >= 5.5.0 and Severity: 8.6 | HIGH Visit the link for…

CVE-2026-56345 – AVideo – Arbitrary User Session Hijacking via Meet Plugin uploadRecordedVideo Endpoint

Posted on June 21, 2026

CVE ID :CVE-2026-56345 Published : June 20, 2026, 6:27 p.m. | 6 hours, 42 minutes ago Description :AVideo through 29.0 contains an authorization bypass vulnerability in the Meet plugin’s uploadRecordedVideo.json.php endpoint that derives the…

CVE-2026-56341 – AVideo – Unauthenticated Access to Payment Log DataTables Endpoints via list.json.php

Posted on June 21, 2026

CVE ID :CVE-2026-56341 Published : June 20, 2026, 6:27 p.m. | 6 hours, 42 minutes ago Description :AVideo through version 26.0 contains multiple unauthenticated list.json.php endpoints in payment plugins lacking authorization checks, exposing PayPal…

CVE-2026-56340 – vLLM – Denial of Service via Unvalidated Multimodal Embeddings

Posted on June 21, 2026

CVE ID :CVE-2026-56340 Published : June 20, 2026, 6:27 p.m. | 6 hours, 42 minutes ago Description :vLLM versions >= 0.10.2 and Severity: 8.8 | HIGH Visit the link for more details, such as…

CVE-2026-5366 – Git Argument Injection in prefecthq/prefect

Posted on June 21, 2026

CVE ID :CVE-2026-5366 Published : June 20, 2026, 4:43 p.m. | 8 hours, 26 minutes ago Description :Prefect version 3.6.23 is vulnerable to remote code execution due to improper handling of user-controlled input in…

Posts pagination

Previous 1 … 7 8 9 … 106 Next

Site map

  • About Us
  • Privacy Policy
  • Terms & Conditions of Use
©2026 | Design: Newspaperly WordPress Theme