/

Threat Intelligence Feed

Aggregating 5789 articles from trusted cybersecurity sources

/
All General Vulnerability Disclosure CVE Campaigns Data Breach Malware Zero-Day Ransomware
LATEST CVEs
HIGH · CVE-2026-56785 FlatPress versions prior to commit 10be83c, contains a stored cross-site scripting vulnerability in comment and contact CRIT · CVE-2026-54588 Poweradmin is a web-based DNS administration tool for PowerDNS server. Versions prior to 4.2.4 and 4.3.3 use the attacke MED · CVE-2026-48493 Snipe-IT is an IT asset/license management system. In versions prior to 8.6.0, a user with only users.edit can send a PA MED · CVE-2026-47693 Poweradmin is a web-based DNS administration tool for PowerDNS server. Versions prior to 4.2.4 and 4.3.3 are vulnerable MED · CVE-2026-12164 Fortra File Integrity Monitoring (FIM), formerly Tripwire Enterprise, versions prior to 9.4.0 may assign incorrect or el MED · CVE-2026-12163 Fortra File Integrity Monitoring (FIM), formerly Tripwire Enterprise, versions prior to 9.4.0.1 contain a stored cross-s CVE-2026-11972 When using the "tarfile" module with a file opened in "streaming mode" (mode="r|") the tarfile module did not properly h MED · CVE-2026-54518 jackson-databind contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. From MED · CVE-2026-9073 A flaw was found in foreman-mcp-server. This component utilizes two distinct logging mechanisms that can expose sensitiv CVE-2026-56120 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority as it's a duplicate of CVE-20 MED · CVE-2026-54517 jackson-databind contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. From MED · CVE-2026-54516 jackson-databind contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. From MED · CVE-2026-54515 jackson-databind contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. From MED · CVE-2026-54514 jackson-databind contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. From HIGH · CVE-2026-54513 jackson-databind contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. From HIGH · CVE-2026-54512 jackson-databind contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. From CVE-2026-53931 NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, the spreadsheet-import endpoint axiosRequ CVE-2026-53930 NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, the base-migration endpoint accepted a ca CVE-2026-53929 NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, with NC_SECURE_ATTACHMENTS=true, an authe CVE-2026-53928 NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, a stolen refresh token survived a passwor CVE-2026-53927 NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, the spreadsheet-fetch endpoint (axiosRequ CVE-2026-53926 NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, revokeAllOAuthTokensByUser in the users s CVE-2026-50193 jackson-databind contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor. From CVE-2026-47388 NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, a low-privilege MCP token holder with kno CVE-2026-47387 NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, the shared form-view submit handler (pack CVE-2026-47386 NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, two concurrent token-exchange requests us CVE-2026-47385 NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, an authenticated user with base-create pe CVE-2026-47384 NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, an authenticated user with column-create CVE-2026-47383 NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, an authenticated commenter could store HT CVE-2026-47382 NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, the connection-test endpoint opened a raw CVE-2026-47381 NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, a user in one workspace could exercise an CVE-2026-47380 NocoDB is software for building databases as spreadsheets. Prior to 2026.04.1, sign-in response timing differed between CVE-2026-47379 NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, the shared-view password check fell back CVE-2026-47378 NocoDB is software for building databases as spreadsheets. Prior to 2026.04.1, Public shared-view endpoints exposed valu CVE-2026-47377 NocoDB is software for building databases as spreadsheets. Prior to 2026.04.1, the client-side hashRedirect plugin calle CVE-2026-47376 NocoDB is software for building databases as spreadsheets. Prior to 2026.04.1, the password-reset page rendered the URL MED · CVE-2026-47375 NocoDB is software for building databases as spreadsheets. Prior to 2026.04.1, an authenticated user with columnAdd perm CVE-2026-47279 NocoDB is software for building databases as spreadsheets. Prior to 2026.05.1, the public shared-view relation endpoints CVE-2026-46554 NocoDB is software for building databases as spreadsheets. Prior to 2026.04.4, deleted API tokens continued to authentic CVE-2026-46553 NocoDB is software for building databases as spreadsheets. Prior to 2026.04.1, the upload-by-URL path did not enforce NC
2461 General 708 Vulnerability Disclosure 653 CVE 461 Campaigns 333 Data Breach 305 Malware

Trending Vendors

Microsoft (687) Google (342) Amazon (238) Intel (186) Apple (145) Cisco (127) Linux (121) GitHub (105) Palo Alto Networks (103) Oracle (67) WordPress (59) Check Point (49) Cloudflare (43) Fortinet (42) Rapid7 (35)

Latest News

Data Breaches

FreeIntelHub · Open-source CTI platform

All articles belong to their respective owners. FreeIntelHub aggregates publicly available RSS feeds for informational purposes only. DMCA