Klue Breach Enables Hackers to Compromise Cybersecurity Firms via OAuth Tokens
At least five cybersecurity firms confirmed they have been affected by a breach of business intelligence platform Klue via Salesforce integration
Threat Intelligence Feed
Aggregating 5595 articles from trusted cybersecurity sources
LATEST CVEs
CVE-2026-12845
Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All r
MED · CVE-2026-12814
A flaw has been found in Comfast CF-WR631AX V3 up to 2.7.0.8. This issue affects the function system of the file /cgi-bi
MED · CVE-2026-12813
A vulnerability was detected in activepieces up to 0.83.0. This vulnerability affects the function handleUrlFile in the
CVE-2026-12812
A security vulnerability has been detected in Radware Cyber Controller up to 10.11.0. This affects an unknown part of th
MED · CVE-2026-12811
A weakness has been identified in kortix-ai suna up to 0.8.38. Affected by this issue is the function router.replace/rou
MED · CVE-2026-12810
A security flaw has been discovered in Edimax BR-6478AC V2 1.23. Affected by this vulnerability is the function mp of th
MED · CVE-2026-12809
A vulnerability was identified in Edimax BR-6478AC V2 1.23. Affected is the function wiz_5in1_redirect of the file /gofo
MED · CVE-2026-12808
A vulnerability was determined in Edimax BR-6478AC V2 1.23. This impacts the function stainfo of the file /goform/stainf
MED · CVE-2026-12807
A vulnerability was found in Edimax BR-6478AC V2 1.23. This affects the function setWAN of the file /goform/setWAN of th
HIGH · CVE-2026-12806
A vulnerability has been found in Edimax BR-6478AC V2 1.23. The impacted element is the function formWlSiteSurvey of the
MED · CVE-2026-12805
A flaw has been found in OFFIS DCMTK up to 3.7.0. The affected element is the function XMLNode::parseFile in the library
MED · CVE-2026-12804
A vulnerability was detected in lemonldap-ng up to 2.23.0. Impacted is an unknown function in the library lemonldap-ng-p
MED · CVE-2026-56412
libexpat before 2.8.2 does not consider XML_TOK_DATA_CHARS in doCdataSection and thus lacks handler call depth tracking
MED · CVE-2026-56411
xmlwf in libexpat before 2.8.2 has an integer overflow in endDoctypeDecl via NOTATION declarations.
MED · CVE-2026-56410
xmlwf in libexpat before 2.8.2 has an integer overflow in resolveSystemId.
MED · CVE-2026-56409
xmlwf in libexpat before 2.8.2 has an integer overflow for the output filename when -d outputDir is used.
MED · CVE-2026-56408
libexpat before 2.8.2 has an integer overflow in copyString.
MED · CVE-2026-56407
libexpat before 2.8.2 has an integer overflow in doProlog that is related to storeEntityValue and entity textLen.
MED · CVE-2026-56406
libexpat before 2.8.2 has an integer overflow in XML_ParseBuffer because it lacked a check that was present in XML_Parse
MED · CVE-2026-56405
libexpat before 2.8.2 has an integer overflow in getAttributeId.
MED · CVE-2026-56404
libexpat before 2.8.2 has an integer overflow in addBinding.
MED · CVE-2026-56403
libexpat before 2.8.2 has an integer overflow in storeAtts.
CRIT · CVE-2026-56397
SiYuan before v3.6.1 fails to sanitize package metadata and README content in the Bazaar marketplace, allowing malicious
HIGH · CVE-2026-56396
phpMyFAQ before 4.1.4 contains missing authorization vulnerabilities in editUser() and updateUserRights() endpoints that
CRIT · CVE-2026-56395
SiYuan before v3.6.1 fails to sanitize package metadata and README content in the Bazaar marketplace, allowing malicious
MED · CVE-2026-56394
Craft CMS from 4.0.0-RC1 contains an authenticated path traversal vulnerability in the assets/icon endpoint where the ex
MED · CVE-2026-56393
Craft CMS 4.x (>= 4.0.0-RC1, < 4.17.0-beta.1) and 5.x (>= 5.0.0-RC1, < 5.9.0-beta.1) contain multiple stored cross-site
MED · CVE-2026-56385
Craft CMS versions >= 5.0.0-RC1, <= 5.9.13 and >= 4.0.0-RC1, <= 4.17.7 contain an authorization bypass in the assets/pre
MED · CVE-2026-56384
Craft CMS contains a missing authorization vulnerability in the assets/preview-thumb endpoint. A Control Panel user with
MED · CVE-2026-56383
Craft CMS contains a stored cross-site scripting (XSS) vulnerability in the editableTable.twig component when using the
HIGH · CVE-2026-56382
Craft CMS (composer package craftcms/cms) versions >= 5.5.0 and <= 5.9.13 contain a remote code execution vulnerability
MED · CVE-2026-56381
Craft CMS from version 5.0.0-RC1 contains a stored cross-site scripting vulnerability in the User Permissions page where
CVE-2026-56378
ImageMagick before 7.1.2-15 (and 6.x before 6.9.13-40) contains a heap out-of-bounds read in the PCD coder's DecodeImage
CVE-2026-56367
ImageMagick before 7.1.2-15 and 6.9.x before 6.9.13-40 contains an integer overflow in the PSB (PSD v2) RLE decoding pat
MED · CVE-2026-56316
Cap-go before 12.128.2 contains an information disclosure vulnerability in the OPTIONS /build/upload/:jobId/* endpoint t
MED · CVE-2026-56299
Capgo before 12.128.2 contains an authentication bypass vulnerability in the /build/upload/:jobId/* endpoint that allows
CRIT · CVE-2026-56265
Crawl4AI before 0.8.7 contains an authentication bypass vulnerability due to a hardcoded default JWT signing key in the
HIGH · CVE-2026-56253
Capgo before 12.128.2 contains an improper access control vulnerability in the public.get_org_members RPC function that
MED · CVE-2026-56251
Capgo before 12.128.2 contains a broken row level security policy in the org_users table that allows authenticated users
HIGH · CVE-2026-56242
Capgo before 12.128.2 contains an unauthenticated security definer RPC function get_identity_apikey_only that returns th
Latest News
No articles found.
Data Breaches
Texas Parks & Wildlife Data Breach Affects 3 Million Individuals
Hackers stole personal information after breaching the systems of a third-party license vendor serving TPWD. The post Texas Parks & Wildlife Data Breach Affe...
Inside GentleKiller: The EDR-Killer Powering The Gentlemen
The Gentlemen equips affiliates with a centralized EDR-killer suite, rapidly weaponizing BYOVD exploits to disable security tools before ransomware attacks. ...
Inside GentleKiller: The EDR-Killer Powering The Gentlemen
The Gentlemen equips affiliates with a centralized EDR-killer suite, rapidly weaponizing BYOVD exploits to disable security tools before ransomware attacks. ...
MDR Provider Comparison: Time to Discover and Respond to Threats
A detailed MDR provider comparison covering tiers, response speed, coverage, threat intelligence, pricing, and breach warranties to help you choose.
Texas TPWD Vendor Breach Exposes 3 Million Customer Records
Texas Cyber Command has disclosed a massive third-party data breach affecting the Texas Parks and Wildlife Department (TPWD), exposing the personal records o...
CISA Warns of Active Exploitation Following FortiBleed Leak
FortiBleed exposed credentials for 74,000 Fortinet devices, with attackers actively exploiting the leak to target systems worldwide. On June 18, CISA issued ...
Klue OAuth breach victim list grows as Icarus hackers claim attack
Market intelligence platform Klue has publicly confirmed a recent security incident that allowed threat actors to steal OAuth tokens used to connect to custo...
Texas govt data breach exposes over 3 million driver’s licenses
The Texas Parks and Wildlife Department (TPWD) disclosed a data breach at its license system vendor that exposed personal information for more than three mil...
The Good, the Bad and the Ugly in Cybersecurity – Week 25
FBI dismantles extensive PhaaS, DragonForce ransomware abuses MS Teams relays, and PRC-based spies breach REDCap servers to steal research data.
Klue breach lead to Salesforce data theft, Huntress affected
Cybersecurity vendor Huntress was among multiple companies hit by a breach originating at Klue, a market intelligence platform used to integrate CRM and sale...
From Assistive to Agentic: The AI Shift That's Redefining Threat Management
Introduction The average enterprise security team has 40 or more security tools, giving a lot of visibility into internal telemetry and asset data. But often...