Threat Intelligence Feed

Aggregating 6641 articles from trusted cybersecurity sources

LATEST CVEs
CRIT · CVE-2026-34099 Guardian language-system passes the id GET parameter directly into an unsanitized SQL query in job_info.php (line 16): S MED · CVE-2026-34098 Guardian language-system fails to sanitize the id GET parameter before inserting it into HTML source and form action att MED · CVE-2026-34097 Guardian language-system fails to sanitize the id GET parameter before inserting it into multiple HTML form action attri MED · CVE-2026-34096 Guardian language-system fails to sanitize the name GET parameter before outputting it into an HTML input value attribut MED · CVE-2026-27409 Missing Authorization vulnerability in Webba Plugins Webba Booking allows Exploiting Incorrectly Configured Access Contr HIGH · CVE-2026-20244 A vulnerability in the DMG file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS c HIGH · CVE-2026-20243 A vulnerability in the ALZ file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS c HIGH · CVE-2026-20217 A vulnerability in the PESpin file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a Do HIGH · CVE-2026-20216 A vulnerability in the InstallShield file format parser of ClamAV could allow an unauthenticated, remote attacker to cau HIGH · CVE-2026-20215 A vulnerability in the 7z file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS co HIGH · CVE-2026-20214 A vulnerability in the FSG file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS c HIGH · CVE-2026-20213 A vulnerability in the PE file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS co HIGH · CVE-2026-20191 A vulnerability in Cisco Catalyst Center could allow an unauthenticated, remote attacker to read arbitrary files from a MED · CVE-2026-13211 The genucenter web interface before version 8.0p11 unnecessarily exposes sensitive SNMP authentication and encryption ke CVE-2026-12480 Keras versions up to and including 3.13.2 are vulnerable to an arbitrary HDF5 file read due to an incomplete fix for CVE CVE-2026-8857 A vulnerability in Wikimedia Foundation timeline. This vulnerability is associated with program files scripts/EasyTime MED · CVE-2026-8480 A vulnerability was discovered on Stormshield Network Security 4.3.0  to 4.3.41 (included), 4.4.0 to 4.8.15 (included) , CRIT · CVE-2026-58127 PACSgear MediaWriter 5.2.1 exposes a .NET Remoting TCP service on port 9000 via PacsgearMediaServerEngine.dll, registere CRIT · CVE-2026-58126 PACSgear PACS Scan 5.2.1 contains an unauthenticated remote code execution vulnerability that allows remote attackers to CVE-2026-58038 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia F CVE-2026-58037 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia F CVE-2026-58036 Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulne CVE-2026-58033 Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulne CVE-2026-58032 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia F CVE-2026-58030 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia F CVE-2026-58029 Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Api/ApiC CVE-2026-58028 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia F CVE-2026-58027 Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation AbuseFilter. This vul CVE-2026-58026 Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulne CVE-2026-58025 Deserialization of untrusted data vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated wi CVE-2026-58024 Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki. This vulne CRIT · CVE-2026-57517 Control Web Panel before 0.9.8.1225 contains a blind SQL injection vulnerability that allows unauthenticated remote atta CRIT · CVE-2026-24270 NVIDIA AIStore framework contains a vulnerability where an attacker could bypass authentication. A successful exploit of MED · CVE-2026-24266 NVIDIA Triton Inference Server for Linux contains a vulnerability where an attacker can cause a use-after-free issue. A HIGH · CVE-2026-24264 NVIDIA Triton Inference Server for Linux contains a vulnerability where an attacker can cause improper handling of highl HIGH · CVE-2026-24260 NVIDIA Container Toolkit for Linux contains a vulnerability where an attacker could cause a time-of-check time-of-use ra HIGH · CVE-2026-24251 NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause improper control of dynamically HIGH · CVE-2026-24250 NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause improper validation of allowed i HIGH · CVE-2026-24249 NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause deserialization of untrusted dat HIGH · CVE-2026-24248 NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause improper control of code generat
2887 General 771 Vulnerability Disclosure 759 CVE 533 Campaigns 367 Data Breach 340 Malware

Trending Vendors

Latest News

In memoriam: David Harley

Former colleagues and friends remember the cybersecurity researcher, author, and mentor whose work bridged the human and technical sides of security

ESET Research →

Data Breaches