Posts of last 24 hours
Currently trending CVE - Hype Score: 1 - NGINX Plus and NGINX Open Source have a vulnerability in the ngx_http_ssi_module module. This vulnerability may exist when the Server-Side Includes (SSI), proxy_pass, and proxy_buffering off directives are configured. With this configuration, an unauthenticated attacker with ...
https://cvemon.intruder.io/cves/CVE-2026-56434
Currently trending CVE - Hype Score: 15 - Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to execute code over a network.
https://cvemon.intruder.io/cves/CVE-2026-58644
Currently trending CVE - Hype Score: 11 - Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.
https://cvemon.intruder.io/cves/CVE-2026-58536
Currently trending CVE - Hype Score: 15 - A Server-side request forgery (SSRF) vulnerability has been identified in the SMA1000 Appliance Work Place interface. A remote unauthenticated attacker could potentially cause the appliance to make requests to unintended location.
https://cvemon.intruder.io/cves/CVE-2026-15409
Currently trending CVE - Hype Score: 10 - Unitree Go2 firmware versions 1.1.7 through 1.1.11, when used with the Unitree Go2 Android application (com.unitree.doggo2), are vulnerable to remote code execution due to missing integrity protection and validation of user-created programmes. The Android application stores ...
https://cvemon.intruder.io/cves/CVE-2026-27510
Currently trending CVE - Hype Score: 10 - Unitree Go2 firmware versions V1.1.7 through V1.1.9, and V1.1.11 (EDU) do not implement DDS authentication or authorization for the Eclipse CycloneDDS topic rt/api/programming_actuator/request handled by actuator_manager.py. A network-adjacent, unauthenticated attacker can join ...
https://cvemon.intruder.io/cves/CVE-2026-27509
Currently trending CVE - Hype Score: 12 - A improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet FortiSandbox 4.4.0 through 4.4.8 may allow attacker to execute unauthorized code or commands via
https://cvemon.intruder.io/cves/CVE-2026-39808
Currently trending CVE - Hype Score: 12 - A improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4.0 through 4.4.8, FortiSandbox 4.2 all versions, FortiSandbox Cloud 5.0.4 through 5.0.5, FortiSandbox PaaS ...
https://cvemon.intruder.io/cves/CVE-2026-25089
Currently trending CVE - Hype Score: 11 - Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.
https://cvemon.intruder.io/cves/CVE-2025-62221
Currently trending CVE - Hype Score: 8 - Insufficient input validation leading to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server
https://cvemon.intruder.io/cves/CVE-2025-5777