Aggregator

A vulnerability has been found in MISP up to 2.5.36 and classified as critical. This vulnerability affects unknown code. This manipulation causes sql injection. This vulnerability is handled as CVE-2026-44381. The attack can be initiated remotely. There is not any exploit available. The affected component should be upgraded.

A vulnerability was found in MISP up to 2.5.36. It has been declared as critical. The affected element is an unknown function. Executing a manipulation can lead to incorrect authorization. The identification of this vulnerability is CVE-2026-44380. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Dataease SQLBot up to 1.7.x. It has been classified as critical. This affects an unknown function of the file /api/v1/datasource/exportDsSchema. The manipulation leads to authorization bypass. This vulnerability is uniquely identified as CVE-2026-42463. The attack is possible to be carried out remotely. No exploit exists. Upgrading the affected component is recommended.

A vulnerability has been found in OPNsense up to 26.1.6 and classified as problematic. The affected element is the function lockout_handler of the component Username Handler. Performing a manipulation results in improper restriction of excessive authentication attempts. This vulnerability is known as CVE-2026-44195. Remote exploitation of the attack is possible. No exploit is available. The affected component should be upgraded.

Banks across the United States, Europe, and Japan are accelerating efforts to strengthen cy

Cybersecurity researchers are warning that attackers have already started exploiting a newl

C’è una data che molti soggetti NIS stanno guardando con una certa apprensione: il 31 maggio 2026. È

根据发表在《国家科学评论》期刊上的一项研究，中科院研究团队汇总 588 个湖泊的高精度实测水下地形和水深数据。研究发现，我国湖泊水深受地形地貌影响，西部高海拔内流湖盆区受构造断陷和冰川侵蚀影响，形成了深水湖泊，而东部平原因长期泥沙淤积，形成浅碟形湖泊。全国湖泊总蓄水量约 1081-1285 立方公里，其中淡水约 335 立方公里，咸水约 839 立方公里。约 65% 的湖泊淡水储存于青藏高原等西部内流湖盆区少数几个深水开放型湖泊。学界对我国淡水湖的关注多聚焦于东部平原区及云贵高原，但本研究发现，青藏高原不仅拥有塔若错、玛旁雍错、吴如错等超大型深水淡水湖，其湖区天然湖泊的淡水总储量超过东部平原湖区：青藏高原湖泊区人均储量约为 20680 立方米，而东部平原湖泊区人均储量仅为 65 立方米，两者相差近 330 倍。

Massive MENA cybercrime Operation Ramz disrupts infrastructure and arrests 201 suspec

INTERPOL led Operation Ramz in MENA, resulting in 201 arrests and 382 suspects tied to cybercrime networks. INTERPOL coordinated Operation Ramz across the Middle East and North Africa, leading to 201 arrests and identifying 382 additional suspects. ” A first-of-its-kind cybercrime operation in the MENA region has led to the arrest of 201 individuals, with a […]

Bridewell report calls out emergence of “fix-style” attacks

Currently trending CVE - Hype Score: 5 - May 2026: This security advisory provides the details and fix information for a vulnerability that was discovered and fixed after the was disclosed in February 2026. This new advisory is for a new vulnerability in the control connection handshaking. The section of this ...

Currently trending CVE - Hype Score: 4 - Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network.

Колёса с дачи, моторы с детского электромобиля — рецепт идеального гигантского робота.

Popular browser extensions have historically been perceived as benign, utilitarian artifacts—innocuous implements such as color droppers, ad-blockers, or

The post Phoenix Invicta Extension Malware Strips CSP Headers to Bypass Manifest V3 appeared first on Penetration Testing Tools.

A vulnerability, which was classified as critical, was found in n8n-io n8n up to 1.123.31/2.17.3/2.18.0. This vulnerability affects unknown code. Such manipulation leads to improperly controlled modification of object prototype attributes. This vulnerability is traded as CVE-2026-42232. The attack may be launched remotely. There is no exploit available. You should upgrade the affected component.

A vulnerability was found in n8n-io n8n up to 1.123.31/2.17.3/2.18.0. It has been rated as critical. Affected is an unknown function of the component XML Handler. This manipulation causes improperly controlled modification of object prototype attributes. This vulnerability is tracked as CVE-2026-42231. The attack is possible to be carried out remotely. No exploit exists. Upgrading the affected component is advised.

A vulnerability, which was classified as problematic, has been found in n8n-io n8n up to 1.123.31/2.17.3/2.18.0. This affects an unknown part of the file /mcp-oauth/register. This manipulation of the argument redirect_uri causes open redirect. This vulnerability appears as CVE-2026-42230. The attack may be initiated remotely. There is no available exploit. It is advisable to upgrade the affected component.

A vulnerability, which was classified as critical, was found in n8n-io n8n up to 1.123.31/2.17.3/2.18.0. This affects an unknown function of the file /chat of the component WebSocket Endpoint. Executing a manipulation can lead to missing authorization. This vulnerability is handled as CVE-2026-42228. The attack can be executed remotely. There is not any exploit available. You should upgrade the affected component.