All CosmicBytez Labs articles tagged #CVE, across news, security advisories, how-to guides, and projects.
Google's June 2026 Android security update patches 124 vulnerabilities including one zero-day flaw that has been actively exploited in targeted attacks against Android devices.
Palo Alto Networks warns that CVE-2026-0257, a CVSS 7.8 authentication bypass in PAN-OS GlobalProtect, is under active exploitation by hackers attempting...
A Server-Side Template Injection flaw in Mautic's Twig-based theme engine allows authenticated users with theme upload permissions to execute arbitrary...
phpMyFAQ before 4.1.3 contains a CVSS 8.2 flaw allowing unauthenticated attackers to reset any account password without token validation, enabling full...
Rapid7 discloses a critical CVSS 9.4 RCE in Gogs, the popular self-hosted Git service, letting any authenticated user run arbitrary code on the server.
Buffer overflow in Synology BeeStation OS AdminCenter lets unauthenticated attackers execute code remotely (CVSS 9.8) — patch to 1.3.2-65648 now.
Critical Lumiverse <0.9.7 flaw lets malicious extensions execute arbitrary code via package.json lifecycle scripts run by the Spindle build pipeline.
Critical sandbox escape in Lumiverse <0.9.7 lets attackers bypass JS global shadowing via crafted TSX component overrides, enabling code execution.
CISA adds CVE-2026-48027 to KEV after a malicious Nx Console VS Code extension was found harvesting credentials from disk and memory via obfuscation.
Microsoft has released updates fixing CVE-2026-45659, a CVSS 8.8 remote code execution vulnerability in SharePoint Server that requires no specialized.
Twitter-Clone 1 contains a high-severity SQL injection vulnerability in follow.php that allows attackers to extract sensitive database information through.
A remotely exploitable SQL injection vulnerability in the admin panel of itsourcecode Electronic Judging System 1.0 allows attackers to manipulate database.
CISA has added CVE-2026-9082, a SQL injection vulnerability in Drupal Core, to its Known Exploited Vulnerabilities catalog following confirmed in-the-wild...
Drupal is warning that hackers are actively attempting to exploit a 'highly critical' SQL injection vulnerability, CVE-2026-9082, announced earlier this...
A maximum-severity vulnerability in the LiteSpeed User-End cPanel Plugin, tracked as CVE-2026-48172 with a CVSS score of 10.0, is under active...
CISA adds CVE-2025-34291 to the Known Exploited Vulnerabilities catalog — an overly permissive CORS configuration combined with a SameSite=None refresh...
Drupal has released an urgent security update for CVE-2026-9082, a highly critical flaw that can be exploited without authentication to achieve...
Microsoft has issued emergency patches for two Windows Defender vulnerabilities that were actively exploited as zero-days before fixes were available....
A coordinated wave of critical security patches landed this week from Ivanti, Fortinet, SAP, VMware, and n8n. Topping the list is CVE-2026-8043 in Ivanti...
A zero-day XSS vulnerability in Microsoft Exchange Server (CVE-2026-42897) is being actively exploited in the wild, allowing attackers to compromise...
Cisco has patched a maximum-severity authentication bypass flaw in its Catalyst SD-WAN Controller that has already been exploited in limited attacks....
A heap buffer overflow in NGINX's rewrite module is under active exploitation, days after disclosure. The CVSS 9.2 flaw impacts both NGINX Plus and Open...
A missing WordPress capability check in the AI Engine plugin's MCP OAuth bearer-token path allows any authenticated user to escalate privileges to...
Cisco has patched CVE-2026-20182, a zero-day in Catalyst SD-WAN Manager that has been actively exploited in targeted attacks by sophisticated threat actor...
A security researcher claims Microsoft silently patched an Azure Backup for AKS vulnerability after rejecting his disclosure report — issuing no CVE and...
Microsoft has shared mitigations for CVE-2026-42897 until a permanent patch can be released for affected Exchange Server versions actively being targeted...
A critical CVSS 9.8 vulnerability in iDS6 DSSPro Digital Signage System 6.2 allows attackers to retrieve valid CAPTCHA codes from the login endpoint and...
A critical CVSS 9.8 memory safety flaw in libbabl 0.1.62 allows attackers to call babl_free() twice on the same pointer without triggering the library's...
A critical unsandboxed Apache Velocity template injection vulnerability in OpenMRS Core allows authenticated attackers to execute arbitrary code on the...
A high-severity authorization bypass in Open WebUI prior to 0.9.5 allows authenticated users to attach arbitrary files to resources they do not own via...
A stored cross-site scripting vulnerability in vCluster Platform allows attackers to inject and execute arbitrary JavaScript via the name field of a...
Researchers have disclosed multiple critical vulnerabilities in NGINX Plus and NGINX Open Source, including a heap buffer overflow in...
Critical authentication bypass vulnerability in ELECOM wireless LAN access point devices allows unauthenticated attackers to access protected URLs and...
Microsoft's May 2026 Patch Tuesday delivers security updates for 120 vulnerabilities across Windows, Edge, Office, Azure, and more — with no zero-days...
Microsoft's May 2026 Patch Tuesday addresses 138 security vulnerabilities across its product portfolio, including 30 rated Critical — with notable DNS...
An authenticated user with database write privileges can trigger an out-of-bounds memory write in the mongod process via a flaw in MongoDB Server's...
A CVSS 7.5 denial-of-service vulnerability in Apple iOS and iPadOS allows a remote attacker to exhaust device resources and crash the operating system...
The Apache Software Foundation has released urgent security updates for the Apache HTTP Server addressing a severe vulnerability in the HTTP/2 protocol...
Ivanti has disclosed a high-severity improper input validation vulnerability in Endpoint Manager Mobile (EPMM) that is being actively exploited in the...
Researchers have disclosed a critical out-of-bounds read vulnerability in Ollama that enables remote unauthenticated attackers to leak the entire process...
Palo Alto Networks has disclosed that CVE-2026-0300, a critical CVSS 9.3 buffer overflow in the PAN-OS User-ID Authentication service, is being actively...
A critical unauthenticated SQL injection vulnerability in Beauty Parlour Management System v1.1 allows attackers to dump the entire backend database via a...
A missing sighash validation in ZEBRA, the Rust-based Zcash node, allowed invalid V5 transactions to pass consensus checks — patched in zebrad 4.3.1 and...
A timing attack vulnerability in RELATE's check_sign_in_key() function could allow attackers to infer valid sign-in keys through response time differences...
A critical unauthenticated vulnerability in Plunk, the open-source AWS SES email platform, allows attackers to forge Amazon SNS webhook payloads without...
A high-severity security bypass in Argo Workflows (CVSS 8.1) allows users with Workflow creation permissions to escape templateReferencing: Strict mode,...
A critical improper access control flaw in Azure Managed Instance for Apache Cassandra allows an authorized network attacker to execute arbitrary code,...
A critical command injection vulnerability in the electerm terminal client allows remote attackers to achieve unauthenticated code execution on macOS...
A critical command injection flaw in electerm's Linux installer allows remote attackers to execute arbitrary shell commands by injecting into unsanitized...
A critical SQL injection vulnerability in LiteLLM's proxy server allows unauthenticated attackers to manipulate database queries during API key...
The U.S. Cybersecurity and Infrastructure Security Agency has added CVE-2026-31431, a Linux kernel privilege escalation flaw enabling root access, to its...
The Brizy Page Builder plugin for WordPress contains a critical unauthenticated Stored Cross-Site Scripting flaw in versions up to 2.8.11, enabling...
A newly disclosed critical vulnerability in cPanel and WHM tracked as CVE-2026-41940 is being mass-exploited by ransomware actors to breach web hosting...
An incomplete fix for CVE-2026-41635 leaves Apache MINA 2.1.x and 2.2.x branches exposed to a critical deserialization bypass via...
The critical CVE-2026-41940 authentication bypass vulnerability in cPanel, WHM, and WP Squared is being actively exploited in the wild and has been...
CISA has added two actively exploited vulnerabilities to its Known Exploited Vulnerabilities catalog — CVE-2024-1708 affecting ConnectWise ScreenConnect...
GitHub has patched CVE-2026-3854, a critical remote code execution vulnerability exploitable via a single HTTP request that could have granted attackers...
Dell iDRAC10 versions 1.20.70.50 and 1.30.05.10 contain a race condition vulnerability allowing authenticated low-privileged attackers to gain elevated...
Cybersecurity researchers have disclosed CVE-2026-25874, a critical unauthenticated remote code execution vulnerability (CVSS 9.3) in Hugging Face's...
Threat actors are actively exploiting CVE-2026-42208, a critical pre-authentication SQL injection vulnerability in the LiteLLM open-source LLM gateway,...
A high-severity Firefox vulnerability (CVE-2026-6770) exploits the internal ordering of IndexedDB database names to generate a stable 44-bit fingerprint...
A CVSS 8.1 high-severity collection of memory safety bugs affects Firefox 149, Firefox ESR 140.9, Firefox ESR 115.34, Thunderbird 149, and Thunderbird ESR...
A critical CVSS 9.8 OS command injection vulnerability in the Totolink A8000RU router allows unauthenticated remote attackers to execute arbitrary...
A command injection flaw in end-of-life D-Link DIR-823X routers allows authenticated remote attackers to execute arbitrary OS commands. CISA has added...
A critical CVSS 9.9 elevation of privilege vulnerability in Azure IoT Central allows an authenticated attacker to escalate privileges over a network by...
A critical code injection vulnerability in the FunnelFormsPro WordPress plugin through version 3.8.1 allows remote code inclusion, enabling attackers to...
A critical arbitrary file upload vulnerability in the end-of-life Borg SPM 2007 application allows unauthenticated attackers to upload web shell backdoors...
A critical authentication bypass vulnerability in the end-of-life Borg SPM 2007 application permits unauthenticated remote attackers to log into the...
A critical SQL injection vulnerability in the end-of-life Borg SPM 2007 application allows unauthenticated remote attackers to inject arbitrary SQL...
A critical improper access control vulnerability in EspoCRM's built-in formula scripting engine allows authenticated administrators to overwrite the...
A critical pre-authorization remote code execution vulnerability in Marimo, the open-source reactive Python notebook, allows unauthenticated attackers to...
A critical SQL injection vulnerability in Jellystat, the open-source statistics app for Jellyfin, allows authenticated users to execute arbitrary SQL...
A critical CVSS 9.1 authorization bypass in the WordPress Create DB Tables plugin (all versions up to 1.2.1) allows unauthenticated users to create or...
A new Mirai-based malware campaign is actively exploiting CVE-2025-29635, a high-severity command-injection vulnerability in end-of-life D-Link DIR-823X...
A high-severity vulnerability in Oracle Life Sciences Empirica Signal versions 9.2.1-9.2.3 allows a low-privileged attacker with network access via HTTP...
A high-severity flaw in Spring Security allows security filter chains to silently fail to match requests when PathPatternRequestMatcher.Builder is used to...
A critical RCE flaw in BeyondTrust Bomgar remote monitoring and management software is being actively exploited to spread ransomware and compromise...
Kentico Xperience contains a path traversal vulnerability allowing an authenticated user's Staging Sync Server to upload arbitrary data to relative path...
OpenAEV's password reset implementation contains multiple chained weaknesses enabling reliable account takeover in versions 1.0.0 through 2.0.12 of the...
A critical privilege escalation flaw in OpenXiangShan NEMU's RISC-V hypervisor extension allows a VS-mode guest write to the supervisor interrupt-enable...
A critical unauthenticated RCE vulnerability in Spinnaker's clouddriver service allows attackers to execute arbitrary commands on clouddriver pods,...
A critical code injection flaw in Spinnaker's Echo service allows unrestricted Spring Expression Language (SPeL) execution via artifact processing,...
Vvveb CMS versions prior to 1.0.8.1 allow unauthenticated attackers to inject arbitrary PHP code through the installation endpoint's unsanitized subdir...
A critical CVSS 9.8 command injection vulnerability in the SGLang AI inference framework allows attackers to achieve remote code execution by supplying a...
A critical authentication bypass vulnerability in nginx-ui, a popular open-source web-based Nginx management interface, is being actively exploited to...
The National Institute of Standards and Technology will stop assigning CVSS severity scores to lower-priority vulnerabilities in the NVD as CVE submission...
This week's cybersecurity roundup covers the proposed Satellite Cybersecurity Act, a $90,000 Chrome heap overflow bug, a 16-year-old hacker arrest,...
A critical SQL injection vulnerability in CodeAstro Simple Attendance Management System v1.0 allows unauthenticated remote attackers to bypass login...
A critical heap buffer overflow in the SAIL image library's XWD codec arises from a mismatch between pixel depth and bits-per-pixel, enabling arbitrary...
A critical out-of-bounds write in SAIL's PSD codec occurs when the pixel buffer is allocated using a raw header formula that doesn't account for actual...
A critical heap write-past-end vulnerability in SAIL's TGA codec RLE decoder stems from an asymmetric bounds check that correctly validates run-packets...
A critical vulnerability in a programmable logic controller allows unauthenticated network attackers to brute force weak passwords and gain full...
The CMP Coming Soon & Maintenance Plugin for WordPress contains a critical arbitrary file upload flaw that allows subscriber-level authenticated users to...
SiYuan knowledge management versions 3.6.3 and below render Mermaid diagrams with loose security, allowing attacker-controlled javascript: URLs to execute...
A critical OS command injection vulnerability (CVSS 9.8) in Totolink A7100RU firmware allows unauthenticated remote attackers to execute arbitrary...
A critical OS command injection flaw (CVSS 9.8) in Totolink A7100RU enables remote unauthenticated attackers to execute arbitrary commands by manipulating...
CVE-2026-6114 is a critical OS command injection vulnerability (CVSS 9.8) in the Totolink A7100RU router's setNetworkCfg function, exploitable remotely...
CVE-2026-6115 describes a critical OS command injection vulnerability (CVSS 9.8) in the Totolink A7100RU router, exploitable remotely and without...
A critical CVSS 9.1 vulnerability in Apache Airflow fails to invalidate JWT tokens upon user logout, allowing intercepted tokens to be reused for...
A critical CVSS 9.1 flaw in Canonical LXD versions 4.12 through 6.7 omits raw.apparmor and raw.qemu.conf from the VM low-level option denylist, allowing...
A critical CVSS 9.1 vulnerability in Canonical LXD before 6.8 allows authenticated attackers to bypass project restrictions during backup import. The...
A high-severity LDAP injection vulnerability in OPNsense's authentication connector allows unauthenticated attackers to bypass login controls by injecting...
A critical OS command injection vulnerability (CVSS 9.8) in TOTOLINK A7100RU routers allows unauthenticated remote attackers to execute arbitrary system...
A second critical OS command injection vulnerability (CVSS 9.8) in TOTOLINK A7100RU routers allows unauthenticated remote attackers to execute arbitrary...
A high-severity privilege escalation flaw in Kibana's Fleet plugin debug route handlers allows authenticated users with limited Fleet sub-feature...
A critical CVSS 9.8 path traversal vulnerability in goshs, a SimpleHTTPServer written in Go, allows unauthenticated attackers to write arbitrary files via...
A remotely exploitable SQL injection vulnerability (CVE-2026-5637) has been disclosed in projectworlds Car Rental System 1.0. The flaw exists in...
A critical zero-day in FortiClient EMS with a CVSS score of 9.8 is being actively exploited in the wild while Fortinet has released only an emergency...
A high-severity denial-of-service vulnerability in DokuWiki v.2025-05-14b 'Librarian' allows remote attackers to crash the application by exploiting the...
A high-severity authorization flaw in the ProfilePress WordPress plugin (up to v4.16.11) lets unauthenticated or low-privilege users bypass membership...
A high-severity Insecure Direct Object Reference vulnerability in the WCFM Frontend Manager for WooCommerce plugin (up to v6.7.25) lets authenticated...
A crafted short X-Wing HPKE encapsulated key can trigger an out-of-bounds read in the C decapsulation path of Apple's swift-crypto library, potentially...
A large-scale credential harvesting campaign has been observed exploiting the React2Shell vulnerability (CVE-2025-55182) as an initial infection vector,...
Google has released a Chrome security update patching 21 vulnerabilities including a high-severity use-after-free zero-day in the Dawn graphics engine...
A critical CVSS 9.8 vulnerability in the MAVLink drone communication protocol allows unauthenticated attackers to send arbitrary SERIAL_CONTROL commands —...
A high-severity heap buffer overflow in Chrome's GPU component allows remote attackers to execute arbitrary code via a crafted HTML page. Affects all...
F5 has reclassified a BIG-IP APM vulnerability from denial-of-service to critical remote code execution, warning that attackers are actively exploiting...
A critical CVSS 9.8 vulnerability in OpenClaw allows attackers to bypass the exec allowlist by exploiting improper glob pattern normalization where the ?...
A critical CVSS 9.8 authorization bypass in OpenClaw's Zalouser allowlist mode matches mutable group display names instead of stable identifiers, letting...
A critical CVSS 9.8 vulnerability in OpenClaw allows attackers to replay a valid bootstrap setup code multiple times before approval, escalating device...
Perl versions 5.9.4 through 5.43.8 ship a vulnerable Compress::Raw::Zlib core module that inherits CVE-2026-3381 from a vendored zlib dependency. CVSS 9.8...
A CVSS 10.0 critical vulnerability in steam-trader 2.1.1 exposes Steam account credentials, identity secrets, and shared secrets to unauthenticated remote...
A server-side request forgery vulnerability in elecV2P up to version 3.8.3 allows remote attackers to manipulate the eAxios function via the /mock...
A critical vulnerability in Gematik Authenticator prior to version 4.16.0 allows attackers to hijack authentication sessions via malicious deep links,...
A critical unauthenticated RCE vulnerability in F5 BIG-IP APM is being actively exploited in the wild. Malicious traffic targeting access policy virtual...
A critical unauthenticated information disclosure vulnerability in SiYuan, the personal knowledge management system, allows remote attackers to retrieve...
A critical path traversal vulnerability in SiYuan's /api/file/readDir interface allows unauthenticated remote attackers to traverse notebook directories...
A critical chain of vulnerabilities in WWBN AVideo's CloneSite plugin allows fully unauthenticated attackers to achieve remote code execution via key...
CVE-2026-20131, a maximum-severity CVSS 10.0 insecure deserialization flaw in Cisco Firepower Management Center, was exploited by Interlock ransomware as...
CVE-2026-33017, a CVSS 9.3 unauthenticated remote code execution vulnerability in the Langflow AI platform, was weaponized by threat actors within 20...
Apple watchOS, iOS, iPadOS, macOS, visionOS, and tvOS contain an improper locking vulnerability allowing a malicious app to cause unexpected changes in...
A critical CVSS 9.9 authorization bypass in OpenClaw allows authenticated users to self-declare elevated scopes over WebSocket connections without...
Oracle has released an out-of-band security update to fix a critical unauthenticated remote code execution vulnerability in Oracle Identity Manager and...
Researchers have disclosed a critical unauthenticated remote code execution vulnerability in the GNU InetUtils telnet daemon (telnetd). CVE-2026-32746...
The Interlock ransomware gang has been actively exploiting a CVSS 10.0 insecure deserialization flaw in Cisco Secure Firewall Management Center since late...
A critical unauthenticated remote code execution vulnerability (CVSS 9.8) in Oracle's Edge Cloud Infrastructure Designer and Visualisation Toolkit allows...
A critical (CVSS 9.6) authorization bypass vulnerability in the moodle-mod_customcert plugin allows any teacher with manage capability in a single course...
A high-severity OS command injection vulnerability (CVSS 9.1) in the Angeet ES3 KVM switch allows authenticated attackers to execute arbitrary OS-level...
A critical command injection vulnerability in kubectl-mcp-server allows unauthenticated attackers to execute arbitrary OS commands through unsanitized...
A critical heap buffer overflow in YAML::Syck for Perl allows remote code execution through crafted YAML input that exceeds the 512-byte class name...
A critical missing authentication flaw (CVSS 9.8) in DrangSoft's GCB/FCB Audit Software allows unauthenticated remote attackers to directly access...
CVE-2015-20115 is a stored cross-site scripting vulnerability in RealtyScript 4.0.2 that allows authenticated attackers to upload malicious script files...
CISA has added CVE-2025-47813, a medium-severity information disclosure flaw in Wing FTP Server, to its KEV catalog after confirming active exploitation...
Veeam Software has released a critical security update for Backup & Replication, patching five remote code execution vulnerabilities with CVSS scores...
CISA added CVE-2025-68613 — a CVSS 9.9 remote code execution flaw in n8n's workflow expression evaluator — to its Known Exploited Vulnerabilities catalog...
Security researchers have published details of two newly patched critical vulnerabilities in n8n — CVE-2026-27577 (CVSS 9.4), an expression sandbox escape...
CISA adds CVE-2025-68613 to the Known Exploited Vulnerabilities catalog — a CVSS 9.9 flaw in n8n's workflow expression evaluation system that enables...
Structured checklist for building and maintaining a vulnerability management program — scan cadence, patching SLAs, risk acceptance workflows, remediation...
A high-severity host header injection vulnerability in ZITADEL's login V2 password reset flow allows attackers to redirect reset links to...
A critical cross-site scripting vulnerability in ZITADEL's login V2 /saml-post endpoint allows unauthenticated attackers to execute arbitrary JavaScript...
A stored cross-site scripting vulnerability in ZITADEL's login V2 interface allows organization administrators to inject malicious JavaScript via a...
A critical unauthenticated RCE vulnerability in International Datacasting Corporation's SFX Series satellite receivers allows attackers to execute...
CISA has added two Roundcube Webmail vulnerabilities to the Known Exploited Vulnerabilities catalog — CVE-2025-49113 (CVSS 9.9, deserialization RCE) and...
Microsoft's February 2026 Patch Tuesday addresses roughly 60 vulnerabilities including six actively exploited zero-days across Windows, Office, and Azure...
FIRST predicts a median of 59,427 new CVEs in 2026 with realistic scenarios reaching 70,000-100,000 vulnerabilities, as software complexity and...
Microsoft's February 2026 Patch Tuesday addresses 60 vulnerabilities including 6 actively exploited zero-days and 3 publicly disclosed issues, with...
Critical path traversal vulnerability in WinRAR enables ransomware and credential theft as Russian and Chinese threat actors weaponize phishing campaigns...
CVE-2026-1642 affects NGINX OSS and Plus when proxying to upstream TLS servers, allowing attackers to inject plaintext data into responses.
Security researchers have identified a severe authentication bypass vulnerability affecting multiple enterprise VPN products. Immediate patching recommended.
Maximum severity flaw in Modular DS WordPress plugin allows unauthenticated privilege escalation. All versions through 2.5.1 affected with active...
Google has released an emergency Chrome update to fix a zero-day vulnerability being actively exploited in targeted attacks against journalists and activists.
Security researchers warn of mass exploitation campaigns targeting Fortinet FortiGate firewalls. Over 50,000 devices believed to be compromised globally.
CVE-2026-0625 allows unauthenticated remote code execution on legacy D-Link DSL routers. Devices are end-of-life with no patches forthcoming. Immediate...
Microsoft's first security update of 2026 addresses 114 vulnerabilities including three zero-days. One flaw is actively exploited in the wild with CISA...