Skip to main content
COSMICBYTEZLABS
NewsSecurityHOWTOsToolsStudyTraining
ProjectsNewsletterHire MeAbout
Subscribe

Press Enter to search or Esc to close

News
Security
HOWTOs
Tools
Study
Training
Projects
Newsletter
Hire Me
About
RSS Feed
Reading List
Subscribe

Stay in the Loop

Get the latest security alerts, tutorials, and tech insights delivered to your inbox.

Subscribe NowFree forever. No spam.
COSMICBYTEZLABS

Your trusted source for IT intelligence, cybersecurity insights, and hands-on technical guides.

1310+ Articles
157+ Guides

CONTENT

  • Latest News
  • Security Alerts
  • HOWTOs
  • Checklists
  • Projects
  • Exam Prep

RESOURCES

  • Search
  • Browse Tags
  • Newsletter Archive
  • Reading List
  • RSS Feed

COMPANY

  • About Us
  • Contact
  • Privacy Policy
  • Terms of Service

© 2026 CosmicBytez Labs. All rights reserved.

System Status: Operational
All tags
6 articles

#High

All CosmicBytez Labs articles tagged #High, across news, security advisories, how-to guides, and projects.

  • SecurityMay 31, 2026

    CVE-2026-10167: School Student Management System Cookie Auth Bypass

    A high-severity authentication bypass vulnerability in OUSL-GROUP BrinaryBrains School Student Management System allows manipulation of the sign_auth_cookie function, enabling unauthorized access via crafted cookie values. CVSS 7.3.

  • SecurityApr 22, 2026

    CVE-2026-22753: Spring Security Filter Chain Bypass via

    A high-severity flaw in Spring Security allows security filter chains to silently fail to match requests when PathPatternRequestMatcher.Builder is used to...

  • SecurityApr 21, 2026

    CVE-2025-2749: Kentico Xperience Path Traversal

    Kentico Xperience contains a path traversal vulnerability allowing an authenticated user's Staging Sync Server to upload arbitrary data to relative path...

  • SecurityApr 9, 2026

    CVE-2026-4498: Kibana Fleet Plugin Privilege Escalation

    A high-severity privilege escalation flaw in Kibana's Fleet plugin debug route handlers allows authenticated users with limited Fleet sub-feature...

  • SecurityMar 29, 2026

    CVE-2026-5016: elecV2P SSRF Vulnerability in URL Handler

    A server-side request forgery vulnerability in elecV2P up to version 3.8.3 allows remote attackers to manipulate the eAxios function via the /mock...

  • SecurityMar 21, 2026

    CVE-2025-43510: Apple Multiple Products Improper Locking

    Apple watchOS, iOS, iPadOS, macOS, visionOS, and tvOS contain an improper locking vulnerability allowing a malicious app to cause unexpected changes in...