CVE Alert: CVE-2026-6483 – Wavlink – WL-WN530H4
CVE-2026-6483 HIGHNo exploitation knownPoC observed A vulnerability was found in Wavlink WL-WN530H4 20220721. This vulnerability affects the function strcat/snprintf of...
Vulnerabilities
CVE Alert: CVE-2026-6490 – QueryMine – sms
CVE-2026-6490 HIGHNo exploitation known A weakness has been identified in QueryMine sms up to 7ab5a9ea196209611134525ffc18de25c57d9593. Impacted is an unknown function...
CVE Alert: CVE-2026-6507 – Red Hat – Red Hat Enterprise Linux 10
CVE-2026-6507 HIGHNo exploitation known A flaw was found in dnsmasq. A remote attacker could exploit an out-of-bounds write vulnerability by...
CVE Alert: CVE-2026-4659 – unitecms – Unlimited Elements For Elementor
CVE-2026-4659 HIGHNo exploitation known The Unlimited Elements for Elementor plugin for WordPress is vulnerable to Arbitrary File Read via the...
CVE Alert: CVE-2026-6421 – Mobatek – MobaXterm Home Edition
CVE-2026-6421 HIGHNo exploitation known A vulnerability has been found in Mobatek MobaXterm Home Edition up to 26.1. This affects an...
CVE Alert: CVE-2026-5231 – veronalabs – WP Statistics – Simple, privacy-friendly Google Analytics alternative
CVE-2026-5231 HIGHNo exploitation known The WP Statistics plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'utm_source' parameter...
RedSun, a Windows Privilege Escalation PoC That Turns Defender Into Part of the Attack Chain
Security research occasionally throws up proof of concepts that are technically clever, slightly ridiculous, and deeply uncomfortable all at once....
CVE Alert: CVE-2026-34197 – Apache Software Foundation – Apache ActiveMQ Broker
CVE-2026-34197 UnknownExploitation active Improper Input Validation, Improper Control of Generation of Code ('Code Injection') vulnerability in Apache ActiveMQ Broker, Apache...
CVE Alert: CVE-2026-3489 – designinvento – DirectoryPress – Business Directory And Classified Ad Listing
CVE-2026-3489 HIGHNo exploitation known The DirectoryPress – Business Directory And Classified Ad Listing plugin for WordPress is vulnerable to SQL...
CVE Alert: CVE-2026-3876 – specialk – Prismatic
CVE-2026-3876 HIGHNo exploitation known The Prismatic plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'prismatic_encoded' pseudo-shortcode in...
CVE Alert: CVE-2025-14868 – shahinurislam – Career Section
CVE-2025-14868 HIGHNo exploitation known The Career Section plugin for WordPress is vulnerable to Cross-Site Request Forgery leading to Path Traversal...
CVE Alert: CVE-2026-3599 – imprintnext – Riaxe Product Customizer
CVE-2026-3599 HIGHNo exploitation known The Riaxe Product Customizer plugin for WordPress is vulnerable to SQL Injection via the 'options' parameter...
CVE Alert: CVE-2026-5050 – jconti – Payment Gateway for Redsys & WooCommerce Lite
CVE-2026-5050 HIGHNo exploitation known The Payment Gateway for Redsys & WooCommerce Lite plugin for WordPress is vulnerable to Improper Verification...
CVE Alert: CVE-2026-3614 – acyba – AcyMailing – An Ultimate Newsletter Plugin and Marketing Automation Solution for WordPress
CVE-2026-3614 HIGHNo exploitation known The AcyMailing plugin for WordPress is vulnerable to privilege escalation in all versions From 9.11.0 up...
CVE Alert: CVE-2026-1620 – livemesh – Livemesh Addons by Elementor
CVE-2026-1620 HIGHNo exploitation known The Livemesh Addons for Elementor plugin for WordPress is vulnerable to Local File Inclusion in all...
CVE Alert: CVE-2023-3634 – Festo – MSE6-C2M-5000-FB36-D-M-RG-BAR-M12L4-AGD
CVE-2023-3634 HIGHNo exploitation known In products of the MSE6 product-family by Festo a remote authenticated, low privileged attacker could use...
CVE Alert: CVE-2026-40502 – HKUDS – OpenHarness
CVE-2026-40502 HIGHNo exploitation known OpenHarness prior to commit dd1d235 contains a command injection vulnerability that allows remote gateway users with...
CVE Alert: CVE-2026-6351 – Openfind – MailGates
CVE-2026-6351 HIGHNo exploitation known MailGates/MailAudit developed by Openfind has a CRLF Injection vulnerability, allowing unauthenticated remote attackers to exploit this...
CVE Alert: CVE-2026-6348 – Simopro Technology – WinMatrix
CVE-2026-6348 HIGHNo exploitation known WinMatrix agent developed by Simopro Technology has a Missing Authentication vulnerability, allowing authenticated local attackers to...
CVE Alert: CVE-2026-22676 – Barracuda Networks – RMM
CVE-2026-22676 HIGHNo exploitation known Barracuda RMM versions prior to 2025.2.2 contain a privilege escalation vulnerability that allows local attackers to gain...
CVE Alert: CVE-2026-6384 – Red Hat – Red Hat Enterprise Linux 6
CVE-2026-6384 HIGHNo exploitation known A flaw was found in gimp. This buffer overflow vulnerability in the GIF image loading component's...
CVE Alert: CVE-2026-4145 – Lenovo – Software Fix
CVE-2026-4145 HIGHNo exploitation known During an internal security assessment, a potential vulnerability was discovered in Lenovo Software Fix that could...
CVE Alert: CVE-2026-20204 – Splunk – Splunk Enterprise
CVE-2026-20204 HIGHNo exploitation known In Splunk Enterprise versions below 10.2.1, 10.0.5, 9.4.10, and 9.3.11, and Splunk Cloud Platform versions below...
CVE Alert: CVE-2026-4134 – Lenovo – Software Fix
CVE-2026-4134 HIGHNo exploitation known During an internal security assessment, a potential vulnerability was discovered in Lenovo Software Fix, that during...
