Aggregator

Submit #734551 / VDB-341716

Submit #734550 / VDB-341715

Submit #734549 / VDB-341714

Submit #734548 / VDB-341713

Submit #734535 / VDB-341712

A vulnerability described as critical has been identified in itsourcecode Society Management System 1.0. The affected element is an unknown function of the file /admin/delete_activity.php. Executing a manipulation of the argument activity_id can lead to sql injection. This vulnerability is registered as CVE-2026-1119. It is possible to launch the attack remotely. Furthermore, an exploit is available.

A vulnerability marked as critical has been reported in itsourcecode Society Management System 1.0. Impacted is an unknown function of the file /admin/add_activity.php. Performing a manipulation of the argument Title results in sql injection. This vulnerability is cataloged as CVE-2026-1118. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

Police in Ukraine and Germany identified Black Basta suspects and issued an international wanted notice for the group’s alleged Russian leader. Ukrainian and German police raided homes linked to alleged Black Basta ransomware members, identifying two Ukrainian suspects. Law enforcement also issued an international wanted notice for the group’s alleged Russian ringleader. “The Office of […]

Submit #734290 / VDB-341711

Submit #734289 / VDB-341710

Submit #734213 / VDB-309276

Специалисты Google Cloud открыли всеобщий доступ к инструменту «судного дня».

Тема международной ситуации в Венесуэле послужила идеальной ширмой для атак.

A vulnerability labeled as critical has been found in Mapnik up to 4.2.0. This issue affects the function mapnik::dbf_file::string_value of the file plugins/input/shape/dbfile.cpp. Such manipulation leads to heap-based buffer overflow. This vulnerability is listed as CVE-2025-15537. The attack must be carried out locally. In addition, an exploit is available. The project was informed of the problem early through an issue report but has not responded yet.

A vulnerability identified as critical has been detected in BYVoid OpenCC up to 1.1.9. This vulnerability affects the function opencc::MaxMatchSegmentation of the file src/MaxMatchSegmentation.cpp. This manipulation causes heap-based buffer overflow. This vulnerability is tracked as CVE-2025-15536. The attack is restricted to local execution. Moreover, an exploit is present. To fix this issue, it is recommended to deploy a patch.

Submit #733348 / VDB-341709

A vulnerability categorized as problematic has been discovered in nicbarker clay up to 0.14. This affects the function Clay__MeasureTextCached in the library clay.h. The manipulation results in null pointer dereference. This vulnerability is identified as CVE-2025-15535. The attack is only possible with local access. Additionally, an exploit exists. The project was informed of the problem early through an issue report but has not responded yet.

Submit #733347 / VDB-341708

Ukrainian and German law enforcement authorities have identified two Ukrainians suspected of working for the Russia-linked ransomware-as-a-service (RaaS) group Black Basta. In addition, the group's alleged leader, a 35-year-old Russian national named Oleg Evgenievich Nefedov (Нефедов Олег Евгеньевич), has been added to the European Union's Most Wanted and INTERPOL's Red Notice lists, authorities