Aggregator

CVE-2026-32883 | randombit botan up to 3.10.x X509 Path Validation signature verification (GHSA-9j2j-hqmc-hf5x)

2 days 23 hours ago

A vulnerability, which was classified as problematic, has been found in randombit botan up to 3.10.x. Impacted is an unknown function of the component X509 Path Validation Handler. This manipulation causes improper verification of cryptographic signature. This vulnerability is handled as CVE-2026-32883. The attack can be initiated remotely. There is not any exploit available. It is advisable to upgrade the affected component.

vuldb.com

CVE-2026-30308 | HAI Build Code Generator injection (ID 10 / EUVD-2026-17204)

VulDB Recent Entries

2 days 23 hours ago

A vulnerability classified as critical was found in HAI Build Code Generator. This issue affects some unknown processing. The manipulation results in injection. This vulnerability is known as CVE-2026-30308. It is possible to launch the attack remotely. No exploit is available.

vuldb.com

CVE-2026-32696 | NanoMQ MQTT Broker up to 0.24.6 set_data null pointer dereference (GHSA-77f4-wvq8-mp3p)

VulDB Recent Entries

2 days 23 hours ago

A vulnerability classified as problematic has been found in NanoMQ MQTT Broker up to 0.24.6. This vulnerability affects the function set_data. The manipulation leads to null pointer dereference. This vulnerability is traded as CVE-2026-32696. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

Healthcare tech firm CareCloud says hackers stole patient data

Bleeping Computer.

3 days ago

Healthcare IT firm CareCloud has disclosed a data breach incident that exposed sensitive data and caused a network disruption lasting approximately eight hours. [...]

Bill Toulas

AI-Powered 'DeepLoad' Malware Steals Credentials, Evades Detection

darkreading

3 days ago

The massive amount of junk code that hides the malware's logic from security scans was almost certainly generated by AI, researchers say.

Jai Vijayan

Daily Dose of Dark Web Informer - March 30th, 2026

Dark Web Informer - Cyber Threat Intelligence

3 days 1 hour ago

This daily article is intended to make it easier for those who want to stay updated with my regular Dark Web Informer and X/Twitter posts.

Dark Web Informer

OpenAI Codex Vulnerability Allowed Attackers to Steal GitHub Tokens

Hack Read

3 days 1 hour ago

OpenAI Codex vulnerability allowed attackers to steal GitHub tokens via malicious branch names using hidden Unicode command injection flaw.

Deeba Ahmed

New RoadK1ll WebSocket implant used to pivot on breached networks

Bleeping Computer.

3 days 1 hour ago

A newly identified malicious implant named RoadK1ll is enabling threat actors to quietly move from a compromised host to other systems on the network. [...]

Bill Toulas

INC

Dark Feed IO

3 days 1 hour ago

You must login to view this content

cohenido

Citrix security advisory (AV26-267) – Update 1

CCCS - Alerts and advisories

3 days 1 hour ago

Canadian Centre for Cyber Security

CVE-2025-12548

CVE Trends

3 days 2 hours ago

Currently trending CVE - Hype Score: 1 - A flaw was found in Eclipse Che che-machine-exec. This vulnerability allows unauthenticated remote arbitrary command execution and secret exfiltration (SSH keys, tokens, etc.) from other users' Developer Workspace containers, via an unauthenticated JSON-RPC / websocket API ...

CVE-2023-2868

CVE Trends

3 days 2 hours ago

Currently trending CVE - Hype Score: 1 - A remote command injection vulnerability exists in the Barracuda Email Security Gateway (appliance form factor only) product effecting versions 5.1.3.001-9.2.0.006. The vulnerability arises out of a failure to comprehensively sanitize the processing of .tar file (tape ...