Aggregator
CVE-2026-45777 | ubccr xdmod up to 11.0.2 System Configuration os command injection (GHSA-29qm-7w4v-43fw)
CVE-2026-45778 | ubccr xdmod up to 11.0.2 cross site scripting (GHSA-3pv7-qvc3-h527)
CVE-2026-36785 | Tenda FH451 1.0.0.9 HTTP fromDhcpListClient page stack-based overflow
CVE-2026-7795 | holithemes Click to Chat Plugin up to 4.39 on WordPress WA Widget CCW_Shortcode::shortcode num cross site scripting (EUVD-2026-34949)
CVE-2026-10725 | CRUX Protocol::HTTP/2 up to 1.12 on Perl headers_decode HTTP/2 Bomb data amplification (EUVD-2026-34964 / Nessus ID 319610)
CVE-2026-11429 | Altium Enterprise Server/365 up to 8.1.0 Git Service path traversal (EUVD-2026-34918)
Google sues China-based scammers over Gemini AI abuse
Google has filed a lawsuit against Outsider Enterprise, a China-based cybercrime network for using AI tools, including Gemini, to build phishing websites and scam infrastructure. The company said the operation has affected “hundreds of thousands of victims,” with losses estimated in the millions of dollars. It also links the group to more than 9,000 fake websites and 1 million fraudulent URLs. “Criminals increasingly use AI to make fraud like this more convincing and harder to … More →
The post Google sues China-based scammers over Gemini AI abuse appeared first on Help Net Security.
CVE-2026-11338 | SourceCodester Ship Ferry Ticket Reservation System 1.0 manage_user Username cross site scripting (EUVD-2026-34856)
CVE-2026-11339 | D-Link DWR-M920 up to 1.1.50 /boafrm/formUSSDSetup sub_41CF20 ussdValue command injection (EUVD-2026-34859)
CVE-2026-9270 | BINARY DataDog::DogStatsd up to 0.07 on Perl send_stats stat crlf injection
CVE-2026-36500 | OpenDaylight Controller 12.0.5 path traversal
CVE-2026-36501 | OpenDaylight Controller 12.0.5 Externalizable.readExternal denial of service
CVE-2026-46396 | haxtheweb haxcms-nodejs/video-player/iframe-loader up to 25.x src cross site scripting (GHSA-jh3h-rpxg-fr36)
CVE-2026-25624 | Arista Edge Threat Management up to 17.4.0 Web User Interface cross site scripting
DragonForce
You must login to view this content
DragonForce
You must login to view this content
Researchers release details, PoC for exploited Check Point VPN flaw (CVE-2026-50751)
WatchTowr researchers have disclosed a technical analysis and a “Detection Artefact Generator” for CVE-2026-50751, an authentication bypass flaw in Check Point’s Remote Access VPN and Mobile Access, which the vendor confirmed to be actively exploited. The attacks were limited, but with this information now public, a larger wave of opportunistic attacks may be expected. From silent exploitation to public disclosure CVE-2026-50751 was patched by Check Point on June 8, 2026, and the company said that … More →
The post Researchers release details, PoC for exploited Check Point VPN flaw (CVE-2026-50751) appeared first on Help Net Security.