Aggregator

CVE-2026-34093 | Wikimedia MediaWiki up to 1.43.6/1.44.3/1.45.1 SpecialUserRights.Php information disclosure

VulDB Recent Entries
1 month ago
A vulnerability labeled as problematic has been found in Wikimedia MediaWiki up to 1.43.6/1.44.3/1.45.1. The impacted element is an unknown function of the file includes/Specials/SpecialUserRights.Php. Such manipulation leads to information disclosure. This vulnerability is documented as CVE-2026-34093. The attack can be executed remotely. There is not any exploit available. The affected component should be upgraded.
vuldb.com

CVE-2026-41431 | zen-browser desktop up to 1.19.9a MAR File signature verification

VulDB Recent Entries
1 month ago
A vulnerability categorized as problematic has been discovered in zen-browser desktop up to 1.19.9a. Impacted is an unknown function of the component MAR File Handler. The manipulation results in improper verification of cryptographic signature. This vulnerability is cataloged as CVE-2026-41431. The attack may be launched remotely. There is no exploit available. It is advisable to upgrade the affected component.
vuldb.com

Identity security firm SailPoint discloses GitHub repository breach

Security Affairs
1 month ago
SailPoint disclosed a GitHub repository breach on April 20. The company contained the incident and said no customer data was affected. SailPoint is a cybersecurity company that provides identity security and identity governance solutions for enterprises. Its products help organizations manage and control user access to systems, applications, and sensitive data. SailPoint revealed a cybersecurity […]
Pierluigi Paganini

cPanel CVE-2026-41940 Under Active Exploitation to Deploy Filemanager Backdoor

The Hackers News
1 month ago
A threat actor named Mr_Rot13 has been attributed to the exploitation of a recently disclosed critical cPanel flaw to deploy a backdoor codenamed Filemanager on compromised environments. The attack exploits CVE-2026-41940, a vulnerability impacting cPanel and WebHost Manager (WHM) that could result in an authentication bypass and allow remote attackers to gain elevated control of the control
The Hacker News

Zimperium Mobile App Response Agent helps security teams counter mobile attacks

Help Net Security
1 month ago

Zimperium launched Mobile App Response Agent, enabling security teams to respond faster than ever before to fraud and security threats. Leveraging Zimperium’s expertise in mobile security, Mobile App Response Agent is part of Zimperium’s Mobile App Protection Suite (MAPS), empowering SOC and fraud teams to assess attacks on their mobile app before they result in fraud or a breach by reducing the time required for investigation, confirmation and response from hours or days, to just … More →

The post Zimperium Mobile App Response Agent helps security teams counter mobile attacks appeared first on Help Net Security.

Industry News

CVE-2026-8349 | omec-project amf up to 2.1.1 NGAP Message memory corruption (Issue 672)

VulDB Recent Entries
1 month ago
A vulnerability was found in omec-project amf up to 2.1.1. It has been declared as problematic. This vulnerability affects unknown code of the component NGAP Message Handler. Executing a manipulation can lead to memory corruption. This vulnerability is tracked as CVE-2026-8349. The attack can be launched remotely. Moreover, an exploit is present. It is best practice to apply a patch to resolve this issue.
vuldb.com

Managed ad