Aggregator

CVE-2026-45027 | LabRedesCefetRJ WeGIA up to 3.7.2 html/login.php hash hash without salt

3 days 5 hours ago

A vulnerability categorized as problematic has been discovered in LabRedesCefetRJ WeGIA up to 3.7.2. This impacts the function hash of the file html/login.php. Executing a manipulation can lead to one-way hash without salt. This vulnerability is registered as CVE-2026-45027. It is possible to launch the attack remotely. No exploit is available. It is advisable to upgrade the affected component.

vuldb.com

CVE-2026-8175 | IBM Aspera High-Speed Transfer Endpoint up to 4.4.7 FP1 Asperahttpd heap-based overflow

VulDB Recent Entries

3 days 5 hours ago

A vulnerability was found in IBM Aspera High-Speed Transfer Endpoint and Aspera High-Speed Transfer Server up to 4.4.7 FP1. It has been rated as critical. This affects an unknown function of the component Asperahttpd. Performing a manipulation results in heap-based buffer overflow. This vulnerability is cataloged as CVE-2026-8175. It is possible to initiate the attack remotely. There is no exploit available. Upgrading the affected component is advised.

vuldb.com

CVE-2026-48919 | Active Directory Plugin up to 2.41 on Jenkins deserialization

VulDB Recent Entries

3 days 5 hours ago

A vulnerability was found in Active Directory Plugin up to 2.41 on Jenkins. It has been declared as critical. The impacted element is an unknown function. Such manipulation leads to deserialization. This vulnerability is listed as CVE-2026-48919. The attack must be carried out from within the local network. There is no available exploit.

vuldb.com

CVE-2026-9674 | Multijob Plugin up to 662.vd2e0001f6b_b_d on Jenkins cross-site request forgery

VulDB Recent Entries

3 days 5 hours ago

A vulnerability was found in Multijob Plugin up to 662.vd2e0001f6b_b_d on Jenkins. It has been classified as problematic. The affected element is an unknown function. This manipulation causes cross-site request forgery. This vulnerability is tracked as CVE-2026-9674. The attack is possible to be carried out remotely. No exploit exists.

vuldb.com

CVE-2026-48925 | GitHub Integration Plugin up to 0.7.3 on Jenkins Pull Request cross-site request forgery

VulDB Recent Entries

3 days 5 hours ago

A vulnerability was found in GitHub Integration Plugin up to 0.7.3 on Jenkins and classified as problematic. Impacted is an unknown function of the component Pull Request Handler. The manipulation results in cross-site request forgery. This vulnerability is identified as CVE-2026-48925. The attack can be executed remotely. There is not any exploit available.

vuldb.com

CVE-2026-48927 | buildgraph-view Plugin up to 1.8 on Jenkins cross site scripting

VulDB Recent Entries

3 days 5 hours ago

A vulnerability has been found in buildgraph-view Plugin up to 1.8 on Jenkins and classified as problematic. This issue affects some unknown processing. The manipulation leads to cross site scripting. This vulnerability is referenced as CVE-2026-48927. Remote exploitation of the attack is possible. No exploit is available.

vuldb.com

CVE-2026-48924 | Bitbucket OAuth Plugin up to 0.17 on Jenkins URL redirect

VulDB Recent Entries

3 days 5 hours ago

A vulnerability, which was classified as problematic, was found in Bitbucket OAuth Plugin up to 0.17 on Jenkins. This vulnerability affects unknown code of the component URL Handler. Executing a manipulation can lead to open redirect. The identification of this vulnerability is CVE-2026-48924. The attack may be launched remotely. There is no exploit available.

vuldb.com

CVE-2025-68712 | SpSoft AppLock up to 7.9.40 on Android com.sp.protector.free information disclosure

VulDB Recent Entries

3 days 5 hours ago

A vulnerability, which was classified as problematic, has been found in SpSoft AppLock up to 7.9.40 on Android. This affects an unknown part of the component com.sp.protector.free. Performing a manipulation results in information disclosure. This vulnerability was named CVE-2025-68712. The attack needs to be approached locally. There is no available exploit.

vuldb.com

CVE-2026-48918 | Active Directory Plugin up to 2.41 on Jenkins privilege escalation

VulDB Recent Entries

3 days 5 hours ago

A vulnerability classified as critical was found in Active Directory Plugin up to 2.41 on Jenkins. Affected by this issue is some unknown functionality. Such manipulation leads to privilege escalation. This vulnerability is uniquely identified as CVE-2026-48918. The attack can only be initiated within the local network. No exploit exists.

vuldb.com

CVE-2026-48917 | LDAP Plugin up to 807.v7d7de30930cf on Jenkins deserialization

VulDB Recent Entries

3 days 5 hours ago

A vulnerability classified as critical has been found in LDAP Plugin up to 807.v7d7de30930cf on Jenkins. Affected by this vulnerability is an unknown functionality. This manipulation causes deserialization. This vulnerability is handled as CVE-2026-48917. The attack can only be done within the local network. There is not any exploit available.

vuldb.com

CVE-2026-48916 | LDAP Plugin up to 807.v7d7de30930cf on Jenkins privilege escalation (EUVD-2026-32507)

VulDB Recent Entries

3 days 5 hours ago

A vulnerability described as critical has been identified in LDAP Plugin up to 807.v7d7de30930cf on Jenkins. Affected is an unknown function. The manipulation results in privilege escalation. This vulnerability is known as CVE-2026-48916. Access to the local network is required for this attack. No exploit is available.

vuldb.com

CVE-2026-31266 | Craft CMS up to 5.9.5 Migrate Endpoint /actions/app/migrate missing authentication

VulDB Recent Entries

3 days 5 hours ago

A vulnerability marked as critical has been reported in Craft CMS up to 5.9.5. This impacts an unknown function of the file /actions/app/migrate of the component Migrate Endpoint. The manipulation leads to missing authentication. This vulnerability is traded as CVE-2026-31266. It is possible to initiate the attack remotely. There is no exploit available.

vuldb.com

CVE-2026-49103 | Webmin up to 2.639 Mailboxes path traversal (EUVD-2026-32532)

VulDB Recent Entries

3 days 5 hours ago

A vulnerability labeled as critical has been found in Webmin up to 2.639. This affects an unknown function of the component Mailboxes. Executing a manipulation can lead to path traversal: '../filedir'. This vulnerability appears as CVE-2026-49103. The attack may be performed from remote. There is no available exploit. The affected component should be upgraded.

vuldb.com

How Top CISOs Increase Risk Visibility for Zero Critical Incidents

Cyber Security News

3 days 5 hours ago

How many alerts in your SOC are truly business-critical, and how many only look urgent because the team lacks context? This is one of the hardest questions for CISOs today. Without clear visibility, teams can waste time on noise while real phishing and malware threats move deeper into the environment. Top CISOs are solving this […]

The post How Top CISOs Increase Risk Visibility for Zero Critical Incidents appeared first on Cyber Security News.

Balaji N

Добро пожаловать в лабораторию без людей: роботы уже справляются с экспериментами сами — и это только начало

Securitylab.ru

3 days 5 hours ago

Япония решила: привычная нам наука очень уж устарела.

Bermudian Financial Service EasyPay Hit by Alleged Full Database Leak With 2M Transactions & 10K Cards

Dark Web Informer - Cyber Threat Intelligence

3 days 5 hours ago

A threat actor using the alias henrymartin has posted what is described as the full leak of EasyPay, a now-defunct Bermudian financial service that processed transactions between individuals and businesses.

Dark Web Informer