A race condition was addressed with improved state handling
Description
A race condition was addressed with improved state handling
Remediation
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Search and filter 17426 vulnerabilities with AI analyst insights
A race condition was addressed with improved state handling
A race condition was addressed with improved state handling
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
A remote attacker can supply a short X-Wing HPKE encapsulated key and trigger an out-of-bounds read in the C decapsulation path, potentially causing a...
A remote attacker can supply a short X-Wing HPKE encapsulated key and trigger an out-of-bounds read in the C decapsulation path, potentially causing a crash or memory disclosure depending on runtime protections
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
A vulnerability has been found in D-Link DWR-M960 1
A vulnerability has been found in D-Link DWR-M960 1
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Improper Authorization vulnerability in nerves-hub nerves_hub_web allows cross-organization device control via device bulk actions and device update A...
Improper Authorization vulnerability in nerves-hub nerves_hub_web allows cross-organization device control via device bulk actions and device update API
---METADATA---
VENDOR: Nerves-hub
PRODUCT: nerves_hub_web
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
CONFIDENCE: medium
MISSING: patch, technical_details
---END_METADATA---
Description Summary:
An improper authorization vulnerability in nerves_hub_web allows authenticated users to perform cross-organization device control via bulk actions and the device update API.
Executive Summary:
A critical authorization flaw in Nerves-hub nerves_hub_web enables unauthorized cross-organization device control, posing a significant risk to fleet integrity and operational security.
Vulnerability Details
CVE-ID: CVE-2026-28806
Affected Software: Nerves-hub nerves_hub_web
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: The vulnerability stems from improper authorization checks within the application's device management and update APIs. An authenticated attacker can leverage these flaws to manipulate or control devices belonging to other organizations.
Business Impact
This vulnerability carries a high risk of unauthorized command execution across managed device fleets, which could lead to widespread service disruption, data exfiltration, or the deployment of malicious firmware. With a CVSS score of 8.8, this flaw represents a significant threat to organizations relying on Nerves-hub for fleet management, necessitating immediate remediation to prevent unauthorized cross-tenant access.
Remediation Plan
Immediate Action: Review the official Nerves-hub security advisories and apply the latest available updates or security patches for the nerves_hub_web component.
Proactive Monitoring: Audit access logs for anomalous API requests, specifically monitoring for device bulk actions or update commands originating from unauthorized or unexpected organizational accounts.
Compensating Controls: Implement strict network-level access controls and ensure that API keys or service accounts possess the least privilege necessary for their intended functions.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of May 28, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
The authorization failure in nerves_hub_web is a high-severity issue that could compromise the entire device infrastructure. Administrators must prioritize identifying their current version and applying the vendor-supplied security update as soon as it becomes available to prevent unauthorized cross-organization control.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenSTAManager is an open source management software for technical assistance and invoicing
OpenSTAManager is an open source management software for technical assistance and invoicing
---METADATA---
VENDOR: OpenSTAManager
PRODUCT: OpenSTAManager
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
---END_METADATA---
Description Summary:
OpenSTAManager, an open-source technical assistance and invoicing software, contains a high-severity security vulnerability.
Executive Summary:
A critical vulnerability in the OpenSTAManager platform threatens the security of financial and technical support data, requiring urgent attention.
Vulnerability Details
CVE-ID: CVE-2026-28805
Affected Software: OpenSTAManager OpenSTAManager
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: This vulnerability affects OpenSTAManager, a platform utilized for technical assistance and invoicing. The scope of the issue is significant, and given the nature of the software, it likely involves insufficient access controls or input sanitization on critical business data interfaces.
Business Impact
OpenSTAManager holds sensitive invoicing and support information, making it a high-value target for attackers. A CVSS score of 8.8 indicates a severe risk; unauthorized access could lead to mass data exfiltration, financial fraud, or the loss of customer trust.
Remediation Plan
Immediate Action: Apply all available patches provided by the OpenSTAManager project immediately.
Proactive Monitoring: Monitor database query logs for unauthorized export attempts or unusual access patterns involving invoicing tables.
Compensating Controls: Use a Web Application Firewall to block common injection vectors and ensure the application is hosted in a hardened environment with minimal external exposure.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of April 4, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Due to the sensitive nature of data managed by OpenSTAManager, organizations must prioritize this update. Failing to patch this vulnerability could expose the organization to significant financial and reputational damage.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
ZimaOS versions prior to 1.5.3 contain a proxy endpoint vulnerability. When exposed via Cloudflare Tunnel, unauthenticated attackers can access intern...
ZimaOS versions prior to 1.5.3 contain a proxy endpoint vulnerability. When exposed via Cloudflare Tunnel, unauthenticated attackers can access internal localhost services and sensitive endpoints.
---METADATA---
VENDOR: ZimaOS
PRODUCT: ZimaOS
AFFECTED_VERSIONS: Prior to version 1.5.3
---END_METADATA---
Description Summary:
ZimaOS versions prior to 1.5.3 contain a proxy endpoint vulnerability. When exposed via Cloudflare Tunnel, unauthenticated attackers can access internal localhost services and sensitive endpoints.
Executive Summary:
ZimaOS is vulnerable to unauthenticated access to internal services via a proxy endpoint when the system is reachable through a Cloudflare Tunnel.
Vulnerability Details
CVE-ID: CVE-2026-28798
Affected Software: ZimaOS ZimaOS
Affected Versions: Prior to version 1.5.3
Vulnerability: The /v1/sys/proxy endpoint in ZimaOS can be abused by unauthenticated attackers to proxy requests to internal services running on localhost. This occurs specifically when the OS is reachable from the internet via a Cloudflare Tunnel, bypassing intended local-only access restrictions.
Business Impact
This vulnerability allows attackers to interact with sensitive internal-only management services and local APIs without authentication. The CVSS score of 9.0 indicates a critical risk of data exposure and potential system takeover by bypassing the external security perimeter provided by the tunnel.
Remediation Plan
Immediate Action: Update ZimaOS to version 1.5.3 or later to patch the vulnerable proxy endpoint logic.
Proactive Monitoring: Review Cloudflare Tunnel logs and ZimaOS web interface logs for unusual requests directed at the /v1/sys/proxy path.
Compensating Controls: Disable the proxy endpoint if it is not required for business operations, or implement strict IP-based access controls at the Cloudflare Tunnel layer.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of Apr 3, 2026, there is no public information indicating active exploitation of this vulnerability. The risk is specific to users who utilize Cloudflare Tunnels to expose their ZimaOS instances to the public internet.
Analyst Recommendation
The ability to reach internal localhost services from the public internet is a severe security bypass. Users of ZimaOS must update to version 1.5.3 immediately. We also recommend auditing all internal services to ensure they require independent authentication, providing defense-in-depth even if a proxy bypass occurs.
Update Cloudflare Tunnel to the latest version. Monitor for exploitation attempts and review access logs.
Tina is a headless content management system
Tina is a headless content management system
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
TinaCMS CLI is vulnerable to a browser-based drive-by attack that allows remote attackers to read, write, or delete files on developer machines.
TinaCMS CLI is vulnerable to a browser-based drive-by attack that allows remote attackers to read, write, or delete files on developer machines.
---METADATA---
VENDOR: TinaCMS
PRODUCT: TinaCMS CLI
AFFECTED_VERSIONS: Versions prior to 2.1.8
---END_METADATA---
Description Summary:
TinaCMS CLI is vulnerable to a browser-based drive-by attack that allows remote attackers to read, write, or delete files on developer machines.
Executive Summary:
A critical vulnerability in the TinaCMS CLI dev server allows remote attackers to perform filesystem operations on developer machines via a browser-based drive-by attack.
Vulnerability Details
CVE-ID: CVE-2026-28792
Affected Software: TinaCMS CLI
Affected Versions: Prior to 2.1.8
Vulnerability: The vulnerability combines a permissive CORS configuration (Access-Control-Allow-Origin: *) with a path traversal flaw. An unauthenticated remote attacker can trick a developer into visiting a malicious website, which then uses the developer's browser to execute commands against the locally running tinacms dev server.
Business Impact
With a CVSS score of 9.6, this vulnerability poses a severe threat to developer workstations. Attackers can enumerate the filesystem, steal sensitive source code, or delete critical project files. This could lead to a supply chain compromise if an attacker manages to inject malicious code into the project via the CLI.
Remediation Plan
Immediate Action: Update the TinaCMS CLI to version 2.1.8 or later immediately to resolve the CORS and path traversal issues.
Proactive Monitoring: Encourage developers to monitor for unexpected file changes in their project directories while the dev server is active.
Compensating Controls: Restrict the tinacms dev server to bind only to the local loopback interface (127.0.0.1) and avoid browsing untrusted websites while the dev server is running.
Exploitation Status
Public Exploit Available: No
Analyst Notes: As of Mar 12, 2026, there is no public information indicating active exploitation of this vulnerability. However, the drive-by nature of the attack makes it highly effective for targeting specific development teams.
Analyst Recommendation
Developers must update to version 2.1.8 immediately. Because this vulnerability targets the development environment, it is a significant risk to the integrity of the software development lifecycle. Immediate patching is the only effective mitigation.
Update Unknown Multiple Products to the latest version. Monitor for exploitation attempts and review access logs.
Tina is a headless content management system
Tina is a headless content management system
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OliveTin gives access to predefined shell commands from a web interface
OliveTin gives access to predefined shell commands from a web interface
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OliveTin gives access to predefined shell commands from a web interface
OliveTin gives access to predefined shell commands from a web interface
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OneUptime is a solution for monitoring and managing online services
OneUptime is a solution for monitoring and managing online services
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Apache Airflow versions 3
Apache Airflow versions 3
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
A vulnerability has been found in Tenda A18 15
A vulnerability has been found in Tenda A18 15
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
A critical vulnerability in a Gardyn endpoint allows unauthenticated access to all registered user account information. This flaw permits total data e...
A critical vulnerability in a Gardyn endpoint allows unauthenticated access to all registered user account information. This flaw permits total data exposure without valid credentials.
---METADATA---
VENDOR: Gardyn (Infor)
PRODUCT: Gardyn
AFFECTED_VERSIONS: See vendor advisory
---END_METADATA---
Description Summary:
A critical vulnerability in a Gardyn endpoint allows unauthenticated access to all registered user account information. This flaw permits total data exposure without valid credentials.
Executive Summary:
An unauthenticated data exposure vulnerability in Gardyn products allows unauthorized actors to access sensitive account information for all registered users, posing a severe privacy risk.
Vulnerability Details
CVE-ID: CVE-2026-28766
Affected Software: Gardyn (Infor)
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: This vulnerability involves a specific endpoint that fails to enforce authentication, exposing all user account data. An unauthenticated attacker can query this endpoint to retrieve sensitive information belonging to the entire user base.
Business Impact
The exposure of all registered user data represents a catastrophic failure of privacy controls, potentially leading to identity theft, massive reputational damage, and legal penalties. With a CVSS score of 9.3, this critical flaw indicates that the technical barrier to exploitation is low while the impact on data confidentiality is absolute. Failure to address this could result in a total loss of customer trust and significant business disruption.
Remediation Plan
Immediate Action: Update all affected Infor and Gardyn software to the latest available versions immediately to close the insecure endpoint.
Proactive Monitoring: Review web server and access logs for unusual traffic patterns directed at user profile or account management endpoints.
Compensating Controls: Implement a Web Application Firewall (WAF) to block unauthorized requests to sensitive API endpoints until the patch can be fully deployed.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of Apr 3, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw and the sensitivity of the exposed data, the potential for exploitation is extremely high.
Analyst Recommendation
The severity of this unauthenticated data exposure cannot be overstated. Organizations must prioritize the application of the vendor-provided patch immediately. Given the 9.3 CVSS score, this should be treated as a top-priority remediation effort to prevent a massive data breach.
Update Infor Multiple Products to the latest version. Monitor for exploitation attempts and review access logs.
MediaArea MediaInfoLib LXF element parsing heap-based buffer overflow vulnerability
MediaArea MediaInfoLib LXF element parsing heap-based buffer overflow vulnerability
---METADATA---
VENDOR: MediaArea
PRODUCT: MediaInfoLib
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
CONFIDENCE: medium
MISSING: versions, patch, exploit_status, technical_details
---END_METADATA---
Description Summary:
A heap-based buffer overflow vulnerability exists in the MediaInfoLib library during the parsing of LXF elements, which may lead to arbitrary code execution or application crashes.
Executive Summary:
A heap-based buffer overflow in MediaArea MediaInfoLib could allow a remote attacker to execute arbitrary code or crash the application by providing a malicious LXF file.
Vulnerability Details
CVE-ID: CVE-2026-28764
Affected Software: MediaArea MediaInfoLib
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: This is a heap-based buffer overflow vulnerability occurring during the parsing of LXF element data. The flaw can be triggered by providing a specially crafted file to an application utilizing the vulnerable library.
Business Impact
The vulnerability carries a CVSS score of 7.8, indicating high severity. Successful exploitation could lead to full system compromise or service instability, depending on the privileges of the application processing the media files.
Remediation Plan
Immediate Action: Identify all applications utilizing MediaInfoLib and monitor vendor security portals for the release of a patched version.
Proactive Monitoring: Review file integrity and monitor application logs for crashes or unusual memory patterns during media file processing.
Compensating Controls: Implement strict input validation for all media files processed by untrusted sources and utilize sandboxing environments for file parsing tasks.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of May 22, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Until a patch is available, organizations should restrict the processing of untrusted LXF files by applications using MediaInfoLib. Once the vendor releases an update, apply it to all affected production systems immediately.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Cross-site request forgery vulnerability exists in Musetheque V4 Information Disclosure for IPKNOWLEDGE V4L1 rev2203
Cross-site request forgery vulnerability exists in Musetheque V4 Information Disclosure for IPKNOWLEDGE V4L1 rev2203
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
The installer of RATOC RAID Monitoring Manager for Windows searches the current directory to load certain DLLs
The installer of RATOC RAID Monitoring Manager for Windows searches the current directory to load certain DLLs
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
A vulnerability was determined in Tenda A18 15
A vulnerability was determined in Tenda A18 15
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Permissions based on Distribution Groups report
Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Permissions based on Distribution Groups report
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Distribution Lists report
Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Distribution Lists report
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Gitea versions up to and including 1
Gitea versions up to and including 1
---METADATA---
VENDOR: Gitea
PRODUCT: Gitea Open Source Git Server
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
---END_METADATA---
Description Summary:
A security vulnerability in Gitea Open Source Git Server has been identified that may facilitate unauthorized system interaction.
Executive Summary:
Gitea Open Source Git Server is susceptible to a high-severity flaw that may allow attackers to compromise the integrity of the application environment.
Vulnerability Details
CVE-ID: CVE-2026-28744
Affected Software: Gitea Gitea Open Source Git Server
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: This vulnerability impacts Gitea versions up to and including 1. The flaw requires immediate attention to prevent potential exploitation of the application's underlying architecture.
Business Impact
With a CVSS score of 8.1, this vulnerability is categorized as high risk. Successful exploitation could lead to unauthorized access to sensitive source code repositories and potential operational downtime, significantly threatening the security posture of the development infrastructure.
Remediation Plan
Immediate Action: Apply the vendor-supplied security updates immediately upon availability to eliminate the underlying vulnerability.
Proactive Monitoring: Monitor application logs for anomalous traffic patterns or unauthorized attempts to perform administrative actions within the Gitea instance.
Compensating Controls: Deploy WAF rules designed to filter malicious requests directed at the Gitea server, providing a temporary layer of protection while updates are being staged for deployment.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of July 4, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
The urgency of this vulnerability is significant due to its high severity rating. Organizations should maintain a proactive stance by monitoring vendor security channels and applying the necessary updates immediately upon release to mitigate exposure to potential attackers.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Naxclow devices use a hard-coded, platform-wide salt for request signing, allowing unauthenticated attackers to forge requests and impersonate users a...
Naxclow devices use a hard-coded, platform-wide salt for request signing, allowing unauthenticated attackers to forge requests and impersonate users across the platform.
---METADATA---
VENDOR: Naxclow
PRODUCT: Smart Doorbell X3, X Smart Home, V720, and ix cam
AFFECTED_VERSIONS: All versions of Naxclow Smart Doorbell X3, X Smart Home, V720, and ix cam are affected.
---END_METADATA---
Description Summary:
Naxclow devices use a hard-coded, platform-wide salt for request signing, allowing unauthenticated attackers to forge requests and impersonate users across the platform.
Executive Summary:
A critical authentication bypass vulnerability exists in multiple Naxclow devices due to hard-coded cryptographic salts, creating a high risk of unauthorized remote control and impersonation.
Vulnerability Details
CVE-ID: CVE-2026-28742
Affected Software: Naxclow Smart Doorbell X3, X Smart Home, V720, and ix cam
Affected Versions: All versions of Naxclow Smart Doorbell X3, X Smart Home, V720, and ix cam are affected.
Vulnerability: This vulnerability involves a critical cryptographic weakness where a hard-coded, platform-wide salt is used for request signing. Unauthenticated attackers can recover this salt to generate valid signatures, enabling request forgery and device impersonation over unencrypted HTTP control-plane traffic.
Business Impact
The vulnerability carries a CVSS score of 9.8, reflecting its potential for complete system compromise. Successful exploitation allows an attacker to gain full control over smart home devices, leading to unauthorized surveillance, data exfiltration, or the manipulation of physical security controls, which poses significant privacy and safety risks to users.
Remediation Plan
Immediate Action: Review the official CISA advisory at https://www.cisa.gov/news-events/ics-advisories/icsa-26-162-02 and apply all available firmware updates provided by the vendor.
Proactive Monitoring: Monitor network traffic for unusual HTTP patterns or unauthorized control-plane commands originating from external IP addresses.
Compensating Controls: Isolate affected devices on a restricted VLAN and disable remote access via HTTP if possible until firmware patches are applied.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of Jun 12, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Given the critical severity of this flaw and the potential for total device takeover, administrators must prioritize patching. If firmware updates are not yet available, restrict device exposure to the public internet immediately to mitigate the risk of remote exploitation.
Update Naxclow Multiple Products to the latest version. Monitor for exploitation attempts and review access logs.
Gitea versions up to and including 1
Gitea versions up to and including 1
---METADATA---
VENDOR: Gitea
PRODUCT: Gitea Open Source Git Server
AFFECTED_VERSIONS: 0 through 1.26.2
CONFIDENCE: high
MISSING: none
---END_METADATA---
Description Summary:
A vulnerability in Gitea allows authenticated users to perform unauthorized actions or access data due to improper authorization and ID handling.
Executive Summary:
Gitea versions 1.26.2 and earlier are susceptible to authorization bypass and insecure direct object reference (IDOR) vulnerabilities, posing a significant risk to source code integrity and confidentiality.
Vulnerability Details
CVE-ID: CVE-2026-28740
Affected Software: Gitea Open Source Git Server
Affected Versions: 0 through 1.26.2
Vulnerability: This vulnerability involves CWE-639 (Authorization Bypass Through User-Controlled Key) and CWE-863 (Incorrect Authorization). It permits an authenticated user to manipulate object references to access or modify resources they are not authorized to interact with.
Business Impact
The exploitation of this flaw could lead to unauthorized access to sensitive repositories, intellectual property theft, or unauthorized modification of project data. With a CVSS score of 7.1, this is classified as a High severity issue, as it directly undermines the access control mechanisms designed to protect critical development environments.
Remediation Plan
Immediate Action: Upgrade all Gitea instances to version 1.26.3 or later immediately to apply the necessary authorization patches.
Proactive Monitoring: Review repository access logs for anomalous patterns, specifically looking for users attempting to access repositories or objects outside their assigned scope.
Compensating Controls: Implement strict network access controls and ensure that the Gitea instance is not exposed to the public internet without a robust, authenticated proxy layer.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of July 5, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Given the potential for unauthorized access to core development infrastructure, organizations should prioritize patching this vulnerability immediately. Administrators must transition to version 1.26.3 or newer to remediate the authorization logic flaws and ensure that repository-level permissions are correctly enforced.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
A flaw has been found in Tenda A21 1
A flaw has been found in Tenda A21 1
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Gitea versions from 1
Gitea versions from 1
---METADATA---
VENDOR: Gitea
PRODUCT: Gitea Open Source Git Server
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
---END_METADATA---
Description Summary:
A vulnerability in Gitea versions starting from 1 may allow for unauthorized access or security compromise of the Git server environment.
Executive Summary:
A high-severity security flaw in the Gitea Git server platform could allow attackers to bypass security controls and potentially gain unauthorized access to source code repositories.
Vulnerability Details
CVE-ID: CVE-2026-28737
Affected Software: Gitea Gitea Open Source Git Server
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: This vulnerability impacts the Gitea platform, potentially exposing repository data or administrative functions. Without specific details on the authentication requirement, it should be assumed that the vulnerability could be leveraged by an attacker to manipulate version control workflows.
Business Impact
Successful exploitation could lead to the theft of intellectual property, unauthorized modification of codebase, or the injection of malicious code into development pipelines. With a CVSS score of 8.7, this vulnerability represents a major threat to the software supply chain, potentially leading to widespread organizational data exposure.
Remediation Plan
Immediate Action: Update your Gitea instance to the latest stable release as specified in the official Gitea security advisory.
Proactive Monitoring: Review audit logs for suspicious repository access, unauthorized user creation, or unusual administrative activity.
Compensating Controls: Deploy a Web Application Firewall (WAF) with rules tailored to detect common Git server exploitation attempts or unauthorized API requests.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of July 4, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Gitea instances are critical components of the software development lifecycle and must be secured immediately. Administrators should treat this high-severity vulnerability with urgency, ensuring that all production servers are patched to prevent potential repository compromise and downstream supply chain attacks.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
A vulnerability was detected in Tenda A21 1
A vulnerability was detected in Tenda A21 1
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Local privilege escalation due to insecure Unix socket permissions
Local privilege escalation due to insecure Unix socket permissions
Update to patched version immediately. Review user permissions and access controls.
A security vulnerability has been detected in Tenda A21 1
A security vulnerability has been detected in Tenda A21 1
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Sensitive information disclosure and manipulation due to improper authentication
Sensitive information disclosure and manipulation due to improper authentication
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
A weakness has been identified in Tenda A21 1
A weakness has been identified in Tenda A21 1
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Emocheck insecurely loads Dynamic Link Libraries (DLLs)
Emocheck insecurely loads Dynamic Link Libraries (DLLs)
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Mails Exchanged Between Users report
Zohocorp ManageEngine Exchange Reporter Plus versions before 5802 are vulnerable to Stored XSS in Mails Exchanged Between Users report
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Daktronics VFC-DMP-5000 firmware contains a directory traversal vulnerability, allowing remote users to escape intended directories and enumerate arbi...
Daktronics VFC-DMP-5000 firmware contains a directory traversal vulnerability, allowing remote users to escape intended directories and enumerate arbitrary file system paths.
---METADATA---
VENDOR: Daktronics
PRODUCT: VFC-DMP-5000
AFFECTED_VERSIONS: Various versions
---END_METADATA---
Description Summary:
Daktronics VFC-DMP-5000 firmware contains a directory traversal vulnerability, allowing remote users to escape intended directories and enumerate arbitrary file system paths.
Executive Summary:
A critical directory traversal vulnerability in Daktronics VFC-DMP-5000 firmware allows both authenticated and unauthenticated remote attackers to enumerate sensitive file system paths.
Vulnerability Details
CVE-ID: CVE-2026-28701
Affected Software: Daktronics VFC-DMP-5000
Affected Versions: Various versions; see vendor advisory
Vulnerability: The firmware fails to properly sanitize input, enabling a directory traversal attack that permits remote actors (regardless of authentication status) to traverse the file system and access restricted directory structures.
Business Impact
The CVSS score of 9.8 reflects the high risk of information disclosure and potential system compromise. By enumerating the file system, an attacker can identify configuration files, credentials, or sensitive system data, significantly increasing the risk of a full system takeover or further targeted attacks against the facility's infrastructure.
Remediation Plan
Immediate Action: Update the VFC-DMP-5000 firmware to the latest available version provided by Daktronics.
Proactive Monitoring: Review system access logs for anomalous directory traversal patterns (e.g., "../" sequences) and unauthorized file access attempts.
Compensating Controls: Deploy a Web Application Firewall (WAF) or Network Intrusion Detection System (NIDS) to identify and block traffic containing directory traversal characters.
Exploitation Status
Public Exploit Available: Not specified
Analyst Notes: As of Jun 26, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
This vulnerability is highly critical due to the lack of required authentication for exploitation. Administrators must apply the latest firmware updates as soon as possible to prevent unauthorized access to the underlying file system and potential exfiltration of configuration data.
Update Daktronics VFC-DMP-5000 to the latest version. Monitor for exploitation attempts and review access logs.
A security flaw has been discovered in Tenda A21 1
A security flaw has been discovered in Tenda A21 1
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Gitea versions up to and including 1
Gitea versions up to and including 1
---METADATA---
VENDOR: Gitea
PRODUCT: Gitea Open Source Git Server
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
---END_METADATA---
Description Summary:
A security vulnerability exists in Gitea Open Source Git Server that may allow unauthorized actions.
Executive Summary:
Gitea Open Source Git Server contains a high-severity vulnerability that could lead to unauthorized system access or data compromise.
Vulnerability Details
CVE-ID: CVE-2026-28699
Affected Software: Gitea Gitea Open Source Git Server
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: This vulnerability affects Gitea versions up to and including 1. The specific nature of the flaw is currently being analyzed, but it represents a significant risk to the integrity and confidentiality of the Git repository environment.
Business Impact
The identified vulnerability carries a CVSS score of 8.1, indicating a high risk of exploitation. A successful attack could result in unauthorized repository access, data exfiltration, or the potential for code injection, which could severely impact both development operations and intellectual property security.
Remediation Plan
Immediate Action: Administrators must monitor the official Gitea security advisories and apply the latest security patches as soon as they are made available by the vendor.
Proactive Monitoring: Review system and application access logs for unusual activity, particularly unauthorized attempts to access or modify repository configurations.
Compensating Controls: Implement a Web Application Firewall (WAF) with updated rulesets to detect and block common attack patterns targeting the Gitea application interface.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of July 4, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Given the high CVSS score, this vulnerability poses a substantial threat to organizational assets. Security teams should prioritize patching as the primary mitigation strategy, ensuring that all Gitea instances are updated to a non-vulnerable version immediately upon release.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
ImageMagick is free and open-source software used for editing and manipulating digital images
ImageMagick is free and open-source software used for editing and manipulating digital images
---METADATA---
VENDOR: ImageMagick Studio LLC
PRODUCT: ImageMagick
AFFECTED_VERSIONS: See vendor advisory for affected versions
---END_METADATA---
Description Summary:
A high-severity vulnerability in ImageMagick's image processing logic could allow attackers to compromise systems that utilize the software for digital image manipulation.
Executive Summary:
ImageMagick is affected by a high-severity vulnerability that could lead to system compromise or service disruption when processing specially crafted image files.
Vulnerability Details
CVE-ID: CVE-2026-28693
Affected Software: ImageMagick
Affected Versions: See vendor advisory for affected versions
Vulnerability: This vulnerability affects ImageMagick, a widely used tool for editing and manipulating images. It likely involves a flaw in how specific image formats or metadata are parsed, which can be triggered by an attacker-supplied file.
Business Impact
Successful exploitation could result in arbitrary code execution or a denial-of-service (DoS) condition on servers that automatically process user-uploaded images. With a CVSS score of 8.1, this poses a substantial risk to web applications and background processing services that rely on ImageMagick for media handling.
Remediation Plan
Immediate Action: Update ImageMagick to the latest stable release provided by the vendor or your operating system's package manager.
Proactive Monitoring: Monitor system resource usage for spikes during image processing and review application logs for crashes in the ImageMagick binary.
Compensating Controls: Implement a security policy (policy.xml) to disable vulnerable coders and use a sandbox environment for processing untrusted media files.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of March 10, 2026, there is no public information indicating active exploitation. ImageMagick vulnerabilities are frequently used in "ImageTragick" style attacks to gain initial access to web servers.
Analyst Recommendation
ImageMagick is a high-value target for attackers due to its ubiquity. Organizations should apply updates immediately and strictly configure the ImageMagick security policy to limit the attack surface by disabling unnecessary or risky image formats.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
ImageMagick is free and open-source software used for editing and manipulating digital images
ImageMagick is free and open-source software used for editing and manipulating digital images
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Gokapi is a self-hosted file sharing server with automatic expiration and encryption support
Gokapi is a self-hosted file sharing server with automatic expiration and encryption support
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Internet Routing Registry daemon version 4 is an IRR database server, processing IRR objects in the RPSL format
Internet Routing Registry daemon version 4 is an IRR database server, processing IRR objects in the RPSL format
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Ghostfolio versions prior to 2.245.0 are vulnerable to a full-read SSRF in the manual asset import feature, allowing attackers to exfiltrate cloud met...
Ghostfolio versions prior to 2.245.0 are vulnerable to a full-read SSRF in the manual asset import feature, allowing attackers to exfiltrate cloud metadata and probe internal services.
---METADATA---
VENDOR: Ghostfolio
PRODUCT: Ghostfolio
AFFECTED_VERSIONS: Prior to version 2.245.0
---END_METADATA---
Description Summary:
Ghostfolio versions prior to 2.245.0 are vulnerable to a full-read SSRF in the manual asset import feature, allowing attackers to exfiltrate cloud metadata and probe internal services.
Executive Summary:
A critical Server-Side Request Forgery (SSRF) vulnerability in Ghostfolio allows attackers to exfiltrate sensitive cloud metadata and internal network data through the asset import feature.
Vulnerability Details
CVE-ID: CVE-2026-28680
Affected Software: Ghostfolio Wealth Management Software
Affected Versions: Prior to version 2.245.0
Vulnerability: The manual asset import feature fails to properly validate user-supplied URLs, leading to a full-read SSRF. An attacker can exploit this to force the server to make requests to internal resources, such as the Instance Metadata Service (IMDS) in cloud environments, to steal sensitive credentials.
Business Impact
With a CVSS score of 9.3, this vulnerability poses a severe risk to data confidentiality and infrastructure security. If Ghostfolio is hosted in a cloud environment (AWS, Azure, GCP), an attacker could potentially gain full access to the underlying cloud account, leading to catastrophic data breaches and unauthorized resource usage.
Remediation Plan
Immediate Action: Update Ghostfolio to version 2.245.0 or later immediately to resolve the SSRF flaw in the asset import component.
Proactive Monitoring: Review application and network logs for outbound requests originating from the Ghostfolio server directed at internal IP ranges (e.g., 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16) or the metadata address 169.254.169.254.
Compensating Controls: Restrict the Ghostfolio server's egress traffic using firewall rules or security groups to prevent it from reaching sensitive internal services or cloud metadata endpoints.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of March 6, 2026, there is no public information indicating active exploitation of this vulnerability. However, SSRF vulnerabilities are frequently targeted in automated attacks against cloud-hosted applications.
Analyst Recommendation
It is imperative that Ghostfolio users update their installations to version 2.245.0 immediately. Organizations should also adopt the principle of least privilege for the service accounts running the application to limit the potential impact of an SSRF-based credential theft.
Update Unknown Multiple Products to the latest version. Monitor for exploitation attempts and review access logs.
Home-Gallery
Home-Gallery
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
DSA Study Hub is an interactive educational web application
DSA Study Hub is an interactive educational web application
---METADATA---
VENDOR: DSA Study Hub
PRODUCT: DSA Study Hub Web Application
AFFECTED_VERSIONS: See vendor advisory for affected versions
---END_METADATA---
Description Summary:
A high-severity vulnerability has been identified in the DSA Study Hub educational web application, requiring immediate vendor-supplied updates.
Executive Summary:
The DSA Study Hub application contains a high-severity security flaw that could compromise the integrity of the educational platform and its user data.
Vulnerability Details
CVE-ID: CVE-2026-28678
Affected Software: DSA Study Hub
Affected Versions: See vendor advisory for affected versions
Vulnerability: While specific technical details are limited, the vulnerability affects the core web application. Based on the CVSS score of 8.1, the flaw likely involves unauthorized access or data manipulation within the interactive web environment.
Business Impact
A successful exploit could lead to the exposure of student data, unauthorized modification of educational content, or loss of service availability. The CVSS score of 8.1 justifies a high-priority response to prevent reputational damage and ensure data privacy compliance.
Remediation Plan
Immediate Action: Apply the latest security updates from the vendor immediately to mitigate the identified risk.
Proactive Monitoring: Review web server access logs for anomalous patterns and monitor for unauthorized changes to application data.
Compensating Controls: Deploy a Web Application Firewall (WAF) to filter out common web-based attack vectors while awaiting specific patch details.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of March 8, 2026, there is no public information indicating active exploitation. The high CVSS score suggests the flaw is significant and should be addressed before exploit code becomes available.
Analyst Recommendation
Organizations utilizing DSA Study Hub should consult the vendor's security advisory and apply the recommended patches immediately. Ensuring the platform is up to date is critical to maintaining a secure educational environment.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenSift is an AI study tool that sifts through large datasets using semantic search and generative AI
OpenSift is an AI study tool that sifts through large datasets using semantic search and generative AI
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OpenSift is an AI study tool that sifts through large datasets using semantic search and generative AI
OpenSift is an AI study tool that sifts through large datasets using semantic search and generative AI
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
xiaoheiFS is a self-hosted financial and operational system for cloud service businesses
xiaoheiFS is a self-hosted financial and operational system for cloud service businesses
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
xiaoheiFS is a self-hosted financial and operational system for cloud service businesses
xiaoheiFS is a self-hosted financial and operational system for cloud service businesses
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
A vulnerability was determined in itsourcecode Vehicle Management System 1
A vulnerability was determined in itsourcecode Vehicle Management System 1
---METADATA---
VENDOR: itsourcecode
PRODUCT: Vehicle Management System
AFFECTED_VERSIONS: 1
---END_METADATA---
Description Summary:
A high-severity vulnerability has been identified in itsourcecode Vehicle Management System 1, though specific technical details of the flaw are currently limited.
Executive Summary:
The itsourcecode Vehicle Management System 1 is affected by a high-severity vulnerability that could lead to unauthorized system access or data compromise.
Vulnerability Details
CVE-ID: CVE-2026-2867
Affected Software: itsourcecode Vehicle Management System
Affected Versions: 1
Vulnerability: While the specific vulnerability type is not detailed in the initial disclosure, the high severity indicates a significant flaw in the application's security logic or input handling. Users should assume a high risk of exploitation until further details are provided.
Business Impact
A successful exploit could lead to the unauthorized management of vehicle data, user accounts, or administrative settings. The CVSS score of 7.3 indicates a High-risk level, suggesting that an attacker could cause substantial harm to the organization's operations.
Remediation Plan
Immediate Action: Apply all available security updates from itsourcecode immediately and monitor the vendor's advisory page for detailed technical guidance.
Proactive Monitoring: Closely monitor application logs for unauthorized login attempts, unusual data modifications, or administrative changes.
Compensating Controls: Restrict access to the Vehicle Management System to a trusted internal network or use a VPN to minimize exposure to the public internet.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of February 23, 2026, there is no public information indicating active exploitation. The lack of detailed information necessitates a cautious and proactive defense strategy.
Analyst Recommendation
Despite the limited technical details, the "High" severity rating requires immediate action. Administrators should treat this as a potential remote code execution or data bypass vulnerability and apply the latest updates or restrictive access controls without delay.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
A vulnerability was found in itsourcecode Agri-Trading Online Shopping System 1
A vulnerability was found in itsourcecode Agri-Trading Online Shopping System 1
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
A vulnerability was determined in D-Link DWR-M960 1
A vulnerability was determined in D-Link DWR-M960 1
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
---METADATA---
VENDOR: HP
PRODUCT: X-Wing HPKE Implementation
AFFECTED_VERSIONS: See vendor advisory for affected versions
---END_METADATA---
Description Summary:
A remote attacker can trigger an out-of-bounds read in the C decapsulation path of X-Wing HPKE by supplying a short encapsulated key, potentially causing a crash or memory disclosure.
Executive Summary:
A high-severity out-of-bounds read vulnerability in the X-Wing HPKE implementation could lead to memory disclosure or a remote denial-of-service.
Vulnerability Details
CVE-ID: CVE-2026-28815
Affected Software: HP (X-Wing HPKE Implementation)
Affected Versions: See vendor advisory for affected versions
Vulnerability: An unauthenticated remote attacker can supply a specially crafted, short X-Wing HPKE encapsulated key. This triggers an out-of-bounds read during the C decapsulation process, which can lead to a system crash or the disclosure of sensitive memory contents.
Business Impact
This vulnerability directly impacts the confidentiality and availability of systems using this cryptographic implementation. With a CVSS score of 7.5, the risk includes the potential for attackers to leak sensitive information from memory or crash critical communication services, leading to operational downtime.
Remediation Plan
Immediate Action: Apply the vendor-provided security patches for the affected cryptographic library to fix the out-of-bounds read in the decapsulation path.
Proactive Monitoring: Implement monitoring for application crashes and review system memory logs for signs of abnormal access patterns related to cryptographic operations.
Compensating Controls: Utilize memory-safe runtime protections where possible and ensure that all input keys are validated for correct length before processing.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of April 4, 2026, there is no public information indicating active exploitation. Memory safety vulnerabilities in cryptographic paths are critical as they can often be exploited remotely without authentication.
Analyst Recommendation
Immediate patching is required to protect against remote memory disclosure and denial-of-service. Security teams should ensure that all applications utilizing the affected X-Wing HPKE implementation are updated to the latest secure version.