A vulnerability was detected in OpenClaw up to 2026
Description
A vulnerability was detected in OpenClaw up to 2026
Remediation
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Search and filter 17426 vulnerabilities with AI analyst insights
A vulnerability was detected in OpenClaw up to 2026
A vulnerability was detected in OpenClaw up to 2026
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
A vulnerability was found in D-Link DCS-935L up to 1
A vulnerability was found in D-Link DCS-935L up to 1
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow an unauthenticated attacker on the same local network segment to execute arbi...
An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow an unauthenticated attacker on the same local network segment to execute arbitrary code
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
A security vulnerability has been detected in EFM ipTIME A8004T 14
A security vulnerability has been detected in EFM ipTIME A8004T 14
---METADATA---
VENDOR: EFM
PRODUCT: ipTIME A8004T
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
---END_METADATA---
Description Summary:
A security vulnerability has been identified in the EFM ipTIME A8004T router, potentially allowing for unauthorized system impact.
Executive Summary:
A critical security vulnerability in the EFM ipTIME A8004T router poses a high risk of unauthorized system access or compromise.
Vulnerability Details
CVE-ID: CVE-2026-8234
Affected Software: EFM ipTIME A8004T
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: The specific nature of this vulnerability is currently under analysis; however, it affects the core firmware of the device. Given the high CVSS score, it is treated as a severe flaw requiring immediate administrative attention.
Business Impact
The device functions as network infrastructure, meaning a compromise could lead to full network interception, traffic manipulation, or pivot points for further lateral movement within the environment. With a CVSS score of 8.8, the potential for significant disruption or data exfiltration is high, necessitating urgent remediation.
Remediation Plan
Immediate Action: Check the EFM ipTIME support portal for the latest firmware release and apply it to all affected A8004T units immediately.
Proactive Monitoring: Monitor network traffic for unusual outbound connections or unauthorized administrative access attempts originating from the router.
Compensating Controls: Restrict management interface access to trusted internal IP addresses and disable remote management features until the device is patched.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of May 11, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Given the critical role of network routers in enterprise security, this vulnerability must be treated as a high-priority item. Administrators are advised to apply the latest firmware updates immediately to mitigate the risk of unauthorized access.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
A vulnerability was identified in Industrial Application Software IAS Canias ERP 8
A vulnerability was identified in Industrial Application Software IAS Canias ERP 8
---METADATA---
VENDOR: IAS (Industrial Application Software)
PRODUCT: Canias ERP
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
---END_METADATA---
Description Summary:
A security vulnerability has been identified in IAS Canias ERP 8 that requires immediate attention from security administrators.
Executive Summary:
A high-severity vulnerability in IAS Canias ERP 8 poses a significant risk to organizational data integrity and operational continuity.
Vulnerability Details
CVE-ID: CVE-2026-8216
Affected Software: IAS Canias ERP
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: This vulnerability affects the Canias ERP 8 suite, potentially allowing for unauthorized interactions with the application's underlying logic. The exact nature of the flaw requires verification against the vendor’s security bulletin to determine if authentication is required for exploitation.
Business Impact
The CVSS score of 7.3 indicates a High severity risk. Successful exploitation could allow attackers to manipulate ERP data, leading to financial inaccuracies, unauthorized access to sensitive corporate information, or severe operational downtime.
Remediation Plan
Immediate Action: Update the Canias ERP environment to the latest patched version provided by Industrial Application Software.
Proactive Monitoring: Monitor ERP database transaction logs and application event logs for unauthorized configuration changes or anomalous access patterns.
Compensating Controls: Implement strict network segmentation around the ERP server and utilize a Web Application Firewall (WAF) to filter suspicious traffic.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of May 11, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Due to the critical nature of ERP systems, this vulnerability must be treated with high urgency. Ensure that the vendor's security patches are tested and deployed in the production environment without delay to maintain system integrity.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
The Kirki plugin for WordPress is vulnerable to unauthenticated privilege escalation via an account takeover flaw in the password reset process.
The Kirki plugin for WordPress is vulnerable to unauthenticated privilege escalation via an account takeover flaw in the password reset process.
---METADATA---
VENDOR: WordPress
PRODUCT: Kirki Plugin
AFFECTED_VERSIONS: 6.0.0 to 6.0.6
---END_METADATA---
Description Summary:
The Kirki plugin for WordPress is vulnerable to unauthenticated privilege escalation via an account takeover flaw in the password reset process.
Executive Summary:
An unauthenticated account takeover vulnerability in the Kirki WordPress plugin allows attackers to compromise user accounts and escalate privileges.
Vulnerability Details
CVE-ID: CVE-2026-8206
Affected Software: WordPress Kirki Plugin
Affected Versions: 6.0.0 through 6.0.6
Vulnerability: The vulnerability exists because the plugin fails to properly validate the username-to-email mapping during password reset requests, allowing an unauthenticated attacker to trigger a password reset for any registered user to an attacker-controlled email address.
Business Impact
This flaw facilitates full account takeover, which can lead to unauthorized access to sensitive site data, administrative panel control, and the potential for malicious code injection into the website. With a CVSS score of 9.8, this represents a critical risk to site integrity and user trust.
Remediation Plan
Immediate Action: Update the Kirki plugin to the latest version immediately to resolve the password reset logic error.
Proactive Monitoring: Audit user account changes and recent password reset requests for suspicious activity or unauthorized account modifications.
Compensating Controls: Disable the password reset functionality if possible, or implement a rate-limiting mechanism on the reset endpoint via a security plugin or WAF.
Exploitation Status
Public Exploit Available: Unknown
Analyst Notes: As of Jun 2, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Account takeover vulnerabilities are frequently targeted by automated scanners. Site administrators should prioritize updating the Kirki plugin immediately to prevent unauthorized access and potential site-wide compromise.
Update WordPress is vulnerable to the latest version. Check vendor security advisory for specific patch details. Monitor for exploitation attempts and review access logs.
The Burst Statistics WordPress plugin contains an authentication bypass flaw allowing unauthenticated attackers to impersonate administrators via impr...
The Burst Statistics WordPress plugin contains an authentication bypass flaw allowing unauthenticated attackers to impersonate administrators via improper return-value handling.
---METADATA---
VENDOR: Burst Statistics
PRODUCT: Privacy-Friendly WordPress Analytics
AFFECTED_VERSIONS: 3.4.0 to 3.4.1.1
---END_METADATA---
Description Summary:
The Burst Statistics WordPress plugin contains an authentication bypass flaw allowing unauthenticated attackers to impersonate administrators via improper return-value handling.
Executive Summary:
A critical authentication bypass vulnerability in the Burst Statistics WordPress plugin allows unauthenticated attackers to gain administrative control over affected websites.
Vulnerability Details
CVE-ID: CVE-2026-8181
Affected Software: Burst Statistics Privacy-Friendly WordPress Analytics
Affected Versions: 3.4.0 to 3.4.1.1
Vulnerability: This vulnerability stems from incorrect return-value validation in the is_mainwp_authenticated() function. An unauthenticated attacker with knowledge of an administrator's username can bypass authentication checks and escalate privileges by supplying arbitrary passwords.
Business Impact
The CVSS score of 9.8 reflects the high risk of total system compromise. Successful exploitation allows unauthorized administrative access, potentially leading to complete data exfiltration, injection of malicious scripts, or full site takeover, resulting in significant reputational and operational damage.
Remediation Plan
Immediate Action: Update the Burst Statistics plugin to the latest available version immediately to patch the authentication logic.
Proactive Monitoring: Review web server and WordPress access logs for unusual administrative login patterns or attempts to access restricted dashboard pages from unrecognized IP addresses.
Compensating Controls: Implement a Web Application Firewall (WAF) to filter malicious requests targeting administrative endpoints and enforce strict IP allowlisting for the WordPress dashboard.
Exploitation Status
Public Exploit Available: Unknown
Analyst Notes: As of May 14, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
The severity of this flaw necessitates immediate attention. Administrators must prioritize updating the plugin to the latest version to prevent unauthorized access. Failure to do so leaves the site vulnerable to a complete takeover by unauthenticated actors.
Update Google Analytics Alternative to the latest version. Monitor for exploitation attempts and review access logs.
IBM Aspera High-Speed Transfer Endpoint 3
IBM Aspera High-Speed Transfer Endpoint 3
---METADATA---
VENDOR: IBM
PRODUCT: Aspera High-Speed Transfer
AFFECTED_VERSIONS: IBM Aspera High-Speed Transfer Endpoint/Server 3.7.4 through 4.4.7 Fix Pack 1
---END_METADATA---
Description Summary:
A stack-based buffer overflow in the IBM Aspera High-Speed Transfer component allows authenticated attackers to execute arbitrary code.
Executive Summary:
A buffer overflow vulnerability in IBM Aspera High-Speed Transfer products allows authenticated attackers to compromise the host system through crafted input.
Vulnerability Details
CVE-ID: CVE-2026-8179
Affected Software: IBM Aspera High-Speed Transfer Endpoint/Server
Affected Versions: 3.7.4 through 4.4.7 Fix Pack 1
Vulnerability: The vulnerability is a stack-based buffer overflow (CWE-121) within the asperahttpd component, which can be triggered by sending specially crafted input to the service.
Business Impact
Successful exploitation results in arbitrary code execution on the underlying host, impacting the confidentiality, integrity, and availability of the file transfer service. Given the CVSS score of 8.8, this represents a significant risk to high-value data transfer environments.
Remediation Plan
Immediate Action: Upgrade to the latest version, specifically Fix Pack 2, as recommended by the vendor.
Proactive Monitoring: Review logs for anomalous HTTP traffic directed at the Aspera service and monitor for unexpected process behavior or service crashes.
Compensating Controls: Use network segmentation to restrict access to the Aspera interface to trusted IP addresses and employ an Intrusion Prevention System (IPS) to detect buffer overflow attempts.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of June 7, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
IBM Aspera administrators should prioritize the installation of Fix Pack 2. Given the potential for full system compromise, patching should be scheduled as a high-priority task to maintain the security of file transfer infrastructure.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
An issue exists in Amazon Redshift JDBC Driver versions prior to 2
An issue exists in Amazon Redshift JDBC Driver versions prior to 2
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
XML::LibXML versions through 2
XML::LibXML versions through 2
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
A buffer overflow in the IBM Aspera High-Speed Transfer component could lead to denial of service, authentication bypass, or remote code execution.
A buffer overflow in the IBM Aspera High-Speed Transfer component could lead to denial of service, authentication bypass, or remote code execution.
---METADATA---
VENDOR: IBM
PRODUCT: Aspera High-Speed Transfer
AFFECTED_VERSIONS: 3.7.4 through 4.4.7 Fix Pack 1
---END_METADATA---
Description Summary:
A buffer overflow in the IBM Aspera High-Speed Transfer component could lead to denial of service, authentication bypass, or remote code execution.
Executive Summary:
A critical buffer overflow vulnerability in IBM Aspera High-Speed Transfer allows for potential remote code execution or authentication bypass.
Vulnerability Details
CVE-ID: CVE-2026-8175
Affected Software: IBM Aspera High-Speed Transfer Endpoint/Server
Affected Versions: 3.7.4 through 4.4.7 Fix Pack 1
Vulnerability: A buffer overflow condition within the asperahttpd component occurs when processing malformed data, potentially allowing memory corruption and subsequent arbitrary code execution.
Business Impact
The CVSS score of 9.8 underscores the severity of this vulnerability, which allows an attacker to bypass authentication or gain full system control. This poses a critical risk to the security of data transfers and the underlying server infrastructure, potentially resulting in unauthorized access to sensitive data.
Remediation Plan
Immediate Action: Update IBM Aspera High-Speed Transfer to the latest version recommended by IBM's official security advisory.
Proactive Monitoring: Monitor logs for crashes of the asperahttpd service or abnormal traffic patterns directed at the transfer server.
Compensating Controls: Deploy a Web Application Firewall (WAF) or Intrusion Prevention System (IPS) to detect and block malformed HTTP requests targeting the Aspera service.
Exploitation Status
Public Exploit Available: Unknown
Analyst Notes: As of May 27, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Organizations using IBM Aspera for data movement must prioritize this update to prevent potential service compromise. Immediate patching is required to address this critical memory corruption risk.
Update IBM Aspera High to the latest version. Check vendor security advisory for specific patch details. Monitor for exploitation attempts and review access logs.
The Infility Global WordPress plugin before 2
The Infility Global WordPress plugin before 2
---METADATA---
VENDOR: WordPress
PRODUCT: Infility Global Plugin
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
---END_METADATA---
Description Summary:
A vulnerability in the Infility Global WordPress plugin may allow for unauthorized actions due to insufficient input validation.
Executive Summary:
The Infility Global WordPress plugin contains a high-severity vulnerability that could allow unauthorized actors to compromise site integrity.
Vulnerability Details
CVE-ID: CVE-2026-8163
Affected Software: WordPress Infility Global Plugin
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: The plugin fails to properly validate inputs or enforce capability checks, potentially allowing an attacker to execute unauthorized functions. Given the nature of WordPress plugins, this vulnerability likely requires an authenticated user with low-level privileges or could be exploited if the plugin exposes unauthenticated AJAX endpoints.
Business Impact
Successful exploitation of this vulnerability could lead to unauthorized administrative actions, data exfiltration, or complete site takeover. With a CVSS score of 8.8, this flaw poses a significant risk to organizational data integrity and service availability, potentially resulting in severe reputational damage.
Remediation Plan
Immediate Action: Update the Infility Global plugin to the latest available version provided by the vendor. If an update is unavailable, disable or remove the plugin until a secure version is released.
Proactive Monitoring: Audit WordPress user logs for suspicious activity or unauthorized plugin settings changes. Monitor web server logs for requests directed at plugin-specific API endpoints.
Compensating Controls: Deploy a Web Application Firewall (WAF) with rules configured to block common exploit patterns against WordPress plugins.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of June 24, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Administrators should prioritize the immediate update of the Infility Global plugin. If the vendor has not released a patch, assess the business necessity of the plugin and consider removal as the most effective mitigation strategy to prevent unauthorized access.
Update WordPress plugin/theme to the latest version. Review WordPress security settings and remove if no longer needed.
The Vitepos WordPress plugin before 3
The Vitepos WordPress plugin before 3
---METADATA---
VENDOR: WordPress
PRODUCT: Vitepos
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
---END_METADATA---
Description Summary:
The Vitepos plugin for WordPress contains a security vulnerability that may allow unauthorized access or impact the integrity of the point-of-sale system.
Executive Summary:
A critical security flaw in the Vitepos WordPress plugin requires immediate attention to prevent potential unauthorized access and data compromise.
Vulnerability Details
CVE-ID: CVE-2026-8157
Affected Software: WordPress Vitepos
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: The Vitepos plugin for WordPress contains an unspecified vulnerability that may permit unauthorized access to system functions. Given the high CVSS score, this flaw likely involves an authentication bypass or insufficient authorization check within the plugin’s core operational code.
Business Impact
A CVSS score of 8.8 marks this as a high-risk vulnerability that could facilitate unauthorized access to sensitive point-of-sale data. The potential for exploitation could lead to significant business disruption, loss of transaction integrity, and the unauthorized exposure of customer information, necessitating immediate remediation to maintain compliance and security posture.
Remediation Plan
Immediate Action: Update the Vitepos plugin to the latest version immediately to ensure all security patches are applied.
Proactive Monitoring: Review application logs for anomalous requests or unauthorized attempts to access plugin-specific endpoints.
Compensating Controls: Utilize a Web Application Firewall (WAF) to filter malicious traffic and restrict access to plugin-related administrative interfaces from untrusted networks.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of June 23, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Given the high severity of this vulnerability, administrators should treat this update with the highest urgency. Ensure all WordPress environments running the Vitepos plugin are patched immediately and verify that no unauthorized administrative accounts have been created as a result of this flaw.
Update WordPress plugin/theme to the latest version. Review WordPress security settings and remove if no longer needed.
Universal Robots PolyScope contains an OS command injection vulnerability in the Dashboard Server interface.
Universal Robots PolyScope contains an OS command injection vulnerability in the Dashboard Server interface.
---METADATA---
VENDOR: Universal Robots
PRODUCT: PolyScope
AFFECTED_VERSIONS: Prior to 5.21.1
---END_METADATA---
Description Summary:
Universal Robots PolyScope contains an OS command injection vulnerability in the Dashboard Server interface.
Executive Summary:
An unauthenticated OS command injection vulnerability in the Universal Robots PolyScope Dashboard Server allows for remote code execution on the robot's operating system.
Vulnerability Details
CVE-ID: CVE-2026-8153
Affected Software: Universal Robots PolyScope
Affected Versions: Prior to 5.21.1
Vulnerability: The Dashboard Server interface fails to validate input, allowing an unauthenticated attacker to inject and execute arbitrary OS commands on the robot's controller.
Business Impact
Given the CVSS score of 9.8, this vulnerability poses a severe risk to industrial operations. An attacker could take control of the robot, potentially causing physical damage, halting production lines, or using the robot as a beachhead for further network lateral movement.
Remediation Plan
Immediate Action: Update PolyScope to version 5.21.1 or later.
Proactive Monitoring: Isolate the robot's network and monitor traffic to the Dashboard Server port for any unauthorized or unusual command strings.
Compensating Controls: Use network segmentation (VLANs) to restrict access to the robot's management interfaces to only necessary, trusted administrative workstations.
Exploitation Status
Public Exploit Available: No
Analyst Notes: As of May 8, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Industrial control systems require immediate remediation. Organizations should prioritize updating their Universal Robots fleet to prevent unauthorized physical and digital access.
Update Unknown Multiple Products to the latest version. Monitor for exploitation attempts and review access logs.
NAVER MYBOX Explorer for Windows before 3
NAVER MYBOX Explorer for Windows before 3
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
In MLflow versions prior to 3
In MLflow versions prior to 3
---METADATA---
VENDOR: MLflow
PRODUCT: MLflow
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
---END_METADATA---
Description Summary:
MLflow versions prior to 3 are vulnerable to a security flaw, necessitating an immediate review of vendor-provided security updates to mitigate potential risks.
Executive Summary:
MLflow versions prior to 3 contain an unspecified vulnerability that requires immediate attention to ensure the integrity and security of machine learning operations.
Vulnerability Details
CVE-ID: CVE-2026-8147
Affected Software: MLflow MLflow
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: The vulnerability exists in MLflow versions prior to 3. The specific technical nature of the flaw is not publicly detailed, but it requires investigation into the software's authentication and access control mechanisms to determine if the flaw is exploitable by unauthenticated or authenticated actors.
Business Impact
With a CVSS score of 8.1, this vulnerability is categorized as High. A successful exploit could lead to significant unauthorized access to sensitive machine learning models, training data, or infrastructure, potentially resulting in data exfiltration, model poisoning, or severe operational disruption.
Remediation Plan
Immediate Action: Upgrade to version 3 or the latest available version provided by the vendor immediately.
Proactive Monitoring: Review access logs for unusual patterns or unauthorized attempts to access MLflow API endpoints or administrative interfaces.
Compensating Controls: Implement strict network segmentation and ensure that the MLflow instance is not exposed to the public internet without robust authentication proxies.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of July 3, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw and the high CVSS score, the potential for exploitation is high.
Analyst Recommendation
Given the High severity rating, organizations utilizing MLflow must prioritize the transition to version 3 or higher. Administrators should verify their current deployment version and apply necessary patches as soon as they are made available by the vendor to prevent unauthorized access to critical data assets.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
A vulnerability was found in Tenda CX12L 16
A vulnerability was found in Tenda CX12L 16
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
A vulnerability has been found in Totolink X5000R 9
A vulnerability has been found in Totolink X5000R 9
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
SQL injection in the web console of Ivanti Endpoint Manager before version 2024 SU6 allows a remote authenticated attacker to achieve remote code exec...
SQL injection in the web console of Ivanti Endpoint Manager before version 2024 SU6 allows a remote authenticated attacker to achieve remote code execution
Apply security patches immediately for internet-facing systems. Monitor for exploitation attempts and review access logs.
The Frontend File Manager Plugin plugin for WordPress is vulnerable to Authenticated Arbitrary File Deletion in versions up to and including 23
The Frontend File Manager Plugin plugin for WordPress is vulnerable to Authenticated Arbitrary File Deletion in versions up to and including 23
---METADATA---
VENDOR: WordPress
PRODUCT: Frontend File Manager Plugin
AFFECTED_VERSIONS: See vendor advisory for affected versions
---END_METADATA---
Description Summary:
The WordPress Frontend File Manager Plugin is susceptible to an authenticated arbitrary file deletion vulnerability in versions up to and including 23.
Executive Summary:
An authenticated arbitrary file deletion vulnerability in the WordPress Frontend File Manager Plugin could allow an attacker to disrupt service or cause data loss by removing critical files.
Vulnerability Details
CVE-ID: CVE-2026-8095
Affected Software: WordPress Frontend File Manager Plugin
Affected Versions: See vendor advisory for affected versions
Vulnerability: This is an authenticated vulnerability, meaning the attacker must first possess a valid user account on the WordPress instance. Once authenticated, the attacker can leverage the plugin's file management functions to delete arbitrary files from the server's filesystem.
Business Impact
This vulnerability allows for the deletion of critical system or application files, which could lead to site instability, denial of service, or the removal of security-sensitive configuration files. With a CVSS score of 8.1, the high severity reflects the potential for significant operational disruption and the ease with which an attacker can cause permanent damage to the web environment.
Remediation Plan
Immediate Action: Update the Frontend File Manager Plugin to the latest patched version immediately.
Proactive Monitoring: Review WordPress user account activities and audit file modification logs for unauthorized deletion events.
Compensating Controls: If a patch is unavailable, disable the plugin entirely and implement a Web Application Firewall (WAF) to block suspicious requests targeting file management endpoints.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of June 28, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Administrators should treat this vulnerability with urgency, especially if the site allows user registration. Removing the plugin if it is not strictly required is the safest course of action until a verified update is applied.
Update WordPress plugin/theme to the latest version. Review WordPress security settings and remove if no longer needed.
Memory safety bugs present in Thunderbird 150
Memory safety bugs present in Thunderbird 150
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Memory safety bugs present in Thunderbird ESR 140
Memory safety bugs present in Thunderbird ESR 140
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
In Progress Flowmon versions prior to 12
In Progress Flowmon versions prior to 12
---METADATA---
VENDOR: Progress
PRODUCT: Flowmon
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
---END_METADATA---
Description Summary:
A critical vulnerability exists in Progress Flowmon versions prior to 12, potentially exposing the system to unauthorized access or compromise.
Executive Summary:
Progress Flowmon versions prior to 12 contain a high-severity vulnerability that could lead to unauthorized system access or service disruption.
Vulnerability Details
CVE-ID: CVE-2026-8079
Affected Software: Progress Flowmon
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: This vulnerability affects Progress Flowmon software and is categorized as a high-severity issue; specific technical details regarding the authentication level are pending further vendor disclosure.
Business Impact
The CVSS score of 8.7 highlights the significant threat to infrastructure monitoring operations. Exploitation could lead to the exposure of sensitive network traffic metadata or the compromise of monitoring integrity, resulting in severe operational downtime or data exfiltration.
Remediation Plan
Immediate Action: Upgrade all instances of Progress Flowmon to version 12 or higher as mandated by the vendor's security guidance.
Proactive Monitoring: Monitor system logs for unauthorized access attempts or unusual traffic patterns directed at the Flowmon management interface.
Compensating Controls: Restrict access to the Flowmon management interface to trusted IP ranges via firewall rules until the patch can be verified and applied.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of July 3, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Security teams should treat this vulnerability with high urgency and move to upgrade the affected Flowmon deployments immediately. Ensuring the transition to version 12 is critical to mitigating the risk of unauthorized access to network monitoring infrastructure.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
The Kirki – Freeform Page Builder, Website Builder & Customizer plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file...
The Kirki – Freeform Page Builder, Website Builder & Customizer plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation and missing capability check in the 'downloadZIP' function in all versions up to, and including, 6
---METADATA---
VENDOR: Kirki
PRODUCT: Kirki – Freeform Page Builder, Website Builder & Customizer plugin
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
CONFIDENCE: high
MISSING: patch, exploit_status, technical_details
---END_METADATA---
Description Summary:
The Kirki WordPress plugin is vulnerable to arbitrary file deletion due to missing capability checks and insufficient path validation in the 'downloadZIP' function.
Executive Summary:
The Kirki WordPress plugin contains an arbitrary file deletion vulnerability that could allow an unauthenticated attacker to remove critical system files.
Vulnerability Details
CVE-ID: CVE-2026-8073
Affected Software: Kirki – Freeform Page Builder, Website Builder & Customizer
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: The vulnerability resides in the downloadZIP function, which fails to perform proper capability checks or validate file paths. This allows an unauthenticated attacker to trigger file deletion operations on the hosting server.
Business Impact
This vulnerability poses a critical risk to site availability and integrity. A CVSS score of 7.5 indicates that an attacker could delete sensitive configuration files or core application components, leading to a complete denial of service or site compromise.
Remediation Plan
Immediate Action: Update the Kirki plugin to the latest available version provided by the vendor to remediate the insecure function.
Proactive Monitoring: Review file integrity logs for unauthorized deletion events and monitor WordPress error logs for suspicious activity related to plugin-specific functions.
Compensating Controls: If an update is not immediately available, consider disabling the Kirki plugin or implementing a WAF rule to block requests targeting the downloadZIP function.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of May 20, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Unauthorized file deletion is a severe security event that can lead to permanent data loss or total site failure. It is imperative that site administrators update the affected plugin immediately or remove it if it is not essential to the site's operation.
Update WordPress plugin/theme to the latest version. Review WordPress security settings and remove if no longer needed.
The Anti-Spam by CleanTalk
The Anti-Spam by CleanTalk
---METADATA---
VENDOR: CleanTalk
PRODUCT: Anti-Spam by CleanTalk plugin
AFFECTED_VERSIONS: See vendor advisory for affected versions
---END_METADATA---
Description Summary:
The Anti-Spam by CleanTalk plugin for WordPress contains an undisclosed vulnerability with a CVSS score of 8.8.
Executive Summary:
A high-severity vulnerability in the Anti-Spam by CleanTalk plugin poses a risk of unauthorized access or system impact.
Vulnerability Details
CVE-ID: CVE-2026-8071
Affected Software: CleanTalk Anti-Spam by CleanTalk
Affected Versions: See vendor advisory for affected versions
Vulnerability: The plugin is subject to a high-severity security flaw; while specific technical mechanics are pending further disclosure, vulnerabilities of this nature in security plugins often involve authentication bypass or improper access control.
Business Impact
The CVSS score of 8.8 indicates a high risk of system compromise. If exploited, an attacker could potentially bypass security controls, leading to unauthorized access to the WordPress environment, potentially compromising site integrity or sensitive visitor data.
Remediation Plan
Immediate Action: Update the Anti-Spam by CleanTalk plugin to the latest available version provided by the vendor.
Proactive Monitoring: Monitor for unusual administrative activity or changes in plugin configuration files that might indicate unauthorized tampering.
Compensating Controls: Utilize a Web Application Firewall to block suspicious traffic patterns directed at common plugin file paths.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of June 11, 2026, there is no public information indicating active exploitation of this vulnerability. However, the high CVSS score necessitates prompt attention to minimize the window of exposure.
Analyst Recommendation
Security plugins are high-value targets; therefore, this update should be treated with urgency. Please check the vendor's official release notes and apply the latest patch to ensure the continued security of your WordPress installation.
Update WordPress plugin/theme to the latest version. Review WordPress security settings and remove if no longer needed.
An issue in MongoDB Server's time-series collection implementation allows an authenticated user with database write privileges to trigger an out-of-bo...
An issue in MongoDB Server's time-series collection implementation allows an authenticated user with database write privileges to trigger an out-of-bounds memory write in the mongod process
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
External control of a file name in Ivanti Xtraction before version 2026.2 allows a remote authenticated attacker to read sensitive files and write arb...
External control of a file name in Ivanti Xtraction before version 2026.2 allows a remote authenticated attacker to read sensitive files and write arbitrary HTML files to a web directory, leading to information disclosure and possible client-side attacks.
---METADATA---
VENDOR: Ivanti
PRODUCT: Xtraction
AFFECTED_VERSIONS: < 2026.2
CONFIDENCE: high
MISSING: exploit_status
---END_METADATA---
Description Summary:
Ivanti Xtraction allows remote authenticated attackers to read sensitive files and write arbitrary HTML files, leading to information disclosure and potential client-side attacks.
Executive Summary:
A critical file management vulnerability in Ivanti Xtraction allows remote attackers to read sensitive files and perform arbitrary file writes, risking full system information disclosure.
Vulnerability Details
CVE-ID: CVE-2026-8043
Affected Software: Ivanti Xtraction
Affected Versions: < 2026.2
Vulnerability: The vulnerability stems from external control of a file name or path (CWE-73), allowing a remote authenticated attacker to manipulate file operations. This can be weaponized to read sensitive system files or inject malicious HTML into the web directory.
Business Impact
With a CVSS score of 9.6, this vulnerability poses a severe risk of information disclosure and potential site-wide client-side attacks. Unauthorized access to system files could lead to the exposure of credentials, configuration data, or further compromise of the web server.
Remediation Plan
Immediate Action: Upgrade Ivanti Xtraction to version 2026.2 or later to address the insecure file path handling.
Proactive Monitoring: Monitor web server logs for requests targeting sensitive system paths and unexpected file creation events in the web directory.
Compensating Controls: Use a Web Application Firewall (WAF) to block requests containing path traversal sequences or attempts to write files to restricted web directories.
Exploitation Status
Public Exploit Available: Not specified
Analyst Notes: As of May 12, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
This vulnerability represents a significant risk to the security of the Xtraction environment. Administrators must perform the update to version 2026.2 without delay and conduct a thorough review of file integrity on the host system.
Update Ivanti Xtraction before to the latest version. Check vendor security advisory for specific patch details. Monitor for exploitation attempts and review access logs.
The MOSK Information Technologies Ltd. CBS Platform contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary...
The MOSK Information Technologies Ltd. CBS Platform contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary database commands.
---METADATA---
VENDOR: MOSK Information Technologies Ltd.
PRODUCT: CBS Platform
AFFECTED_VERSIONS: Through 09062026
---END_METADATA---
Description Summary:
The MOSK Information Technologies Ltd. CBS Platform contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary database commands.
Executive Summary:
A critical SQL injection vulnerability in the unsupported MOSK CBS Platform exposes the entire backend database to unauthenticated remote exploitation.
Vulnerability Details
CVE-ID: CVE-2026-8025
Affected Software: MOSK Information Technologies Ltd. CBS Platform
Affected Versions: Through 09062026
Vulnerability: This flaw stems from improper neutralization of special elements within SQL commands, enabling unauthenticated attackers to manipulate database queries. The vulnerability exists within the core platform architecture.
Business Impact
With a CVSS score of 9.8, this vulnerability presents a catastrophic risk to data confidentiality, integrity, and availability. Successful exploitation allows attackers to dump sensitive information, modify records, or potentially gain full control over the underlying database server, leading to severe reputational damage and regulatory non-compliance.
Remediation Plan
Immediate Action: As the product is unsupported by the vendor, immediate decommissioning of the affected platform is required to eliminate the risk.
Proactive Monitoring: Review database audit logs for unusual query patterns, such as unexpected use of SQL keywords or attempts to access unauthorized system tables.
Compensating Controls: Deploy a Web Application Firewall (WAF) with strict SQL injection protection rules to filter malicious payloads, though this should be considered a temporary measure only.
Exploitation Status
Public Exploit Available: unknown
Analyst Notes: As of Jun 9, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw and the lack of vendor support, the potential for exploitation is high.
Analyst Recommendation
Given the critical nature of this vulnerability and the lack of future security patches from the vendor, organizations must prioritize the migration away from the CBS Platform. Continued use of this software poses an unacceptable security risk that cannot be mitigated through standard patching.
Update Infor Multiple Products to the latest version. Monitor for exploitation attempts and review access logs.
Zephyr's HTTP server (subsys/net/lib/http) provides a static-filesystem resource type (HTTP_RESOURCE_TYPE_STATIC_FS, available when CONFIG_FILE_SYSTEM...
Zephyr's HTTP server (subsys/net/lib/http) provides a static-filesystem resource type (HTTP_RESOURCE_TYPE_STATIC_FS, available when CONFIG_FILE_SYSTEM is enabled) that serves files from a configured root directory
---METADATA---
VENDOR: Zephyr Project
PRODUCT: Zephyr RTOS
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
---END_METADATA---
Description Summary:
A directory traversal or unauthorized file access vulnerability exists within the Zephyr HTTP server when using the static-filesystem resource type.
Executive Summary:
The Zephyr HTTP server contains a high-severity vulnerability that allows unauthorized access to files, potentially exposing sensitive system information.
Vulnerability Details
CVE-ID: CVE-2026-8023
Affected Software: Zephyr Project Zephyr RTOS
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: The HTTP server implementation in the Zephyr RTOS, specifically the static-filesystem resource type, fails to properly restrict access when CONFIG_FILE_SYSTEM is enabled. This allows unauthenticated remote attackers to potentially read files outside the intended root directory.
Business Impact
A CVSS score of 7.5 highlights the severity of this unauthorized access vulnerability. In an embedded context, this could lead to the exposure of sensitive configuration files, credentials, or proprietary data, significantly increasing the risk of full device compromise and loss of operational control.
Remediation Plan
Immediate Action: Apply the vendor-provided patch to the Zephyr RTOS source code or update to a version where this file access path is properly restricted.
Proactive Monitoring: Monitor network traffic for suspicious HTTP requests targeting sensitive file paths or using directory traversal sequences.
Compensating Controls: If patching is delayed, disable the CONFIG_FILE_SYSTEM feature in the HTTP server configuration if it is not strictly required for current operations.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of June 30, 2026, there is no public information indicating active exploitation of this vulnerability. However, the potential for exploitation is high due to the nature of the file access flaw in an RTOS environment.
Analyst Recommendation
This vulnerability represents a significant security risk for embedded systems running Zephyr. Engineering teams must review their firmware configurations and apply the necessary patches immediately to prevent unauthorized access to the underlying filesystem.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Insufficient policy enforcement in DevTools in Google Chrome prior to 148
Insufficient policy enforcement in DevTools in Google Chrome prior to 148
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Use after free in WebRTC in Google Chrome prior to 148
Use after free in WebRTC in Google Chrome prior to 148
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Use after free in Audio in Google Chrome on Mac prior to 148
Use after free in Audio in Google Chrome on Mac prior to 148
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Use After Free in Printing in Google Chrome on Linux, Mac, ChromeOS prior to 148
Use After Free in Printing in Google Chrome on Linux, Mac, ChromeOS prior to 148
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Insufficient validation of untrusted input in ChromeDriver in Google Chrome on Windows prior to 148
Insufficient validation of untrusted input in ChromeDriver in Google Chrome on Windows prior to 148
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Insufficient validation of untrusted input in Updater in Google Chrome on Mac prior to 148
Insufficient validation of untrusted input in Updater in Google Chrome on Mac prior to 148
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Out of bounds read in AdFilter in Google Chrome prior to 148
Out of bounds read in AdFilter in Google Chrome prior to 148
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Inappropriate implementation in Chromoting in Google Chrome on Windows prior to 148
Inappropriate implementation in Chromoting in Google Chrome on Windows prior to 148
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Insufficient validation of untrusted input in UI in Google Chrome on Linux, ChromeOS prior to 148
Insufficient validation of untrusted input in UI in Google Chrome on Linux, ChromeOS prior to 148
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Use after free in UI in Google Chrome prior to 148
Use after free in UI in Google Chrome prior to 148
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Insufficient validation of untrusted input in Updater in Google Chrome on Windows prior to 148
Insufficient validation of untrusted input in Updater in Google Chrome on Windows prior to 148
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Type Confusion in WebRTC in Google Chrome prior to 148
Type Confusion in WebRTC in Google Chrome prior to 148
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Use after free in WebRTC in Google Chrome prior to 148
Use after free in WebRTC in Google Chrome prior to 148
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Use after free in GPU in Google Chrome prior to 148
Use after free in GPU in Google Chrome prior to 148
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Use after free in ReadingMode in Google Chrome prior to 148
Use after free in ReadingMode in Google Chrome prior to 148
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Out of bounds read in Codecs in Google Chrome prior to 148
Out of bounds read in Codecs in Google Chrome prior to 148
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Use after free in WebAudio in Google Chrome prior to 148
Use after free in WebAudio in Google Chrome prior to 148
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Inappropriate implementation in Companion in Google Chrome on Mac prior to 148
Inappropriate implementation in Companion in Google Chrome on Mac prior to 148
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Use after free in DevTools in Google Chrome prior to 148
Use after free in DevTools in Google Chrome prior to 148
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Use after free in Blink in Google Chrome prior to 148
Use after free in Blink in Google Chrome prior to 148
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Integer overflow in Dawn in Google Chrome on Windows prior to 148
Integer overflow in Dawn in Google Chrome on Windows prior to 148
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
---METADATA---
VENDOR: WatchGuard
PRODUCT: Fireware OS
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
---END_METADATA---
Description Summary:
An out-of-bounds write vulnerability in WatchGuard Fireware OS could allow unauthenticated local network attackers to execute arbitrary code.
Executive Summary:
A critical out-of-bounds write vulnerability in WatchGuard Fireware OS enables unauthenticated local network attackers to achieve arbitrary code execution.
Vulnerability Details
CVE-ID: CVE-2026-8247
Affected Software: WatchGuard Fireware OS
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: The vulnerability is an out-of-bounds write flaw in the Fireware OS, which can be triggered by an unauthenticated attacker located on the same local network segment. This allows for the execution of arbitrary code, potentially leading to a full system takeover.
Business Impact
With a CVSS score of 7.7, this vulnerability represents a significant risk to network security, as it allows attackers to bypass perimeter defenses and gain control over critical infrastructure devices. Compromise of the firewall could lead to total network exposure, data breaches, and the disruption of business-critical communications.
Remediation Plan
Immediate Action: Update all WatchGuard Fireware OS devices to the latest patched version provided by the vendor immediately.
Proactive Monitoring: Monitor network traffic for anomalous behavior or unauthorized attempts to access management interfaces from local network segments.
Compensating Controls: Restrict local network access to management interfaces and ensure that all internal network segments are isolated to prevent unauthorized local proximity to the firewall.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of July 3, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
The ability for an unauthenticated attacker to execute code makes this a high-priority remediation task. Organizations must verify their firmware versions and apply patches immediately to prevent unauthorized access to their network security appliances.