Ella Core is a 5G core designed for private networks
Description
Ella Core is a 5G core designed for private networks
Remediation
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Search and filter 17426 vulnerabilities with AI analyst insights
Ella Core is a 5G core designed for private networks
Ella Core is a 5G core designed for private networks
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
NLnet Labs Unbound contains a DNSSEC validation flaw that can be exploited to cause a denial-of-service or potentially remote code execution.
NLnet Labs Unbound contains a DNSSEC validation flaw that can be exploited to cause a denial-of-service or potentially remote code execution.
Update the DNSSEC Multiple Products to the latest version. Check vendor security advisory for specific patch details. Monitor for exploitation attempts and review access logs.
An OS command Injection issue exists in LogonTracer prior to v2
An OS command Injection issue exists in LogonTracer prior to v2
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Use of Hard-coded Cryptographic Key vulnerability in Apache OpenMeetings
Use of Hard-coded Cryptographic Key vulnerability in Apache OpenMeetings
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
The Xstore WordPress theme before 9
The Xstore WordPress theme before 9
---METADATA---
VENDOR: 8Theme
PRODUCT: Xstore WordPress theme
AFFECTED_VERSIONS: Xstore WordPress theme before 9.7.3
---END_METADATA---
Description Summary:
The Xstore WordPress theme is vulnerable to an unauthenticated SQL injection via an AJAX action due to improper input sanitization.
Executive Summary:
The Xstore WordPress theme contains a critical SQL injection vulnerability allowing unauthenticated attackers to compromise database integrity.
Vulnerability Details
CVE-ID: CVE-2026-3326
Affected Software: 8Theme Xstore WordPress theme
Affected Versions: Xstore WordPress theme before 9.7.3
Vulnerability: This is an unauthenticated SQL injection vulnerability where a parameter is not properly sanitized or escaped before being included in a SQL statement via an AJAX action. This allows an unauthenticated attacker to manipulate backend database queries.
Business Impact
With a CVSS score of 8.6, this vulnerability poses a high risk to organizational data confidentiality and integrity. Successful exploitation could lead to unauthorized access to the database, potentially resulting in the exfiltration of sensitive user information, administrative credentials, or full site compromise.
Remediation Plan
Immediate Action: Update the Xstore WordPress theme to version 9.7.3 or later immediately to incorporate the required input sanitization fixes.
Proactive Monitoring: Review web server and database logs for anomalous SQL query structures or unexpected patterns originating from AJAX endpoints.
Compensating Controls: Deploy a Web Application Firewall (WAF) with updated rulesets designed to detect and block common SQL injection attack patterns.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of June 11, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw—specifically the ease of access for unauthenticated parties—the potential for exploitation is high.
Analyst Recommendation
Given the severity of SQL injection vulnerabilities, immediate patching is required to prevent potential data breaches. Administrators should verify their theme version and apply the 9.7.3 update as a priority to mitigate this significant security exposure.
Update WordPress plugin/theme to the latest version. Review WordPress security settings and remove if no longer needed.
Freeciv21 is a free open source, turn-based, empire-building strategy game
Freeciv21 is a free open source, turn-based, empire-building strategy game
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
barebox is a bootloader
barebox is a bootloader
---METADATA---
VENDOR: Barebox
PRODUCT: Barebox
AFFECTED_VERSIONS: See vendor advisory for affected versions
---END_METADATA---
Description Summary:
A high-severity vulnerability has been identified in the Barebox bootloader, potentially allowing for the compromise of the system boot process.
Executive Summary:
A critical security flaw in the Barebox bootloader could allow attackers to bypass secure boot mechanisms and achieve persistent low-level system compromise.
Vulnerability Details
CVE-ID: CVE-2026-33243
Affected Software: Barebox
Affected Versions: See vendor advisory for affected versions
Vulnerability: The Barebox bootloader is affected by a flaw in its pre-boot execution environment. The CVSS score of 8.2 suggests that an attacker with physical or network access (depending on configuration) could exploit this to execute unauthorized code before the operating system loads, potentially circumventing all higher-level security controls.
Business Impact
A successful exploit allows for the installation of bootkits or rootkits that are nearly impossible to detect from within the operating system. This poses a catastrophic risk to the integrity of embedded systems and servers, potentially leading to permanent hardware backdoors and complete loss of system trust.
Remediation Plan
Immediate Action: Update the Barebox firmware to the latest patched version and re-verify the integrity of the boot chain.
Proactive Monitoring: Monitor for unauthorized attempts to flash firmware or modify boot parameters on affected devices.
Compensating Controls: Enable hardware-based Root of Trust and Secure Boot features where available to prevent the execution of unsigned bootloader components.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of March 22, 2026, there is no public information indicating active exploitation of this vulnerability. Bootloader vulnerabilities are highly critical because they reside outside the visibility of standard security software.
Analyst Recommendation
We recommend an immediate update of the Barebox bootloader across all affected hardware. Due to the difficulty of remediating boot-level flaws, this should be treated as a high-priority task to prevent long-term persistent compromise of infrastructure.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Salvo is a Rust web framework
Salvo is a Rust web framework
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Zohocorp ManageEngine Log360 versions 13000 through 13013 are vulnerable to authentication bypass on certain actions due to improper filter configurat...
Zohocorp ManageEngine Log360 versions 13000 through 13013 are vulnerable to authentication bypass on certain actions due to improper filter configuration
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
NLTK (Natural Language Toolkit) is a suite of open source Python modules, data sets, and tutorials supporting research and development in Natural Lang...
NLTK (Natural Language Toolkit) is a suite of open source Python modules, data sets, and tutorials supporting research and development in Natural Language Processing
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents
AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents
---METADATA---
VENDOR: AutoGPT
PRODUCT: Workflow Automation Platform
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
---END_METADATA---
Description Summary:
A vulnerability has been identified in the AutoGPT workflow automation platform, which is used for managing continuous artificial intelligence agents.
Executive Summary:
The AutoGPT workflow automation platform is susceptible to a security vulnerability that could compromise the integrity of artificial intelligence agent deployments.
Vulnerability Details
CVE-ID: CVE-2026-33233
Affected Software: AutoGPT Workflow Automation Platform
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: The specific nature of the vulnerability remains under investigation; however, it impacts the core framework used for creating and deploying continuous AI agents. The authentication requirements for exploitation are currently unspecified, requiring careful review of vendor documentation.
Business Impact
Successful exploitation of this vulnerability could lead to unauthorized manipulation of automated workflows and AI agent behaviors. With a CVSS score of 7.6, this flaw presents a high risk to operational integrity and potential data confidentiality, necessitating prompt attention to prevent unauthorized system control.
Remediation Plan
Immediate Action: Review the official AutoGPT security advisories and apply all recommended patches or configuration changes immediately.
Proactive Monitoring: Audit system logs for anomalous activity associated with AI agent management and unusual API requests.
Compensating Controls: Restrict network access to the AutoGPT management interface to authorized personnel only to minimize the attack surface.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of May 19, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Given the high CVSS score, organizations utilizing AutoGPT must prioritize this advisory. Administrators should verify their current version against the vendor's security guidance and apply necessary updates to ensure the security of their automation environments.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents
AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents
---METADATA---
VENDOR: AutoGPT
PRODUCT: Workflow Automation Platform
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
---END_METADATA---
Description Summary:
A security flaw has been reported in the AutoGPT platform, impacting its functionality for creating and managing continuous artificial intelligence agents.
Executive Summary:
This vulnerability in the AutoGPT platform poses a significant risk to the security of automated AI agent workflows.
Vulnerability Details
CVE-ID: CVE-2026-33232
Affected Software: AutoGPT Workflow Automation Platform
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: This vulnerability affects the workflow automation capabilities of AutoGPT. While technical details are limited, the flaw necessitates immediate verification of authentication controls within the platform to prevent unauthorized agent management.
Business Impact
With a CVSS score of 7.5, this vulnerability represents a high risk to business operations relying on AI-driven automation. Unauthorized access could result in the subversion of automated processes, leading to potential data corruption or unauthorized execution of tasks.
Remediation Plan
Immediate Action: Identify the current deployment version and apply security updates provided by the AutoGPT project.
Proactive Monitoring: Monitor logs for unauthorized access attempts or unexpected modifications to agent configuration files.
Compensating Controls: Implement strict network segmentation and ensure that the administrative interface is not exposed to the public internet.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of May 19, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Security teams should treat this vulnerability as a high-priority item. Ensuring the platform is running the latest secure version is critical to maintaining the stability and integrity of deployed AI agents.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
NLTK (Natural Language Toolkit) is a suite of open source Python modules, data sets, and tutorials supporting research and development in Natural Lang...
NLTK (Natural Language Toolkit) is a suite of open source Python modules, data sets, and tutorials supporting research and development in Natural Language Processing
---METADATA---
VENDOR: NLTK Project
PRODUCT: Natural Language Toolkit (NLTK)
AFFECTED_VERSIONS: See vendor advisory for affected versions
---END_METADATA---
Description Summary:
A high-severity security vulnerability has been identified in the Natural Language Toolkit (NLTK) Python library, impacting data processing and research environments.
Executive Summary:
The NLTK Python suite is affected by a high-severity vulnerability that could compromise the integrity of natural language processing workflows and the underlying host systems.
Vulnerability Details
CVE-ID: CVE-2026-33231
Affected Software: NLTK Project Natural Language Toolkit (NLTK)
Affected Versions: See vendor advisory for affected versions
Vulnerability: This vulnerability involves a flaw in the core processing modules of the NLTK library. While specific function names are withheld in the preliminary summary, the CVSS score of 7.5 suggests a risk involving unauthorized data manipulation or remote code execution, likely depending on how the toolkit handles untrusted datasets.
Business Impact
Compromise of the NLTK library can lead to the corruption of research data, unauthorized access to development environments, and potential lateral movement within an organization's AI/ML pipeline. The CVSS score of 7.5 justifies a High severity rating, as a successful exploit could disrupt critical data science operations and lead to the exposure of proprietary training models.
Remediation Plan
Immediate Action: Apply the latest security updates provided by the NLTK project via pip or official distribution channels immediately.
Proactive Monitoring: Review Python application logs for anomalous errors during dataset loading or processing and monitor for unusual outbound network connections from NLTK-dependent services.
Compensating Controls: Utilize containerization or virtual environments to isolate NLTK processing tasks, limiting the potential blast radius of a successful exploit.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of March 22, 2026, there is no public information indicating active exploitation of this vulnerability. Given its presence in a widely used Python library, developers should proactively update their dependency requirements to mitigate risk.
Analyst Recommendation
Immediate patching is recommended for all environments utilizing the NLTK library. Security teams should ensure that all Python requirements files (e.g., requirements.txt, Pipfile) are updated to the secure version to prevent the introduction of this vulnerability into production environments.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
An unsecured configuration interface on affected devices allows unauthenticated remote attackers to access sensitive information, including hashed cre...
An unsecured configuration interface on affected devices allows unauthenticated remote attackers to access sensitive information, including hashed credentials and access codes
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Budibase is a low code platform for creating internal tools, workflows, and admin panels
Budibase is a low code platform for creating internal tools, workflows, and admin panels
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
NATS-Server is a High-Performance server for NATS
NATS-Server is a High-Performance server for NATS
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Starting in version 1.0.0 and prior to versions 1.0.1, 1.3....
Tekton Pipelines project provides k8s-style resources for declaring CI/CD-style pipelines. Starting in version 1.0.0 and prior to versions 1.0.1, 1.3.3, 1.6.1, 1.9.2, and 1.10.2, the Tekton Pipelines git resolver is vulnerable to path traversal via the `pathInRepo` parameter. A tenant with permission to create `ResolutionRequests` (e.g. by creating `TaskRuns` or `PipelineRuns` that use the git resolver) can read arbitrary files from the resolver pod's filesystem, including ServiceAccount tokens. The file contents are returned base64-encoded in `resolutionrequest.status.data`. Versions 1.0.1, 1.3.3, 1.6.1, 1.9.2, and 1.10.2 contain a patch.
---METADATA---
VENDOR: Tekton
PRODUCT: Pipelines
AFFECTED_VERSIONS: 1.0.0 prior to 1.0.1, 1.3.3, 1.6.1, 1.9.2, and 1.10.2
CONFIDENCE: high
MISSING: none
---END_METADATA---
Description Summary:
A path traversal vulnerability in the Tekton Pipelines git resolver allows authenticated tenants to read arbitrary files, including sensitive ServiceAccount tokens, from the resolver pod.
Executive Summary:
The Tekton Pipelines git resolver is vulnerable to path traversal, enabling unauthorized access to sensitive filesystem data and credentials.
Vulnerability Details
CVE-ID: CVE-2026-33211
Affected Software: Tekton Pipelines
Affected Versions: 1.0.0 prior to 1.0.1, 1.3.3, 1.6.1, 1.9.2, and 1.10.2
Vulnerability: The pathInRepo parameter in the git resolver is susceptible to path traversal. Authenticated users with permissions to create ResolutionRequests can exploit this to read arbitrary files from the pod's filesystem, including sensitive ServiceAccount tokens.
Business Impact
This vulnerability carries a CVSS score of 9.6, posing an extreme risk to CI/CD pipeline security. By obtaining ServiceAccount tokens, an attacker could escalate privileges within the Kubernetes cluster, potentially leading to unauthorized control over the entire CI/CD environment and associated production deployments.
Remediation Plan
Immediate Action: Update Tekton Pipelines to the patched versions (1.0.1, 1.3.3, 1.6.1, 1.9.2, or 1.10.2) as specified by the vendor.
Proactive Monitoring: Audit ResolutionRequest logs for irregular pathInRepo patterns or attempts to access system-level files outside of authorized repository structures.
Compensating Controls: Review and tighten Kubernetes Role-Based Access Control (RBAC) policies to restrict which users can create TaskRuns or PipelineRuns.
Exploitation Status
Public Exploit Available: No
Analyst Notes: As of Mar 24, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Given the potential for credential theft and lateral movement within Kubernetes environments, this vulnerability is critical. Organizations should immediately audit their Tekton deployments and apply the provided patches to ensure pipeline integrity and prevent cluster-wide compromise.
Update Tekton Pipelines Multiple Products to the latest version. Monitor for exploitation attempts and review access logs.
SimpleJWT is a simple JSON web token library written in PHP
SimpleJWT is a simple JSON web token library written in PHP
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
SiYuan is a personal knowledge management system
SiYuan is a personal knowledge management system
---METADATA---
VENDOR: SiYuan
PRODUCT: SiYuan Knowledge Management System
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
---END_METADATA---
Description Summary:
A security vulnerability has been identified in the SiYuan personal knowledge management system that could allow for unauthorized actions or data access.
Executive Summary:
A high-severity vulnerability in the SiYuan knowledge management system puts personal and organizational data at risk of unauthorized compromise.
Vulnerability Details
CVE-ID: CVE-2026-33203
Affected Software: SiYuan SiYuan Knowledge Management System
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: While the specific technical flaw is not detailed in the summary, the high CVSS score indicates a significant vulnerability within the SiYuan application logic. Based on the product type, this likely involves an authentication bypass or an insecure direct object reference (IDOR) affecting stored notes.
Business Impact
SiYuan is used for managing sensitive personal and professional knowledge; a compromise could lead to the total loss of intellectual property and private data. Unauthorized access to a knowledge management system can result in severe reputational damage and the exposure of confidential strategic information. The CVSS score of 7.5 highlights the urgent need for remediation to protect sensitive information assets.
Remediation Plan
Immediate Action: Apply the vendor-provided security updates immediately to patch the underlying vulnerability in the SiYuan application.
Proactive Monitoring: Audit access logs for the SiYuan system to identify any unauthorized login attempts or unusual data export activities.
Compensating Controls: Ensure the SiYuan instance is not exposed directly to the public internet; use a VPN or zero-trust network access (ZTNA) to restrict access to authorized users only.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of March 22, 2026, there is no public information indicating active exploitation of this vulnerability. Users should remain vigilant as knowledge management systems are high-value targets for data theft.
Analyst Recommendation
Due to the sensitive nature of the data stored within SiYuan, this vulnerability should be treated with high priority. Organizations and individual users must apply the latest security patches immediately. Furthermore, reinforcing the hosting environment with strict network-level access controls is recommended to provide a layered defense against potential exploits.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Active Storage allows users to attach cloud and local files in Rails applications. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1, Active Storage's `...
Active Storage allows users to attach cloud and local files in Rails applications. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1, Active Storage's `DiskService#delete_prefixed` passes blob keys directly to `Dir.glob` without escaping glob metacharacters. If a blob key contains attacker-controlled input or custom-generated keys with glob metacharacters, it may be possible to delete unintended files from the storage directory. Versions 8.1.2.1, 8.0.4.1, and 7.2.3.1 contain a patch.
---METADATA---
VENDOR: Ruby on Rails
PRODUCT: Active Storage
AFFECTED_VERSIONS: Prior to 8.1.2.1, 8.0.4.1, and 7.2.3.1
CONFIDENCE: high
MISSING: none
---END_METADATA---
Description Summary:
A command injection vulnerability in Active Storage allows attackers to delete arbitrary files from the storage directory via unescaped glob metacharacters in blob keys.
Executive Summary:
A critical vulnerability in Ruby on Rails Active Storage permits unauthorized file deletion, potentially leading to significant system disruption.
Vulnerability Details
CVE-ID: CVE-2026-33202
Affected Software: Ruby on Rails, Active Storage
Affected Versions: Prior to 8.1.2.1, 8.0.4.1, and 7.2.3.1
Vulnerability: The DiskService#delete_prefixed function improperly handles blob keys by passing them to Dir.glob without escaping, allowing for directory traversal and arbitrary file deletion. The authentication level required depends on whether the application allows user-controlled input to influence blob key generation.
Business Impact
The ability for an attacker to delete arbitrary files from the server storage directory poses a severe risk to data integrity and system availability. With a CVSS score of 9.1, this vulnerability could result in the destruction of critical application data, configuration files, or backups, leading to substantial downtime and potential loss of business continuity.
Remediation Plan
Immediate Action: Upgrade to Ruby on Rails Active Storage versions 8.1.2.1, 8.0.4.1, or 7.2.3.1 immediately to implement the required input sanitization patch.
Proactive Monitoring: Review application logs for unusual file deletion patterns or errors generated by the DiskService component.
Compensating Controls: Implement strict input validation on all blob keys and utilize filesystem-level permissions to restrict the web application's ability to delete files outside of designated storage subdirectories.
Exploitation Status
Public Exploit Available: No
Analyst Notes: As of Mar 24, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Given the critical severity of this file-deletion vulnerability, organizations should prioritize patching their Ruby on Rails environments. Ensure that all deployment pipelines are updated to reference the corrected versions to prevent unauthorized file system manipulation.
Update Active Multiple Products to the latest version. Check vendor security advisory for specific patch details. Monitor for exploitation attempts and review access logs.
Active Storage allows users to attach cloud and local files in Rails applications. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1, Active Storage's `...
Active Storage allows users to attach cloud and local files in Rails applications. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1, Active Storage's `DiskService#path_for` does not validate that the resolved filesystem path remains within the storage root directory. If a blob key containing path traversal sequences (e.g. `../`) is used, it could allow reading, writing, or deleting arbitrary files on the server. Blob keys are expected to be trusted strings, but some applications could be passing user input as keys and would be affected. Versions 8.1.2.1, 8.0.4.1, and 7.2.3.1 contain a patch.
---METADATA---
VENDOR: Ruby on Rails
PRODUCT: Active Storage
AFFECTED_VERSIONS: Prior to 8.1.2.1, 8.0.4.1, and 7.2.3.1
CONFIDENCE: high
MISSING: none
---END_METADATA---
Description Summary:
A path traversal vulnerability in Active Storage allows attackers to read, write, or delete arbitrary files on the server via malicious blob keys.
Executive Summary:
A critical path traversal vulnerability in Ruby on Rails Active Storage enables attackers to perform unauthorized file system operations, threatening server-wide data integrity.
Vulnerability Details
CVE-ID: CVE-2026-33195
Affected Software: Ruby on Rails, Active Storage
Affected Versions: Prior to 8.1.2.1, 8.0.4.1, and 7.2.3.1
Vulnerability: The DiskService#path_for function fails to validate that resolved filesystem paths remain within the storage root. If an application uses attacker-influenced strings as blob keys, it permits arbitrary file system access outside the intended directory.
Business Impact
With a CVSS score of 9.8, this vulnerability represents a critical threat, potentially allowing complete server compromise. An attacker could read sensitive configuration files, overwrite critical system binaries, or delete essential data, leading to total service loss and unauthorized disclosure of internal information.
Remediation Plan
Immediate Action: Apply the vendor-provided patch by upgrading Active Storage to versions 8.1.2.1, 8.0.4.1, or 7.2.3.1.
Proactive Monitoring: Monitor server access logs for path traversal attempts, specifically looking for ../ sequences in requests interacting with file storage services.
Compensating Controls: Deploy a Web Application Firewall (WAF) configured to block requests containing directory traversal patterns directed at the storage backend.
Exploitation Status
Public Exploit Available: No
Analyst Notes: As of Mar 24, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
This vulnerability is highly severe and requires immediate remediation. Organizations utilizing Active Storage must update their environments to the latest versions to prevent attackers from gaining unauthorized access to the underlying filesystem.
Update Active Multiple Products to the latest version. Check vendor security advisory for specific patch details. Monitor for exploitation attempts and review access logs.
gRPC-Go versions prior to 1.79.3 are vulnerable to an authorization bypass due to improper input validation of HTTP/2 :path pseudo-headers, allowing a...
gRPC-Go versions prior to 1.79.3 are vulnerable to an authorization bypass due to improper input validation of HTTP/2 :path pseudo-headers, allowing attackers to circumvent path-based security rules.
---METADATA---
VENDOR: Google
PRODUCT: gRPC-Go
AFFECTED_VERSIONS: Versions prior to 1.79.3
---END_METADATA---
Description Summary:
gRPC-Go versions prior to 1.79.3 are vulnerable to an authorization bypass due to improper input validation of HTTP/2 :path pseudo-headers, allowing attackers to circumvent path-based security rules.
Executive Summary:
An unauthenticated attacker can bypass authorization interceptors in gRPC-Go servers by sending malformed HTTP/2 frames, potentially gaining unauthorized access to sensitive service methods.
Vulnerability Details
CVE-ID: CVE-2026-33186
Affected Software: Google gRPC-Go
Affected Versions: Versions prior to 1.79.3
Vulnerability: This is an authorization bypass vulnerability caused by improper input validation of the HTTP/2 :path pseudo-header. An unauthenticated attacker can send raw HTTP/2 frames with non-canonical paths (omitting the leading slash) to bypass "deny" rules in authorization interceptors like grpc/authz that expect canonical path strings.
Business Impact
A successful exploit allows an attacker to bypass security policies intended to restrict access to specific gRPC methods. This could lead to unauthorized data access, execution of restricted functions, and a total compromise of the application's security model. Given the CVSS score of 9.1, this vulnerability poses a critical risk to any infrastructure relying on gRPC-Go for secure communication and RBAC enforcement.
Remediation Plan
Immediate Action: Upgrade gRPC-Go to version 1.79.3 or later immediately to ensure the server rejects malformed :path headers with a codes.Unimplemented error.
Proactive Monitoring: Review gRPC server logs for codes.Unimplemented errors or anomalous traffic patterns involving malformed HTTP/2 headers.
Compensating Controls: Implement infrastructure-level normalization at the reverse proxy or load balancer level to ensure all incoming :path headers conform to canonical formats before reaching the gRPC server.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of Mar 20, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw and the ubiquity of gRPC-Go in microservices, the potential for exploitation is high once the vulnerability details are widely known.
Analyst Recommendation
The severity of this authorization bypass cannot be overstated for organizations utilizing gRPC-Go with path-based authorization. It is highly recommended to prioritize the update to version 1.79.3. If immediate patching is not feasible, hardening security policies to avoid "allow by default" fallbacks is a necessary interim step.
Update Google Multiple Products to the latest version. Monitor for exploitation attempts and review access logs.
nimiq/core-rs-albatross is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm
nimiq/core-rs-albatross is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm
---METADATA---
VENDOR: Nimiq
PRODUCT: core-rs-albatross
AFFECTED_VERSIONS: See vendor advisory for affected versions
---END_METADATA---
Description Summary:
The core-rs-albatross Rust implementation of the Nimiq Proof-of-Stake protocol contains a high-severity vulnerability affecting its consensus mechanism.
Executive Summary:
A high-severity vulnerability in the Nimiq core-rs-albatross implementation could compromise the consensus and stability of the Nimiq blockchain protocol.
Vulnerability Details
CVE-ID: CVE-2026-33184
Affected Software: Nimiq core-rs-albatross
Affected Versions: See vendor advisory for affected versions
Vulnerability: This vulnerability affects the Rust implementation of the Albatross consensus algorithm. An attacker could potentially exploit this flaw to disrupt the Proof-of-Stake protocol, leading to network instability or improper validation of blockchain transactions.
Business Impact
For organizations and users participating in the Nimiq network, this vulnerability poses a risk to the integrity of the blockchain and the availability of the network. The CVSS score of 7.5 highlights the potential for significant disruption to financial operations and the overall trust in the protocol's security.
Remediation Plan
Immediate Action: Update the core-rs-albatross node software to the latest secure version provided by the Nimiq development team.
Proactive Monitoring: Monitor node health and consensus participation metrics for anomalies that could indicate an attempted exploit of the protocol.
Compensating Controls: Ensure that blockchain nodes are running in a secure environment with restricted network access to prevent direct exposure to malicious actors.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of April 4, 2026, there is no public information indicating active exploitation of this vulnerability. Consensus-level vulnerabilities are highly sensitive and require immediate attention from all network participants.
Analyst Recommendation
All Nimiq network participants using the Rust implementation should update their nodes immediately. Maintaining the integrity of the consensus algorithm is paramount to the security of the entire blockchain ecosystem.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
HAPI FHIR is a complete implementation of the HL7 FHIR standard for healthcare interoperability in Java
HAPI FHIR is a complete implementation of the HL7 FHIR standard for healthcare interoperability in Java
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Active Support is a toolkit of support libraries and Ruby core extensions extracted from the Rails framework
Active Support is a toolkit of support libraries and Ruby core extensions extracted from the Rails framework
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OAuthenticator is software that allows OAuth2 identity providers to be plugged in and used with JupyterHub
OAuthenticator is software that allows OAuth2 identity providers to be plugged in and used with JupyterHub
---METADATA---
VENDOR: JupyterHub
PRODUCT: OAuthenticator
AFFECTED_VERSIONS: See vendor advisory for affected versions
---END_METADATA---
Description Summary:
OAuthenticator, used with JupyterHub for OAuth2 identity provision, contains a high-severity vulnerability that could allow for unauthorized authentication or privilege escalation.
Executive Summary:
A high-severity vulnerability in the JupyterHub OAuthenticator component could allow unauthorized users to bypass authentication mechanisms and access sensitive data.
Vulnerability Details
CVE-ID: CVE-2026-33175
Affected Software: JupyterHub OAuthenticator
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: This vulnerability affects OAuthenticator, the software that integrates OAuth2 identity providers with JupyterHub. Given the CVSS score of 8.8, the flaw likely permits an attacker to bypass authentication or incorrectly map identities, granting them unauthorized access to JupyterHub environments.
Business Impact
JupyterHub environments often contain sensitive research data, proprietary code, and access to significant compute resources. A CVSS score of 8.8 indicates a High business impact, as an attacker could gain access to these assets, leading to intellectual property theft or the misuse of organizational infrastructure.
Remediation Plan
Immediate Action: Update OAuthenticator to the latest version immediately to ensure all OAuth2 identity checks are performed correctly.
Proactive Monitoring: Review JupyterHub login logs for any unusual authentication patterns or users gaining access without proper authorization from the configured identity provider.
Compensating Controls: Implement additional layers of authentication, such as mandatory MFA at the identity provider level, and restrict JupyterHub access to known corporate IP ranges.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of April 4, 2026, there is no public information indicating active exploitation of this vulnerability. However, authentication bypasses in widely used tools like JupyterHub are often quickly targeted by attackers.
Analyst Recommendation
The 8.8 CVSS score signifies a critical risk to any organization relying on OAuthenticator for JupyterHub security. Administrators should prioritize this update to prevent unauthorized access to their data science and research environments. Immediate patching is strongly recommended.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Active Storage allows users to attach cloud and local files in Rails applications
Active Storage allows users to attach cloud and local files in Rails applications
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Statamic is a Laravel and Git powered content management system (CMS)
Statamic is a Laravel and Git powered content management system (CMS)
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Allure 2 is the version 2
Allure 2 is the version 2
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
ScreenToGif is a screen recording tool
ScreenToGif is a screen recording tool
---METADATA---
VENDOR: ScreenToGif
PRODUCT: ScreenToGif
AFFECTED_VERSIONS: See vendor advisory for affected versions
---END_METADATA---
Description Summary:
A high-severity vulnerability in ScreenToGif, a popular screen recording tool, could allow for unauthorized code execution on the user's system.
Executive Summary:
A security flaw in ScreenToGif could allow attackers to compromise user workstations through malicious file processing or recording interactions.
Vulnerability Details
CVE-ID: CVE-2026-33156
Affected Software: ScreenToGif
Affected Versions: See vendor advisory for affected versions
Vulnerability: ScreenToGif contains a vulnerability in its core recording or file export functionality. The CVSS score of 7.8 indicates a high-severity risk, likely involving a buffer overflow or improper handling of media files that could lead to arbitrary code execution when a user processes a specially crafted file.
Business Impact
Successful exploitation could lead to the compromise of individual employee workstations, potentially serving as an entry point for further network penetration. Given the widespread use of such tools for documentation, the risk of a targeted attack using a malicious project file is significant.
Remediation Plan
Immediate Action: Update ScreenToGif to the latest version immediately and advise users to avoid opening project files from untrusted sources.
Proactive Monitoring: Monitor for suspicious child processes spawned by the ScreenToGif executable and audit file creation in temporary directories.
Compensating Controls: Use application whitelisting or AppLocker to restrict the execution of unauthorized binaries and ensure that antivirus signatures are up to date.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of March 22, 2026, there is no public information indicating active exploitation of this vulnerability. However, client-side tools are often targeted via social engineering and malicious file attachments.
Analyst Recommendation
We recommend that organizations update ScreenToGif across all workstations to the latest secure version. Additionally, users should be reminded of the risks associated with processing files from unknown or external sources.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
dynaconf is a configuration management tool for Python
dynaconf is a configuration management tool for Python
---METADATA---
VENDOR: Dynaconf
PRODUCT: Dynaconf
AFFECTED_VERSIONS: See vendor advisory for affected versions
---END_METADATA---
Description Summary:
A high-severity vulnerability has been discovered in Dynaconf, a configuration management tool for Python, which could lead to unauthorized configuration changes.
Executive Summary:
A security flaw in Dynaconf could allow attackers to manipulate application configurations, potentially leading to unauthorized access or system instability.
Vulnerability Details
CVE-ID: CVE-2026-33154
Affected Software: Dynaconf
Affected Versions: See vendor advisory for affected versions
Vulnerability: This vulnerability affects the way Dynaconf handles configuration loading and management. Given the CVSS score of 7.5, the flaw likely involves improper validation of configuration sources, which could allow an attacker to inject malicious settings or override critical security parameters.
Business Impact
Successful exploitation could allow an attacker to redirect application traffic, change database credentials, or disable security features by manipulating configuration files. This poses a significant risk to the confidentiality and availability of Python-based applications, as reflected in the high CVSS severity rating.
Remediation Plan
Immediate Action: Upgrade Dynaconf to the latest secure version and verify the integrity of all configuration files and environment variables.
Proactive Monitoring: Implement file integrity monitoring (FIM) on configuration files and audit environment variable changes in production systems.
Compensating Controls: Restrict filesystem permissions to configuration directories and ensure that the application runs with the least privilege necessary.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of March 22, 2026, there is no public information indicating active exploitation of this vulnerability. Because configuration tools are central to application security, this flaw should be treated with high priority.
Analyst Recommendation
Immediate remediation is required to protect application environments from configuration-based attacks. Organizations should update Dynaconf immediately and ensure that all configuration sources are strictly validated and secured against unauthorized modifications.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
libfuse is the reference implementation of the Linux FUSE
libfuse is the reference implementation of the Linux FUSE
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists
Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
GMT is an open source collection of command-line tools for manipulating geographic and Cartesian data sets
GMT is an open source collection of command-line tools for manipulating geographic and Cartesian data sets
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
OneUptime is a solution for monitoring and managing online services
OneUptime is a solution for monitoring and managing online services
---METADATA---
VENDOR: OneUptime
PRODUCT: OneUptime
AFFECTED_VERSIONS: See vendor advisory for affected versions
---END_METADATA---
Description Summary:
OneUptime, an observability and management solution, is affected by a high-severity vulnerability that could compromise monitoring data and system availability.
Executive Summary:
A security vulnerability in OneUptime could allow attackers to disrupt service monitoring and gain unauthorized access to critical infrastructure management tools.
Vulnerability Details
CVE-ID: CVE-2026-33142
Affected Software: OneUptime
Affected Versions: See vendor advisory for affected versions
Vulnerability: OneUptime is affected by a flaw in its monitoring or management modules. The CVSS score of 8.1 suggests a high-impact vulnerability, such as unauthorized administrative access or the ability to execute arbitrary commands, which could be exploited to blind security teams or disrupt managed services.
Business Impact
An attacker could exploit this vulnerability to hide malicious activity from monitoring tools, trigger false alerts, or take control of the management interface to shut down critical services. This poses a high risk to operational continuity and the overall security posture of the organization.
Remediation Plan
Immediate Action: Update OneUptime to the latest version immediately and rotate any credentials used by the platform to monitor external services.
Proactive Monitoring: Monitor for unauthorized changes to monitoring configurations and review access logs for administrative accounts.
Compensating Controls: Restrict access to the OneUptime management interface to a secure VPN or trusted IP ranges.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of March 22, 2026, there is no public information indicating active exploitation of this vulnerability. However, management platforms are high-value targets for attackers seeking to maintain persistence.
Analyst Recommendation
Organizations should prioritize patching OneUptime to prevent attackers from compromising their primary monitoring and response platform. Ensuring the security of observability tools is vital for maintaining visibility into the rest of the IT environment.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
A Reflected XSS vulnerability in WeGIA's listar_memorandos_ativos.php endpoint allows attackers to inject malicious JavaScript via the sccd GET parame...
A Reflected XSS vulnerability in WeGIA's listar_memorandos_ativos.php endpoint allows attackers to inject malicious JavaScript via the sccd GET parameter.
---METADATA---
VENDOR: WeGIA Project
PRODUCT: WeGIA
AFFECTED_VERSIONS: Versions 3.6.6 and below
---END_METADATA---
Description Summary:
A Reflected XSS vulnerability in WeGIA's listar_memorandos_ativos.php endpoint allows attackers to inject malicious JavaScript via the sccd GET parameter.
Executive Summary:
Malicious scripts can be executed in a user's browser via a Reflected XSS vulnerability in the WeGIA active memorandum listing endpoint.
Vulnerability Details
CVE-ID: CVE-2026-33136
Affected Software: WeGIA
Affected Versions: Versions 3.6.6 and below
Vulnerability: This is a Reflected Cross-Site Scripting (XSS) vulnerability in the sccd GET parameter of the /html/memorando/listar_memorandos_ativos.php script. The application fails to sanitize or encode the parameter before reflecting it into an HTML alert component, enabling arbitrary script execution.
Business Impact
A successful exploit could allow an attacker to steal session cookies, redirect users to malicious websites, or capture sensitive information displayed on the page. Given the CVSS score of 9.3, the risk of administrative account compromise via this vector is significant, potentially leading to unauthorized institutional data access.
Remediation Plan
Immediate Action: Update WeGIA to version 3.6.7 or later. This version contains the necessary output encoding to mitigate XSS risks across the Memorando module.
Proactive Monitoring: Review web logs for requests to listar_memorandos_ativos.php that include HTML tags or JavaScript keywords in the query string.
Compensating Controls: Deploy a Web Application Firewall (WAF) to detect and block common XSS attack patterns in HTTP GET requests.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of Mar 20, 2026, there is no public information indicating active exploitation. This vulnerability is very similar to CVE-2026-33135 and likely stems from the same insecure coding pattern.
Analyst Recommendation
The recurrence of XSS vulnerabilities in multiple endpoints suggests a systemic lack of input validation and output encoding. Administrators should apply the 3.6.7 update immediately and consider a comprehensive security code review of the entire WeGIA application to identify other similar flaws.
Update HP endpoint to the latest version. Check vendor security advisory for specific patch details. Monitor for exploitation attempts and review access logs.
WeGIA versions 3.6.6 and below are vulnerable to Reflected Cross-Site Scripting (XSS) in the novo_memorandoo.php endpoint, allowing arbitrary JavaScri...
WeGIA versions 3.6.6 and below are vulnerable to Reflected Cross-Site Scripting (XSS) in the novo_memorandoo.php endpoint, allowing arbitrary JavaScript execution in user browsers.
---METADATA---
VENDOR: WeGIA Project
PRODUCT: WeGIA
AFFECTED_VERSIONS: Versions 3.6.6 and below
---END_METADATA---
Description Summary:
WeGIA versions 3.6.6 and below are vulnerable to Reflected Cross-Site Scripting (XSS) in the novo_memorandoo.php endpoint, allowing arbitrary JavaScript execution in user browsers.
Executive Summary:
Attackers can execute malicious scripts in the context of a user's session by exploiting a Reflected XSS vulnerability in the WeGIA platform.
Vulnerability Details
CVE-ID: CVE-2026-33135
Affected Software: WeGIA
Affected Versions: Versions 3.6.6 and below
Vulnerability: A Reflected Cross-Site Scripting (XSS) vulnerability exists in the sccs GET parameter of the /html/memorando/novo_memorandoo.php endpoint. The application directly reflects the input into an HTML alert div without sanitization, allowing an attacker to inject arbitrary JavaScript.
Business Impact
Exploitation of this vulnerability can lead to session hijacking, credential theft (via phishing), and the performance of unauthorized actions on behalf of the victim. If an administrator is targeted, the attacker could gain full control over the WeGIA management interface. The CVSS score of 9.3 reflects the high potential for account takeover.
Remediation Plan
Immediate Action: Upgrade WeGIA to version 3.6.7 or later to ensure all dynamic success messages are properly encoded before being rendered.
Proactive Monitoring: Monitor web server logs for suspicious URL parameters containing <script> tags or other JavaScript event handlers.
Compensating Controls: Implement a strong Content Security Policy (CSP) to restrict the execution of inline scripts and prevent the loading of scripts from untrusted domains.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of Mar 20, 2026, there is no public information indicating active exploitation. Reflected XSS requires an attacker to trick a user into clicking a specially crafted link.
Analyst Recommendation
While XSS is often viewed as less severe than RCE, in a management application like WeGIA, it can lead directly to administrative compromise. Apply the 3.6.7 patch immediately and educate users on the risks of clicking untrusted links.
Update HP endpoint to the latest version. Check vendor security advisory for specific patch details. Monitor for exploitation attempts and review access logs.
WeGIA versions 3.6.5 and below contain an authenticated SQL injection vulnerability in the restaurar_produto.php endpoint, potentially leading to full...
WeGIA versions 3.6.5 and below contain an authenticated SQL injection vulnerability in the restaurar_produto.php endpoint, potentially leading to full database compromise.
---METADATA---
VENDOR: WeGIA Project
PRODUCT: WeGIA
AFFECTED_VERSIONS: Versions 3.6.5 and below
---END_METADATA---
Description Summary:
WeGIA versions 3.6.5 and below contain an authenticated SQL injection vulnerability in the restaurar_produto.php endpoint, potentially leading to full database compromise.
Executive Summary:
Authenticated attackers can execute arbitrary SQL commands to compromise the entire database of the WeGIA web manager.
Vulnerability Details
CVE-ID: CVE-2026-33134
Affected Software: WeGIA
Affected Versions: Versions 3.6.5 and below
Vulnerability: This is an authenticated SQL injection vulnerability in the id_produto GET parameter of the /html/matPat/restaurar_produto.php endpoint. The application fails to sanitize or parameterize the input before using it in SQL queries, allowing an attacker to manipulate database operations.
Business Impact
Successful exploitation allows an attacker to read, modify, or delete any data within the database. For a charitable institution manager, this could result in the theft of sensitive donor information, financial records, and institutional data. The CVSS score of 9.3 highlights the severe risk to data integrity and confidentiality.
Remediation Plan
Immediate Action: Upgrade WeGIA to version 3.6.6 or later, which implements parameterized statements to prevent SQL injection.
Proactive Monitoring: Review database logs for unusual query patterns and audit the restaurar_produto.php access logs for suspicious characters (e.g., single quotes, semicolons) in the URL.
Compensating Controls: Implement a Web Application Firewall (WAF) with SQL injection protection rules to filter malicious GET parameters.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of Mar 20, 2026, there is no public information indicating active exploitation. The vulnerability requires authentication, which slightly limits the attacker pool to those with valid user credentials.
Analyst Recommendation
SQL injection remains one of the most damaging web vulnerabilities. Administrators of WeGIA should prioritize the update to version 3.6.6 immediately. Additionally, ensure that the database user for the application follows the principle of least privilege to limit the impact of any potential injection.
Update HP endpoint to the latest version. Check vendor security advisory for specific patch details. Monitor for exploitation attempts and review access logs.
WeGIA is a web manager for charitable institutions
WeGIA is a web manager for charitable institutions
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
H3 is a minimal H(TTP) framework
H3 is a minimal H(TTP) framework
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
H3 is a minimal H(TTP) framework
H3 is a minimal H(TTP) framework
---METADATA---
VENDOR: Unjs
PRODUCT: H3
AFFECTED_VERSIONS: See vendor advisory for affected versions
---END_METADATA---
Description Summary:
A high-severity vulnerability in the H3 minimal HTTP framework could allow for unauthorized interactions with web services built on the framework.
Executive Summary:
A security flaw in the H3 HTTP framework could allow attackers to bypass security controls and compromise the availability of web applications.
Vulnerability Details
CVE-ID: CVE-2026-33128
Affected Software: Unjs H3
Affected Versions: See vendor advisory for affected versions
Vulnerability: The H3 framework is affected by a vulnerability in its request handling or routing logic. With a CVSS score of 7.5, the flaw likely involves improper validation of HTTP headers or request parameters, potentially leading to request smuggling, cache poisoning, or unauthorized access to internal routes.
Business Impact
Exploitation could lead to the disruption of web services, the exposure of sensitive user data, or the bypassing of authentication mechanisms. This poses a significant risk to organizations using H3 as the foundation for their modern web applications and APIs.
Remediation Plan
Immediate Action: Upgrade the H3 framework to the latest version via your JavaScript package manager immediately.
Proactive Monitoring: Monitor web server logs for malformed HTTP requests or unusual patterns in request headers that may indicate an exploitation attempt.
Compensating Controls: Deploy a Web Application Firewall (WAF) to inspect and filter incoming HTTP traffic for framework-specific attack vectors.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of March 22, 2026, there is no public information indicating active exploitation of this vulnerability. Framework-level vulnerabilities require rapid response as they affect all downstream applications.
Analyst Recommendation
Developers should prioritize updating the H3 framework to the latest patched version to ensure the security of their web services. Continuous monitoring and the use of a WAF are also recommended to provide defense-in-depth against potential exploits.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Frigate is a network video recorder (NVR) with realtime local object detection for IP cameras
Frigate is a network video recorder (NVR) with realtime local object detection for IP cameras
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Untrusted pointer dereference in SQL Server allows an authorized attacker to execute code over a network
Untrusted pointer dereference in SQL Server allows an authorized attacker to execute code over a network
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Improper authentication in Azure SDK allows an unauthorized attacker to bypass a security feature over a network.
Improper authentication in Azure SDK allows an unauthorized attacker to bypass a security feature over a network.
---METADATA---
VENDOR: Microsoft
PRODUCT: Azure SDK
AFFECTED_VERSIONS: See vendor advisory
CONFIDENCE: medium
MISSING: versions, patch, exploit_status, technical_details
---END_METADATA---
Description Summary:
The Microsoft Azure SDK contains an improper authentication vulnerability that allows unauthorized attackers to bypass security features over a network.
Executive Summary:
An improper authentication flaw in the Microsoft Azure SDK presents a critical risk, enabling unauthorized attackers to bypass essential security controls.
Vulnerability Details
CVE-ID: CVE-2026-33117
Affected Software: Microsoft Azure SDK
Affected Versions: See vendor advisory
Vulnerability: The vulnerability is classified as improper authentication, which allows an unauthenticated attacker to bypass security features over a network connection.
Business Impact
With a CVSS score of 9.1, this vulnerability poses a severe threat to the integrity and confidentiality of cloud-integrated applications. Unauthorized access to the SDK's security features could allow an attacker to intercept or manipulate data, perform unauthorized actions, or gain persistent access to sensitive cloud resources, leading to major business disruption.
Remediation Plan
Immediate Action: Identify all applications utilizing the affected Azure SDK and update to the latest patched version provided by Microsoft.
Proactive Monitoring: Monitor authentication logs and API access patterns for unusual or unauthorized requests that deviate from established operational baselines.
Compensating Controls: Implement strict network segmentation and ensure that Azure resources are accessed via secure, authenticated channels to minimize the attack surface while updates are staged.
Exploitation Status
Public Exploit Available: Not specified
Analyst Notes: As of May 12, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Organizations relying on the Azure SDK must treat this update with high priority. Security teams should audit their development environments and production cloud deployments to ensure the latest patches are applied to neutralize the bypass vulnerability.
Update Azure SDK allows to the latest version. Monitor for exploitation attempts and review access logs.
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally
Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Improper neutralization of special elements used in a command ('command injection') in Copilot Chat (Microsoft Edge) allows an unauthorized attacker t...
Improper neutralization of special elements used in a command ('command injection') in Copilot Chat (Microsoft Edge) allows an unauthorized attacker to disclose information over a network
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Improper access control in Azure Managed Instance for Apache Cassandra allows an authorized attacker to execute arbitrary code.
Improper access control in Azure Managed Instance for Apache Cassandra allows an authorized attacker to execute arbitrary code.
---METADATA---
VENDOR: Apache
PRODUCT: Cassandra
AFFECTED_VERSIONS: See vendor advisory
---END_METADATA---
Description Summary:
Improper access control in Azure Managed Instance for Apache Cassandra allows an authorized attacker to execute arbitrary code.
Executive Summary:
A critical access control vulnerability in Azure Managed Instance for Apache Cassandra allows authorized attackers to execute arbitrary code, necessitating immediate action.
Vulnerability Details
CVE-ID: CVE-2026-33109
Affected Software: Apache Cassandra (Azure Managed Instance)
Affected Versions: See vendor advisory
Vulnerability: The vulnerability arises from improper access controls, allowing an authenticated user to perform actions exceeding their intended privileges, specifically leading to remote code execution (RCE).
Business Impact
With a CVSS score of 9.9, this is a highly critical vulnerability. Successful exploitation permits full remote code execution on the database instance, which could result in complete data loss, unauthorized access to the underlying storage, and total compromise of the database environment.
Remediation Plan
Immediate Action: Apply the latest security patches provided by the Azure Managed Instance for Apache Cassandra service.
Proactive Monitoring: Monitor database query logs for suspicious command execution and unusual administrative activity.
Compensating Controls: Restrict database access to known and trusted IP addresses and enforce the principle of least privilege for all database users.
Exploitation Status
Public Exploit Available: No
Analyst Notes: As of May 7, 2026, there is no public information indicating active exploitation. The severity of the CVSS score warrants immediate attention.
Analyst Recommendation
Prioritize the application of all available patches for the Cassandra managed instance. Verify that security configurations are hardened and that access logs are monitored for any signs of exploitation.
Update Apache Cassandra allows to the latest version. Monitor for exploitation attempts and review access logs.
---METADATA---
VENDOR: NLnet Labs
PRODUCT: Unbound
AFFECTED_VERSIONS: 1.19.1 up to and including 1.25.0
---END_METADATA---
Description Summary:
NLnet Labs Unbound contains a DNSSEC validation flaw that can be exploited to cause a denial-of-service or potentially remote code execution.
Executive Summary:
A critical vulnerability in the DNSSEC validator of NLnet Labs Unbound allows for potential remote code execution through memory corruption during sub-query processing.
Vulnerability Details
CVE-ID: CVE-2026-33278
Affected Software: NLnet Labs Unbound
Affected Versions: 1.19.1 up to and including 1.25.0
Vulnerability: This is a memory corruption vulnerability within the DNSSEC validator. It occurs when the validator performs a deep copy of data structures, leading to an erroneous pointer overwrite that is triggered when sub-queries are resumed.
Business Impact
Successful exploitation can lead to a crash of the resolver service (Denial of Service) or potentially arbitrary code execution. Given the 9.8 CVSS score, this vulnerability poses a significant risk to the stability and security of DNS infrastructure.
Remediation Plan
Immediate Action: Upgrade to Unbound version 1.25.1 or later immediately.
Proactive Monitoring: Monitor resolver logs and system resources for unexpected service restarts or abnormal CPU/memory consumption.
Compensating Controls: Ensure Unbound is running in a minimal-privilege environment (e.g., chroot/jail) to limit the impact of a potential code execution event.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of May 20, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Administrators must update to the latest version of Unbound immediately. This patch correctly handles data structure copying, effectively mitigating the risk of memory corruption and code execution.