Real-time vulnerability trends from news, Mastodon, and Bluesky
Real-time vulnerability trends from news, Mastodon, and Bluesky
3,349
Tracked CVEs
2,447
News Articles
303
Mastodon Posts
2,224
Bluesky Posts
Vulnerability: CVE-2026-50656 is an elevation of privilege vulnerability in the Microsoft Malware Protection Engine within Microsoft Defender that allows local attackers to gain SYSTEM-level privileges through a race condition.
Trending: The vulnerability is trending due to active exploitation in the wild, with a proof-of-concept exploit publicly released by researcher Nightmare Eclipse weeks before Microsoft issued patches. The delayed response from Microsoft and the high-severity nature of the zero-day—which allowed complete system access—has generated significant media coverage and security community attention.
Vulnerability: Snipe-IT versions prior to 8.6.2 contain an authorization bypass vulnerability in the API maintenance endpoint where PATCH or PUT requests to /api/v1/maintenances/{maintenance_id} fail to re-authorize newly supplied asset_id values, allowing authorized users to move maintenance records to assets outside their company scope.
Trending: This vulnerability is trending across infosec communities on Bluesky and Mastodon due to its high severity rating (7.7) and recent publication, with multiple security news outlets and vulnerability aggregators actively sharing the disclosure and urging users to upgrade to the patched version 8.6.2.
Vulnerability: CVE-2026-48282 is a path traversal vulnerability affecting Adobe ColdFusion versions 2025.9, 2023.20 and earlier that allows unauthenticated arbitrary code execution in the context of the current user without requiring user interaction.
Trending: The vulnerability is trending due to active exploitation in the wild and its addition to CISA's Known Exploited Vulnerabilities (KEV) catalog, with multiple security agencies and vendors warning of attacks leveraging this maximum-severity flaw for full server takeover.
Vulnerability: Gitea Docker image versions up to and including 1.26.2 contain an authentication bypass vulnerability caused by the default configuration of REVERSE_PROXY_TRUSTED_PROXIES=*, which allows any source IP to impersonate users when reverse-proxy authentication headers such as X-WEBAUTH-USER are enabled. This affects Gitea's official Docker images.
Trending: The vulnerability is trending due to active exploitation in the wild, with threat actors probing and exploiting the flaw within 13 days of disclosure. Additionally, the vulnerability gained further attention after an anonymous researcher publicly released working exploit code on GitHub without responsible disclosure, accelerating attacks against unpatched instances.
Vulnerability: A Cross-Site Scripting vulnerability in Roundcube through versions 1.5.7 and 1.6.x through 1.6.7 allows remote attackers to steal and send emails from victims via crafted email messages that exploit a desanitization issue in the message_body() function.
Trending: CVE-2024-42009 is trending due to active exploitation by suspected China-aligned threat actors targeting U.S. and Canadian universities since May, with Proofpoint researchers documenting attacks against physics and engineering departments to steal credentials and establish persistent access via webshells and backdoors.
Vulnerability: Prowler, a cloud security platform, contains a SAML authentication flaw in versions prior to 5.30.3 where the authentication flow trusts the email domain asserted in a SAMLResponse to determine tenant assignment, allowing an authenticated attacker with a controlled SAML IdP to perform cross-tenant account takeover by asserting an email address from a different configured domain.
Trending: CVE-2026-59151 is receiving attention across security-focused social media platforms including Bluesky and Mastodon, with the vulnerability being rated Critical (9.6) and coverage emphasizing the cross-tenant account takeover risk and the availability of a patch in version 5.30.3.
Vulnerability: ESF-IDF is the Espressif Internet of Things (IOT) Development Framework. Versions 6.0.1, 5.5.4, 5.4.4, 5.3.5, and possibly prior contain an out-of-bounds write in jpeg_parse_dqt_marker() that allows malformed JPEG input to corrupt stack memory and reliably trigger a denial of service, with fixes available in version 6.0.2 and expected in versions 5.5.5, 5.4.5, and 5.3.6.
Trending: The vulnerability is receiving attention across infosec communities on Bluesky and Mastodon with multiple posts rating it as High severity (7.5), indicating active awareness and discussion among security professionals regarding this out-of-bounds write flaw.
Vulnerability: The Form Vibes – Database Manager for Forms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Contact Form 7 Form Field in all versions up to and including 1.5.2 due to insufficient input sanitization and output escaping, allowing unauthenticated attackers to inject arbitrary web scripts that execute when users access affected pages.
Trending: The vulnerability is trending due to its high CVSS score of 7.2, unauthenticated attack vector, and reports indicating no patch is currently available, prompting security professionals to recommend immediate disabling or replacement of the plugin.
Vulnerability: PraisonAI versions before 4.6.78 contain a prompt injection defense misconfiguration where the block threshold defaults to CRITICAL severity, allowing HIGH-level threats to pass through unblocked. Attackers can submit single-vector prompt injection attacks such as instruction overrides or financial manipulation that trigger HIGH severity detection but are logged without blocking, enabling system prompt extraction and unauthorized tool invocations.
Trending: The vulnerability is trending across security-focused social media platforms including Bluesky and Mastodon, with multiple threat intelligence accounts actively sharing alerts and advisories about the flaw shortly after its publication on July 11, 2026.
Vulnerability: PraisonAI versions before 1.6.78 contain a server-side request forgery vulnerability in the Crawl4AI/Chromium backend that allows attackers to bypass SSRF validation by exploiting DNS rebinding and HTTP redirects. Attackers can craft URLs that resolve to internal services after initial validation, enabling the headless browser to follow redirects and read internal responses including sensitive canary values.
Trending: The vulnerability is trending across security monitoring platforms and social media due to its recent publication and high severity rating (8.5), with multiple CVE tracking accounts and security researchers sharing notifications about the flaw and emphasizing the importance of patching to version 1.6.78 or later.
Vulnerability: PraisonAI before version 1.6.78 contains a remote code execution vulnerability in CodeAgent._execute_python() that executes LLM-generated Python code without AST validation, import restrictions, or sandbox enforcement. Attackers can influence LLM output through prompt injection to exfiltrate environment secrets and execute arbitrary code on the host system.
Trending: The vulnerability is receiving attention across security-focused social media platforms including Bluesky and Mastodon, with posts highlighting its critical severity rating and recent publication. Security observers are actively notifying the community about the need for patch management and updates to affected PraisonAI installations.
Vulnerability: A shared buffer vulnerability in the Bluetooth BAP Broadcast Assistant GATT client in Zephyr (v4.4.0 and earlier) allows out-of-bounds writes and cross-connection data corruption when multiple Scan Delegator peripherals connect simultaneously. A malicious or compromised Scan Delegator can trigger memory corruption and denial of service by exploiting the lack of tailroom checks and improper buffer state management across connections.
Trending: The vulnerability is gaining international attention across social media platforms, with technical analyses and security discussions being published in multiple languages (English, Chinese, and Russian), indicating widespread awareness in the global cybersecurity community following its recent publication on July 11, 2026.
Vulnerability: A critical unauthenticated remote code execution vulnerability exists in Oracle PeopleSoft Enterprise PeopleTools versions 8.61 and 8.62, affecting the Updates Environment Management component. The vulnerability allows unauthenticated attackers with network access via HTTP to achieve complete compromise of the affected system with a CVSS 3.1 base score of 9.8.
Trending: The vulnerability is trending due to active exploitation in the wild and real-world attacks against major organizations. CISA added it to the Known Exploited Vulnerabilities (KEV) catalog on June 12, 2026, and multiple high-profile breaches have been confirmed, including attacks on Nissan Americas and the National Association of Insurance Commissioners (NAIC), with ransomware groups also leveraging the exploit.
Vulnerability: CVE-2026-46242, dubbed "Bad Epoll," is a use-after-free vulnerability in the Linux kernel's eventpoll subsystem that allows unprivileged local attackers to escalate privileges to root. The flaw affects Linux desktops, servers, and Android systems through a race condition in the ep_remove() function.
Trending: The vulnerability is trending due to active public exploits and proof-of-concept code being released, enabling practical attacks on vulnerable systems. Security researchers are highlighting the severity of the flaw and noting that it was initially missed by AI-driven detection methods, with widespread coverage across major cybersecurity news outlets and social media platforms discussing the root access implications.
Vulnerability: A path traversal vulnerability exists in SemClipboardService prior to SMR Jul-2026 Release 1 that allows local privileged attackers to access files with system privilege.
Trending: The vulnerability is generating discussion across security communities on social media platforms, with multiple posts analyzing the security risks and potential remediation approaches following its recent publication.
Vulnerability: Improper export of android application components in Samsung Bixby prior to version 4.0.70.8 allows local attackers to execute arbitrary commands with Bixby privilege.
Trending: The vulnerability is generating international security discussion across multiple platforms, with posts in Chinese and Russian highlighting risks and protective measures, indicating active awareness and analysis within the global cybersecurity community following its recent publication.
Vulnerability: Snipe-IT is an IT asset/license management system that prior to version 8.6.2 contains a mass assignment vulnerability in the Accessories API create endpoint. A low-privileged authenticated user in one company can create accessory records under another company when Full Multiple Companies Support is enabled, due to the company_id parameter being mass assignable.
Trending: The vulnerability is receiving attention across infosec social media platforms including Bluesky and Mastodon, with security news outlets like The Hacker Wire highlighting it as a high-severity issue (8.5 CVSS). The cross-tenant nature of the vulnerability and its potential impact on multi-tenant deployments appears to be driving awareness among the security community.
Vulnerability: libp2p-rust Gossipsub implementation prior to version 0.49.4 contains a remotely reachable panic vulnerability in backoff expiry handling. When a peer sends a crafted PRUNE control message with an attacker-controlled near-maximum backoff value, subsequent unchecked arithmetic operations can cause an integer overflow and panic, affecting Ethereum consensus clients and other systems using the libp2p networking stack.
Trending: The vulnerability is trending due to its discovery by coordinated AI agents deployed by the Ethereum Foundation's Protocol Security team, marking a notable case of AI-assisted security research identifying a real networking issue affecting Ethereum validators. The finding has garnered attention for demonstrating both the effectiveness of automated tools in vulnerability detection and the continued necessity of human confirmation in blockchain security research.
Vulnerability: CVE-2026-46817 is a critical unauthenticated vulnerability in the Oracle Payments component of Oracle E-Business Suite (versions 12.2.3-12.2.15) that allows remote attackers to achieve complete takeover via the File Transmission feature over HTTP. The vulnerability has a CVSS score of 9.8 with impacts on confidentiality, integrity, and availability.
Trending: The vulnerability is trending due to active exploitation in the wild, with researchers observing attacks as early as June 27, 2026—before any public proof-of-concept code was released. Over 900 Oracle E-Business Suite instances have been identified as exposed online, with attackers reportedly reverse-engineering Oracle's patch to facilitate exploitation.
Vulnerability: A hidden backdoor authentication mechanism exists in the web server binary of multiple Tenda router, switch, and networking device firmware versions. The backdoor in the login() function allows attackers to bypass normal authentication and gain full administrative access by providing a plaintext password that matches a configuration value, regardless of the username supplied.
Trending: The vulnerability is receiving significant attention from cybersecurity organizations and media outlets following a CERT/CC warning about the undocumented backdoor affecting multiple Tenda firmware versions. Security researchers and industry publications are highlighting the authentication bypass as a critical risk due to its ease of exploitation and the widespread use of Tenda networking devices.
Vulnerability: The WP Grid Builder plugin for WordPress versions up to 2.3.3 is vulnerable to privilege escalation due to missing authorization and meta key validation in the /wp-json/wpgb/v2/metadata REST endpoint. Authenticated attackers with Subscriber-level access can elevate their privileges to Administrator by updating their user meta with a crafted nested array payload.
Trending: CVE-2026-13756 is receiving attention across security communities on Mastodon and Bluesky, with coverage from security news outlets highlighting the high severity rating (8.8) and the plugin's widespread use in WordPress installations.
Vulnerability: The WP Ultimate CSV Importer plugin for WordPress (versions up to 8.0.1) is vulnerable to Remote Code Execution through the 'MappedFields' parameter. Authenticated users with subscriber-level access can exploit missing capability checks and exposed nonces to install malicious add-ons and execute arbitrary PHP code via the eval() function.
Trending: The vulnerability is receiving attention across security-focused social media platforms including Bluesky and Mastodon, with posts highlighting its high severity rating (8.8) and technical details being widely shared in the infosec community.
Vulnerability: Spinnaker, an open source multi-cloud continuous delivery platform, contains a vulnerability in versions prior to 2026.1.1, 2026.0.3, 2025.4.4, and 2025.3.4 where Kustomize bake operations allow unsafe YAML tag processing in rosco manifests, potentially leading to remote code execution on rosco pods.
Trending: The vulnerability is gaining attention on security-focused social media platforms including Bluesky and Mastodon, with security news outlets publishing details about the flaw and its potential for remote code execution in Spinnaker deployments.
Vulnerability: CVE-2026-44383 affects Hydro-Québec Le Circuit Electrique charging station backend, allowing multiple connections using the same charging station ID. An attacker could exploit this to deploy multiple malicious OCPP clients and overwhelm the backend.
Trending: The vulnerability is trending due to recent publication on July 10, 2026, with active social media coverage across Bluesky and Mastodon platforms highlighting its high severity rating (7.5) and potential for denial-of-service attacks against EV charging infrastructure.
Vulnerability: CVE-2026-42952 is an improper restriction of excessive authentication attempts vulnerability in the Hydro-Québec Le Circuit Electrique charging station backend that lacks throttling on repeated authentication attempts, allowing attackers to execute denial-of-service attacks.
Trending: The vulnerability is trending due to recent publication and active social media coverage across multiple platforms including Bluesky and Mastodon, with security aggregators and infosec communities sharing details about the high-severity flaw in electric vehicle charging infrastructure.
Vulnerability: Dell Client Platform BIOS contains a weak encoding vulnerability for passwords that allows unauthenticated attackers with physical access to potentially exploit the flaw and achieve elevation of privileges. The vulnerability affects Dell's storage of BIOS administrator and user passwords.
Trending: The vulnerability is trending due to active discussion of exploitation techniques, specifically the discovery that weak XOR encryption allows rapid password recovery from SPI flash dumps in milliseconds, enabling complete recovery of plaintext credentials from BIOS.
Vulnerability: The SureCart plugin for WordPress versions up to 4.2.3 is vulnerable to privilege escalation and account takeover due to improper identity validation during customer profile synchronization from webhook events, allowing unauthenticated attackers to change user email addresses and reset passwords if the customer ID is known.
Trending: The vulnerability is gaining attention on security-focused social media platforms with users highlighting its HIGH severity classification and recommending immediate mitigation measures such as restricting webhook access and monitoring for patches, as the exploit targets a fundamental weakness in password recovery mechanisms.
Vulnerability: The Affilia – Affiliate Program & Referral Tracking plugin for WordPress (versions up to 3.3.3) contains an authorization flaw that allows authenticated subscribers and above to approve/reject referrals, credit commissions, delete records, and modify settings. The vulnerability exists because the nonce required for authentication is embedded in every frontend page load, making it trivially accessible to any authenticated user regardless of role.
Trending: The vulnerability is gaining international attention across social media platforms, with security discussions appearing in multiple languages including Russian and Chinese, indicating widespread awareness among WordPress administrators and security communities globally.
Vulnerability: The AI Chatbot & Workflow Automation by AIWU plugin for WordPress (versions up to 1.4.12) contains an authorization bypass vulnerability that allows unauthenticated attackers to publish draft posts or unpublish live content by supplying arbitrary scenario IDs, potentially exposing unpublished content or causing service disruption.
Trending: The vulnerability is gaining international attention across social media platforms, with security researchers and analysts in multiple regions discussing threat analysis and mitigation measures for the affected WordPress plugin.
Vulnerability: The Premium Addons for Elementor plugin for WordPress (versions up to 4.11.84) contains a Stored Cross-Site Scripting vulnerability in the 'premium_tooltip_text' parameter due to insufficient input sanitization and output escaping. Authenticated attackers with contributor-level access can inject arbitrary web scripts that execute when administrators or higher-privileged users open affected posts in the Elementor editor.
Trending: The vulnerability is receiving international attention across social media platforms, with security discussions in Russian and Chinese highlighting the threats and protective measures associated with the Elementor plugin flaw.
Vulnerability: Trail of Bits fickling versions up to and including 0.1.10 fail to include Python standard library modules (_posixsubprocess, site, and atexit) in the UNSAFE_IMPORTS denylist, allowing pickle payloads to invoke dangerous functions like _posixsubprocess.fork_exec for arbitrary binary execution, site.execsitecustomize for arbitrary code execution, and atexit._run_exitfuncs for exit handler callback execution. The fickling.load() API's check_safety() function incorrectly returns LIKELY_SAFE for these payloads, causing them to be deserialized and executed.
Trending: The vulnerability is receiving attention across security-focused social media platforms including Bluesky, with posts from cybersecurity news aggregators documenting the CVE details and sharing information about the unsafe import handling flaw in fickling's security validation mechanism.
Vulnerability: The Solace Extra plugin for WordPress (versions up to 1.5.3) contains an authorization bypass vulnerability that allows unauthenticated attackers to permanently delete all content imported via the Starter Template feature, including posts, pages, media, WooCommerce products, and templates. The vulnerability exists because the plugin fails to properly verify user authorization and emits required nonces on all wp-admin pages without page guards, making them accessible to both subscribers and unauthenticated users.
Trending: The vulnerability is gaining attention across international security communities, with in-depth analysis posts appearing on Bluesky in multiple languages (Chinese and Russian), indicating widespread awareness among non-English-speaking security practitioners and administrators of the authorization bypass risks in this widely-used WordPress plugin.
Vulnerability: The Notification for Telegram plugin for WordPress (versions up to 3.5.1) is vulnerable to authorization bypass that allows authenticated subscribers and higher-level users to create, modify, or reschedule WordPress cron events without proper authorization checks, enabling unauthorized manipulation of the plugin's background task scheduling.
Trending: The vulnerability is gaining attention across international security communities, with discussions appearing on Bluesky in multiple languages (Chinese and Russian), indicating awareness among global WordPress administrators and security researchers regarding the potential security implications for sites using this plugin.
Vulnerability: The AI Chatbot & Workflow Automation by AIWU plugin for WordPress (versions up to 1.4.12) contains a Missing Authorization vulnerability that allows unauthenticated attackers to delete specific records by ID or clear entire database tables from any module due to missing capability checks and nonce verification on unprotected AJAX actions.
Trending: The vulnerability is gaining attention across international security communities, with posts in Chinese and Russian on Bluesky providing analysis and protection guidance, indicating active awareness and discussion among security researchers and WordPress administrators.
Vulnerability: CVE-2026-3576 is a Server-Side Request Forgery (SSRF) vulnerability leading to Local File Inclusion in the Planyo Online Reservation System plugin for WordPress (all versions up to 3.0). The vulnerability exists in the ulap.php file, which acts as an unauthenticated AJAX proxy that fails to validate URL schemes, allowing attackers to use file:// URLs to read arbitrary local files such as /etc/passwd and wp-config.php.
Trending: The vulnerability is gaining international attention across social media platforms, with security discussions emerging in multiple languages (Russian and Chinese) regarding the exploitation methods and mitigation strategies for this critical vulnerability affecting WordPress installations.
Vulnerability: The Themify Builder plugin for WordPress contains a Stored Cross-Site Scripting (XSS) vulnerability in the 'height_slider' Slider Module Field affecting all versions up to and including 7.7.6. Authenticated attackers with contributor-level access and above can inject arbitrary web scripts that execute when users access affected pages due to insufficient input sanitization and output escaping.
Trending: The vulnerability is gaining attention across international security communities, with analysis and protection guidance being shared on social media platforms in multiple languages, indicating growing awareness of the risk among WordPress site administrators and security researchers worldwide.
Vulnerability: The Simple JWT Login plugin for WordPress (versions up to 3.6.6) is vulnerable to authentication bypass and privilege escalation via the payload parameter. Authenticated attackers with subscriber-level access can inject administrator email addresses into JWT tokens and escalate their privileges to administrator by exploiting improper payload validation in the AuthenticateService::generatePayload() function.
Trending: The vulnerability is receiving immediate attention on social media platforms including Bluesky, with security researchers and WordPress community members sharing analyses and protection guidance shortly after its public disclosure on July 11, 2026.
Vulnerability: CVE-2026-20744 is an improper access control vulnerability in Hydro-Québec Le Circuit Electrique charging station backend where the websocket endpoint accepts connections without proper authentication, potentially allowing privilege escalation attacks.
Trending: The vulnerability is receiving attention due to its critical severity rating (CVSS 9.8) and the unauthenticated nature of the exploit, with security researchers advising immediate access restrictions and monitoring until patches become available.
Vulnerability: Tilt, a tool for defining dev environments as code for microservice apps on Kubernetes, contains a missing authentication vulnerability in versions 0.20.8 through 0.37.3. When the HUD HTTP server is bound to a non-loopback address, unauthenticated network attackers can trigger developer-defined resources, tamper with Tiltfile arguments, read engine state including session tokens, and invoke apiserver resources, with fixes available in version 0.37.4.
Trending: Security researchers are flagging this as a critical authentication bypass vulnerability affecting Tilt deployments, with urgent advisories recommending immediate upgrades to version 0.37.4 to prevent remote unauthorized access to development environments and sensitive tokens.
Vulnerability: Dify before version 1.16.0-rc1 contains a SQL injection vulnerability in the MyScale vector store backend that allows attackers to execute arbitrary SQL through unsanitized search parameters in the search_by_full_text method. Attackers can read, modify, or delete data in the underlying ClickHouse database.
Trending: The vulnerability is receiving attention across security-focused social media platforms including Mastodon and Bluesky, with security aggregators actively distributing information about the flaw shortly after its publication.
Vulnerability: An authorization bypass vulnerability through user-controlled keys in Teracity Software Technologies Inc. TeraMIS allows privilege abuse. The vulnerability affects TeraMIS versions from V03.26.01.14 through April 30, 2026.
Trending: The vulnerability is receiving attention on security-focused social media platforms including Mastodon and Bluesky, where it has been shared by cybersecurity news accounts with a CVSS score of 8.8 and characterized as an Indirect Object Reference (IDOR) vulnerability.
Vulnerability: adm-zip before version 0.5.18 is vulnerable to denial of service through crafted ZIP files with manipulated uncompressed size header fields. The vulnerability allows attackers to trigger excessive memory allocation without proper validation, affecting all extraction and read methods in applications that process untrusted ZIP files.
Trending: The vulnerability is receiving attention on security-focused social media platforms including Bluesky and Mastodon, where security researchers and news outlets are sharing information about the high-severity flaw and its potential for immediate process crashes in affected applications.
Vulnerability: CVE-2026-54063 affects Excelize, a Go language library for reading and writing Microsoft Excel spreadsheets prior to version 2.11.0. The checkSheet() function fails to validate the <row r="N"> XML attribute value, allowing specially crafted XLSX files to trigger denial-of-service conditions through out-of-memory allocation attempts or runtime panics when services call GetCellValue on attacker-supplied files.
Trending: The vulnerability is receiving attention across social media platforms including Bluesky and Mastodon, with security news aggregators highlighting its high CVSS score of 7.5 and the fact that it requires no authentication to exploit, making it relevant to any service that processes user-supplied XLSX files.
Vulnerability: 9Router versions prior to 0.5.2 contain an authentication bypass vulnerability where the application determines request locality by reading the client-controlled Host header, allowing remote unauthenticated attackers to bypass API-key authentication and access the /v1 LLM proxy with stored provider credentials or perform server-side request forgery attacks.
Trending: The vulnerability is receiving attention across infosec communities on social platforms including Bluesky and Mastodon, with security outlets like The Hacker Wire reporting on the high severity rating (8.2) and the availability of a patched version (0.5.2).
Vulnerability: CVE-2026-55638 is an authentication bypass vulnerability in 9Router (versions prior to 0.5.2) that allows remote unauthenticated attackers to bypass API-key protection and make upstream provider calls using stored LLM provider credentials by sending requests to the unprotected /codex/* endpoint.
Trending: The vulnerability is gaining attention on security-focused social media platforms including Bluesky and Mastodon, where cybersecurity news aggregators are sharing alerts about its high CVSS score of 8.6 and the ease with which unauthenticated attackers can exploit the authentication bypass.
Vulnerability: 9Router, an AI router and token saver, prior to version 0.5.2, treats loopback requests as trusted and allows unauthenticated access to /v1/* endpoints without an API key. Remote unauthenticated attackers can exploit this through same-host reverse proxies to access /v1 APIs such as /v1/models and potentially abuse configured upstream provider credentials.
Trending: CVE-2026-56675 is gaining attention across security communities with a high severity rating of 8.3, with mentions appearing on multiple platforms including Bluesky and Mastodon from security-focused accounts documenting the vulnerability details.
Vulnerability: An SQL injection vulnerability in Adam Retail Automation Ltd. MobilMen 20T allows attackers to improperly neutralize special elements used in SQL commands. The issue affects MobilMen 20T versions 3 through 10072026.
Trending: The vulnerability is receiving attention across security-focused social media platforms with a critical severity rating of 9.8, with cybersecurity news outlets and information security communities sharing alerts about the issue.
Vulnerability: ZITADEL's OAuth2 Token Exchange endpoint prior to version 4.15.3 fails to verify that subject tokens belong to the requesting client or that requested scopes remain within the original token's scopes, allowing low-privilege tokens to be exchanged for elevated permissions at another application.
Trending: The vulnerability is receiving attention across security-focused social media platforms including Bluesky and Mastodon, with security news outlets highlighting its high severity rating (8.1) and widespread distribution among infosec communities.
Vulnerability: HestiaCP before 1.9.5 contains an authenticated OS command injection vulnerability that allows low-privilege authenticated users to execute arbitrary commands as root by injecting a single-quote character into unvalidated DNS record types. The vulnerability exploits insufficient input validation in is_dns_record_format_valid() combined with unsafe eval-based parsing in update_domain_zone().
Trending: CVE-2025-30007 is gaining attention across security communities on Bluesky and Mastodon due to its high severity rating (8.8) and the critical nature of the vulnerability allowing root-level code execution on affected HestiaCP installations, with security researchers actively sharing information about the flaw on social media platforms.
Vulnerability: Capgo before 12.128.2 contains an information disclosure vulnerability in the find_apikey_by_value PostgreSQL function that is marked SECURITY DEFINER and executable by the anon role. Unauthenticated attackers can call this function via the /rest/v1/rpc/find_apikey_by_value endpoint to retrieve sensitive API key metadata including user_id, mode, org scoping, and expiration details.
Trending: The vulnerability is being actively discussed on security-focused social media platforms including Bluesky and Mastodon, with multiple security news outlets reporting on the disclosure. The high severity rating (7.5) and the fact that it requires no authentication to exploit are driving attention to this information disclosure flaw.