CVE ID :CVE-2025-15024 Published : May 14, 2026, 5:48 p.m. | 39 minutes ago Description :Improper Control of Generation of Code (‘Code Injection’) vulnerability in Yordam Information Technology Consulting, Training and Electronic Systems Industry and Trade Inc. Library Automation System allows…
Cisco has released updates to address a maximum-severity authentication bypass flaw in Catalyst SD-WAN Controller that it said has been exploited in limited attacks. The vulnerability, tracked as CVE-2026-20182, carries a CVSS score of 10.0. “A vulnerability in the peering…
CVE ID :CVE-2025-15023 Published : May 14, 2026, 5:36 p.m. | 51 minutes ago Description :Incorrect Authorization vulnerability in Yordam Information Technology Consulting, Training and Electronic Systems Industry and Trade Inc. Library Automation System allows Exploiting Incorrectly Configured Access Control Security…
Cybersecurity researchers are sounding the alarm about what has been described as “malicious activity” in newly published versions of node-ipc. According to Socket and StepSecurity, three different versions of the npm package have been confirmed as malicious – node-ipc@9.1.6 node-ipc@9.2.3…
CVE ID :CVE-2026-44827 Published : May 14, 2026, 5:16 p.m. | 1 hour, 11 minutes ago Description :Diffusers is the a library for pretrained diffusion models. Prior to 0.38.0, diffusers 0.37.0 allows remote code execution without the trust_remote_code=True safeguard when loading pipelines…
CVE ID :CVE-2026-44574 Published : May 13, 2026, 5:16 p.m. | 44 minutes ago Description :Next.js is a React framework for building full-stack web applications. From 15.4.0 to before 15.5.16 and 16.2.5, applications that rely on middleware to protect dynamic routes…
CVE ID :CVE-2026-6282 Published : May 13, 2026, 4:17 p.m. | 1 hour, 43 minutes ago Description :A potential improper file path validation vulnerability was reported in some Lenovo Personal Cloud Storage devices that could allow a remote authenticated user to move…
CVE ID :CVE-2026-6281 Published : May 13, 2026, 4:17 p.m. | 1 hour, 43 minutes ago Description :A potential vulnerability was reported in some Lenovo Personal Cloud Storage devices that could allow a remote authenticated user on the local network to execute…
CVE ID :CVE-2026-45033 Published : May 13, 2026, 4:17 p.m. | 1 hour, 43 minutes ago Description :GitHub Copilot CLI brings AI-powered coding assistance directly to your command line. Prior to 1.0.43, a security vulnerability has been identified in GitHub Copilot CLI…
CVE ID :CVE-2026-44470 Published : May 13, 2026, 4:16 p.m. | 1 hour, 43 minutes ago Description :The Claude Desktop app gives you Claude Code with a graphical interface built for running multiple sessions side by side. Prior to 1.3834.0, the CoworkVMService…