admin

Joined: May 9, 2026
Articles: 214

Wire

CVE-2026-8431 – Ops Manager RCE via webhook body

CVE ID :CVE-2026-8431 Published : May 12, 2026, 7:16 p.m. | 36 minutes ago Description :An administrative user with access to configure webhooks can execute arbitrary commands by configuring and then triggering webhooks containing specific FreeMarker template syntax. This issue affects…

admin
May 13, 2026

Wire

CVE-2026-8430 – SPIP Prior to 4.4.14 Remote Code Execution via nginx

CVE ID :CVE-2026-8430 Published : May 12, 2026, 7:16 p.m. | 36 minutes ago Description :SPIP versions prior to 4.4.14 contain a remote code execution vulnerability in the public space that is limited to certain nginx configurations, allowing attackers to execute…

admin
May 13, 2026

Wire

CVE-2026-8429 – SPIP Prior to 4.4.14 Remote Code Execution via Private Space

CVE ID :CVE-2026-8429 Published : May 12, 2026, 7:16 p.m. | 36 minutes ago Description :SPIP versions prior to 4.4.14 contain a remote code execution vulnerability in the private space that allows attackers to execute arbitrary code in the context of…

admin
May 13, 2026

Wire

CVE-2026-34660 – Adobe Connect | Incorrect Authorization (CWE-863)

CVE ID :CVE-2026-34660 Published : May 12, 2026, 7:16 p.m. | 36 minutes ago Description :Adobe Connect versions 2025.9.15, 2025.8.157 and earlier are affected by an Incorrect Authorization vulnerability that could result in arbitrary code execution in the context of the…

admin
May 13, 2026

Wire

CVE-2026-34659 – Adobe Connect | Deserialization of Untrusted Data (CWE-502)

CVE ID :CVE-2026-34659 Published : May 12, 2026, 7:16 p.m. | 36 minutes ago Description :Adobe Connect versions 2025.9.15, 2025.8.157 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could result in arbitrary code execution in the context…

admin
May 13, 2026

Wire

CVE-2026-7790 – Unbounded chunk-size hex digits in cowlib cause quadratic CPU and memory DoS

CVE ID :CVE-2026-7790 Published : May 11, 2026, 7:16 p.m. | 28 minutes ago Description :Uncontrolled Resource Consumption vulnerability in ninenines cowlib (cow_http_te module) allows Excessive Allocation. The chunked transfer-encoding parser in cow_http_te accepts an unbounded number of hex digits in…

admin
May 12, 2026

Wire

CVE-2026-45223 – Crabbox < 0.9.0 Authentication Bypass via Admin Claim Injection

CVE ID :CVE-2026-45223 Published : May 11, 2026, 7:16 p.m. | 28 minutes ago Description :Crabbox before 0.9.0 contains an authentication bypass vulnerability in the coordinator user-token verification path where the verifyUserToken() function fails to reject payloads containing an admin claim,…

admin
May 12, 2026

Wire

CVE-2026-42864 – FireFighter: Unauthenticated SSRF in Raid jira_bot endpoint allows IAM credential theft

CVE ID :CVE-2026-42864 Published : May 11, 2026, 7:16 p.m. | 28 minutes ago Description :FireFighter is an incident management application. Prior to 0.0.54, the POST /api/v2/firefighter/raid/jira_bot endpoint (CreateJiraBotView) is reachable without authentication (permission_classes = [permissions.AllowAny]). Its attachments payload is fetched…

admin
May 12, 2026

Wire

TeamPCP Compromises Checkmarx Jenkins AST Plugin Weeks After KICS Supply Chain Attack

Checkmarx has confirmed that a modified version of the Jenkins AST plugin was published to the Jenkins Marketplace. “If you are using Checkmarx Jenkins AST plugin, you need to ensure that you are using the version 2.0.13-829.vc72453fa_1c16 that was published…

admin
May 12, 2026

Wire

CVE-2026-4892 – CVE-2026-4892

CVE ID :CVE-2026-4892 Published : May 11, 2026, 6:16 p.m. | 1 hour, 28 minutes ago Description :A heap-based out-of-bounds write vulnerability in the DHCPv6 implementation of dnsmasq allows local attackers to execute arbitrary code with root privileges via a crafted DHCPv6…

admin
May 11, 2026