admin

Joined: May 9, 2026
Articles: 110

Wire

CVE-2021-47973 – Sticky Notes Widget 3.0.6 Denial of Service via Buffer Overflow

CVE ID :CVE-2021-47973 Published : May 16, 2026, 4:16 p.m. | 2 hours, 37 minutes ago Description :Sticky Notes Widget 3.0.6 contains a denial of service vulnerability that allows attackers to crash the application by pasting excessively long character strings into note…

admin
May 16, 2026

Wire

CVE-2026-8695 – radare2 6.1.5 Use-After-Free via gdbr_threads_list()

CVE ID :CVE-2026-8695 Published : May 15, 2026, 5:16 p.m. | 1 hour, 17 minutes ago Description :radare2 6.1.5 contains a use-after-free vulnerability in the gdbr_threads_list() function that allows remote attackers to trigger memory corruption by sending a valid qfThreadInfo response followed…

admin
May 15, 2026

Wire

CVE-2026-45038 – Tabby: Dragging and Dropping a File into Tabby Can Lead to Code Execution

CVE ID :CVE-2026-45038 Published : May 15, 2026, 5:16 p.m. | 1 hour, 17 minutes ago Description :Tabby (formerly Terminus) is a highly configurable terminal emulator. Prior to 1.0.233, since Tabby does not escape control characters from file paths when dragging and…

admin
May 15, 2026

Wire

CVE-2026-45035 – Tabby: RCE via `tabby://run` URL Scheme

CVE ID :CVE-2026-45035 Published : May 15, 2026, 5:16 p.m. | 1 hour, 17 minutes ago Description :Tabby (formerly Terminus) is a highly configurable terminal emulator. Prior to 1.0.233, Tabby registers itself as the handler for the tabby:// URL scheme on all…

admin
May 15, 2026

Wire

CVE-2026-44717 – MCP Calculate Server: Prompt Injection to RCE

CVE ID :CVE-2026-44717 Published : May 15, 2026, 5:16 p.m. | 1 hour, 17 minutes ago Description :MCP Calculate Server is a mathematical calculation service based on MCP protocol and SymPy library. Prior to 0.1.1, the use of eval() to evaluate mathematical…

admin
May 15, 2026

Wire

CVE-2026-44699 – LibJWT: Algorithm confusion allows JWT forgery with RSA JWK as empty-key HMAC

CVE ID :CVE-2026-44699 Published : May 15, 2026, 5:16 p.m. | 1 hour, 17 minutes ago Description :LibJWT is a C JSON Web Token Library. From 3.0.0 to 3.3.2, libjwt accepts an RSA JWK that does not contain an alg parameter as…

admin
May 15, 2026

Wire

CVE-2025-15024 – RCE in Yordam Informatics’ Library Automation System

CVE ID :CVE-2025-15024 Published : May 14, 2026, 5:48 p.m. | 39 minutes ago Description :Improper Control of Generation of Code (‘Code Injection’) vulnerability in Yordam Information Technology Consulting, Training and Electronic Systems Industry and Trade Inc. Library Automation System allows…

admin
May 14, 2026

Wire

Cisco Catalyst SD-WAN Controller Auth Bypass Actively Exploited to Gain Admin Access

Cisco has released updates to address a maximum-severity authentication bypass flaw in Catalyst SD-WAN Controller that it said has been exploited in limited attacks. The vulnerability, tracked as CVE-2026-20182, carries a CVSS score of 10.0. “A vulnerability in the peering…

admin
May 14, 2026

Wire

CVE-2025-15023 – Improper Access Control in Yordam Informatics’ Library Automation System

CVE ID :CVE-2025-15023 Published : May 14, 2026, 5:36 p.m. | 51 minutes ago Description :Incorrect Authorization vulnerability in Yordam Information Technology Consulting, Training and Electronic Systems Industry and Trade Inc. Library Automation System allows Exploiting Incorrectly Configured Access Control Security…

admin
May 14, 2026

Wire

Stealer Backdoor Found in 3 Node-IPC Versions Targeting Developer Secrets

Cybersecurity researchers are sounding the alarm about what has been described as “malicious activity” in newly published versions of node-ipc. According to Socket and StepSecurity, three different versions of the npm package have been confirmed as malicious – node-ipc@9.1.6 node-ipc@9.2.3…

admin
May 14, 2026