Mail Index

• Thread Index

• [FD] [CVE-2026-33691] OWASP CRS whitespace padding bypass vulnerability
  • From: cyber security
• [FD] [KIS-2026-06] MetInfo CMS <= 8.1 (weixinreply.class.php) PHP Code Injection Vulnerability
  • From: Egidio Romano
• [FD] Apple OHTTP Relay: 14 Third-Party Endpoints, 6 Countries, Zero User Visibility
  • From: Joseph Goydish II via Fulldisclosure
• [FD] SEC Consult SA-20260326-0 :: Local Privilege Escalation in Vienna Assistant (MacOS) - Vienna Symphonic Library
  • From: SEC Consult Vulnerability Lab via Fulldisclosure
• [FD] SEC Consult SA-20260401-0 :: Broken Access Control in Open WebUI
  • From: SEC Consult Vulnerability Lab via Fulldisclosure
• [FD] SEC Consult SA-20260414-0 :: Improper Enforcement of Locked Accounts in WebUI (SSO) in Kiuwan SAST on-premise (KOP) & cloud/SaaS
  • From: SEC Consult Vulnerability Lab via Fulldisclosure
• [FD] CyberDanube Security Research 20260408-0 | Remote Operation Denial of Service in Siemens SICAM A8000
  • From: Thomas Weber | CyberDanube via Fulldisclosure
• [FD] CyberDanube Security Research 20260408-1 | Multiple Vulnerabilities in Siemens SICAM A8000
  • From: Thomas Weber | CyberDanube via Fulldisclosure
• [FD] [SBA-ADV-20251120-01] CVE-2026-0972: GoAnywhere MFT Email HTML Injection
  • From: SBA Research Security Advisory via Fulldisclosure
• [FD] [IWCC 2026] CfP: 15th International Workshop on Cyber Crime - Linköping, Sweden, Aug 24-27, 2026
  • From: Artur Janicki via Fulldisclosure
• [FD] Trojan-Spy.Win32.Small / Remote Command Execution
  • From: malvuln
• [FD] [KIS-2026-07] SocialEngine <= 7.8.0 Blind Server-Side Request Forgery Vulnerability
  • From: Egidio Romano
• [FD] [KIS-2026-08] SocialEngine <= 7.8.0 (get-memberall) SQL Injection Vulnerability
  • From: Egidio Romano
• [FD] Research: When Trusted Tools Become Attack Primitives
  • From: Nir Yehoshua
• [FD] APPLE-SA-04-22-2026-1 iOS 26.4.2 and iPadOS 26.4.2
  • From: Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-04-22-2026-2 iOS 18.7.8 and iPadOS 18.7.8
  • From: Apple Product Security via Fulldisclosure
• [FD] SEC Consult SA-20260415-0 :: Exposed Private Key of X.509 Certificate in SAP HANA Cockpit & SAP HANA Database Explorer
  • From: SEC Consult Vulnerability Lab via Fulldisclosure
• [FD] SEC Consult SA-20260421-0 :: Broken Access Control in Config Endpoint in LiteLLM
  • From: SEC Consult Vulnerability Lab via Fulldisclosure
• [FD] SEC Consult SA-20260423-0 :: DLL Hijacking in EfficientLab Controlio (cloud-based employee monitoring service)
  • From: SEC Consult Vulnerability Lab via Fulldisclosure
• [FD] SEC Consult SA-20260427-0 :: Missing TLS Certificate Validation leading to RCE in DeskTime Time Tracking App
  • From: SEC Consult Vulnerability Lab via Fulldisclosure
• Re: [FD] SEC Consult SA-20260427-0 :: Missing TLS Certificate Validation leading to RCE in DeskTime Time Tracking App
  • From: SEC Consult Vulnerability Lab via Fulldisclosure
• [FD] ESP-RFID-Tool v2 PRO — Full Public Disclosure
  • From: Milan Berger via Fulldisclosure