Mail Thread Index

• Date Index

• [FD] [CVE-2026-33691] OWASP CRS whitespace padding bypass vulnerability, cyber security
• [FD] [KIS-2026-06] MetInfo CMS <= 8.1 (weixinreply.class.php) PHP Code Injection Vulnerability, Egidio Romano
• [FD] Apple OHTTP Relay: 14 Third-Party Endpoints, 6 Countries, Zero User Visibility, Joseph Goydish II via Fulldisclosure
• [FD] SEC Consult SA-20260326-0 :: Local Privilege Escalation in Vienna Assistant (MacOS) - Vienna Symphonic Library, SEC Consult Vulnerability Lab via Fulldisclosure
• [FD] SEC Consult SA-20260401-0 :: Broken Access Control in Open WebUI, SEC Consult Vulnerability Lab via Fulldisclosure
• [FD] SEC Consult SA-20260414-0 :: Improper Enforcement of Locked Accounts in WebUI (SSO) in Kiuwan SAST on-premise (KOP) & cloud/SaaS, SEC Consult Vulnerability Lab via Fulldisclosure
• [FD] CyberDanube Security Research 20260408-0 | Remote Operation Denial of Service in Siemens SICAM A8000, Thomas Weber | CyberDanube via Fulldisclosure
• [FD] CyberDanube Security Research 20260408-1 | Multiple Vulnerabilities in Siemens SICAM A8000, Thomas Weber | CyberDanube via Fulldisclosure
• [FD] [SBA-ADV-20251120-01] CVE-2026-0972: GoAnywhere MFT Email HTML Injection, SBA Research Security Advisory via Fulldisclosure
• [FD] [IWCC 2026] CfP: 15th International Workshop on Cyber Crime - Linköping, Sweden, Aug 24-27, 2026, Artur Janicki via Fulldisclosure
• [FD] Trojan-Spy.Win32.Small / Remote Command Execution, malvuln
• [FD] [KIS-2026-07] SocialEngine <= 7.8.0 Blind Server-Side Request Forgery Vulnerability, Egidio Romano
• [FD] [KIS-2026-08] SocialEngine <= 7.8.0 (get-memberall) SQL Injection Vulnerability, Egidio Romano
• [FD] Research: When Trusted Tools Become Attack Primitives, Nir Yehoshua
• [FD] APPLE-SA-04-22-2026-1 iOS 26.4.2 and iPadOS 26.4.2, Apple Product Security via Fulldisclosure
• [FD] APPLE-SA-04-22-2026-2 iOS 18.7.8 and iPadOS 18.7.8, Apple Product Security via Fulldisclosure
• [FD] SEC Consult SA-20260415-0 :: Exposed Private Key of X.509 Certificate in SAP HANA Cockpit & SAP HANA Database Explorer, SEC Consult Vulnerability Lab via Fulldisclosure
• [FD] SEC Consult SA-20260421-0 :: Broken Access Control in Config Endpoint in LiteLLM, SEC Consult Vulnerability Lab via Fulldisclosure
• [FD] SEC Consult SA-20260423-0 :: DLL Hijacking in EfficientLab Controlio (cloud-based employee monitoring service), SEC Consult Vulnerability Lab via Fulldisclosure
• [FD] SEC Consult SA-20260427-0 :: Missing TLS Certificate Validation leading to RCE in DeskTime Time Tracking App, SEC Consult Vulnerability Lab via Fulldisclosure
  • Re: [FD] SEC Consult SA-20260427-0 :: Missing TLS Certificate Validation leading to RCE in DeskTime Time Tracking App, SEC Consult Vulnerability Lab via Fulldisclosure
• [FD] ESP-RFID-Tool v2 PRO — Full Public Disclosure, Milan Berger via Fulldisclosure