{"total":1285,"page":1,"count":50,"advisories":[{"id":"59254c00-9f5e-449c-8b42-ad31b07d14fe","num":222679,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/vulnerability-impacting-roundcube-webmail-cve-2025-49113","title":"AL25-007 - Vulnerability impacting Roundcube Webmail – CVE-2025-49113 – Update 1","summary":"Number: AL25-007 Date: June 11, 2025 Updated: July 10, 2026 Audience This Alert is intended for IT professionals and managers of notified organizations. Purpose An Alert is used to raise awareness of a recently identified cyber threat that may impact cyber information assets, and to provide additional detection and mitigation advice to recipients. The Canadian Centre for Cyber Security (\"Cyber Centre\") is also available to provide additional assistance regarding the content of this Alert to recipients as requested. Details On June 1, 2025, Roundcube released a security bulletin for a critical vulnerability affecting Webmail. The issue is described as a Post-Auth RCE via PHP Object Deserialization vulnerability (CVE-2025-49113) Footnote 1 . The versions of Roundcube products affected are Footnote 2 : Webmail – versions prior to 1.5.10 Webmail – versions prior to 1.6.11 In response to this vulnerability, the Cyber Centre released AV25-309 on June 2, 2025 Footnote 3 . While the Cyber Centre has not received any reports of exploitation, the existence of a proof of concept (POC) significantly raises the likeness of abuse by malicious actors. The existence of a published POC makes it imperative to take action to assess and mitigate this vulnerability. The Cyber Centre is aware that exploitation of CVE-2024-42009 has been used to obtain valid credentials, which could lead to exploitation of CVE-2025-49113. CISA added CVE-2024-42009 to their Known Exploited Vulnerabilities (KEV) catalog Footnote 4 Footnote 5 on June 9, 2025. Update 1 The Cyber Centre is aware of open-source reporting indicating ongoing exploitation Footnote 7 of CVE-2024-42009 Footnote 8 and CVE-2025-49113 Footnote 1 related to Roundcube Webmail. The Cyber Centre strongly recommends that organizations upgrade to the latest Roundcube Webmail versions as per AV26-657 Footnote 9 : Webmail – version 1.6.17 Webmail – version 1.7.2 On June 9, 2025, Cybersecurity and Infrastructure Security Agency (CISA) added CVE","link":"https://cyber.gc.ca/en/alerts-advisories/vulnerability-impacting-roundcube-webmail-cve-2025-49113","severity":"critical","cvss":null,"cves":["CVE-2025-49113","CVE-2024-42009","CVE-2025-42009"],"exploited":true,"has_exploit":true,"published_at":"2026-07-10T19:12:59+00:00"},{"id":"0290699c-cc0a-4e14-9e63-c881e2a81a81","num":226295,"source_id":"nvd","external_id":"CVE-2026-51119","title":"CVE-2026-51119: An issue in Invixium IXM WEB v.2.3.85.25 allows an attacker to escalate privileges via the /SystemUsers/CreateAppUser components","summary":"An issue in Invixium IXM WEB v.2.3.85.25 allows an attacker to escalate privileges via the /SystemUsers/CreateAppUser components","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-51119","severity":"critical","cvss":9.1,"cves":["CVE-2026-51119"],"exploited":false,"has_exploit":true,"published_at":"2026-07-10T17:16:57.587+00:00"},{"id":"b48720a1-7226-4c51-a64b-914366cdbfef","num":221713,"source_id":"nvd","external_id":"CVE-2026-29519","title":"CVE-2026-29519: Lucee CFML Server versions across the 5.3.x, 6.1.x, 6.2.x, and 7.0.x release lines contain a reflected cross-site scripting vulnerability in URL path parsing that allows unauthenti","summary":"Lucee CFML Server versions across the 5.3.x, 6.1.x, 6.2.x, and 7.0.x release lines contain a reflected cross-site scripting vulnerability in URL path parsing that allows unauthenticated remote attackers to execute arbitrary JavaScript in a victim's browser by embedding HTML or JavaScript payloads within the request path. Attackers can craft a malicious URL containing injected script content that is reflected in the server's response without proper output encoding, enabling session hijacking or unauthorized actions against the Lucee administrative interface when a victim visits the crafted link.","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-29519","severity":"high","cvss":8.2,"cves":["CVE-2026-29519"],"exploited":false,"has_exploit":true,"published_at":"2026-07-10T15:16:39.007+00:00"},{"id":"73d9d291-848b-404f-aee7-5debe9dfcfb5","num":222264,"source_id":"cisa","external_id":"/node/25143","title":"CISA Adds Two Known Exploited Vulnerabilities to Catalog","summary":"CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog , based on evidence of active exploitation. CVE-2026-48939 iCagenda Unrestricted Upload of File with Dangerous Type Vulnerability CVE-2026-56291 Balbooa Forms Unrestricted Upload of File with Dangerous Type Vulnerability These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) 26-04: Prioritizing Security Updates Based on Risk establishes vulnerability management requirements for Federal Civilian Executive Branch (FCEB) agencies. BOD 26-04 reinforces the importance of the KEV Catalog and requires federal agencies to prioritize rapid remediation of high-risk vulnerabilities, specifically those identified by Common Vulnerabilities and Exposures (CVEs) listed in CISA’s KEV Catalog on publicly exposed assets that grant total control of the asset post-exploitation, while deferring action for lower-risk vulnerabilities. BOD 26-04 further establishes basic expectations for when agencies must check whether threat actors compromised the system before the patch was applied. While BOD 26-04 applies only to FCEB agencies, CISA encourages all organizations to adopt risk-based vulnerability management and prioritize remediation of KEV Catalog vulnerabilities . CISA will continue to add vulnerabilities to the catalog that meet the specified criteria . Aware of an exploited vulnerability not currently listed in the KEV Catalog? Submit it for potential addition through CISA’s KEV Nomination Form . Potential KEV additions must have a CVE ID, evidence of exploitation, and clear mitigation guidance.","link":"https://www.cisa.gov/news-events/alerts/2026/07/10/cisa-adds-two-known-exploited-vulnerabilities-catalog","severity":"high","cvss":null,"cves":["CVE-2026-48939","CVE-2026-56291"],"exploited":true,"has_exploit":true,"published_at":"2026-07-10T12:00:00+00:00"},{"id":"3c921906-4590-4449-9afc-a4372c611318","num":1446,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1232","title":"[UPDATE] [high] Linux Kernel: Multiple vulnerabilities","summary":"An attacker can exploit multiple vulnerabilities in the Linux Kernel to escalate their privileges, cause a denial of service condition, or achieve other unspecified effects.","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1232","severity":"high","cvss":null,"cves":["CVE-2026-31431","CVE-2026-31432","CVE-2026-31433","CVE-2026-43284","CVE-2026-43500"],"exploited":false,"has_exploit":true,"published_at":"2026-07-10T10:21:41+00:00"},{"id":"5e1cb7d0-58a4-4367-b3bf-3a81da922461","num":1374,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1430","title":"[UPDATE] [high] Linux Kernel (Dirty Frag): Multiple vulnerabilities allow gaining administrator rights","summary":"A local attacker can exploit multiple vulnerabilities in the Linux Kernel to gain administrator rights.","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1430","severity":"high","cvss":null,"cves":["CVE-2026-31431","CVE-2026-43284","CVE-2026-43500"],"exploited":false,"has_exploit":true,"published_at":"2026-07-10T10:16:44+00:00"},{"id":"d9473d5a-13c2-42cd-9e39-e915e99967f5","num":214108,"source_id":"ubuntu","external_id":"https://ubuntu.com/security/notices/USN-8528-1","title":"USN-8528-1: Linux kernel (Xilinx ZynqMP) vulnerabilities","summary":"It was discovered that the Linux kernel algif_aead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. (CVE-2026-31431) It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as Dirty Frag. A logic flaw existed in the XFRM ESP-in-TCP subsystem and in the RxRPC networking subsystem when processing paged fragments. A local attacker could use this to escalate privileges, or possibly escape a container. (CVE-2026-43284, CVE-2026-43500) It was discovered that a logic flaw existed in the XFRM ESP-in-TCP subsystem in the Linux kernel when handling socket buffer fragments. This flaw is known as Fragnesia. A local attacker could use this to escalate privileges, or possibly escape a container. (CVE-2026-43503, CVE-2026-46300) Qualys discovered that a race condition existed in the ptrace subsystem of the Linux kernel when privileged processes are exiting. An unprivileged local attacker could use this issue to expose sensitive information. (CVE-2026-46333) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - RISC-V architecture; - Cryptographic API; - InfiniBand drivers; - IOMMU subsystem; - Ethernet bonding driver; - Network drivers; - STMicroelectronics network drivers; - NVME drivers; - x86 platform drivers; - SCSI subsystem; - SPI subsystem; - TCM subsystem; - USB over IP driver; - File systems infrastructure; - HFS+ file system; - Network file system (NFS) server daemon; - SMB network file system; - IPv6 networking; - Netfilter; - Tracing infrastructure; - io_uring subsystem; - Timer subsystem; - B.A.T.M.A.N. meshing protocol; - Bluetooth subsystem; - Ethernet bridge; - Ceph Core library; - IPv4 networking; - MAC80211 subsystem; - M","link":"https://ubuntu.com/security/notices/USN-8528-1","severity":"unknown","cvss":null,"cves":["CVE-2026-31431","CVE-2026-43284","CVE-2026-43500","CVE-2026-43503","CVE-2026-46300","CVE-2026-46333","CVE-2022-48816","CVE-2023-53673","CVE-2024-35862","CVE-2024-50060","CVE-2025-37778","CVE-2025-37822","CVE-2025-37924","CVE-2025-38201","CVE-2025-40082","CVE-2025-68214","CVE-2025-68263","CVE-2025-71089","CVE-2025-71220","CVE-2025-71222","CVE-2025-71224","CVE-2026-23176","CVE-2026-23180","CVE-2026-23182","CVE-2026-23190","CVE-2026-23193","CVE-2026-23198","CVE-2026-23202","CVE-2026-23206","CVE-2026-23216","CVE-2026-23256","CVE-2026-23257","CVE-2026-23258","CVE-2026-23262","CVE-2026-23272","CVE-2026-23274","CVE-2026-23278","CVE-2026-23351","CVE-2026-23428","CVE-2026-23450","CVE-2026-23455","CVE-2026-31402","CVE-2026-31418","CVE-2026-31419","CVE-2026-31478","CVE-2026-31504","CVE-2026-31533","CVE-2026-31607","CVE-2026-31637","CVE-2026-31649","CVE-2026-31657","CVE-2026-31659","CVE-2026-31668","CVE-2026-31669","CVE-2026-31682","CVE-2026-31685","CVE-2026-43011","CVE-2026-43033","CVE-2026-43037","CVE-2026-43038","CVE-2026-43071","CVE-2026-43077","CVE-2026-43078","CVE-2026-43114","CVE-2026-43117","CVE-2026-43186","CVE-2026-43304","CVE-2026-43341","CVE-2026-43383","CVE-2026-43406","CVE-2026-43407","CVE-2026-43414","CVE-2026-43493","CVE-2026-43494","CVE-2026-43501","CVE-2026-45988","CVE-2026-46028","CVE-2026-46043","CVE-2026-46119","CVE-2026-46135","CVE-2026-46195","CVE-2026-46243"],"exploited":true,"has_exploit":true,"published_at":"2026-07-10T09:52:32+00:00"},{"id":"057b6b54-fb9a-4679-ab69-921dbadf0545","num":212742,"source_id":"nvd","external_id":"CVE-2026-12400","title":"CVE-2026-12400: The FlowForms – Conversational Form Builder plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.1.1 via the update_form d","summary":"The FlowForms – Conversational Form Builder plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.1.1 via the update_form due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with contributor-level access and above, to modify the content, design, and settings of, as well as publish or revert, any form on the site — including forms owned by administrators — by supplying an arbitrary form ID in the REST URL.","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-12400","severity":"medium","cvss":4.3,"cves":["CVE-2026-12400"],"exploited":false,"has_exploit":true,"published_at":"2026-07-10T09:16:52.553+00:00"},{"id":"42e9caa2-d2cf-493d-ad21-e07e25297a30","num":86354,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2208","title":"[NEW] [medium] Linux Kernel: Multiple vulnerabilities","summary":"A local attacker can exploit multiple vulnerabilities in Linux Kernel to cause memory corruption, disclose kernel memory, or trigger denial-of-service conditions.","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2208","severity":"medium","cvss":null,"cves":["CVE-2026-53359","CVE-2026-53360","CVE-2026-53361","CVE-2026-53362"],"exploited":false,"has_exploit":true,"published_at":"2026-07-10T07:23:11+00:00"},{"id":"e8708213-3a45-4a6e-bd7c-7ac8503e1c11","num":208267,"source_id":"nvd","external_id":"CVE-2026-50181","title":"CVE-2026-50181: Langroid is a framework for building large-language-model-powered applications. Prior to version 0.64.0, Langroid's `ReadFileTool` and `WriteFileTool` appear to treat `curr_dir` as","summary":"Langroid is a framework for building large-language-model-powered applications. Prior to version 0.64.0, Langroid's ReadFileTool and WriteFileTool appear to treat curr_dir as the intended working-directory boundary for file operations. However, the tools only change the process working directory to curr_dir and then operate on the user-supplied file_path without resolving and enforcing that the final path remains inside curr_dir. As a result, a tool caller can supply path traversal sequences such as ../secret.txt to read files outside the configured current directory, or ../written_by_tool.txt to write files outside that directory. This can impact applications that expose Langroid file tools to an LLM agent, user-controlled tool call, or delegated coding/documentation agent while relying on curr_dir to restrict file access to a project/workspace directory. Version 0.64.0 patches the issue.","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-50181","severity":"high","cvss":7.1,"cves":["CVE-2026-50181"],"exploited":false,"has_exploit":true,"published_at":"2026-07-10T00:16:33.34+00:00"},{"id":"7e09a07f-363c-4621-be7a-7e33a1fcff99","num":213599,"source_id":"cert-fr-avis","external_id":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0863/","title":"Multiple vulnerabilities in Red Hat Linux kernel (July 10, 2026)","summary":"Multiple vulnerabilities have been discovered in the Red Hat Linux kernel. Some of them allow an attacker to cause remote arbitrary code execution, privilege escalation, and remote denial of service.","link":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0863/","severity":"unknown","cvss":null,"cves":["CVE-2026-43198","CVE-2026-43414","CVE-2026-4878","CVE-2026-45852","CVE-2026-46227","CVE-2025-21691","CVE-2024-50125","CVE-2026-43284","CVE-2026-46173","CVE-2026-46113","CVE-2026-31408","CVE-2026-43279","CVE-2026-46331","CVE-2026-46209","CVE-2024-27398","CVE-2026-43450","CVE-2026-43276","CVE-2026-46116","CVE-2026-43074","CVE-2026-46259","CVE-2026-46176","CVE-2026-23270","CVE-2026-46323","CVE-2026-46181","CVE-2026-23191","CVE-2026-46189","CVE-2026-35535","CVE-2026-46242","CVE-2026-46243","CVE-2025-68183","CVE-2026-31669","CVE-2025-10263","CVE-2026-23216","CVE-2026-46090","CVE-2026-22990","CVE-2026-39979","CVE-2026-46300","CVE-2026-35385","CVE-2026-43501","CVE-2026-40164","CVE-2026-45984","CVE-2026-46152","CVE-2026-46135","CVE-2025-71066","CVE-2026-46244","CVE-2025-71116","CVE-2026-46316","CVE-2026-23455","CVE-2026-43341","CVE-2026-53359","CVE-2026-41035","CVE-2026-22984","CVE-2025-21648","CVE-2026-43037","CVE-2026-43112","CVE-2026-43027","CVE-2026-43125","CVE-2026-43128","CVE-2026-43329","CVE-2026-46155"],"exploited":false,"has_exploit":true,"published_at":"2026-07-10T00:00:00+00:00"},{"id":"dcc64140-c176-4452-b0b9-c98ac539dd8b","num":218702,"source_id":"cisa-kev","external_id":"CVE-2026-48939","title":"CVE-2026-48939: iCagenda Unrestricted Upload of File with Dangerous Type Vulnerability","summary":"iCagenda contains an unrestricted upload of file with dangerous type vulnerability that allows the upload of arbitrary files in the file attachment feature, ultimately resulting in PHP code upload and execution.","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-48939","severity":"critical","cvss":null,"cves":["CVE-2026-48939"],"exploited":true,"has_exploit":true,"published_at":"2026-07-10T00:00:00+00:00"},{"id":"f76d8c70-c328-4f0a-9f0e-569059fe0822","num":203776,"source_id":"nvd","external_id":"CVE-2025-45422","title":"CVE-2025-45422: Incorrect access control in Proximus b-box v8c.725A allows authenticated attackers to bypass normal restrictions and make arbitrary changes to port forwarding rules.","summary":"Incorrect access control in Proximus b-box v8c.725A allows authenticated attackers to bypass normal restrictions and make arbitrary changes to port forwarding rules.","link":"https://nvd.nist.gov/vuln/detail/CVE-2025-45422","severity":"high","cvss":8.1,"cves":["CVE-2025-45422"],"exploited":false,"has_exploit":true,"published_at":"2026-07-09T21:16:54.167+00:00"},{"id":"799d1f8a-adb2-4e6c-b5a8-6e5209b66e09","num":199361,"source_id":"nvd","external_id":"CVE-2026-61343","title":"CVE-2026-61343: LibreBooking's email template editor save action passes the submitted template name directly into the destination file path, allowing a remote attacker with administrator credentia","summary":"LibreBooking's email template editor save action passes the submitted template name directly into the destination file path, allowing a remote attacker with administrator credentials to write an arbitrary file outside the template directory and execute code. Fixed in 5.1.0.","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-61343","severity":"high","cvss":7.2,"cves":["CVE-2026-61343"],"exploited":false,"has_exploit":true,"published_at":"2026-07-09T18:16:58.03+00:00"},{"id":"e01d135c-0643-4218-93e5-17a65e33261c","num":182462,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1489","title":"[UPDATE] [critical] Microsoft Windows products: Multiple vulnerabilities","summary":"An attacker can exploit multiple vulnerabilities in Microsoft Windows products to execute arbitrary code, escalate privileges, conduct a Denial of Service attack, disclose information, and bypass security measures.","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1489","severity":"critical","cvss":null,"cves":["CVE-2026-42897","CVE-2025-54518","CVE-2026-21530","CVE-2026-32161","CVE-2026-32170","CVE-2026-32209","CVE-2026-33834","CVE-2026-33835","CVE-2026-33837","CVE-2026-33838","CVE-2026-33839","CVE-2026-33840","CVE-2026-33841","CVE-2026-34329","CVE-2026-34330","CVE-2026-34331","CVE-2026-34332","CVE-2026-34333","CVE-2026-34334","CVE-2026-34336","CVE-2026-34337","CVE-2026-34338","CVE-2026-34339","CVE-2026-34340","CVE-2026-34341","CVE-2026-34342","CVE-2026-34343","CVE-2026-34344","CVE-2026-34345","CVE-2026-34347","CVE-2026-34350","CVE-2026-34351","CVE-2026-35415","CVE-2026-35416","CVE-2026-35417","CVE-2026-35418","CVE-2026-35419","CVE-2026-35420","CVE-2026-35421","CVE-2026-35422","CVE-2026-35423","CVE-2026-35424","CVE-2026-35438","CVE-2026-40369","CVE-2026-40377","CVE-2026-40380","CVE-2026-40382","CVE-2026-40397","CVE-2026-40398","CVE-2026-40399","CVE-2026-40401","CVE-2026-40402","CVE-2026-40403","CVE-2026-40405","CVE-2026-40406","CVE-2026-40407","CVE-2026-40408","CVE-2026-40410","CVE-2026-40413","CVE-2026-40414"],"exploited":false,"has_exploit":true,"published_at":"2026-07-09T08:57:11+00:00"},{"id":"4321a47a-3647-44f4-a0fa-3c9c40b3d536","num":481,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1955","title":"[UPDATE] [high] Atlassian Bamboo, Bitbucket, Confluence, Fisheye, Crucible, Jira and Jira Service Management: Multiple vulnerabilities","summary":"An attacker can exploit multiple vulnerabilities in Atlassian Bamboo, Bitbucket, Confluence, Fisheye, Crucible, Jira, and Jira Service Management to execute arbitrary code, gain elevated privileges, bypass security measures, manipulate data, disclose confidential information, or trigger a denial-of-service condition.","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1955","severity":"high","cvss":null,"cves":["CVE-2019-11272","CVE-2021-3803","CVE-2022-1471","CVE-2022-22965","CVE-2022-22978","CVE-2022-31692","CVE-2024-22257","CVE-2025-22228","CVE-2026-22732","CVE-2026-24734","CVE-2026-26996","CVE-2026-27903","CVE-2026-27904","CVE-2026-29129","CVE-2026-33870","CVE-2026-33871","CVE-2026-34077","CVE-2026-34486","CVE-2026-34487","CVE-2026-40175","CVE-2026-41044","CVE-2026-41284","CVE-2026-41293","CVE-2026-42033","CVE-2026-42035","CVE-2026-42038","CVE-2026-42043","CVE-2026-42198","CVE-2026-42211","CVE-2026-42264","CVE-2026-42342","CVE-2026-42498","CVE-2026-42579","CVE-2026-42581","CVE-2026-42583","CVE-2026-42584","CVE-2026-42585","CVE-2026-42587","CVE-2026-43512","CVE-2026-43513","CVE-2026-43515","CVE-2026-44486","CVE-2026-44487","CVE-2026-44488","CVE-2026-44492","CVE-2026-44495","CVE-2026-44496","CVE-2026-45149","CVE-2026-45736"],"exploited":false,"has_exploit":true,"published_at":"2026-07-09T08:31:40+00:00"},{"id":"f04e81c6-5010-4f9f-875f-7ee3f8471524","num":182560,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2123","title":"[UPDATE] [medium] Apache Tomcat: Multiple vulnerabilities","summary":"An attacker can exploit multiple vulnerabilities in Apache Tomcat to bypass security measures, cause a Denial-of-Service condition, conduct Cross-Site Scripting attacks, or trigger other unspecified impacts.","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2123","severity":"medium","cvss":null,"cves":["CVE-2026-50229","CVE-2026-53404","CVE-2026-53434","CVE-2026-55276","CVE-2026-55955","CVE-2026-55956","CVE-2026-55957"],"exploited":false,"has_exploit":true,"published_at":"2026-07-09T08:26:41+00:00"},{"id":"f003d5c4-3d01-4900-a930-af819634ff1d","num":177931,"source_id":"nvd","external_id":"CVE-2026-31309","title":"CVE-2026-31309: Improper authorization in the /tequilapi/config/user endpoint of Mysterium Node before v1.36.0 allows unauthenticated attackers to arbitrarily overwrite the node's configuration an","summary":"Improper authorization in the /tequilapi/config/user endpoint of Mysterium Node before v1.36.0 allows unauthenticated attackers to arbitrarily overwrite the node's configuration and achieve a full node takeover via supplying a crafted POST request.","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-31309","severity":"high","cvss":7.5,"cves":["CVE-2026-31309"],"exploited":false,"has_exploit":true,"published_at":"2026-07-08T22:17:13.84+00:00"},{"id":"34eee001-d570-4f1c-b9df-f47a016c8cdb","num":173045,"source_id":"nvd","external_id":"CVE-2026-36027","title":"CVE-2026-36027: An issue in Code27 Companion Hub SQ3A.220705.003.A1 allows a physically proximate attacker to execute arbitrary code via the USB debugging (ADB) and Android Debug Bridge components","summary":"An issue in Code27 Companion Hub SQ3A.220705.003.A1 allows a physically proximate attacker to execute arbitrary code via the USB debugging (ADB) and Android Debug Bridge components","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-36027","severity":"medium","cvss":6.8,"cves":["CVE-2026-36027"],"exploited":false,"has_exploit":true,"published_at":"2026-07-08T20:16:48.817+00:00"},{"id":"be0c4692-6633-4ed4-869e-08afcd6ed2f6","num":156746,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/langflow-security-advisory-av26-670","title":"Langflow security advisory (AV26-670)","summary":"Serial number: AV26-670 Date: July 8, 2026 On July 7, 2026, Langflow updated a security advisory to address vulnerabilities in the following product: Langflow – versions prior to 1.9.1 On July 7, 2026, Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2026-55255 to their Known Exploited Vulnerabilities (KEV) Database. The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates, when available. CVE-2026-55255: Langflow: IDOR Vulnerability in /api/v1/responses Endpoint Allows Authenticated Attackers to Access Another User's Flow CISA KEV: CVE-2026-55255","link":"https://cyber.gc.ca/en/alerts-advisories/langflow-security-advisory-av26-670","severity":"unknown","cvss":null,"cves":["CVE-2026-55255"],"exploited":true,"has_exploit":true,"published_at":"2026-07-08T13:05:23+00:00"},{"id":"791bcf37-213a-4dcc-81e8-63f24dda513b","num":147914,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2030","title":"[UPDATE] [high] Langflow: Multiple vulnerabilities","summary":"An attacker can exploit multiple vulnerabilities in Langflow to execute arbitrary program code, bypass security measures, manipulate data, disclose confidential information, or cause a Denial-of-Service condition.","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2030","severity":"high","cvss":null,"cves":["CVE-2026-12822","CVE-2026-55255","CVE-2026-55423","CVE-2026-55446","CVE-2026-55447"],"exploited":false,"has_exploit":true,"published_at":"2026-07-08T06:41:41+00:00"},{"id":"37f1d568-66a2-4dfd-bfb7-06ade77ff1bd","num":142946,"source_id":"nvd","external_id":"CVE-2026-55592","title":"CVE-2026-55592: Dashy is a self-hostable personal dashboard. Prior to 4.3.7, Dashy's workspace view trusts the url query parameter and assigns it directly to an iframe source without scheme valida","summary":"Dashy is a self-hostable personal dashboard. Prior to 4.3.7, Dashy's workspace view trusts the url query parameter and assigns it directly to an iframe source without scheme validation. If a logged-in user opens a crafted workspace link containing a javascript: URL, JavaScript runs on the Dashy origin and can read same-origin browser data, interact with the Dashy DOM, and send requests as the victim. This issue is fixed in version 4.3.7.","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-55592","severity":"low","cvss":3.9,"cves":["CVE-2026-55592"],"exploited":false,"has_exploit":true,"published_at":"2026-07-07T21:17:27.433+00:00"},{"id":"d0eb1d34-14aa-49dd-a5cb-484203eb370f","num":19583,"source_id":"cccs","external_id":"https://cyber.gc.ca/en/alerts-advisories/adobe-security-advisory-av26-647","title":"Adobe security advisory (AV26-647) – Update 2","summary":"Serial number: AV26–647 Date: July 2, 2026 Updated: July 7, 2026 On June 30, 2026, Adobe published security advisories to address critical vulnerabilities in the following products: Adobe ColdFusion 2025 – Update 9 and prior Adobe ColdFusion 2023 – Update 20 and prior Adobe Campaign Classic – version ACC v7: 7.4.3 build 9396 and prior Update 1 Open-source reporting indicates that CVE-2026-48282 is being exploited. Update 2 On July 7, 2026, Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2026-48282 to their Known Exploited Vulnerabilities (KEV) Database. The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates. Security update available for Adobe ColdFusion | APSB26-68 Security updates available for Adobe Campaign Classic | APSB26-69 Adobe Security Advisories CISA KEV: CVE-2026-48282","link":"https://cyber.gc.ca/en/alerts-advisories/adobe-security-advisory-av26-647","severity":"critical","cvss":null,"cves":["CVE-2026-48282"],"exploited":true,"has_exploit":true,"published_at":"2026-07-07T19:49:45+00:00"},{"id":"f825d337-deda-495d-af50-c2b136d9fbc6","num":133505,"source_id":"nvd","external_id":"CVE-2026-57851","title":"CVE-2026-57851: MSI Feature Manager contains a local privilege escalation vulnerability in the KernCoreLib64.sys kernel driver that allows any locally logged-on user to perform arbitrary physical","summary":"MSI Feature Manager contains a local privilege escalation vulnerability in the KernCoreLib64.sys kernel driver that allows any locally logged-on user to perform arbitrary physical memory read/write and unrestricted I/O port operations by accessing exposed IOCTL handlers without administrator privileges. Attackers can exploit the accessible device object through IOCTL handlers to manipulate kernel objects, tamper with kernel-mode callbacks, bypass Protected Process Light protections, and disable security software.","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-57851","severity":"high","cvss":7.8,"cves":["CVE-2026-57851"],"exploited":false,"has_exploit":true,"published_at":"2026-07-07T17:16:36.88+00:00"},{"id":"eac8457d-1e9a-45b8-a6c8-27d807ddd739","num":133504,"source_id":"nvd","external_id":"CVE-2026-23698","title":"CVE-2026-23698: Vtiger CRM through 8.4.0 contains an authenticated remote code execution vulnerability in the admin module import feature that allows administrator-level attackers to upload arbitr","summary":"Vtiger CRM through 8.4.0 contains an authenticated remote code execution vulnerability in the admin module import feature that allows administrator-level attackers to upload arbitrary PHP files by submitting a crafted zip archive through the ModuleManager import function, which extracts contents directly into the modules/ directory under the web root without validating file types beyond the manifest.xml descriptor. Attackers can place executable PHP files in the modules/ directory that become directly accessible via HTTP, bypassing Vtiger's authentication and authorization layer entirely since Apache resolves the path and invokes the PHP interpreter before the application routing layer is involved, resulting in a persistent web shell independent of the originating session.","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-23698","severity":"high","cvss":7.2,"cves":["CVE-2026-23698"],"exploited":false,"has_exploit":true,"published_at":"2026-07-07T17:16:36.123+00:00"},{"id":"adb0edfb-5586-4965-9522-faf829acbe24","num":133503,"source_id":"nvd","external_id":"CVE-2026-23697","title":"CVE-2026-23697: Vtiger CRM before 8.4.0 contains an authenticated file upload vulnerability that allows low-privileged users to achieve remote code execution by uploading a .phar file containing a","summary":"Vtiger CRM before 8.4.0 contains an authenticated file upload vulnerability that allows low-privileged users to achieve remote code execution by uploading a .phar file containing arbitrary PHP code through the Documents module, bypassing the extension denylist in config.inc.php which omits the .phar extension. The uploaded file is stored with its original .phar extension under the web-accessible storage directory, and a misconfigured .htaccess using Apache 2.2 syntax is silently ignored on Apache 2.4 deployments, allowing unauthenticated HTTP requests to directly execute the uploaded PHP payload.","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-23697","severity":"high","cvss":8.8,"cves":["CVE-2026-23697"],"exploited":false,"has_exploit":true,"published_at":"2026-07-07T17:16:35.977+00:00"},{"id":"795dfb73-cd8e-4e63-8c89-dc2e690c1999","num":138736,"source_id":"cisa","external_id":"/node/25133","title":"CISA Adds One Known Exploited Vulnerability to Catalog","summary":"CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog , based on evidence of active exploitation. CVE-2026-48282 Adobe ColdFusion Path Traversal Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant risks to the federal enterprise. Binding Operational Directive (BOD) 26-04: Prioritizing Security Updates Based on Risk establishes vulnerability management requirements for Federal Civilian Executive Branch (FCEB) agencies. BOD 26-04 reinforces the importance of the KEV Catalog and requires federal agencies to prioritize rapid remediation of high-risk vulnerabilities, specifically those identified by Common Vulnerabilities and Exposures (CVEs) listed in CISA’s KEV Catalog on publicly exposed assets that grant total control of the asset post-exploitation, while deferring action for lower-risk vulnerabilities. BOD 26-04 further establishes basic expectations for when agencies must check whether threat actors compromised the system before the patch was applied. While BOD 26-04 applies only to FCEB agencies, CISA encourages all organizations to adopt risk-based vulnerability management and prioritize remediation of KEV Catalog vulnerabilities . CISA will continue to add vulnerabilities to the catalog that meet the specified criteria . Aware of an exploited vulnerability not currently listed in the KEV Catalog? Submit it for potential addition through CISA’s KEV Nomination Form . Potential KEV additions must have a CVE ID, evidence of exploitation, and clear mitigation guidance.","link":"https://www.cisa.gov/news-events/alerts/2026/07/07/cisa-adds-one-known-exploited-vulnerability-catalog","severity":"high","cvss":null,"cves":["CVE-2026-48282"],"exploited":true,"has_exploit":true,"published_at":"2026-07-07T12:00:00+00:00"},{"id":"c9909ff1-bf57-4d69-aad5-7a3aee9d624d","num":133986,"source_id":"cisa","external_id":"/node/25116","title":"CISA Adds Three Known Exploited Vulnerabilities to Catalog","summary":"CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog , based on evidence of active exploitation. CVE-2026-48908 JoomShaper SP Page Builder Unrestricted Upload of File with Dangerous Type Vulnerability CVE-2026-55255 Langflow Authorization Bypass Through User-Controlled Key Vulnerability CVE-2026-56290 Joomlack Page Builder Improper Access Control Vulnerability These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) 26-04: Prioritizing Security Updates Based on Risk establishes vulnerability management requirements for Federal Civilian Executive Branch (FCEB) agencies. BOD 26-04 reinforces the importance of the KEV Catalog and requires federal agencies to prioritize rapid remediation of high-risk vulnerabilities, specifically those identified by Common Vulnerabilities and Exposures (CVEs) listed in CISA’s KEV Catalog on publicly exposed assets that grant total control of the asset post-exploitation, while deferring action for lower-risk vulnerabilities. BOD 26-04 further establishes basic expectations for when agencies must check whether threat actors compromised the system before the patch was applied. While BOD 26-04 applies only to FCEB agencies, CISA encourages all organizations to adopt risk-based vulnerability management and prioritize remediation of KEV Catalog vulnerabilities . CISA will continue to add vulnerabilities to the catalog that meet the specified criteria . Aware of an exploited vulnerability not currently listed in the KEV Catalog? Submit it for potential addition through CISA’s KEV Nomination Form . Potential KEV additions must have a CVE ID, evidence of exploitation, and clear mitigation guidance.","link":"https://www.cisa.gov/news-events/alerts/2026/07/07/cisa-adds-three-known-exploited-vulnerabilities-catalog","severity":"high","cvss":null,"cves":["CVE-2026-48908","CVE-2026-55255","CVE-2026-56290"],"exploited":true,"has_exploit":true,"published_at":"2026-07-07T12:00:00+00:00"},{"id":"754e7217-22f1-45dd-a24a-1d6867326749","num":1535,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2182","title":"[NEW] [high] Coolify: Vulnerability allows code execution and disclosure","summary":"A remote, authenticated attacker can exploit a vulnerability in Coolify to execute arbitrary code and disclose information.","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2182","severity":"high","cvss":null,"cves":["CVE-2026-34038"],"exploited":false,"has_exploit":true,"published_at":"2026-07-07T08:29:06+00:00"},{"id":"d0fea9c6-827a-4bc1-8e7c-a42f88e251c3","num":119843,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1608","title":"[UPDATE] [high] Atlassian products (Bamboo, Bitbucket, Confluence, Crucible, Fisheye, and Jira): Multiple vulnerabilities","summary":"An attacker can exploit multiple vulnerabilities in Atlassian Bamboo, Atlassian Bitbucket, Atlassian Confluence, Atlassian Crucible, Atlassian Fisheye, and Atlassian Jira to execute arbitrary code, conduct a denial of service attack, disclose information, perform a cross-site scripting attack, and bypass security measures.","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1608","severity":"high","cvss":null,"cves":["CVE-2019-13990","CVE-2022-1471","CVE-2022-23521","CVE-2022-41903","CVE-2023-22518","CVE-2023-22522","CVE-2023-22523","CVE-2023-22524","CVE-2023-22527","CVE-2023-24998","CVE-2023-46604","CVE-2024-45801","CVE-2025-52999","CVE-2025-67030","CVE-2026-22029","CVE-2026-22732","CVE-2026-24734","CVE-2026-24880","CVE-2026-25639","CVE-2026-26960","CVE-2026-27727","CVE-2026-27830","CVE-2026-29062","CVE-2026-29129","CVE-2026-29145","CVE-2026-29146","CVE-2026-29786","CVE-2026-31802","CVE-2026-33750","CVE-2026-34483","CVE-2026-34487","CVE-2026-39304","CVE-2026-42198","CVE-2026-5598"],"exploited":false,"has_exploit":true,"published_at":"2026-07-07T08:28:06+00:00"},{"id":"73c498b0-7d68-4e3b-94ab-0f2a25089315","num":1715,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2155","title":"[UPDATE] [critical] Adobe ColdFusion: Multiple Vulnerabilities","summary":"A remote, anonymous attacker can exploit multiple vulnerabilities in Adobe ColdFusion to execute arbitrary code, gain elevated permissions, bypass security measures, conduct cross-site scripting attacks, manipulate data, or disclose confidential information.","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2155","severity":"critical","cvss":null,"cves":["CVE-2026-48276","CVE-2026-48277","CVE-2026-48281","CVE-2026-48282","CVE-2026-48283","CVE-2026-48285","CVE-2026-48307","CVE-2026-48313","CVE-2026-48314","CVE-2026-48315","CVE-2026-48316"],"exploited":false,"has_exploit":true,"published_at":"2026-07-07T07:51:41+00:00"},{"id":"9a5e2432-f9f7-491a-adf8-e80c5e46ac21","num":81861,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2203","title":"[NEW] [high] Apache Camel: Multiple vulnerabilities","summary":"An attacker can exploit multiple vulnerabilities in Apache Camel to execute arbitrary program code, bypass security measures, perform server-side request forgery, disclose confidential information, or manipulate data.","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2203","severity":"high","cvss":null,"cves":["CVE-2026-40047","CVE-2026-40859","CVE-2026-43865","CVE-2026-43866","CVE-2026-46453","CVE-2026-46454","CVE-2026-46455","CVE-2026-46456","CVE-2026-46457","CVE-2026-46584","CVE-2026-46585","CVE-2026-46590","CVE-2026-46591","CVE-2026-46592","CVE-2026-46726","CVE-2026-48203","CVE-2026-48204","CVE-2026-48205","CVE-2026-48206","CVE-2026-49086","CVE-2026-49097","CVE-2026-49098","CVE-2026-49099","CVE-2026-49365","CVE-2026-53913","CVE-2026-55993","CVE-2026-55994","CVE-2026-56139","CVE-2026-56140"],"exploited":false,"has_exploit":true,"published_at":"2026-07-07T07:46:42+00:00"},{"id":"0c007677-e406-44b0-b7c1-f55b4c938885","num":120093,"source_id":"ncsc-nl","external_id":"NCSC-2026-0221 [1.00]","title":"NCSC-2026-0221 [1.00] [M/H] Vulnerabilities fixed in UniFi products from Ubiquiti Networks","summary":"Ubiquiti Networks has fixed vulnerabilities in various UniFi products, including UniFi Connect Application, UniFi Talk Application, UniFi Access Application, UniFi OS, UniFi Network Application, and UniFi Protect Application. The vulnerabilities affect multiple UniFi products and include command injection, SQL injection, improper input validation, improper access control, server-side request forgery (SSRF), path traversal, authentication bypass, and persistent privilege escalation. Attackers with network access, sometimes with limited privileges and sometimes after authentication, can execute arbitrary commands, escalate privileges, read or modify files, bypass authentication, and cause Denial of Service (DoS). Some vulnerabilities require user interaction, such as visiting a malicious website, while others can be exploited directly via network access. The vulnerabilities are present in applications and platforms used for network management, access control, video surveillance, and security monitoring within the UniFi product line.","link":"https://advisories.ncsc.nl/advisory?id=NCSC-2026-0221","severity":"unknown","cvss":null,"cves":["CVE-2026-50746","CVE-2026-50747","CVE-2026-50748","CVE-2026-54400","CVE-2026-54401","CVE-2026-54402","CVE-2026-54403","CVE-2026-54404","CVE-2026-54405","CVE-2026-54406","CVE-2026-54407","CVE-2026-54408","CVE-2026-54409","CVE-2026-55110","CVE-2026-55111","CVE-2026-55112","CVE-2026-55113","CVE-2026-55114","CVE-2026-55115","CVE-2026-55116","CVE-2026-55117","CVE-2026-55118","CVE-2026-55119","CVE-2026-56841","CVE-2026-56842"],"exploited":false,"has_exploit":true,"published_at":"2026-07-07T07:04:45+00:00"},{"id":"f71079f0-f839-453b-9dd1-f136c3821ae5","num":124004,"source_id":"nvd","external_id":"CVE-2026-12277","title":"CVE-2026-12277: The Frontend File Manager Plugin WordPress plugin through 23.6 does not validate a file path derived from user input before deleting the referenced file, allowing unauthenticated u","summary":"The Frontend File Manager Plugin WordPress plugin through 23.6 does not validate a file path derived from user input before deleting the referenced file, allowing unauthenticated users to delete arbitrary files on the server (such as wp-config.php) when guest upload mode is enabled. Deleting wp-config.php forces the site into its setup routine, which can be leveraged toward a full site takeover.","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-12277","severity":"high","cvss":8.7,"cves":["CVE-2026-12277"],"exploited":false,"has_exploit":true,"published_at":"2026-07-07T06:16:21.893+00:00"},{"id":"e88f6cf3-0227-488f-90d7-cb16f6f785de","num":119225,"source_id":"nvd","external_id":"CVE-2026-53647","title":"CVE-2026-53647: FOSSBilling is a free, open-source billing and client management system. In versions 0.5.3 through 0.7.2, the Guest `serviceapikey/get_info` API endpoint is accessible without auth","summary":"FOSSBilling is a free, open-source billing and client management system. In versions 0.5.3 through 0.7.2, the Guest serviceapikey/get_info API endpoint is accessible without authentication. Any caller with a valid API key can retrieve all custom configuration parameters (custom_* fields) stored in the key's database record. These custom fields are populated by billing administrators and can contain business-sensitive data such as pricing tiers, feature flags, rate limits, expiry overrides, or access scope data. Version 0.8.0 patches the issue. Some workarounds are available. Administrators can avoid storing sensitive data in custom_* API key configuration fields, monitor API logs for suspicious calls to /api/guest/serviceapikey/get_info, and/or disable the Serviceapikey module if not in active use.","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-53647","severity":"unknown","cvss":null,"cves":["CVE-2026-53647"],"exploited":false,"has_exploit":true,"published_at":"2026-07-07T00:16:34.263+00:00"},{"id":"33fa5e10-edf4-4749-8060-684f829dce41","num":130111,"source_id":"cisa-kev","external_id":"CVE-2026-55255","title":"CVE-2026-55255: Langflow Authorization Bypass Through User-Controlled Key Vulnerability","summary":"Langflow contains an authorization bypass through user-controlled key vulnerability which allows an authenticated attacker to execute any flow belonging to another user by specifying the victim's flow ID in the request.","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-55255","severity":"critical","cvss":null,"cves":["CVE-2026-55255"],"exploited":true,"has_exploit":true,"published_at":"2026-07-07T00:00:00+00:00"},{"id":"7a5cd1c5-b226-4cb3-a433-faa253d64916","num":130110,"source_id":"cisa-kev","external_id":"CVE-2026-48908","title":"CVE-2026-48908: JoomShaper SP Page Builder Unrestricted Upload of File with Dangerous Type Vulnerability","summary":"JoomShaper SP Page Builder contains an unrestricted upload of file with dangerous type vulnerability that allows unauthenticated users to upload arbitrary files, ultimately resulting in the upload and execution of PHP code.","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-48908","severity":"critical","cvss":null,"cves":["CVE-2026-48908"],"exploited":true,"has_exploit":true,"published_at":"2026-07-07T00:00:00+00:00"},{"id":"8c639c4a-dbe6-42dc-83bc-2fb5dfcdf035","num":134841,"source_id":"cisa-kev","external_id":"CVE-2026-48282","title":"CVE-2026-48282: Adobe ColdFusion Path Traversal Vulnerability","summary":"Adobe ColdFusion contains a path traversal vulnerability that could lead to arbitrary code execution in the context of the current user.","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-48282","severity":"critical","cvss":null,"cves":["CVE-2026-48282"],"exploited":true,"has_exploit":true,"published_at":"2026-07-07T00:00:00+00:00"},{"id":"c43747d5-690a-4102-a78a-5d16d2df61ec","num":130112,"source_id":"cisa-kev","external_id":"CVE-2026-56290","title":"CVE-2026-56290: Joomlack Page Builder Improper Access Control Vulnerability","summary":"Joomlack Page Builder contains an improper access control vulnerability that could allow for remote code execution via unauthenticated arbitrary file upload.","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-56290","severity":"critical","cvss":null,"cves":["CVE-2026-56290"],"exploited":true,"has_exploit":true,"published_at":"2026-07-07T00:00:00+00:00"},{"id":"3b849fe4-47ad-41b4-b2e4-a222b9d99697","num":114421,"source_id":"nvd","external_id":"CVE-2026-34038","title":"CVE-2026-34038: Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.469, an authenticated remote command injection vulnerability","summary":"Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.469, an authenticated remote command injection vulnerability in application deployment handling allows users with application write permissions to achieve remote code execution and exfiltrate sensitive environment variables through deployment logs via fields such as dockerfile_location and deployment commands. This issue is fixed in version 4.0.0-beta.469.","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-34038","severity":"critical","cvss":9.9,"cves":["CVE-2026-34038"],"exploited":false,"has_exploit":true,"published_at":"2026-07-06T21:16:55.37+00:00"},{"id":"767f7362-2adb-4b1a-b3de-86b1ee1590c8","num":114391,"source_id":"nvd","external_id":"CVE-2026-11405","title":"CVE-2026-11405: The web server binary /bin/httpd contains a hidden backdoor authentication mechanism in the login() function at 004c88b8. - The function contains a normal authentication path us","summary":"The web server binary /bin/httpd contains a hidden backdoor authentication mechanism in the login() function at 004c88b8.\r\n\r\n- The function contains a normal authentication path using MD5/hash-based password verification (prod_encode64/PasswordToMd5/check_rand_key).\r\n- After normal authentication fails, it calls GetValue(\"sys.rzadmin.password\") to read a backdoor password from the device configuration.\r\n- It performs a direct strcmp() comparison (plaintext, not hashed) between the config value and the user-supplied password.\r\n\r\nA successful match grants role=2 (admin-level access) and creates a valid session. The rzadmin username is never checked — any username works with the backdoor","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-11405","severity":"critical","cvss":9.8,"cves":["CVE-2026-11405"],"exploited":false,"has_exploit":true,"published_at":"2026-07-06T20:16:29.45+00:00"},{"id":"256d82cb-b8db-4dfc-b2be-41e3dd23170a","num":81826,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2618","title":"[UPDATE] [high] http/2 implementations: Vulnerability allows denial of service","summary":"A remote, anonymous attacker can exploit a vulnerability in various http/2 implementations to carry out a denial of service attack.","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2618","severity":"high","cvss":null,"cves":["CVE-2023-44487"],"exploited":false,"has_exploit":true,"published_at":"2026-07-06T10:41:39+00:00"},{"id":"81d78289-e818-48fd-b980-e11b97180eed","num":85781,"source_id":"nvd","external_id":"CVE-2026-40859","title":"CVE-2026-40859: Deserialization of Untrusted Data vulnerability in Apache Camel. The camel-vertx-http component deserializes HTTP response bodies carrying the Content-Type application/x-java-seri","summary":"Deserialization of Untrusted Data vulnerability in Apache Camel.\n\nThe camel-vertx-http component deserializes HTTP response bodies carrying the Content-Type application/x-java-serialized-object using a raw java.io.ObjectInputStream, without applying any ObjectInputFilter (VertxHttpHelper.deserializeJavaObjectFromStream) This deserialization path is reached only when the producer endpoint is configured with transferException=true (or the component-level allowJavaSerializedObject=true) and throwExceptionOnFailure is left at its default value of true; in that case a backend HTTP response with a 5xx status and the application/x-java-serialized-object content type has its body deserialized with no class restrictions. An attacker who controls the backend the Camel producer talks to - through a man-in-the-middle position on an unencrypted (plain HTTP) connection, or by compromising the backend service - can return a crafted serialized Java object and, if a suitable gadget chain is present on the classpath, achieve remote code execution on the Camel application host. The path is not reachable in the default configuration, where transferException is false.\nThis issue affects Apache Camel: from 4.0.0 before 4.14.8, from 4.15.0 before 4.18.3, from 4.19.0 before 4.20.0.\n\nUsers are recommended to upgrade to version 4.20.0, which fixes the issue. If users are on the 4.14.x LTS releases stream, then they are suggested to upgrade to 4.14.8. If users are on the 4.18.x releases stream, then they are suggested to upgrade to 4.18.3. After upgrading, the deserialization performed by both helper utilities is constrained by a default ObjectInputFilter (allow-list java.;javax.;org.apache.camel.**;!*), which can be customised through the new deserializationFilter endpoint option or the JVM-wide -Djdk.serialFilter system property. For deployments that cannot upgrade immediately: do not enable transferException=true (or allowJavaSerializedObject=true) on producers that talk to untrusted o","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-40859","severity":"high","cvss":8.1,"cves":["CVE-2026-40859"],"exploited":false,"has_exploit":true,"published_at":"2026-07-06T09:16:35.52+00:00"},{"id":"944266d8-4f40-4907-abf7-8ff828884e64","num":85780,"source_id":"nvd","external_id":"CVE-2026-40047","title":"CVE-2026-40047: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability in Apache Camel Docling component. The camel-docling component invokes the externa","summary":"Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability in Apache Camel Docling component.\n\nThe camel-docling component invokes the external docling command-line tool by assembling an argument list in DoclingProducer and executing it through java.lang.ProcessBuilder. Custom CLI arguments supplied through the CamelDoclingCustomArguments exchange header (a List<String>) were appended to that argument list with insufficient validation: the original implementation relied on a denylist of disallowed flags and only rejected path values that contained a literal ../ sequence. As a result, a Camel route that forwards externally-influenced data into the CamelDoclingCustomArguments header (or into the path-bearing headers used to build the invocation) could cause the producer to pass unrecognized or unintended docling CLI flags to the subprocess, and could supply path-like argument values that resolved outside the intended directory through traversal sequences not caught by the literal ../ check. Because Camel itself builds the docling invocation from these values, the component is responsible for constraining them, and the weak validation allowed CLI-argument injection and directory traversal in the arguments passed to the external tool. The invocation uses the list-based form of ProcessBuilder, so a shell does not interpret the argument values; OS command injection through shell metacharacters was not possible, and the metacharacter rejection added by the fix is defense-in-depth.\nThis issue affects Apache Camel: from 4.15.0 before 4.18.3.\n\nUsers are recommended to upgrade to a release that contains the CAMEL-23212 fix. On the mainline the fix is included from Apache Camel 4.19.0 (and later releases such as 4.20.0). For users on the 4.18.x LTS releases stream, upgrade to 4.18.3. The fix replaces the denylist with a strict allowlist of recognized docling CLI flags (rejecting any unrecognized flag, and rejecting producer-","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-40047","severity":"critical","cvss":9.1,"cves":["CVE-2026-40047"],"exploited":false,"has_exploit":true,"published_at":"2026-07-06T09:16:35.377+00:00"},{"id":"9c9353af-eac1-48dc-9742-a168c9822b23","num":81922,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2627","title":"[UPDATE] [high] Eclipse Jetty: Multiple vulnerabilities allow Denial of Service","summary":"A remote anonymous attacker can exploit multiple vulnerabilities in Eclipse Jetty to conduct a Denial of Service attack.","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2627","severity":"high","cvss":null,"cves":["CVE-2023-36478","CVE-2023-44487"],"exploited":false,"has_exploit":true,"published_at":"2026-07-06T08:16:43+00:00"},{"id":"bcb7a3c3-a8ba-4ae4-a75f-787f0eca5add","num":81926,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0239","title":"[UPDATE] [high] Red Hat JBoss Enterprise Application Platform: Multiple vulnerabilities","summary":"A remote anonymous attacker can exploit multiple vulnerabilities in Red Hat JBoss Enterprise Application Platform to execute arbitrary code, conduct a Cross-Site Scripting attack, disclose information, create a Denial of Service state, or bypass security measures.","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-0239","severity":"high","cvss":null,"cves":["CVE-2015-9251","CVE-2016-10735","CVE-2017-18214","CVE-2018-14040","CVE-2018-14041","CVE-2018-14042","CVE-2019-11358","CVE-2019-8331","CVE-2020-11022","CVE-2020-11023","CVE-2022-3143","CVE-2022-40149","CVE-2022-40150","CVE-2022-40152","CVE-2022-42003","CVE-2022-42004","CVE-2022-45047","CVE-2022-45693","CVE-2022-46364"],"exploited":false,"has_exploit":true,"published_at":"2026-07-06T08:16:41+00:00"},{"id":"7cc686da-28fd-4d1b-a391-8f9faecf4194","num":81943,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2027","title":"[UPDATE] [high] Gitea: Multiple vulnerabilities","summary":"An attacker can exploit multiple vulnerabilities in Gitea to gain elevated privileges, impersonate users, bypass security measures, manipulate data, and disclose confidential information.","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-2027","severity":"high","cvss":null,"cves":["CVE-2026-20779","CVE-2026-20896","CVE-2026-22874","CVE-2026-24451","CVE-2026-25038","CVE-2026-27761","CVE-2026-27775","CVE-2026-28740"],"exploited":false,"has_exploit":true,"published_at":"2026-07-06T07:43:10+00:00"},{"id":"69f69f24-21a0-4050-b566-c14bfdc69437","num":81971,"source_id":"cert-bund","external_id":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1637","title":"[UPDATE] [medium] Gitea: Multiple vulnerabilities","summary":"An attacker can exploit multiple vulnerabilities in Gitea to potentially gain elevated privileges, bypass security measures, or manipulate and disclose data.","link":"https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1637","severity":"medium","cvss":null,"cves":["CVE-2026-28744","CVE-2026-20706","CVE-2026-25714","CVE-2026-26231","CVE-2026-27771","CVE-2026-27783","CVE-2026-28699"],"exploited":false,"has_exploit":true,"published_at":"2026-07-06T07:42:08+00:00"},{"id":"0548aba4-d4c5-403b-aaad-e8ae549f0d0d","num":77753,"source_id":"hkcert","external_id":"https://www.hkcert.org/security-bulletin/apple-products-multiple-vulnerabilities_20260706","title":"Apple Products Multiple Vulnerabilities","summary":null,"link":"https://www.hkcert.org/security-bulletin/apple-products-multiple-vulnerabilities_20260706","severity":"unknown","cvss":null,"cves":["CVE-2026-28979","CVE-2026-39868","CVE-2026-39872","CVE-2026-43663","CVE-2026-43676","CVE-2026-43699","CVE-2026-43700","CVE-2026-43701","CVE-2026-43703","CVE-2026-43704","CVE-2026-43705","CVE-2026-43706","CVE-2026-43707","CVE-2026-43708","CVE-2026-43709","CVE-2026-43712","CVE-2026-43713","CVE-2026-43715","CVE-2026-43716","CVE-2026-43717","CVE-2026-43718","CVE-2026-43720","CVE-2026-43721","CVE-2026-43722","CVE-2026-43724","CVE-2026-43725","CVE-2026-43726","CVE-2026-43727","CVE-2026-43731","CVE-2026-43732","CVE-2026-43734","CVE-2026-43735","CVE-2026-43740","CVE-2026-43742","CVE-2026-43743","CVE-2026-43745","CVE-2026-43746"],"exploited":false,"has_exploit":true,"published_at":"2026-07-06T01:00:00+00:00"},{"id":"6bb423e2-7635-405e-9cd9-abf0fba9467a","num":63320,"source_id":"nvd","external_id":"CVE-2026-14762","title":"CVE-2026-14762: A vulnerability was detected in code-projects Hotel and Tourism Reservation 1.0. The impacted element is an unknown function of the file /admin/rooms.php of the component Room Mana","summary":"A vulnerability was detected in code-projects Hotel and Tourism Reservation 1.0. The impacted element is an unknown function of the file /admin/rooms.php of the component Room Management Page. The manipulation of the argument delete results in sql injection. It is possible to launch the attack remotely. The exploit is now public and may be used.","link":"https://nvd.nist.gov/vuln/detail/CVE-2026-14762","severity":"high","cvss":7.3,"cves":["CVE-2026-14762"],"exploited":false,"has_exploit":true,"published_at":"2026-07-05T16:19:45.043+00:00"}]}