newsThe portal itself — self-promo until real sponsors land
Subscribe, build a custom feed, or pitch a sponsorship at hello@acadenix.com
Latest intel// live feed
25 results//sorted by published//last sync 2026-06-25 01:22Z
Subscribe to news →
CVE-2026-44196 — Pingvin: From 1.14.1 to 1.16.2, a critical authentication bypass vulnerability allows an attacker who has
Pingvin Share X is a secure and easy self-hosted file sharing platform. From 1.14.1 to 1.16.2, a critical authentication bypass vulnerability allows an attacker who has obtained a valid username and password to skip the second-factor authentication (TOTP) requirement entirely. Although, an attacker still needs the user's password to reach this stage. This vulnerability is fixed in 1.16.3. CVSSv3.1 9.1 (CRITICAL)
9.1
CVSS v3.1
96
Edit Score
CVE-2026-44184 — Cleanuparr: Prior to 2.9.10, Cleanuparr's global CORS policy reflects every request Origin and combines it
Cleanuparr is a tool for automating the cleanup of unwanted or blocked files in Sonarr, Radarr, and supported download clients like qBittorrent. Prior to 2.9.10, Cleanuparr's global CORS policy reflects every request Origin and combines it with AllowCredentials(). When DisableAuthForLocalAddresses is enabled, the API also authenticates requests purely by source IP via TrustedNetworkAuthenticationHandler. The combination lets any website that an admin (or any user on a truste CVSSv3.1 8.0 (HIGH)
8.0
CVSS v3.1
90
Edit Score
CVE-2026-44183 — Cleanuparr: Prior to 2.9.10, TrustedNetworkAuthenticationHandler.ResolveClientIp parses the leftmost entry of the X-Forwarded-For header as the
Cleanuparr is a tool for automating the cleanup of unwanted or blocked files in Sonarr, Radarr, and supported download clients like qBittorrent. Prior to 2.9.10, TrustedNetworkAuthenticationHandler.ResolveClientIp parses the leftmost entry of the X-Forwarded-For header as the client IP. That entry is attacker-controlled — X-Forwarded-For is append-only, so the leftmost value is whatever the original HTTP client claimed. By sending a spoofed local IP in the header, an unauthe CVSSv3.1 9.8 (CRITICAL)
9.8
CVSS v3.1
99
Edit Score
CVE-2026-43929 — ssrfcheck is a library that checks if a string contains a potential SSRF attack.
ssrfcheck is a library that checks if a string contains a potential SSRF attack. In 1.3.0 and earlier, ssrfcheck fails to block Server-Side Request Forgery attacks when the target private IP address is encoded as an IPv4-mapped IPv6 address (e.g. http://[::ffff:127.0.0.1]/). The WHATWG URL parser built into Node.js silently normalizes the IPv4 notation inside the brackets to compressed hex form ([::ffff:7f00:1]) before the library's private-IP regex ever runs. The regex was w CVSSv3.1 8.2 (HIGH)
8.2
CVSS v3.1
91
Edit Score
CVE-2026-43892 — AntSword: Prior to 2.1.16, incomplete noxss() sanitization leads to 1-click RCE via jquery.terminal format code
AntSword is a cross-platform website management toolkit. Prior to 2.1.16, incomplete noxss() sanitization leads to 1-click RCE via jquery.terminal format code injection. This vulnerability is fixed in 2.1.16. CVSSv3.1 8.8 (HIGH)
8.8
CVSS v3.1
94
Edit Score
CVE-2026-42898 — Improper control of generation of code ('code injection') in Microsoft Dynamics 365 (on-premises) allows
Improper control of generation of code ('code injection') in Microsoft Dynamics 365 (on-premises) allows an authorized attacker to execute code over a network. CVSSv3.1 9.9 (CRITICAL)
9.9
CVSS v3.1
100
Edit Score
CVE-2026-42833 — Execution: with unnecessary privileges in Microsoft Dynamics 365 (on-premises) allows an authorized attacker to
Execution with unnecessary privileges in Microsoft Dynamics 365 (on-premises) allows an authorized attacker to execute code over a network. CVSSv3.1 9.1 (CRITICAL)
9.1
CVSS v3.1
96
Edit Score
CVE-2026-42823 — Azure: Improper access control in Azure Logic Apps allows an authorized attacker to elevate privileges
Improper access control in Azure Logic Apps allows an authorized attacker to elevate privileges over a network. CVSSv3.1 9.9 (CRITICAL)
9.9
CVSS v3.1
100
Edit Score
CVE-2026-42048 — Langflow: Prior to 1.9.0, Langflow is vulnerable to Path Traversal in the Knowledge Bases API
Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.0, Langflow is vulnerable to Path Traversal in the Knowledge Bases API (DELETE /api/v1/knowledge_bases). This occurs because user-supplied knowledge base names are concatenated directly into file paths without proper sanitization or boundary validation. An authenticated attacker can exploit this flaw to delete arbitrary directories anywhere on the server's filesystem, leading to data l CVSSv3.1 9.6 (CRITICAL)
9.6
CVSS v3.1
98
Edit Score
CVE-2026-41613 — Session: fixation in Visual Studio Code allows an unauthorized attacker to elevate privileges over
Session fixation in Visual Studio Code allows an unauthorized attacker to elevate privileges over a network. CVSSv3.1 8.8 (HIGH)
8.8
CVSS v3.1
94
Edit Score
CVE-2026-41109 — Improper neutralization of special elements in output used by a downstream component ('injection') in
Improper neutralization of special elements in output used by a downstream component ('injection') in GitHub Copilot and Visual Studio allows an unauthorized attacker to bypass a security feature over a network. CVSSv3.1 8.8 (HIGH)
8.8
CVSS v3.1
94
Edit Score
CVE-2026-41103 — Incorrect: implementation of authentication algorithm in Microsoft SSO Plugin for Jira & Confluence allows
Incorrect implementation of authentication algorithm in Microsoft SSO Plugin for Jira & Confluence allows an unauthorized attacker to elevate privileges over a network. CVSSv3.1 9.1 (CRITICAL)
9.1
CVSS v3.1
96
Edit Score
CVE-2026-41096 — Heap: Heap-based buffer overflow in Microsoft Windows DNS allows an unauthorized attacker to execute code
Heap-based buffer overflow in Microsoft Windows DNS allows an unauthorized attacker to execute code over a network. CVSSv3.1 9.8 (CRITICAL)
9.8
CVSS v3.1
99
Edit Score
CVE-2026-41094 — Improper control of generation of code ('code injection') in Microsoft Data Formulator allows an
Improper control of generation of code ('code injection') in Microsoft Data Formulator allows an unauthorized attacker to execute code over a network. CVSSv3.1 8.8 (HIGH)
8.8
CVSS v3.1
94
Edit Score
CVE-2026-41089 — Stack: Stack-based buffer overflow in Windows Netlogon allows an unauthorized attacker to execute code over
Stack-based buffer overflow in Windows Netlogon allows an unauthorized attacker to execute code over a network. CVSSv3.1 9.8 (CRITICAL)
9.8
CVSS v3.1
99
Edit Score
CVE-2026-41086 — Windows: Improper access control in Windows Admin Center allows an authorized attacker to elevate privileges
Improper access control in Windows Admin Center allows an authorized attacker to elevate privileges over a network. CVSSv3.1 8.8 (HIGH)
8.8
CVSS v3.1
94
Edit Score
CVE-2026-40420 — Microsoft: Improper access control in Microsoft Office Click-To-Run allows an authorized attacker to elevate privileges
Improper access control in Microsoft Office Click-To-Run allows an authorized attacker to elevate privileges locally. CVSSv3.1 8.8 (HIGH)
8.8
CVSS v3.1
94
Edit Score
CVE-2026-40415 — Use: after free in Windows TCP/IP allows an unauthorized attacker to execute code over
Use after free in Windows TCP/IP allows an unauthorized attacker to execute code over a network. CVSSv3.1 8.1 (HIGH)
8.1
CVSS v3.1
91
Edit Score
CVE-2026-40403 — Heap: Heap-based buffer overflow in Windows Win32K - GRFX allows an authorized attacker to execute
Heap-based buffer overflow in Windows Win32K - GRFX allows an authorized attacker to execute code locally. CVSSv3.1 8.8 (HIGH)
8.8
CVSS v3.1
94
Edit Score
CVE-2026-40402 — Use: after free in Windows Hyper-V allows an unauthorized attacker to elevate privileges locally.
Use after free in Windows Hyper-V allows an unauthorized attacker to elevate privileges locally. CVSSv3.1 9.3 (CRITICAL)
9.3
CVSS v3.1
97
Edit Score
CVE-2026-40379 — Exposure: of sensitive information to an unauthorized actor in Azure Entra ID allows an
Exposure of sensitive information to an unauthorized actor in Azure Entra ID allows an unauthorized attacker to perform spoofing over a network. CVSSv3.1 9.3 (CRITICAL)
9.3
CVSS v3.1
97
Edit Score
CVE-2026-40370 — External: control of file name or path in SQL Server allows an authorized attacker
External control of file name or path in SQL Server allows an authorized attacker to execute code over a network. CVSSv3.1 8.8 (HIGH)
8.8
CVSS v3.1
94
Edit Score
CVE-2026-40368 — Deserialization: of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network. CVSSv3.1 8.0 (HIGH)
8.0
CVSS v3.1
90
Edit Score
CVE-2026-40367 — Untrusted: pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code
Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally. CVSSv3.1 8.4 (HIGH)
8.4
CVSS v3.1
92
Edit Score
CVE-2026-40366 — Use: after free in Microsoft Office Word allows an unauthorized attacker to execute code
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. CVSSv3.1 8.4 (HIGH)
8.4
CVSS v3.1
92
Edit Score