newsThe portal itself — self-promo until real sponsors land
Subscribe, build a custom feed, or pitch a sponsorship at hello@acadenix.com
Latest intel// live feed
25 results//sorted by published//last sync 2026-06-25 21:50Z
Subscribe to news →
SecurityInsight — Rethink Secure Score: risk-based scoring across Defender XDR, Entra, AD, Azure, ExposureGraph, and Shodan — weighted by
GitHub · Azure / Entra tools·github.comGITHUB POC
SecurityInsight is a free, open-source PowerShell-based tool that consolidates security telemetry from Microsoft Defender, Entra ID, Active Directory, Azure, and ExposureGraph to provide risk-based prioritization across endpoints, identity, and cloud assets. It applies a four-dimensional scoring model (consequence, criticality tier, risk factors, customizable index) to rank findings by attacker opportunity rather than severity alone, outputting to Excel, Power BI, Log Analytics, and JSON.
72
Edit Score
CVE-2026-8094 — Other: issue in the WebRTC component.
Other issue in the WebRTC component. This vulnerability was fixed in Firefox ESR 140.10.2 and Thunderbird 140.10.2. CVSSv3.1 9.8 (CRITICAL)
9.8
CVSS v3.1
99
Edit Score
CVE-2026-8093 — Memory: Some of these bugs showed evidence of memory corruption and we presume that with
Memory safety bugs present in Thunderbird 150.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 150.0.2 and Thunderbird 150.0.2. CVSSv3.1 8.1 (HIGH)
8.1
CVSS v3.1
91
Edit Score
CVE-2026-8092 — Memory: Some of these bugs showed evidence of memory corruption and we presume that with
Memory safety bugs present in Thunderbird ESR 140.10.1 and Thunderbird 150.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 150.0.2, Firefox ESR 140.10.2, Firefox ESR 115.35.2, Thunderbird 150.0.2, and Thunderbird 140.10.2. CVSSv3.1 8.1 (HIGH)
8.1
CVSS v3.1
91
Edit Score
CVE-2026-8091 — Incorrect: boundary conditions in the Audio/Video: Playback component.
Incorrect boundary conditions in the Audio/Video: Playback component. This vulnerability was fixed in Firefox 150, Thunderbird 150, Firefox ESR 140.10.1, Thunderbird 140.10.1, and Firefox ESR 115.35.2. CVSSv3.1 9.8 (CRITICAL)
9.8
CVSS v3.1
99
Edit Score
CVE-2026-6002 — Script: Improper neutralization of Script-Related HTML tags in a web page (basic XSS) vulnerability in
Improper neutralization of Script-Related HTML tags in a web page (basic XSS) vulnerability in DivvyDrive Information Technologies Inc. DivvyDrive allows Cross-Site Scripting (XSS). This issue affects DivvyDrive: from 4.8.2.9 before 4.8.3.2. CVSSv3.1 8.8 (HIGH)
8.8
CVSS v3.1
94
Edit Score
CVE-2026-5791 — Site: Cross-Site request forgery (CSRF) vulnerability in DivvyDrive Information Technologies Inc.
Cross-Site request forgery (CSRF) vulnerability in DivvyDrive Information Technologies Inc. DivvyDrive allows Cross Site Request Forgery. This issue affects DivvyDrive: from 4.8.2.9 before 4.8.3.2. CVSSv3.1 9.6 (CRITICAL)
9.6
CVSS v3.1
98
Edit Score
CVE-2026-5784 — Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in DivvyDrive Information
Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in DivvyDrive Information Technologies Inc. DivvyDrive allows Stored XSS. This issue affects DivvyDrive: from 4.8.2.9 before 4.8.3.2. CVSSv3.1 8.8 (HIGH)
8.8
CVSS v3.1
94
Edit Score
Otto Support - SSRF and Token Passthrough with MCP
Bishop Fox researchers document a pattern of SSRF and token-passthrough vulnerabilities in Model Context Protocol (MCP) servers, with three case studies: mcp-atlassian (CVE-2026-27826/27825) chaining SSRF to RCE via unvalidated headers and path traversal, Microsoft's MarkItDown exposing AWS metadata endpoints across 2,500 servers, and OpenClaw's unvalidated redirect handling. The post provides concrete mitigations including destination validation with IP blocklists, network segmentation, and explicit rejection of token passthrough patterns.
82
Edit Score
CVE-2026-6508 — Origin: Validation Error vulnerability in TUBITAK BILGEM Software Technologies Research Institute Liderahenk allows Accessing
Origin Validation Error vulnerability in TUBITAK BILGEM Software Technologies Research Institute Liderahenk allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Liderahenk: from 2.0.1 before 2.0.2. CVSSv3.1 9.8 (CRITICAL)
9.8
CVSS v3.1
99
Edit Score
CVE-2026-3953 — Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Gosoft Software
Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Gosoft Software Industry and Trade Ltd. Co. Proticaret E-Commerce allows Cross-Site Scripting (XSS), Reflected XSS. This issue affects Proticaret E-Commerce: from v5.0.0 before V 6.0.1767.1383. CVSSv3.1 8.8 (HIGH)
8.8
CVSS v3.1
94
Edit Score
CVE-2026-33588 — Lfnovo Open-notebook: Lack of user input validation in the file upload functionality of Open Notebook v1.8.3
Lack of user input validation in the file upload functionality of Open Notebook v1.8.3 allows the application user to create or modify files on the docker container via path traversal. CVSSv3.1 8.1 (HIGH)
8.1
CVSS v3.1
91
Edit Score
CVE-2026-33587 — Lfnovo Open-notebook: Lack of user input sanitisation in Open Notebook v1.8.3 allows the application user to
Lack of user input sanitisation in Open Notebook v1.8.3 allows the application user to execute Python code (and subsequently OS commands) on the docker container via Server-Side Template Injection (SSTI) for user-created transformations. CVSSv3.1 10.0 (CRITICAL)
10.0
CVSS v3.1
100
Edit Score
Exploits and vulnerabilities in Q1 2026
Kaspersky Securelist·securelist.comCVE-2018-0802CVE-2017-11882CVE-2017-0199CVE-2023-38831CVE-2025-6218CVE-2025-8088CVE-2026-21509CVE-2026-21514CVE-2026-21513CVE-2022-0847CVE-2019-13272CVE-2021-22555CVE-2023-32233CVE-2026-21519CVE-2026-21533CVE-2026-25253CVE-2026-34070CVE-2026-22812CVE-2023-46604CVE-2024-12356CVE-2026-1731CVE-2023-36884CVE-2025-53770in the wild
Kaspersky's Q1 2026 vulnerability report documents a continued rise in CVE registrations driven by AI-assisted vulnerability discovery, with 23 notable CVEs across Windows, Linux, and emerging AI frameworks. Key findings include active exploitation of Microsoft Office logic flaws (CVE-2026-21514, CVE-2026-21509), privilege escalation chains in DWM and RDS (CVE-2026-21519, CVE-2026-21533), and new attack surface in AI agents (Clawdbot/CVE-2026-25253, LangChain/CVE-2026-34070). Metasploit regained top C2 framework usage, with threat actors prioritizing authentication-bypass exploits to evade detection.
72
Edit Score
CVE-2025-1978 — Code: Remote Code Execution Vulnerability in Hitachi Storage Navigator and the maintenance console in Hitachi
Remote Code Execution Vulnerability in Hitachi Storage Navigator and the maintenance console in Hitachi Virtual Storage Platform G130, G150, G350, G370, G700, G900, F350, F370, F700, F900, Hitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H, Hitachi Virtual Storage Platform One Block 23, One Block 24, One Block 26, One Block 28. This issue affects Virtual Storage Platform G130, G150, G350, G370, G700, G900, F350, F370, F700, F900, Hita CVSSv3.1 8.3 (HIGH)
8.3
CVSS v3.1
92
Edit Score
CVE-2024-43384 — A low privileged remote attacker can gain the root password due to improper removal
A low privileged remote attacker can gain the root password due to improper removal of sensitive information before storage or transfer. CVSSv3.1 8.0 (HIGH)
8.0
CVSS v3.1
90
Edit Score
K8s-container_escape_audit — Look for possible escape vectors from a container
GitHub · container escape·github.comGITHUB POCCVE-2026-31431CVE-2025-23266CVE-2025-31133CVE-2025-52565CVE-2025-52881CVE-2022-0847CVE-2016-5195
K8s-container_escape_audit is a bash-based security assessment tool that performs 35 checks for container escape vectors across privileged configuration, dangerous capabilities, namespace isolation, filesystem mounts, kernel exposure, Kubernetes misconfigurations, cloud metadata access, and recent CVEs. The tool provides structured findings with impact assessment, exploitability ratings, and remediation guidance, including coverage for emerging CVEs like Copy Fail (CVE-2026-31431) and NVIDIAScape (CVE-2025-23266).
78
Edit Score
CVE-2025-9661 — OS command injection vulneravility in the management gui (maintenance utility) of Hitachi Virtual Storage
OS command injection vulneravility in the management gui (maintenance utility) of Hitachi Virtual Storage Platform One Block 23, 24, 26 and 28. This issue affects Hitachi Virtual Storage Platform One Block 23/24/26/28: before DKCMAIN A3-04-21-40/00, ESM A3-04-21/00. CVSSv3.1 8.1 (HIGH)
8.1
CVSS v3.1
91
Edit Score
CVE-2026-7252 — Optimize: The WP-Optimize – Cache, Compress images, Minify & Clean database to boost page speed
The WP-Optimize – Cache, Compress images, Minify & Clean database to boost page speed & performance plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the unscheduled_original_file_deletion function in all versions up to, and including, 4.5.2 This makes it possible for authenticated attackers, with author-level access and above, to delete arbitrary files on the server, which can easily lead to remote code execution when t CVSSv3.1 8.1 (HIGH)
8.1
CVSS v3.1
91
Edit Score
CVE-2026-6692 — Slider: The Slider Revolution plugin for WordPress is vulnerable to Arbitrary File Upload in versions
The Slider Revolution plugin for WordPress is vulnerable to Arbitrary File Upload in versions 7.0.0 to 7.0.10 via the '_get_media_url' and '_check_file_path' function. This is due to insufficient file type validation. This makes it possible for authenticated attackers, with subscriber-level access and above, to upload files that may be executable, which makes remote code execution possible. The vulnerability was partially patched in version 7.0.10 and fully patched in version CVSSv3.1 8.8 (HIGH)
8.8
CVSS v3.1
94
Edit Score
CVE-2026-41143 — YesWiki: Prior to version 4.6.1, YesWiki bazar module contains a SQL injection vulnerability in tools/bazar/services/EntryManager.php
YesWiki is a wiki system written in PHP. Prior to version 4.6.1, YesWiki bazar module contains a SQL injection vulnerability in tools/bazar/services/EntryManager.php at line 704. The $data['id_fiche'] value (sourced from $_POST['id_fiche']) is concatenated directly into a raw SQL query without any sanitization or parameterization. This issue has been patched in version 4.6.1. CVSSv3.1 8.8 (HIGH)
8.8
CVSS v3.1
94
Edit Score
CVE-2026-41139 — Math: From version 13.1.0 to before version 15.2.0, arbitrary JavaScript can be executed via the
Math.js is an extensive math library for JavaScript and Node.js. From version 13.1.0 to before version 15.2.0, arbitrary JavaScript can be executed via the expression parser of mathjs. This issue has been patched in version 15.2.0. CVSSv3.1 8.8 (HIGH)
8.8
CVSS v3.1
94
Edit Score
CVE-2026-42217 — Openexr Openexr: provides the specification and reference implementation of the EXR file format, an image
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From versions 3.0.0 to before 3.2.9, 3.3.0 to before 3.3.11, and 3.4.0 to before 3.4.11, readVariableLengthInteger() decodes a variable-length integer from untrusted EXR input without bounding the shift count. After enough continuation bytes, the code executes a left shift by 70 on a 64-bit value, which is undefined behavior. This is CVSSv3.1 9.8 (CRITICAL)
9.8
CVSS v3.1
99
Edit Score
CVE-2026-42216 — Openexr Openexr: provides the specification and reference implementation of the EXR file format, an image
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From versions 3.0.0 to before 3.2.9, 3.3.0 to before 3.3.11, and 3.4.0 to before 3.4.11, IDManifest::init() reconstructs strings from a prefix-compressed representation. If the previous string is longer than 255 bytes, the next string is expected to begin with a 2-byte prefix length. The code reads stringList[i][0] and stringList[i][ CVSSv3.1 9.1 (CRITICAL)
9.1
CVSS v3.1
96
Edit Score
CVE-2026-41670 — Admidio: Prior to version 5.0.9, the SAML IdP implementation in Admidio's SSO module uses the
Admidio is an open-source user management solution. Prior to version 5.0.9, the SAML IdP implementation in Admidio's SSO module uses the AssertionConsumerServiceURL value directly from incoming SAML AuthnRequest messages as the destination for the SAML response, without validating it against the registered ACS URL (smc_acs_url) stored in the database for the corresponding service provider client. An attacker who knows the Entity ID of a registered SP client can craft a SAML A CVSSv3.1 8.2 (HIGH)
8.2
CVSS v3.1
91
Edit Score