newsThe portal itself — self-promo until real sponsors land
Subscribe, build a custom feed, or pitch a sponsorship at hello@acadenix.com
Latest intel// live feed
25 results//sorted by published//last sync 2026-06-17 21:40Z
Subscribe to news →
CVE-2026-36727 — An insecure authentication vulnerability in the /api/social-sign-in endpoint of bookcars v8.3 allows attackers to
An insecure authentication vulnerability in the /api/social-sign-in endpoint of bookcars v8.3 allows attackers to bypass authentication via a forged JWT token. CVSSv3.1 9.1 (CRITICAL)
9.1
CVSS v3.1
96
Edit Score
CVE-2026-36723 — An unrestricted file rename vulnerability in the /api/create-user component of bookcars v8.3 allows authenticated
An unrestricted file rename vulnerability in the /api/create-user component of bookcars v8.3 allows authenticated attackers to leverage directory traversal sequences to move arbitrary files from temporary storage to arbitrary locations on the server filesystem. This enables unauthorized access to sensitive files, the overwriting of critical application files, and remote code execution (RCE). CVSSv3.1 8.8 (HIGH)
8.8
CVSS v3.1
94
Edit Score
CVE-2026-36721 — A lack of cryptographic signature verification in the validateAccessToken function of bookcars v8.3 allows
A lack of cryptographic signature verification in the validateAccessToken function of bookcars v8.3 allows attackers to bypass authentication via a forged JWT token. CVSSv3.1 9.8 (CRITICAL)
9.8
CVSS v3.1
99
Edit Score
CVE-2026-36720 — Insecure permissions in bookcars v8.3 allows authenticated attackers to escalate privileges from user to
Insecure permissions in bookcars v8.3 allows authenticated attackers to escalate privileges from user to admin via modifying their user type. CVSSv3.1 8.1 (HIGH)
8.1
CVSS v3.1
91
Edit Score
CVE-2026-30141 — A buffer overflow in the DecodeLZW function allows remote attackers to cause a denial
An issue was discovered in bitbank2 AnimatedGIF v2.2.0. A buffer overflow in the DecodeLZW function allows remote attackers to cause a denial of service (crash) or potentially execute arbitrary code via a crafted GIF file. CVSSv3.1 9.8 (CRITICAL)
9.8
CVSS v3.1
99
Edit Score
CVE-2026-10045 — Shenzhen: These vulnerabilities allow attackers to read and write to memory, modify firmware stored in
Shenzhen Kangda Xin Intelligent Network Technology Company's router, model DR300, version 2.1.2.121, contains hardcoded login credentials and has telnet enabled by default on WAN and LAN interfaces. These vulnerabilities allow attackers to read and write to memory, modify firmware stored in flash, inspect active connections, and view currently connected devices. CVSSv3.1 9.8 (CRITICAL)
9.8
CVSS v3.1
99
Edit Score
CVE-2023-29146 — Malwarebytes: This leads to an integer wrap-around if the data is larger than the maximum
The utility functions used by Malwarebytes EDR 1.0.11 on Linux for calculating a cryptographic hash of data bytes truncate the hashed data if it exceeds 4GB. This leads to an integer wrap-around if the data is larger than the maximum unsigned integer value (32-bit). Attackers could create a colliding hash value for two different strings by attaching 4GB of data to a string that is less than 4GB in size. CVSSv3.1 8.2 (HIGH)
8.2
CVSS v3.1
91
Edit Score
CVE-2026-50636 — RemoteControl: A remote, authenticated attacker holding the tokens/update permission on a survey can inject a
The RemoteControl API methods invite_participants and remind_participants pass a caller-supplied token-ID array into TokenDynamic::findUninvited(), which concatenates the values directly into a tid IN ('...') SQL clause without parameterization or input validation. A remote, authenticated attacker holding the tokens/update permission on a survey can inject a crafted array element to perform SQL injection. Because LimeSurvey configures its PDO connection with emulated prepared CVSSv3.1 8.8 (HIGH)
8.8
CVSS v3.1
94
Edit Score
CVE-2026-50635 — LimeSurvey: The optional allowedHosts allowlist that would constrain this is undefined in the default (and
LimeSurvey constructs account password-reset links from the client-supplied HTTP Host header without validating it. The optional allowedHosts allowlist that would constrain this is undefined in the default (and documented) configuration, so LSHttpRequest::checkIsAllowedHost() results in no operation. A remote, unauthenticated attacker who submits a forgotten-password request for a known account (requiring only the target's username and email) with a spoofed Host header causes CVSSv3.1 8.8 (HIGH)
8.8
CVSS v3.1
94
Edit Score
CVE-2026-34693 — Adobe: Experience Manager Forms JEE versions LTS SP1, 6.5.24.0 and earlier are affected by
Adobe Experience Manager Forms JEE versions LTS SP1, 6.5.24.0 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this vulnerability to inject malicious scripts into a web page, potentially gaining elevated access or control over the victim's account or session. Exploit depends on conditions beyond the attacker's control. Exploitation of this issue requires user interaction in that a victim must visit a maliciously craft CVSSv3.1 8.0 (HIGH)
8.0
CVSS v3.1
90
Edit Score
CVE-2026-34691 — Adobe: Experience Manager Forms JEE versions LTS SP1, 6.5.24.0 and earlier are affected by
Adobe Experience Manager Forms JEE versions LTS SP1, 6.5.24.0 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's browser when they browse to the page containing the vulnerable field, potentially gaining elevated access or control over the victim's account or session. Scope is changed. CVSSv3.1 9.3 (CRITICAL)
9.3
CVSS v3.1
97
Edit Score
The June 2026 Security Update Review
Zero Day Initiative·thezdi.comCVE-2026-41091CVE-2026-45657CVE-2026-47291CVE-2026-44815CVE-2026-45585CVE-2026-50507CVE-2026-48567CVE-2026-32193CVE-2026-45497CVE-2026-45472CVE-2026-45474CVE-2026-45461CVE-2026-45463CVE-2026-45456CVE-2026-45458CVE-2026-47635CVE-2026-26142CVE-2026-47289CVE-2026-47654CVE-2026-48563CVE-2026-42992CVE-2026-44799CVE-2026-44801CVE-2026-42985CVE-2026-45648CVE-2026-42987CVE-2026-44803CVE-2026-44812CVE-2026-45607CVE-2026-45641CVE-2026-47652CVE-2026-47288CVE-2026-48574CVE-2026-45475CVE-2026-44819CVE-2026-44824CVE-2026-45645CVE-2026-45454CVE-2026-47298
Microsoft released a record 208 CVEs in June 2026 (571 total including third-party), with 38 rated Critical, marking the largest monthly patch release since tracking began in 2017. Adobe released 11 bulletins addressing 123 CVEs, including two CVSS 10.0 bugs in Campaign Classic and critical RCE vulnerabilities in ColdFusion, Reader, and Experience Manager. Notable Microsoft vulnerabilities include three wormable CVSS 9.8 RCEs (Windows Kernel, HTTP.sys, DHCP Client) and BitLocker bypass bugs tied to ongoing researcher disclosures.
82
Edit Score
CVE-2026-7383 — Issue: summary: A signed integer overflow when sizing the destination buffer for Unicode output
Issue summary: A signed integer overflow when sizing the destination buffer for Unicode output in ASN1_mbstring_ncopy() can lead to a heap buffer overflow. Impact summary: A heap buffer overflow may lead to a crash or possibly attacker controlled code execution or other undefined behaviour. In ASN1_mbstring_copy() and ASN1_mbstring_ncopy() the destination size for Unicode output is computed in a signed int: by left shift of the input character count for BMPSTRING (UTF-16) a CVSSv3.1 8.1 (HIGH)
8.1
CVSS v3.1
91
Edit Score
CVE-2026-49959 — Hermes: WebUI before version 0.51.311 contains a remote code execution vulnerability that allows authenticated
Hermes WebUI before version 0.51.311 contains a remote code execution vulnerability that allows authenticated attackers to execute arbitrary commands by placing malicious executable Git configuration in a workspace repository's .git/config file. Attackers can exploit Git subprocess invocations in api/workspace_git.py through vectors such as core.fsmonitor during git status, protocol.ext.allow with ext:: remotes during git fetch, credential.helper, core.askPass, core.gitProxy, CVSSv3.1 8.8 (HIGH)
8.8
CVSS v3.1
94
Edit Score
CVE-2026-49841 — FreeSWITCH: Prior to version 1.11.1, the mod_verto HTTP request handler allocates a fixed 2 MiB
FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.11.1, the mod_verto HTTP request handler allocates a fixed 2 MiB buffer for a POST application/x-www-form-urlencoded body but accepts Content-Length up to just under 10 MiB. The body-read loop is bounded by Content-Length rather than the buffer size, producing an attacker-contr CVSSv3.1 9.8 (CRITICAL)
9.8
CVSS v3.1
99
Edit Score
CVE-2026-49840 — FreeSWITCH: Prior to version 1.11.1, esl_recv_event() parses Content-Length with atol() and passes the result straight
FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.11.1, esl_recv_event() parses Content-Length with atol() and passes the result straight to malloc(len + 1) with no sign or magnitude check. A malicious or man-in-the-middle ESL peer can send a frame with a negative Content-Length to corrupt the heap of, or crash, any process li CVSSv3.1 9.1 (CRITICAL)
9.1
CVSS v3.1
96
Edit Score
CVE-2026-47653 — Heap: Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code
Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network. CVSSv3.1 8.8 (HIGH)
8.8
CVSS v3.1
94
Edit Score
CVE-2026-47652 — Out: Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally.
Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally. CVSSv3.1 8.2 (HIGH)
8.2
CVSS v3.1
91
Edit Score
CVE-2026-47643 — External: control of file name or path in Azure Stack Edge allows an unauthorized
External control of file name or path in Azure Stack Edge allows an unauthorized attacker to execute code over a network. CVSSv3.1 9.8 (CRITICAL)
9.8
CVSS v3.1
99
Edit Score
CVE-2026-47635 — Access: of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized
Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally. CVSSv3.1 8.4 (HIGH)
8.4
CVSS v3.1
92
Edit Score
CVE-2026-47631 — Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Exchange Server
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network. CVSSv3.1 8.1 (HIGH)
8.1
CVSS v3.1
91
Edit Score
CVE-2026-47298 — Microsoft: Improper authorization in Microsoft Office SharePoint allows an authorized attacker to execute code over
Improper authorization in Microsoft Office SharePoint allows an authorized attacker to execute code over a network. CVSSv3.1 8.0 (HIGH)
8.0
CVSS v3.1
90
Edit Score
CVE-2026-47291 — Integer: overflow or wraparound in Windows HTTP.sys allows an unauthorized attacker to execute code
Integer overflow or wraparound in Windows HTTP.sys allows an unauthorized attacker to execute code over a network. CVSSv3.1 9.8 (CRITICAL)
9.8
CVSS v3.1
99
Edit Score
CVE-2026-47289 — Heap: Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code
Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network. CVSSv3.1 8.8 (HIGH)
8.8
CVSS v3.1
94
Edit Score
CVE-2026-47281 — Visual: Improper input validation in Visual Studio Code allows an unauthorized attacker to elevate privileges
Improper input validation in Visual Studio Code allows an unauthorized attacker to elevate privileges over a network. CVSSv3.1 9.6 (CRITICAL)
9.6
CVSS v3.1
98
Edit Score