newsThe portal itself — self-promo until real sponsors land
Subscribe, build a custom feed, or pitch a sponsorship at hello@acadenix.com
Latest intel// live feed
25 results//sorted by published//last sync 2026-06-09 03:45Z
Subscribe to news →
CVE-2026-45327 — TinyIce: In versions 0.8.95 through 2.4.1, missing authentication on WebRTC ingest endpoint allows unauthenticated stream
TinyIce is a streaming server for audio and video. In versions 0.8.95 through 2.4.1, missing authentication on WebRTC ingest endpoint allows unauthenticated stream injection. Version 2.5.0 fixes the issue by requiring either HTTP Basic auth or a `?password=` query parameter, comparing the supplied password against the per-mount source password (or the `default_source_password` fallback) using bcrypt, hooking into the existing brute-force IP rate-limiter (5 failed attempts per CVSSv3.1 8.2 (HIGH)
8.2
CVSS v3.1
91
Edit Score
CVE-2026-36500 — An issue in the cluster-admin:backup-datastore component of Controller v12.0.5 allows attackers to execute a
An issue in the cluster-admin:backup-datastore component of Controller v12.0.5 allows attackers to execute a directory traversal via a crafted request. CVSSv3.1 9.1 (CRITICAL) · EPSS 16th percentile
9.1
CVSS v3.1
96
Edit Score
CVE-2025-71318 — NetMan: A remote, unauthenticated attacker can directly request administrative pages (such as administration.html, administration-commands.html, and
NetMan 204 fails to enforce authentication on its administrative pages and command endpoints. A remote, unauthenticated attacker can directly request administrative pages (such as administration.html, administration-commands.html, and configuration.html) to disclose sensitive information including LDAP configuration and active user details, and can invoke privileged UPS control commands — including shutdown, reboot, switch-on-bypass, and battery test — without supplying any c CVSSv3.1 9.8 (CRITICAL)
9.8
CVSS v3.1
99
Edit Score
CVE-2025-71317 — NetMan: 204 contains a hard-coded backdoor account with the username and password 'eurek' that
NetMan 204 contains a hard-coded backdoor account with the username and password 'eurek' that grants administrative access. A remote, unauthenticated attacker can authenticate through the cgi-bin/login.cgi endpoint (for example /cgi-bin/login.cgi?username=eurek&password=eurek, which due to lax parameter validation can be shortened to /cgi-bin/login.cgi?username=eurek%20eurek) to obtain administrator privileges, allowing them to alter device configuration, enable the telnet/SS CVSSv3.1 9.8 (CRITICAL)
9.8
CVSS v3.1
99
Edit Score
CVE-2025-5088 — Redis: An authenticated Redis session could be used to obtain full root access to all
An authenticated Redis session could be used to obtain full root access to all servers in the CVX cluster. Note that this would require an attacker to have both network access to the Redis service on a CVX server and the Redis password. Please note that all Redis communication, including authentication, occurs over plaintext in the present day. TLS support is tracked under RFE1294850. CVSSv3.1 8.3 (HIGH)
8.3
CVSS v3.1
92
Edit Score
Weekly Metasploit Update: Apache ActiveMQ RCE, Gogs Rebase RCE, and Windows Kernel Pointer Enum
Rapid7 Research·rapid7.comCVE-2026-34197CVE-2025-14611CVE-2020-36939CVE-2023-28459CVE-2023-28458CVE-2019-19699CVE-2015-10144CVE-2026-32985CVE-2012-2576
Metasploit Framework 6.4.136 adds three new modules: Apache ActiveMQ RCE via Jolokia JMX-over-HTTP (CVE-2026-34197), Gogs Git rebase argument injection RCE, and a Windows kernel pointer enumeration post-exploitation module. The release also includes seven enhancements (Kerberos cracking support, payload manager plugin, session defaults, HTTP scanner improvements) and seven bug fixes across multiple modules.
78
Edit Score
CVE-2026-9270 — DataDog: DataDog::DogStatsd versions through 0.07 for Perl allow metric injections.
DataDog::DogStatsd versions through 0.07 for Perl allow metric injections. DataDog::DogStatsd does not properly sanitise input, allowing metric injections of data from untrusted sources. The send_stats method does not remove newlines from metric names ($stat variable), allowing attackers to change the metric name prefix. The send_stats method does not validate the content of the value ($delta variable), allowing attackers to inject metrics, especially from methods that do CVSSv3.1 9.1 (CRITICAL) · EPSS 8th percentile
9.1
CVSS v3.1
96
Edit Score
CVE-2026-11362 — DataDog: DataDog::DogStatsd versions through 0.07 for Perl allow metric injections from event tags.
DataDog::DogStatsd versions through 0.07 for Perl allow metric injections from event tags. DataDog::DogStatsd does not properly sanitise input, allowing metric injections of data from untrusted sources. The format_event method (used by the event method) does not validate the content of the tags, which may contain commas (allowing tags to be injected) or newlines, pipes and colons that allow metric injections. (There is an ineffective s/|//g to remove pipes, but because the CVSSv3.1 9.8 (CRITICAL) · EPSS 8th percentile
9.8
CVSS v3.1
99
Edit Score
CVE-2026-6209 — Access: Improper Access Control, Missing Authorization vulnerability in HAVELSAN Inc.
Improper Access Control, Missing Authorization vulnerability in HAVELSAN Inc. Geographic Tracking System allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Geographic Tracking System: before v0.0.2. CVSSv3.1 9.1 (CRITICAL)
9.1
CVSS v3.1
96
Edit Score
CVE-2026-6208 — Authorization: bypass through User-Controlled key vulnerability in HAVELSAN Inc.
Authorization bypass through User-Controlled key vulnerability in HAVELSAN Inc. Geographic Tracking System allows Exploitation of Trusted Identifiers. This issue affects Geographic Tracking System: before v0.0.2. CVSSv3.1 9.1 (CRITICAL)
9.1
CVSS v3.1
96
Edit Score
CVE-2026-6207 — Observable: Geographic Tracking System allows System Footprinting.
Observable response discrepancy vulnerability in HAVELSAN Inc. Geographic Tracking System allows System Footprinting. This issue affects Geographic Tracking System: before v0.0.2. CVSSv3.1 9.1 (CRITICAL)
9.1
CVSS v3.1
96
Edit Score
CVE-2026-48095 — Zip: Versions 26.00 and prior contain a heap buffer overflow vulnerability caused by an under-allocation
7-Zip is a file archiver with a high compression ratio. Versions 26.00 and prior contain a heap buffer overflow vulnerability caused by an under-allocation in the NTFS compressed stream buffer (GetCuSize shift UB), potentially allowing attackers to cause arbitrary code execution or application crashes. CInStream::GetCuSize() in the NTFS handler computes the compression-unit buffer size as (UInt32)1 << (BlockSizeLog + CompressionUnit), and a crafted image with ClusterSizeLog > CVSSv3.1 8.8 (HIGH)
8.8
CVSS v3.1
94
Edit Score
CVE-2026-10879 — DBI: versions before 1.648 for Perl have a heap overflow when preparsing SQL statements
DBI versions before 1.648 for Perl have a heap overflow when preparsing SQL statements with more than 9 binders. The preparse method expands SQL placeholder characters to numbered binders of the form :pN, but only allocates three characters per binder in the buffer. Placeholders 10-99 require four characters, 100-999 require five characters, et cetera. CVSSv3.1 9.8 (CRITICAL) · EPSS 5th percentile
9.8
CVSS v3.1
99
Edit Score
Popping Root on UniFi OS Server: Unauthenticated RCE Chain Detection & Analysis
Bishop Fox published a detailed analysis of an unauthenticated RCE chain affecting Ubiquiti UniFi OS Server (CVE-2026-34908/34909/34910). The chain exploits an authentication gateway bypass via URI normalization divergence, reaches a command-injection sink in the package-update service, and escalates to root via over-privileged sudoers entries. The appliance controls network management, physical access, and identity systems, making root compromise equivalent to full infrastructure takeover.
92
Edit Score
CVE-2026-6274 — Authentication: Improper Authentication, Missing authentication for critical function, Weak Authentication vulnerability in DTS Electronics Industry
Improper Authentication, Missing authentication for critical function, Weak Authentication vulnerability in DTS Electronics Industry and Trade Ltd. Co. Redline WR3200 allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Redline WR3200: from 7.1.3 before 7.1.8. CVSSv3.1 9.8 (CRITICAL)
9.8
CVSS v3.1
99
Edit Score
CVE-2026-49777 — Validation: Improper Validation of Specified Quantity in Input vulnerability in ShapedPlugin, LLC Product Slider Pro
Improper Validation of Specified Quantity in Input vulnerability in ShapedPlugin, LLC Product Slider Pro for WooCommerce allows Malicious Software Implanted. This issue affects Product Slider Pro for WooCommerce: from n/a before 3.5.3. No patched version is available - the vendor has applied a fix to an existing release without publishing a new version. While the patch provided by the vendor is valid, releasing it under the existing version number leaves users unable to rel CVSSv3.1 10.0 (CRITICAL)
10.0
CVSS v3.1
100
Edit Score
CVE-2026-7763 — A heap-based buffer overflow vulnerability in the morse.ko HaLow Wi-Fi kernel driver in Morse
A heap-based buffer overflow vulnerability in the morse.ko HaLow Wi-Fi kernel driver in Morse Micro HaLowLink 2 software versions prior to 2.11.13 allows an unauthenticated attacker within radio range to cause a Denial of Service (kernel panic) or potentially achieve Remote Code Execution via a crafted 802.11ah beacon frame containing a malformed Traffic Indication Map (TIM) Information Element. The function morse_page_slicing_process_tim_element() in page_slicing.c derives t CVSSv3.1 9.8 (CRITICAL)
9.8
CVSS v3.1
99
Edit Score
CVE-2026-7762 — A heap-based buffer overflow vulnerability in the dot11ah.ko HaLow Wi-Fi kernel driver in Morse
A heap-based buffer overflow vulnerability in the dot11ah.ko HaLow Wi-Fi kernel driver in Morse Micro HaLowLink 2 software versions prior to 2.11.13 allows an unauthenticated attacker within radio range to cause a Denial of Service (kernel panic) or potentially achieve Remote Code Execution via a crafted 802.11ah beacon or probe response frame containing a malformed S1G Capabilities Information Element (IE element ID 0xD9). The function morse_dot11ah_find_s1g_caps_for_bssid() CVSSv3.1 9.8 (CRITICAL)
9.8
CVSS v3.1
99
Edit Score
CVE-2026-11307 — Use: after free in PDFium in Google Chrome prior to 149.0.7827.53 allowed a remote
Use after free in PDFium in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. (Chromium security severity: Low) CVSSv3.1 8.8 (HIGH)
8.8
CVSS v3.1
94
Edit Score
CVE-2026-11306 — Use: after free in PDFium in Google Chrome prior to 149.0.7827.53 allowed a remote
Use after free in PDFium in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. (Chromium security severity: Low) CVSSv3.1 8.8 (HIGH)
8.8
CVSS v3.1
94
Edit Score
CVE-2026-11305 — Use: after free in PDFium in Google Chrome prior to 149.0.7827.53 allowed a remote
Use after free in PDFium in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. (Chromium security severity: Low) CVSSv3.1 8.8 (HIGH)
8.8
CVSS v3.1
94
Edit Score
CVE-2026-11304 — Use: after free in PDFium in Google Chrome prior to 149.0.7827.53 allowed a remote
Use after free in PDFium in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: Low) CVSSv3.1 8.8 (HIGH)
8.8
CVSS v3.1
94
Edit Score
CVE-2026-11303 — Use: after free in PDFium in Google Chrome prior to 149.0.7827.53 allowed a remote
Use after free in PDFium in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. (Chromium security severity: Low) CVSSv3.1 8.8 (HIGH)
8.8
CVSS v3.1
94
Edit Score
CVE-2026-11301 — Inappropriate: implementation in LiveCaption in Google Chrome prior to 149.0.7827.53 allowed a remote attacker
Inappropriate implementation in LiveCaption in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform out of bounds memory access via malicious network traffic. (Chromium security severity: Low) CVSSv3.1 8.8 (HIGH)
8.8
CVSS v3.1
94
Edit Score
CVE-2026-11295 — Inappropriate: implementation in WebView in Google Chrome on Android prior to 149.0.7827.53 allowed a
Inappropriate implementation in WebView in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to perform privilege escalation via a crafted HTML page. (Chromium security severity: Low) CVSSv3.1 8.8 (HIGH)
8.8
CVSS v3.1
94
Edit Score