CVE Notify
19.3K subscribers
4 photos
204K links
Alert on the latest CVEs

Partner channel: @malwr
Download Telegram
🚨 CVE-2026-11878
Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in OpenText Access Manager allows Cross-Site Scripting (XSS).

This issue affects Access Manager: from 5.1 through 5.1.2.

πŸŽ–@cveNotify
🚨 CVE-2026-8659
OS Command Injection vulnerability in Rapid7 InsightConnect SQLmap Plugin on Linux allows authenticated attackers to execute arbitrary OS commands via the api_host or api_port parameters during connection configuration due to insufficient input validation.

πŸŽ–@cveNotify
🚨 CVE-2026-8663
OS Command Injection vulnerability in Rapid7 InsightConnect RPM Plugin on Linux allows authenticated attackers to execute arbitrary OS commands via the repo, key, or name parameters due to insufficient input sanitization in shell command construction.

πŸŽ–@cveNotify
🚨 CVE-2026-8592
OS Command Injection vulnerability in the process_string action of Rapid7 InsightConnect AWK Plugin on Linux allows remote attackers to execute arbitrary OS commands via the text or expression parameters due to unsafe shell command construction in the processing pipeline.

πŸŽ–@cveNotify
🚨 CVE-2026-8660
OS Command Injection vulnerability in the ping action of Rapid7 InsightConnect Ping Plugin on Linux allows remote attackers to execute arbitrary OS commands via the host parameter due to insufficient input validation when constructing shell commands.

πŸŽ–@cveNotify
🚨 CVE-2026-8664
OS Command Injection vulnerability in Rapid7 InsightConnect Finger Plugin on Linux allows authenticated attackers to execute arbitrary OS commands via the user or host parameters due to insufficient input validation in shell command construction.

πŸŽ–@cveNotify
🚨 CVE-2026-8665
OS Command Injection vulnerability in the TR action of Rapid7 InsightConnect Translate Plugin on Linux allows remote attackers to execute arbitrary OS commands via the text or expression parameters due to insufficient input sanitization in shell command construction.

πŸŽ–@cveNotify
🚨 CVE-2026-8666
OS Command Injection vulnerability in the traceroute action of Rapid7 InsightConnect Traceroute Plugin on Linux allows remote attackers to execute arbitrary OS commands via the host, port, max_ttl, count, or time_out request parameters due to insufficient input validation when constructing shell commands.

πŸŽ–@cveNotify
🚨 CVE-2026-8658
OS Command Injection vulnerability in Rapid7 InsightConnect Tcpdump Plugin on Linux allows authenticated attackers to execute arbitrary OS commands via the options or filter parameters due to insufficient input sanitization in shell command construction.

πŸŽ–@cveNotify
🚨 CVE-2026-3472
Mattermost versions 10.11.x <= 10.11.18, 11.6.x <= 11.6.3, 11.5.x <= 11.5.6 fail to properly apply markdown image rendering restrictions to AI bot tool result posts, which allows an authenticated attacker to exfiltrate data to an attacker-controlled server via injecting markdown image syntax into tool result content rendered by a victim's client.. Mattermost Advisory ID: MMSA-2026-00619

πŸŽ–@cveNotify
🚨 CVE-2026-4339
Mattermost versions 10.11.x <= 10.11.18, 11.6.x <= 11.6.3, 11.5.x <= 11.5.6 fail to validate attachment URLs against internal or private IP ranges in the Mattermost Agents plugin MCP server which allows an attacker with access to the MCP server in stdio mode to perform server-side request forgery (SSRF) and exfiltrate data from internal network services via supplying internal URLs as file attachments in post creation requests.. Mattermost Advisory ID: MMSA-2026-00635

πŸŽ–@cveNotify
🚨 CVE-2026-38639
An issue in the parse_month function (/time/strptime.rs) of relibc commit ab6a2e allows attackers to cause a Denial of Service (DoS) via parsing a crafted input.

πŸŽ–@cveNotify
🚨 CVE-2026-38641
An issue in the DSO::mmap_and_copy function of relibc commit 61f42d allows attackers to cause a Denial of Service (DoS) via loading a crafted shared library.

πŸŽ–@cveNotify
🚨 CVE-2026-39031
Lansweeper lsrunase 2.0 and lsencrypt 2.0 use RC4 encryption with a hardcoded 142-byte static key array to encrypt credentials. An 8-character prefix is stored in cleartext alongside the ciphertext. This allows an attacker with local access to recover any encrypted password to plaintext using a single SHA-1 hash and RC4 decryption operation, with no brute force required.

πŸŽ–@cveNotify
🚨 CVE-2026-31928
The DMP-5000 devices are shipped with a default administrative web account with weak authentication controls, which are not required to be changed during initial configuration or operation. Using these accounts provides full system access.

πŸŽ–@cveNotify
🚨 CVE-2026-33560
The DMP-5000 file service exposes authenticated arbitrary file upload functionality. There are exposed endpoints which allows authenticated users to upload files of any type without validation. No file extension filtering or content inspection is enforced which allows executable binaries and scripts to be accepted and written directly to the server.

πŸŽ–@cveNotify
🚨 CVE-2026-55975
A vulnerability exists in H.View IP cameras that could allow an authenticated user to supply unsanitized XML fields to the device's certificate generation interface, which are incorporated into a backend certificate creation command without proper input validation. This may allow for command execution with elevated privileges during certificate generation.

πŸŽ–@cveNotify