CVE Notify
19.3K subscribers
4 photos
204K links
Alert on the latest CVEs

Partner channel: @malwr
Download Telegram
🚨 CVE-2026-58025
Deserialization of untrusted data vulnerability in Wikimedia Foundation MediaWiki.

This vulnerability is associated with program files includes/Import/WikiImporter.Php, includes/Import/WikiRevision.Php, includes/Logging/LogEntryBase.Php.



This issue affects MediaWiki: from * before 1.46.0, 1.45.4, 1.44.6, 1.43.9.

🎖@cveNotify
🚨 CVE-2026-58026
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki.

This vulnerability is associated with program files includes/Parser/Parser.Php.



This issue affects MediaWiki: from * before 1.46.0, 1.45.4, 1.44.6, 1.43.9.

🎖@cveNotify
🚨 CVE-2026-58027
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation AbuseFilter.

This vulnerability is associated with program files includes/Api/QueryAbuseFilters.Php.



This issue affects AbuseFilter: from * before 1.46.0, 1.45.4, 1.44.6, 1.43.9.

🎖@cveNotify
🚨 CVE-2026-58028
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki, Wikimedia Foundation CentralAuth.

This vulnerability is associated with program files includes/Api/ApiFormatBase.Php, includes/Api/ApiHelp.Php, includes/ResourceLoader/Module.Php, includes/Hooks/Handlers/PageDisplayHookHandler.Php, includes/LogFormatter/PermissionChangeLogFormatter.Php.



This issue affects MediaWiki: from * before 1.46.0, 1.45.4, 1.44.6, 1.43.9; CentralAuth: from * before 1.46.0, 1.45.4, 1.44.6, 1.43.9.

🎖@cveNotify
🚨 CVE-2026-58029
Vulnerability in Wikimedia Foundation MediaWiki.

This vulnerability is associated with program files includes/Api/ApiChangeAuthenticationData.Php, includes/Api/ApiLinkAccount.Php, includes/Api/ApiRemoveAuthenticationData.Php, includes/Specials/SpecialLinkAccounts.Php, includes/Specials/SpecialUnlinkAccounts.Php.



This issue affects MediaWiki: from * before 1.46.0, 1.45.4, 1.44.6, 1.43.9.

🎖@cveNotify
🚨 CVE-2026-58030
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation SyntaxHighlight_GeSHi.

This vulnerability is associated with program files includes/SyntaxHighlight.Php.



This issue affects SyntaxHighlight_GeSHi: from * before 1.46.0, 1.45.4, 1.44.6, 1.43.9.

🎖@cveNotify
🚨 CVE-2026-58033
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki.

This vulnerability is associated with program files includes/Actions/InfoAction.Php.



This issue affects MediaWiki: from * before 1.46.0, 1.45.4, 1.44.6, 1.43.9.

🎖@cveNotify
🚨 CVE-2026-58036
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wikimedia Foundation MediaWiki.

This vulnerability is associated with program files includes/Api/ApiQueryAllUsers.Php, includes/Api/ApiQueryUsers.Php, includes/Permissions/PermissionManager.Php, includes/User/UserGroupManager.Php.

🎖@cveNotify
🚨 CVE-2026-58037
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation MediaWiki.

This vulnerability is associated with program files includes/Language/Language.Php, includes/Logging/BlockLogFormatter.Php, includes/Logging/LogFormatter.Php, includes/Logging/PatrolLogFormatter.Php, includes/Logging/RenameuserLogFormatter.Php, includes/Logging/TagLogFormatter.Php, includes/Specials/SpecialVersion.Php.



This issue affects MediaWiki: from * before 1.46.0, 1.45.4, 1.44.6, 1.43.9.

🎖@cveNotify
🚨 CVE-2026-58038
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Wikimedia Foundation timeline.

This vulnerability is associated with program files includes/Timeline.Php, scripts/EasyTimeline.Pl.



This issue affects timeline: from * before 1.46.0, 1.45.4, 1.44.6, 1.43.9.

🎖@cveNotify
🚨 CVE-2026-58126
PACSgear PACS Scan 5.2.1 contains an unauthenticated remote code execution vulnerability that allows remote attackers to read and write arbitrary files by exploiting an exposed .NET Remoting TCP service on port 22222 via PGImageExchQueue.exe without any authentication requirement. Attackers can chain the arbitrary file write primitive with DLL hijacking in PGImageExchangeQueueSvc.exe, which loads missing DLLs such as CRYPTSP.DLL from the application directory, to achieve remote code execution as NT Authority\SYSTEM upon service restart.

🎖@cveNotify
🚨 CVE-2026-8480
A vulnerability was discovered on Stormshield Network Security 4.3.0  to 4.3.41 (included), 4.4.0 to 4.8.15 (included) , 5.0.2 EA to 5.0.5 (included)



A revoked client certificate can still be used to authenticate to the captive‑admin portal, allowing an attacker who possesses the revoked certificate to gain administrative access.

🎖@cveNotify
🚨 CVE-2026-8857
A vulnerability in Wikimedia Foundation timeline.

This vulnerability is associated with program files scripts/EasyTimeline.Pl, includes/Timeline.Php.



This issue affects timeline: from * before 1.46.0, 1.45.4, 1.44.6, 1.43.9.

🎖@cveNotify
🚨 CVE-2026-12480
Keras versions up to and including 3.13.2 are vulnerable to an arbitrary HDF5 file read due to an incomplete fix for CVE-2026-1669. The vulnerability resides in the `H5IOStore._verify_dataset()` and `file_editor.py` methods, which fail to check the `dataset.is_virtual` property of HDF5 datasets. This allows an attacker to craft a malicious `.keras` model archive or `.h5` weights file containing a Virtual Dataset (VDS) that references external HDF5 files on the victim's filesystem. When the victim loads the model using `keras.models.load_model()` or `keras.saving.load_model()`, the external file is transparently read, leading to potential information disclosure. Fixed in versions 3.12.2 and 3.14.1.

🎖@cveNotify
🚨 CVE-2026-13211
The genucenter web interface before version 8.0p11 unnecessarily exposes sensitive SNMP authentication and encryption keys in its HTTP responses to users with the “Service” or “Admin” role.

🎖@cveNotify
🚨 CVE-2026-20191
A vulnerability in Cisco Catalyst Center could allow an unauthenticated, remote attacker to read arbitrary files from a restricted container. 

This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to read arbitrary files from a restricted container of the affected device.

🎖@cveNotify
🚨 CVE-2026-20213
A vulnerability in the PE file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device.

This vulnerability is due to improper boundary checks for content in PE files during scanning, which may result in an out-of-bounds buffer write. An attacker could exploit this vulnerability by submitting a crafted file that contains PE content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to terminate, resulting in a DoS condition on the affected software.

🎖@cveNotify
🚨 CVE-2026-20214
A vulnerability in the FSG file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device.

This vulnerability is due to improper boundary checks for content in FSG files during scanning, which may result in an out-of-bounds buffer write. An attacker could exploit this vulnerability by submitting a crafted file that contains portable executable content compressed with FSG to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to terminate, resulting in a DoS condition on the affected software.

🎖@cveNotify
🚨 CVE-2026-20215
A vulnerability in the 7z file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device.

This vulnerability is due to improper boundary checks for content in 7z files during scanning, which may result in an out-of-bounds buffer write. An attacker could exploit this vulnerability by submitting a crafted file that contains 7z content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to terminate, resulting in a DoS condition on the affected software.

🎖@cveNotify
🚨 CVE-2026-20216
A vulnerability in the InstallShield file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition on an affected device.

This vulnerability is due to improper handling of temporary resources during file scanning. An attacker could exploit this vulnerability by submitting a crafted InstallShield file to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to terminate the ClamAV scanning process and temporarily consume available system resources, resulting in a DoS condition on the affected software.

🎖@cveNotify
🚨 CVE-2026-20217
A vulnerability in the PESpin file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a DoS condition, or possibly other expanded impacts, resulting from memory corruption on an affected device.

This vulnerability is due to improper boundary checks for content in PESpin files during scanning, which may result in an out-of-bounds buffer write. An attacker could exploit this vulnerability by submitting a crafted file that contains PESpin content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to terminate, resulting in a DoS condition on the affected software.

🎖@cveNotify