#cve β Public Fediverse posts
Live and recent posts from across the Fediverse tagged #cve, aggregated by home.social.
-
Security Tip: Don't let CVSS scores be your only guide. π‘οΈ While a high severity score is important, real-world risk is driven by active exploitation. Integrate the CISA Known Exploited Vulnerabilities (KEV) catalog into your patch management workflow. If an attacker is already using it, it should be at the top of your list, regardless of the score. Track active threats at https://cvedatabase.com #InfoSec #CyberSecurity #PatchManagement #CVE
-
π¨ EUVD-2026-33030
π Score: 6.5/10 (CVSS v3.1)
π¦ Product: Kibana, Kibana, Kibana
π’ Vendor: Elastic
π Updated: 2026-05-28π Uncontrolled Resource Consumption (CWE-400) in Kibana can lead to denial of service via Excessive Allocation (CAPEC-130). An authenticated user can send a specially crafted compressed request payload that is processed prior to authorization ch...
π https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-33030
-
π¨ EUVD-2026-33031
π Score: 6.5/10 (CVSS v3.1)
π¦ Product: Kibana, Kibana
π’ Vendor: Elastic
π Updated: 2026-05-28π Uncontrolled Resource Consumption (CWE-400) in Kibana can lead to denial of service via Excessive Allocation (CAPEC-130). An authenticated low-privileged user can cause Kibana to consume exponentially increasing amounts of memory by submitting a speci...
π https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-33031
-
π¨ EUVD-2026-33032
π Score: 7.7/10 (CVSS v3.1)
π¦ Product: Kibana, Kibana
π’ Vendor: Elastic
π Updated: 2026-05-28π Server-Side Request Forgery (CWE-918) in Kibana allows authenticated users with connector management privileges to bypass the operator-configured connection allowlist. By configuring a Webhook connector with a crafted target, an attacker can cause Kib...
π https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-33032
-
π¨ EUVD-2026-33033
π Score: 7.2/10 (CVSS v3.1)
π¦ Product: Kibana, Kibana, Kibana
π’ Vendor: Elastic
π Updated: 2026-05-28π Improper Input Validation (CWE-20) in the Kibana Fleet agent policy management feature can lead to privilege escalation. An authenticated user with Fleet management privileges can manipulate agent policy configuration by injecting values into ...
π https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-33033
-
π¨ EUVD-2026-33034
π Score: 6.5/10 (CVSS v3.1)
π¦ Product: Kibana
π’ Vendor: Elastic
π Updated: 2026-05-28π Uncontrolled Resource Consumption (CWE-400) in Kibana can lead to denial of service via Excessive Allocation (CAPEC-130). An authenticated user with viewer-level access can submit a request containing an oversized input value to an analytics collections manag...
π https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-33034
-
π¨ EUVD-2026-33035
π Score: 6.3/10 (CVSS v3.1)
π¦ Product: Kibana
π’ Vendor: Elastic
π Updated: 2026-05-28π Server-Side Request Forgery (CWE-918) in Kibana can allow an authenticated user with connector management privileges to bypass the operator-configured connector allowlist, causing the Kibana server to issue outbound requests to destinations the egress control...
π https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-33035
-
π¨ EUVD-2026-33036
π Score: 9.8/10 (CVSS v3.1)
π¦ Product: Oracle Hospitality OPERA 5 Property Services, Oracle Hospitality OPERA 5 Property Services, Oracle Hospitality OPERA 5 Property Services (+2 more)
π’ Vendor: Oracle Corporation
π Updated: 2026-05-28π Vulnerability in the Oracle Hospitality OPERA 5 Property Services product of Oracle Hospitality Applications...
π https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-33036
-
π¨ EUVD-2026-33037
π Score: 7.9/10 (CVSS v3.1)
π¦ Product: Oracle REST Data Services
π’ Vendor: Oracle Corporation
π Updated: 2026-05-28π Vulnerability in Oracle REST Data Services (component: Core). Supported versions that are affected are 24.2.0-26.1.0. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTPS to compromise ...
π https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-33037
-
π¨ EUVD-2026-33038
π Score: 8.1/10 (CVSS v3.1)
π¦ Product: Oracle REST Data Services
π’ Vendor: Oracle Corporation
π Updated: 2026-05-28π Vulnerability in Oracle REST Data Services (component: Core). Supported versions that are affected are 24.2.0-26.1.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTPS to compromise Or...
π https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-33038
-
π¨ EUVD-2026-33039
π Score: 9.9/10 (CVSS v3.1)
π¦ Product: Oracle REST Data Services
π’ Vendor: Oracle Corporation
π Updated: 2026-05-28π Vulnerability in Oracle REST Data Services (component: Core). Supported versions that are affected are 24.2.0-26.1.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTPS to compromise Or...
π https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-33039
-
π¨ EUVD-2026-33040
π Score: 9.8/10 (CVSS v3.1)
π¦ Product: Oracle Payments
π’ Vendor: Oracle Corporation
π Updated: 2026-05-28π Vulnerability in the Oracle Payments product of Oracle E-Business Suite (component: File Transmission). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows unauthenticated attacker with network...
π https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-33040
-
π¨ EUVD-2026-33041
π Score: 7.4/10 (CVSS v3.1)
π¦ Product: Oracle Payments
π’ Vendor: Oracle Corporation
π Updated: 2026-05-28π Vulnerability in the Oracle Payments product of Oracle E-Business Suite (component: File Transmission). Supported versions that are affected are 12.2.3-12.2.15. Difficult to exploit vulnerability allows unauthenticated attacker with netwo...
π https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-33041
-
π¨ EUVD-2026-33042
π Score: 9.1/10 (CVSS v3.1)
π¦ Product: Oracle Internet Procurement Connector
π’ Vendor: Oracle Corporation
π Updated: 2026-05-28π Vulnerability in the Oracle Internet Procurement Connector product of Oracle E-Business Suite (component: Internal Operations). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerabilit...
π https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-33042
-
π¨ EUVD-2026-33043
π Score: 8.5/10 (CVSS v3.1)
π¦ Product: Oracle Financials Common Modules
π’ Vendor: Oracle Corporation
π Updated: 2026-05-28π Vulnerability in the Oracle Financials Common Modules product of Oracle E-Business Suite (component: Common Components). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low...
π https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-33043
-
π¨ EUVD-2026-33044
π Score: 7.7/10 (CVSS v3.1)
π¦ Product: Oracle Financials Common Modules
π’ Vendor: Oracle Corporation
π Updated: 2026-05-28π Vulnerability in the Oracle Financials Common Modules product of Oracle E-Business Suite (component: Common Components). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low...
π https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-33044
-
π¨ EUVD-2026-33045
π Score: 9.9/10 (CVSS v3.1)
π¦ Product: Oracle iAssets
π’ Vendor: Oracle Corporation
π Updated: 2026-05-28π Vulnerability in the Oracle iAssets product of Oracle E-Business Suite (component: Internal Operations). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network ...
π https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-33045
-
π¨ EUVD-2026-33046
π Score: 7.7/10 (CVSS v3.1)
π¦ Product: Oracle Public Sector Financials (International)
π’ Vendor: Oracle Corporation
π Updated: 2026-05-28π Vulnerability in the Oracle Public Sector Financials (International) product of Oracle E-Business Suite (component: Authorization). Supported versions that are affected are 12.2.6-12.2.15. Easily exploitabl...
π https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-33046
-
π¨ EUVD-2026-33047
π Score: 9.9/10 (CVSS v3.1)
π¦ Product: Oracle Universal Work Queue
π’ Vendor: Oracle Corporation
π Updated: 2026-05-28π Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite (component: Work Provider Site Level Administration). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerabilit...
π https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-33047
-
π¨ EUVD-2026-33048
π Score: 8.8/10 (CVSS v3.1)
π¦ Product: Oracle Payroll
π’ Vendor: Oracle Corporation
π Updated: 2026-05-28π Vulnerability in the Oracle Payroll product of Oracle E-Business Suite (component: Internal Operations). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network ...
π https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-33048
-
π¨ EUVD-2026-33049
π Score: 8.8/10 (CVSS v3.1)
π¦ Product: Oracle Payroll
π’ Vendor: Oracle Corporation
π Updated: 2026-05-28π Vulnerability in the Oracle Payroll product of Oracle E-Business Suite (component: Self Service Manager). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network...
π https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-33049
-
π¨ EUVD-2026-33050
π Score: 8.1/10 (CVSS v3.1)
π¦ Product: Oracle Payroll
π’ Vendor: Oracle Corporation
π Updated: 2026-05-28π Vulnerability in the Oracle Payroll product of Oracle E-Business Suite (component: Internal Operations). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network ...
π https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-33050
-
π¨ EUVD-2026-33051
π Score: 7.5/10 (CVSS v3.1)
π¦ Product: Oracle REST Data Services
π’ Vendor: Oracle Corporation
π Updated: 2026-05-28π Vulnerability in Oracle REST Data Services (component: Mongoapi). Supported versions that are affected are 24.2.0-26.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromi...
π https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-33051
-
π¨ EUVD-2026-33052
π Score: 5.3/10 (CVSS v3.1)
π¦ Product: Oracle REST Data Services
π’ Vendor: Oracle Corporation
π Updated: 2026-05-28π Vulnerability in Oracle REST Data Services (component: Mongoapi). Supported versions that are affected are 24.2.0-26.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromi...
π https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-33052
-
π¨ EUVD-2026-33013
π Score: 9.0/10 (CVSS v3.1)
π¦ Product: Oracle Database Server
π’ Vendor: Oracle Corporation
π Updated: 2026-05-28π Vulnerability in the Net Service component of Oracle Database Server. Supported versions that are affected are 23.4.0-23.26.2. Difficult to exploit vulnerability allows unauthenticated attacker with network access via TLS to compro...
π https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-33013
-
π¨ EUVD-2026-33015
π Score: 7.5/10 (CVSS v3.1)
π¦ Product: Oracle Database Server
π’ Vendor: Oracle Corporation
π Updated: 2026-05-28π Vulnerability in the Net Service component of Oracle Database Server. Supported versions that are affected are 23.4.0-23.26.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via TLS to compromi...
π https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-33015
-
π¨ EUVD-2026-33014
π Score: 7.5/10 (CVSS v3.1)
π¦ Product: Oracle Database Server
π’ Vendor: Oracle Corporation
π Updated: 2026-05-28π Vulnerability in the Net Service component of Oracle Database Server. Supported versions that are affected are 23.4.0-23.26.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via TLS to compromi...
π https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-33014
-
π CVE-2026-45047 - High (7.5)
bird-lg-go is a BIRD looking glass in Go. Prior to 1.4.5, the apiHandler (and similarly webHandlerTelegramBot) processes user-provided JSON payloads by directly using json.NewDecoder(r.Body).Decode(&request) without restricting the maximum read si...
π https://www.thehackerwire.com/vulnerability/CVE-2026-45047/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
-
UPDATE - I've updated my entry on the status of Ubuntu and CVE-2026-46333. The official Ubuntu security bulletin presents conflicting information, which also conflicts with Canonical's own Luci Stanescu about the subject.
My recommendation: set `kernel.yama.ptrace_scope` to at least 2 anyway unless you *need* unprivileged users to have ptrace access. Better to be safe than sorry.
-
UPDATE - I've updated my entry on the status of Ubuntu and CVE-2026-46333. The official Ubuntu security bulletin presents conflicting information, which also conflicts with Canonical's own Luci Stanescu about the subject.
My recommendation: set `kernel.yama.ptrace_scope` to at least 2 anyway unless you *need* unprivileged users to have ptrace access. Better to be safe than sorry.
-
ΠΠΎΠ»ΡΡΠ΅, ΡΠ΅ΠΌ ΠΏΡΠΎΡΡΠΎ Π±Π΅Π·ΠΎΠΏΠ°ΡΠ½ΠΎΡΡΡ, ΠΈΠ»ΠΈ ΠΠ°ΡΠ΅ΠΌ ΠΊΠΎΠ½ΡΡΠΎΠ»ΠΈΡΠΎΠ²Π°ΡΡ Π·Π°Π²ΠΈΡΠΈΠΌΠΎΡΡΠΈ
ΠΡΠΈΠ²Π΅Ρ, Π₯Π°Π±Ρ! ΠΠ΅Π½Ρ Π·ΠΎΠ²ΡΡ ΠΡΡΡΠΌ ΠΠ΅ΡΠ΄Π°ΡΠΊΠ΅Π²ΠΈΡ, Π² Positive Technologies ΡΡΠΊΠΎΠ²ΠΎΠΆΡ Π½Π°ΠΏΡΠ°Π²Π»Π΅Π½ΠΈΡ DevSecOps. Π‘Π΅Π³ΠΎΠ΄Π½Ρ Ρ ΠΎΡΡ ΠΏΠΎΠ³ΠΎΠ²ΠΎΡΠΈΡΡ ΠΎ ΡΠ΅ΠΌΠ΅, ΠΊΠΎΡΠΎΡΠ°Ρ Ρ Π³ΠΎΠ΄Π°ΠΌΠΈ ΡΡΠ°Π½ΠΎΠ²ΠΈΡΡΡ ΡΠΎΠ»ΡΠΊΠΎ ΠΎΡΡΡΠ΅Π΅ β ΠΎ ΠΊΠΎΠ½ΡΡΠΎΠ»Π΅ Π·Π°Π²ΠΈΡΠΈΠΌΠΎΡΡΠ΅ΠΉ ΠΈ ΠΎ ΡΠΎΠΌ, ΠΏΠΎΡΠ΅ΠΌΡ ΠΏΡΠΈΠ²ΡΡΠ½ΡΡ ΠΏΠΎΠ΄Ρ ΠΎΠ΄ΠΎΠ² ΠΊ Π½Π΅ΠΌΡ ΡΠΆΠ΅ ΠΊΠ°ΡΠ°ΡΡΡΠΎΡΠΈΡΠ΅ΡΠΊΠΈ Π½Π΅ Ρ Π²Π°ΡΠ°Π΅Ρ. Π‘ΠΎΠ²ΡΠ΅ΠΌΠ΅Π½Π½Π°Ρ ΡΠ°Π·ΡΠ°Π±ΠΎΡΠΊΠ° Π΄Π°Π²Π½ΠΎ ΠΏΡΠ΅Π²ΡΠ°ΡΠΈΠ»Π°ΡΡ Π² ΡΠ±ΠΎΡΠΊΡ ΠΈΠ· Π³ΠΎΡΠΎΠ²ΡΡ ΠΊΠΎΠΌΠΏΠΎΠ½Π΅Π½ΡΠΎΠ², Π³Π΄Π΅ ΠΌΡ ΠΏΠΎΡΡΠΈ Π½Π΅ ΠΏΠΈΡΠ΅ΠΌ ΠΊΠΎΠ΄ Ρ Π½ΡΠ»Ρ, Π° ΠΊΠΎΠΌΠ±ΠΈΠ½ΠΈΡΡΠ΅ΠΌ ΡΡΠ΅ΠΉΠΌΠ²ΠΎΡΠΊΠΈ, Π±ΠΈΠ±Π»ΠΈΠΎΡΠ΅ΠΊΠΈ ΠΈ ΠΌΠΎΠ΄ΡΠ»ΠΈ Ρ ΠΎΡΠΊΡΡΡΡΠΌ ΠΈΡΡ ΠΎΠ΄Π½ΡΠΌ ΠΊΠΎΠ΄ΠΎΠΌ. Π’Π°ΠΊΠΎΠΉ ΠΏΠΎΠ΄Ρ ΠΎΠ΄ ΡΠ°Π΄ΠΈΠΊΠ°Π»ΡΠ½ΠΎ ΡΡΠΊΠΎΡΡΠ΅Ρ Π²ΡΠ²ΠΎΠ΄ ΠΏΡΠΎΠ΄ΡΠΊΡΠΎΠ² Π½Π° ΡΡΠ½ΠΎΠΊ, Π½ΠΎ Π·Π° ΡΠΊΠΎΡΠΎΡΡΡ ΠΏΡΠΈΡ ΠΎΠ΄ΠΈΡΡΡ ΠΏΠ»Π°ΡΠΈΡΡ ΠΏΡΠΎΠ·ΡΠ°ΡΠ½ΠΎΡΡΡΡ. ΠΠΎΠΌΠ°Π½Π΄Π° ΡΠ°ΡΡΠΎ Π½Π΅ Π·Π½Π°Π΅Ρ ΡΠΎΡΠ½ΡΠΉ ΡΠΎΡΡΠ°Π² ΡΠ²ΠΎΠ΅Π³ΠΎ ΠΏΡΠΈΠ»ΠΎΠΆΠ΅Π½ΠΈΡ Π΄ΠΎ ΡΠΈΠ½Π°Π»ΡΠ½ΠΎΠΉ ΡΠ±ΠΎΡΠΊΠΈ. ΠΠΎΡΠ΅ΠΌΡ ΡΡΠΎ ΡΡΠ°Π»ΠΎ Π±ΠΎΠ»ΡΡΠΎΠΉ ΠΏΡΠΎΠ±Π»Π΅ΠΌΠΎΠΉ ΠΈ ΡΡΠΎ Ρ Π½Π΅ΠΉ Π΄Π΅Π»Π°ΡΡ β ΡΠΈΡΠ°ΠΉΡΠ΅ ΠΏΠΎΠ΄ ΠΊΠ°ΡΠΎΠΌ.
https://habr.com/ru/companies/pt/articles/1040080/
#cybersecurity #devsecops #sca #Π»Π΅Π³Π°ΡΠΈ #Π·Π°Π²ΠΈΡΠΈΠΌΠΎΡΡΠΈ #cve #Π±Π΅Π·ΠΎΠΏΠ°ΡΠ½Π°Ρ_ΡΠ°Π·ΡΠ°Π±ΠΎΡΠΊΠ° #docker #sandbox #appsec
-
π CVE-2026-42735 - High (8.2)
Authentication Bypass Using an Alternate Path or Channel vulnerability in Iqonic Design KiviCare kivicare-clinic-management-system allows Password Recovery Exploitation.This issue affects KiviCare: from n/a through <= 4.3.0.
π https://www.thehackerwire.com/vulnerability/CVE-2026-42735/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
-
π CVE-2026-42735 - High (8.2)
Authentication Bypass Using an Alternate Path or Channel vulnerability in Iqonic Design KiviCare kivicare-clinic-management-system allows Password Recovery Exploitation.This issue affects KiviCare: from n/a through <= 4.3.0.
π https://www.thehackerwire.com/vulnerability/CVE-2026-42735/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
-
π CVE-2026-42735 - High (8.2)
Authentication Bypass Using an Alternate Path or Channel vulnerability in Iqonic Design KiviCare kivicare-clinic-management-system allows Password Recovery Exploitation.This issue affects KiviCare: from n/a through <= 4.3.0.
π https://www.thehackerwire.com/vulnerability/CVE-2026-42735/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
-
π΄ CVE-2026-42755 - Critical (9.3)
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in RealMag777 TableOn posts-table-filterable allows Blind SQL Injection.This issue affects TableOn: from n/a through <= 1.0.5.1.
π https://www.thehackerwire.com/vulnerability/CVE-2026-42755/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
-
π΄ CVE-2026-42755 - Critical (9.3)
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in RealMag777 TableOn posts-table-filterable allows Blind SQL Injection.This issue affects TableOn: from n/a through <= 1.0.5.1.
π https://www.thehackerwire.com/vulnerability/CVE-2026-42755/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
-
π΄ CVE-2026-42755 - Critical (9.3)
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in RealMag777 TableOn posts-table-filterable allows Blind SQL Injection.This issue affects TableOn: from n/a through <= 1.0.5.1.
π https://www.thehackerwire.com/vulnerability/CVE-2026-42755/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
-
π΄ CVE-2026-42748 - Critical (9.9)
Unrestricted Upload of File with Dangerous Type vulnerability in WPify WPify Woo Czech wpify-woo allows Upload a Web Shell to a Web Server.This issue affects WPify Woo Czech: from n/a through <= 5.4.1.
π https://www.thehackerwire.com/vulnerability/CVE-2026-42748/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
-
π΄ CVE-2026-42748 - Critical (9.9)
Unrestricted Upload of File with Dangerous Type vulnerability in WPify WPify Woo Czech wpify-woo allows Upload a Web Shell to a Web Server.This issue affects WPify Woo Czech: from n/a through <= 5.4.1.
π https://www.thehackerwire.com/vulnerability/CVE-2026-42748/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
-
π΄ CVE-2026-42748 - Critical (9.9)
Unrestricted Upload of File with Dangerous Type vulnerability in WPify WPify Woo Czech wpify-woo allows Upload a Web Shell to a Web Server.This issue affects WPify Woo Czech: from n/a through <= 5.4.1.
π https://www.thehackerwire.com/vulnerability/CVE-2026-42748/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
-
#OT #Advisory VDE-2026-059
Helmholz: Multiple vulnerabilities in REX100/REX200/REX250Two command injection vulnerabilities have been discovered in Helmholz REX100/REX200/REX250.
#CVE CVE-2026-40851, CVE-2026-40852https://certvde.com/en/advisories/vde-2026-059/
#CSAF https://helmholz.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-059.json
-
#OT #Advisory VDE-2026-059
Helmholz: Multiple vulnerabilities in REX100/REX200/REX250Two command injection vulnerabilities have been discovered in Helmholz REX100/REX200/REX250.
#CVE CVE-2026-40851, CVE-2026-40852https://certvde.com/en/advisories/vde-2026-059/
#CSAF https://helmholz.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-059.json
-
#OT #Advisory VDE-2026-059
Helmholz: Multiple vulnerabilities in REX100/REX200/REX250Two command injection vulnerabilities have been discovered in Helmholz REX100/REX200/REX250.
#CVE CVE-2026-40851, CVE-2026-40852https://certvde.com/en/advisories/vde-2026-059/
#CSAF https://helmholz.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-059.json
-
#OT #Advisory VDE-2026-054
MB connect line: Multiple vulnerabilities in mbNET/mbNET.rokey/mbNET.miniTwo command injection vulnerabilities have been discovered in MB connect line mbNET/mbNET.rokey/mbNET.mini.
#CVE CVE-2026-40851, CVE-2026-40852https://certvde.com/en/advisories/vde-2026-054/
#CSAF https://mbconnectline.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-054.json
-
#OT #Advisory VDE-2026-054
MB connect line: Multiple vulnerabilities in mbNET/mbNET.rokey/mbNET.miniTwo command injection vulnerabilities have been discovered in MB connect line mbNET/mbNET.rokey/mbNET.mini.
#CVE CVE-2026-40851, CVE-2026-40852https://certvde.com/en/advisories/vde-2026-054/
#CSAF https://mbconnectline.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-054.json
-
#OT #Advisory VDE-2026-054
MB connect line: Multiple vulnerabilities in mbNET/mbNET.rokey/mbNET.miniTwo command injection vulnerabilities have been discovered in MB connect line mbNET/mbNET.rokey/mbNET.mini.
#CVE CVE-2026-40851, CVE-2026-40852https://certvde.com/en/advisories/vde-2026-054/
#CSAF https://mbconnectline.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-054.json
-
#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtualMultiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820https://certvde.com/en/advisories/vde-2026-058/
#CSAF https://helmholz.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-058.json
-
#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtualMultiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820https://certvde.com/en/advisories/vde-2026-058/
#CSAF https://helmholz.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-058.json
-
#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtualMultiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820https://certvde.com/en/advisories/vde-2026-058/
#CSAF https://helmholz.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-058.json