🟠 CVE-2026-21287 - High (7.8)

Substance3D - Stager versions 3.1.5 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim ...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-21287/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

🟠 CVE-2026-22818 - High (8.2)

Hono is a Web application framework that provides support for any JavaScript runtime. Prior to 4.11.4, there is a flaw in Hono’s JWK/JWKS JWT verification middleware allowed the algorithm specified in the JWT header to influence signature verifi...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-22818/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

🟠 CVE-2026-22817 - High (8.2)

Hono is a Web application framework that provides support for any JavaScript runtime. Prior to 4.11.4, there is a flaw in Hono’s JWK/JWKS JWT verification middleware allowed the JWT header’s alg value to influence signature verification when t...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-22817/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

Grml #eurorail has an #security #incident.
Affected: address, email, phone, passport info. So basically everything. Damn.

https://www.interrail.eu/en/ni/data-security-incident?fbclid=IwY2xjawPTXEJleHRuA2FlbQIxMQBicmlkETB3Uk1vNWp5VXVHVndVcnhZc3J0YwZhcHBfaWQQMjIyMDM5MTc4ODIwMDg5MgABHvZ9SK1LdxHnXNz_Vn9dH7WHxs1jUU5dHLz7g7bXqz5dFZZuvyJsrcmpGRQn_aem_bkjAjvQppOfflSTxDeUHxA

Thay vì thương hại, các tổ chức y tế bị tấn công ransomware cần phải chịu trách nhiệm về những thất bại bảo mật. Việc Trung tâm Ung thư ĐH Hawaii lưu trữ số An sinh xã hội từ những năm 90 và trả tiền chuộc là một ví dụ điển hình. Sự thờ ơ này chỉ nuôi dưỡng tội phạm mạng.

#bảomật #ransomware #suckhoe #trachnhiem #Security #Ransomware #Healthcare #Accountability

https://dev.to/zeroblind25/healthcare-ransomware-victims-deserve-sympathy-not-a-free-pass-2k77

🔴 CVE-2025-68271 - Critical (10)

OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. From 5.0.0 to 6.10.1, OpenC3 COSMOS contains a critical remote code execution vulnerability reachable through the JSON-RPC API....

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-68271/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

🟠 CVE-2026-21226 - High (7.5)

Deserialization of untrusted data in Azure Core shared client library for Python allows an authorized attacker to execute code over a network.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-21226/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

🛜🍍📟

new toy arrived today, the hak5 wifi pineapple pager. of course i had to get it in yellow!

#hacktheplanet #wifipineapple #wifipineapplepager #security #pentest #hacking

🟠 CVE-2026-21274 - High (7.8)

Dreamweaver Desktop versions 21.6 and earlier are affected by an Incorrect Authorization vulnerability that could result in arbitrary code execution in the context of the current user. An attacker could leverage this vulnerability to bypass securi...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-21274/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

🟠 CVE-2026-21272 - High (8.6)

Dreamweaver Desktop versions 21.6 and earlier are affected by an Improper Input Validation vulnerability that could lead to arbitrary file system write. An attacker could leverage this vulnerability to manipulate or inject malicious data into file...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-21272/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack