Modern geopolitics isnβt only aircraft carriers and treaties. Russia, China, Iran, and North Korea are using AI to hack, deceive, and divide Americans. U.S. intelligence has to fight the war before itβs visible. #AI #CyberSecurity #Espionage #geopolitics
π¨ EUVD-2026-26851
π Score: 6.9/10 (CVSS v3.1)
π¦ Product: yudao-cloud, yudao-cloud, yudao-cloud (+6 more)
π’ Vendor: YunaiV
π
Updated: 2026-05-03
π A security flaw has been discovered in YunaiV yudao-cloud up to 3.8.0. This affects the function doFilterInternal of the file JwtAuthenticationTokenFilter.java of the component Ruoyi-Vue-Pro. Performing a manipulation o...
π https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-26851
π¨ EUVD-2026-26852
π Score: 6.9/10 (CVSS v3.1)
π¦ Product: mindsdb
π
Updated: 2026-05-03
π A weakness has been identified in MindsDB up to 26.01. This impacts the function exec of the file mindsdb/integrations/handlers/byom_handler/proc_wrapper.py of the component Engine Handler. Executing a manipulation can lead to unrestricted upload. The attack can be executed r...
π https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-26852
π¨ EUVD-2026-26853
π Score: 5.3/10 (CVSS v3.1)
π¦ Product: mindsdb
π
Updated: 2026-05-03
π A security vulnerability has been detected in MindsDB up to 26.01. Affected is the function pickle.loads of the component Pickle Handler. The manipulation leads to deserialization. The attack is possible to be carried out remotely. The exploit has been disclosed publicly and ...
π https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-26853
π¨ EUVD-2026-26850
π Score: 4.9/10 (CVSS v3.1)
π¦ Product: Velociraptor, Velociraptor
π’ Vendor: Rapid7
π
Updated: 2026-05-03
π Velociraptor versions prior to 0.76.4 contain a resource exhaustion vulnerability in the server's agent control channel.
This allows a compromised or rogue Velociraptor client to crash the server via out-of-memory (OOM) by sending crafte...
π https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-26850
π¨ EUVD-2026-26854
π Score: 5.3/10 (CVSS v3.1)
π¦ Product: Calibre-Web-Automated, Calibre-Web-Automated, Calibre-Web-Automated (+5 more)
π’ Vendor: crocodilestick
π
Updated: 2026-05-04
π A vulnerability was detected in crocodilestick Calibre-Web-Automated up to 4.0.6. Affected by this vulnerability is the function generate_auth_token of the file cps/kobo_auth.py of ...
π https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-26854
π CVE-2026-31694 - High (7.8)
In the Linux kernel, the following vulnerability has been resolved:
fuse: reject oversized dirents in page cache
fuse_add_dirent_to_cache() computes a serialized dirent size from the
server-controlled namelen field and copies the dirent into a s...
π https://www.thehackerwire.com/vulnerability/CVE-2026-31694/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
π CVE-2026-31709 - High (8.8)
In the Linux kernel, the following vulnerability has been resolved:
smb: client: validate the whole DACL before rewriting it in cifsacl
build_sec_desc() and id_mode_to_cifs_acl() derive a DACL pointer from a
server-supplied dacloffset and then u...
π https://www.thehackerwire.com/vulnerability/CVE-2026-31709/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
π CVE-2026-31708 - High (8.1)
In the Linux kernel, the following vulnerability has been resolved:
smb: client: fix OOB read in smb2_ioctl_query_info QUERY_INFO path
smb2_ioctl_query_info() has two response-copy branches: PASSTHRU_FSCTL
and the default QUERY_INFO path. The Q...
π https://www.thehackerwire.com/vulnerability/CVE-2026-31708/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
Spy Stuff
EUVD Bot
TheHackerWire
urlDNA.io 