OffSequence3h ago
🔥 CVE-2026-48303: CRITICAL flaw in Adobe Campaign Classic <=7.4.3 build 9394 (CVSS 10). Exploitable for arbitrary code execution — no user action needed. Restrict access & monitor. Patch pending. https://radar.offseq.com/threat/cve-2026-48303-incorrect-authorization-cwe-863-in--6dc93c1f #OffSeq #Adobe #Vuln #Security
OffSequence7h ago
⚠️ CRITICAL: Veeam Backup & Replication flaw (CVE-2026-44963, CVSS 9.4) allows authenticated domain users to execute code via unsafe deserialization. No patch yet — restrict access & monitor closely! https://radar.offseq.com/threat/cve-2026-44963-cwe-502-deserialization-of-untruste-55909ebc #OffSeq #Veeam #Vuln #RCE
OffSequence1d ago
🚩 HIGH severity: CVE-2026-26236 (CVSS 8.7) in QNAP QuMagie <2.9.0 enables remote attackers to bypass authorization and access data. No exploits seen yet. Upgrade to 2.9.0+ now. https://radar.offseq.com/threat/cve-2026-26236-cwe-862-in-qnap-systems-inc-qumagie-d96d60c8 #OffSeq #QNAP #Vuln #Infosec
OffSequence1d ago
🚨 CRITICAL: CVE-2026-27671 affects SAP NetWeaver & ABAP Platform (multiple versions). Stack-based buffer overflow via RFC, unauthenticated remote exploitation. No patch yet — restrict RFC access & monitor advisories. https://radar.offseq.com/threat/cve-2026-27671-cwe-121-stack-based-buffer-overflow-4df15939 #OffSeq #SAP #Vuln
OffSequence1d ago
🚨 CVE-2026-40128: CRITICAL path traversal in SAP NetWeaver AS Java (ENGINEAPI 7.50). Unauthenticated attackers can access/modify files or disrupt services. No patch yet — restrict access & monitor SAP advisories. https://radar.offseq.com/threat/cve-2026-40128-cwe-35-path-traversal-in-sapse-sap--7b0cc1b3 #OffSeq #SAP #Infosec #Vuln
OffSequence1d ago
🚨 CRITICAL: CVE-2026-44748 hits SAP NetWeaver AS ABAP & ABAP Platform (SAP_BASIS 702 – 919). Improper cryptographic signature checks may let attackers gain unauthorized access! Patch urgently. https://radar.offseq.com/threat/cve-2026-44748-cwe-347-improper-verification-of-cr-3c43c9f0 #OffSeq #SAP #Vuln #InfoSec
OffSequence1d ago
⚠️ CVE-2026-11503: High-severity stack-based buffer overflow in Tenda CX12L (16.03.53.12). Remote code execution possible; no official patch yet. Limit remote access & monitor for updates. https://radar.offseq.com/threat/cve-2026-11503-stack-based-buffer-overflow-in-tend-0a40e529 #OffSeq #CVE202611503 #RouterSecurity #Vuln
OffSequence1d ago
🚨 CRITICAL: CVE-2026-11499 in Tenda HG7HG9/HG10 (firmware 300001138_en_xpon) allows remote stack-based buffer overflow via blkDomain in formDOMAINBLK. No patch yet — restrict access and monitor traffic. https://radar.offseq.com/threat/cve-2026-11499-stack-based-buffer-overflow-in-tend-ca49c238 #OffSeq #Vuln #IoT #CyberSecurity
OffSequence2d ago
🔍 CVE-2026-11489: SQL injection in code-projects Online Music Site 1.0 (AdminDeleteAlbum.php). MEDIUM severity (CVSS 6.9). No patch — restrict access & validate input. Details: https://radar.offseq.com/threat/cve-2026-11489-sql-injection-in-code-projects-onli-26d54fed #OffSeq #SQLInjection #Vuln #Cybersecurity
OffSequence2d ago
⚠️ CVE-2026-11482: MEDIUM severity SQL injection in SourceCodester Class and Exam Timetabling System 1.0 via 'sy' param in /archive5.php. No official patch yet — apply mitigations & monitor for attacks. https://radar.offseq.com/threat/cve-2026-11482-sql-injection-in-sourcecodester-cla-fd3076ab #OffSeq #SQLInjection #Vuln #InfoSec