713,000 Emails Exposed: Provecho Recipe Platform Hit by a Major Data Breach

Introduction: A Quiet App, A Loud Breach Another day, another data breach — but this one flew under the radar faster than most. Earlier this month, Provecho, a recipe-sharing platform used by home cooks and content creators, allegedly suffered a security incident that exposed hundreds of thousands of user records. The breach was later disclosed by the widely trusted breach-notification service…

https://undercodenews.com/713000-emails-exposed-provecho-recipe-platform-hit-by-a-major-data-breach/

🔴 CVE-2026-34841 - Critical (9.8)

Bruno is an open source IDE for exploring and testing APIs. Prior to 3.2.1, Bruno was affected by a supply chain attack involving compromised versions of the axios npm package, which introduced a hidden dependency deploying a cross-platform Remote...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-34841/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

🔴 CVE-2026-34950 - Critical (9.1)

fast-jwt provides fast JSON Web Token (JWT) implementation. In 6.1.0 and earlier, the publicKeyPemMatcher regex in fast-jwt/src/crypto.js uses a ^ anchor that is defeated by any leading whitespace in the key string, re-enabling the exact same JWT ...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-34950/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

🔴 CVE-2026-35216 - Critical (9)

Budibase is an open-source low-code platform. Prior to version 3.33.4, an unauthenticated attacker can achieve Remote Code Execution (RCE) on the Budibase server by triggering an automation that contains a Bash step via the public webhook endpoint...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-35216/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

Fujisoft Unveils AI-Powered Security System Built on AMD Embedded+ Platform

Introduction: A New Era of Intelligent Site Security As industrial environments continue to evolve toward automation, the demand for smarter and more reliable security systems is rapidly increasing. Factories, warehouses, and large-scale facilities are no longer simple operational spaces. They are complex ecosystems filled with sensors, cameras, and interconnected devices generating massive…

https://undercodenews.com/fujisoft-unveils-ai-powered-security-system-built-on-amd-embedded-platform/

🚨 EUVD-2026-19345

📊 Score: 8.1/10 (CVSS v3.1)
📦 Product: crm
🏢 Vendor: ChurchCRM
📅 Updated: 2026-04-06

📝 ChurchCRM is an open-source church management system. Prior to 7.1.0, authenticated users with Edit Records or Manage Groups permissions can exploit a time-based blind SQL injection vulnerability in the PropertyAssign.php endpoint to exfiltrate or modify any d...

🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-19345

#cybersecurity #infosec #euvd #cve #vulnerability

🚨 EUVD-2026-19336

📊 Score: 7.8/10 (CVSS v3.1)
📦 Product: Snapdragon, Snapdragon, Snapdragon (+20 more)
🏢 Vendor: Qualcomm, Inc.
📅 Updated: 2026-04-06

📝 Memory Corruption when using deprecated DMABUF IOCTL calls to manage video memory.

🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-19336

#cybersecurity #infosec #euvd #cve #vulnerability

🟠 CVE-2026-35470 - High (8.8)

OpenSTAManager is an open source management software for technical assistance and invoicing. Prior to 2.10.2, confronta_righe.php files across different modules in OpenSTAManager contain an SQL Injection vulnerability. The righe parameter received...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-35470/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack