| critical |
AzeoTech DAQFactory |
advisory |
cisa-advisories, vendor-blogs |
|
zeroday, phishing, ics |
2026-06-18 |
| critical |
CVE-2026-45469 Microsoft Excel Remote Code Execution Vulnerability |
advisory |
vendor-blogs |
|
rce |
2026-06-19 |
| critical |
CVE-2026-45475 Microsoft Office Remote Code Execution Vulnerability |
advisory |
vendor-blogs |
|
rce |
2026-06-19 |
| critical |
CVE-2026-45471 Microsoft Word Remote Code Execution Vulnerability |
advisory |
vendor-blogs |
|
rce |
2026-06-19 |
| critical |
CVE-2026-45456 Microsoft Outlook and Word Remote Code Execution Vulnerability |
advisory |
vendor-blogs |
|
rce |
2026-06-19 |
| critical |
CVE-2026-44803 Windows Graphics Component Remote Code Execution Vulnerability |
advisory |
vendor-blogs |
|
rce |
2026-06-19 |
| critical |
Malicious IP: 183.91.11.36 |
ip-reputation |
abuse-ipdb |
183.91.11.36 |
|
2026-06-22 |
| critical |
Malicious IP: 20.226.73.88 |
ip-reputation |
abuse-ipdb |
20.226.73.88 |
|
2026-06-22 |
| critical |
Malicious IP: 94.183.188.148 |
ip-reputation |
abuse-ipdb |
94.183.188.148 |
|
2026-06-22 |
| critical |
Malicious IP: 41.76.213.108 |
ip-reputation |
abuse-ipdb |
41.76.213.108 |
|
2026-06-22 |
| critical |
Malicious IP: 202.183.141.189 |
ip-reputation |
abuse-ipdb |
202.183.141.189 |
|
2026-06-22 |
| critical |
Malicious IP: 115.77.111.2 |
ip-reputation |
abuse-ipdb |
115.77.111.2 |
|
2026-06-22 |
| critical |
Malicious IP: 195.178.110.30 |
ip-reputation |
abuse-ipdb |
195.178.110.30 |
|
2026-06-22 |
| critical |
Malicious IP: 188.166.25.251 |
ip-reputation |
abuse-ipdb |
188.166.25.251 |
|
2026-06-22 |
| critical |
Malicious IP: 216.218.206.98 |
ip-reputation |
abuse-ipdb |
216.218.206.98 |
|
2026-06-22 |
| critical |
Malicious IP: 31.59.160.12 |
ip-reputation |
abuse-ipdb |
31.59.160.12 |
|
2026-06-22 |
| critical |
Malicious IP: 118.194.251.144 |
ip-reputation |
abuse-ipdb |
118.194.251.144 |
|
2026-06-22 |
| critical |
Malicious IP: 58.186.20.101 |
ip-reputation |
abuse-ipdb |
58.186.20.101 |
|
2026-06-22 |
| critical |
Malicious IP: 66.132.195.19 |
ip-reputation |
abuse-ipdb |
66.132.195.19 |
|
2026-06-22 |
| critical |
Malicious IP: 20.163.33.221 |
ip-reputation |
abuse-ipdb |
20.163.33.221 |
|
2026-06-22 |
| critical |
Malicious IP: 66.132.186.241 |
ip-reputation |
abuse-ipdb |
66.132.186.241 |
|
2026-06-22 |
| critical |
Malicious IP: 175.198.18.3 |
ip-reputation |
abuse-ipdb |
175.198.18.3 |
|
2026-06-22 |
| critical |
Malicious IP: 78.142.18.172 |
ip-reputation |
abuse-ipdb |
78.142.18.172 |
|
2026-06-22 |
| critical |
Malicious IP: 79.124.49.70 |
ip-reputation |
abuse-ipdb |
79.124.49.70 |
|
2026-06-22 |
| critical |
Malicious IP: 80.94.92.182 |
ip-reputation |
abuse-ipdb |
80.94.92.182 |
|
2026-06-22 |
| critical |
Malicious IP: 45.56.83.247 |
ip-reputation |
abuse-ipdb |
45.56.83.247 |
|
2026-06-22 |
| critical |
botnet_cc: undefined |
threat-intel |
threatfox |
|
APT, DPRK, SocGholish, OffLoader, AnyDesk, rmm, 22June2026, ClearFake, Commandline, macOS, Remus, Viper, dead-drop-c2, polygon-deaddrop, SmartLoader, SmartLoader-MaaS, elf, IoT, Mozi, c2, SmartApeSG, ClickFix, Kongtuke, SilentNet, Vidar, CobaltStrike, drb-ra, RAT, RemcosRAT, asyncrat, EvilGinx, EvilGoPhish, erebus-v14, nation-state-hunter, t1055, t1105, multi-c2, python-agent, diicot, docker-api, Redtail, selfrep, miner, DDoS, ssh, xorddos, module-load, Muhstik, redis, postgres, takeover, t1059_003, t1071_001, remcos, Vshell, ConnectWise, NanoCore, tofsee, cs-watermark-987654321, cs-watermark-666666666, cs-watermark-305419896, redirector, Vo1d, gaea-operations, malware, phishing, scams, stefan-himmelskamp, honeypot, RapidStealer, QuasarRAT, 21June2026, etherhiding, Polygon, Stealc, dcrat, Covenant, DomainShadowing, Windows, evalusion, jarm:1276612955, merry-florist, NetSupport, port:1337, single-gateway, unc2190, central-hub, clickfix-hub, wordpress-compromise, Fake-Captcha, wordpress-injection, c2-rotation, SilentStealer, XWorm, Havoc, Amos, AtomicStealer, Cthulhu, xxxblyat, stealer, OverlordRAT, AdaptixC2, valleyrat_s2, cs-watermark-391144938, Meterpreter, webpot, junko, boyzee, phoenix-c2, phoenix, Mirai, Adaptix, Mythic, EyePyramid, cs-watermark-1873433027, cs-watermark-1580103824, eval, lua, config, rce, xmrig, hta-polyglot, Loader, msix, TDS, crypter, rundll32, WebDav, ValleyRAT, RatonRAT, RemusStealer, FakeCaptcha, powershell, clipboard-hijack, NetSupportRAT, Dropper, fileless, i7sb1k, BianLian, cs-watermark-1234567890, lockbit, Ransomware, DarkVNC, kimsuky, honeylabs, erebus-v15, t1573_002, Ngioweb, AddType, Digitalocean, mtls, nginx, one-check.lol, TLS1.3, mesh, meshagent, China, Telecom, TernDoor, UAT-9244, cve-2024-4577, rotator, monero, payload-host, pool, cron, nc, DanBot, poshc2, payload, Sh, sliver, PureLogsStealer, CloudflareHardwareFingerprinting, amatera, ArcStealer, python-backdoor, winpython, Cloudflare, cracked-games, HijackLoader, Prospero, renengine, telemetry, kimwolf, Sheet Rat, SheetRAT, Deimos, ScreenConnect, compromised, WordPress, quasar, powershell-loader, RC4, ContagiousInterview, FakeInterview, dentons-impersonation, google-drive-abuse, homoglyph, msiexec, PureLogStealer, NeptuneRAT, BruteRatel, ErrTraffic, Amadey, ViriBack, 23b404, CHAOS, NFS, iran, mois, MuddyWater, tsundere, FRP, relay, stagecomp, StrelaStealer, blockchain-C2, EtherRat, deerstealer, FakeGit, LuaJIT, ransomware, apt, botnet, infostealer |
2026-06-22 |
| critical |
New Prinz Eugen ransomware prioritizes recent files for encryption |
news |
general-news |
|
ransomware |
2026-06-20 |
| critical |
Gentlemen ransomware uses multiple EDR killers to disable defenses |
news |
general-news |
|
ransomware |
2026-06-18 |
| critical |
⚡ Weekly Recap: Browser Bugs, EDR Killers, TV Botnet, OpenBSD Flaw, Android Trojan, and More |
news |
general-news |
|
ransomware, botnet |
2026-06-22 |
| critical |
INTERPOL Warns Phishing, Ransomware, and AI Scams Are Rising Across Asia-Pacific |
news |
general-news |
|
ransomware, phishing |
2026-06-22 |
| critical |
The Gentlemen RaaS Uses GentleKiller EDR Framework Targeting 400 Security Processes |
news |
general-news |
|
ransomware |
2026-06-19 |
| critical |
AutoJack Attack Lets One Web Page Hijack AI Agent for Host Code Execution |
news |
general-news |
|
rce |
2026-06-19 |
| critical |
F5 Patches Two Critical NGINX Open Source Flaws Enabling Remote Code Execution |
news |
general-news |
|
rce |
2026-06-18 |
| critical |
INC Ransomware Emerges as Major RaaS Threat in 2026 with 830+ Victims Since 2023 |
news |
general-news |
|
ransomware |
2026-06-18 |
| critical |
DragonForce Hackers Abuse Microsoft Teams Relays to Hide Backdoor.Turn C2 Traffic |
news |
general-news |
|
ransomware, botnet |
2026-06-18 |
| critical |
Microsoft Confirms RoguePlanet Defender Zero-Day, Says Patch is in Development |
news |
general-news |
|
zeroday |
2026-06-17 |
| critical |
The Top 10 Attack Surface Exposures in 2026 |
news |
general-news |
|
zeroday |
2026-06-17 |
| critical |
New Rokarolla Android Malware Steals PINs, SMS Codes, and Crypto Wallet Funds |
news |
general-news |
|
ransomware |
2026-06-16 |
| critical |
INC Ransomware Thrives by Mastering the Basics |
news |
general-news |
|
ransomware |
2026-06-17 |
| critical |
'Lorem Ipsum' Malware Pivots to ClickFix Delivery |
news |
general-news |
|
ransomware |
2026-06-16 |
| critical |
What the Latest ShinyHunters Breaches Reveal About Modern Cyberattacks |
news |
general-news |
|
zeroday |
2026-06-22 |
| critical |
Operation Endgame Disrupts Malware Network Linked to Major Ransomware Gang |
news |
general-news |
|
ransomware |
2026-06-19 |
| critical |
ICO Cautions Healthcare Worker After Princess of Wales Incident |
news |
general-news |
|
ransomware |
2026-06-18 |
| critical |
DragonForce Ransomware Exploited Microsoft Teams to Hide in Attack Against Major Company |
news |
general-news |
|
ransomware, botnet |
2026-06-16 |
| critical |
Adriatic Port Cyber-Attack by Anubis Sparks Warning Over Maritime Security Risks |
news |
general-news |
|
ransomware, transport |
2026-06-15 |
| critical |
Week in review: 74k Fortinet firewall credentials stolen, Splunk Enterprise RCE under active attack |
news |
general-news |
|
rce, supply-chain |
2026-06-21 |
| critical |
Australian sugar producer works to restore operations as ransomware group claims attack |
news |
general-news |
|
ransomware |
2026-06-18 |
| high |
CVE-2026-20253 — Splunk Enterprise Missing Authentication for Critical Function Vulnerability |
vulnerability |
cisa-kev |
CVE-2026-20253 |
|
2026-06-18 |
| high |
CVE-2026-48907 — Widget Factory Joomla Content Editor Improper Access Control Vulnerability |
vulnerability |
cisa-kev |
CVE-2026-48907 |
|
2026-06-16 |
| high |
Apollo Pharmacy Blood Glucose Monitoring System APG-01 BT |
advisory |
cisa-advisories, vendor-blogs |
|
ics |
2026-06-18 |
| high |
Mitsubishi Electric Co.'s MELSEC iQ-F Series FX5-ENET/IP Ethernet Module |
advisory |
cisa-advisories, vendor-blogs |
|
ics |
2026-06-18 |
| high |
Mitsubishi Electric MELSEC iQ-F Series |
advisory |
cisa-advisories, vendor-blogs |
|
ics |
2026-06-18 |
| high |
Schneider Electric Easergy, EcoStruxture, PowerLogic, and Saitel Products |
advisory |
cisa-advisories, vendor-blogs |
|
botnet, ics |
2026-06-18 |
| high |
Rockwell Automation FactoryTalk Historian Site Edition |
advisory |
cisa-advisories, vendor-blogs |
|
phishing, ics |
2026-06-18 |
| high |
AVer PTC cameras |
advisory |
cisa-advisories, vendor-blogs |
|
phishing, ics |
2026-06-18 |
| high |
Schneider Electric EasyLogic T150 and Saitel DP |
advisory |
cisa-advisories, vendor-blogs |
|
phishing, ics |
2026-06-18 |
| high |
Rockwell Automation FLEX I/O EtherNet/IP Adapters |
advisory |
cisa-advisories, vendor-blogs |
|
phishing, ics |
2026-06-16 |
| high |
Rockwell Automation Logix 5370 & 5570 Controllers Vulnerable To Denial of Service Via CIP |
advisory |
cisa-advisories, vendor-blogs |
|
phishing, ics |
2026-06-16 |
| high |
Rockwell Automation RSLinx |
advisory |
cisa-advisories, vendor-blogs |
|
phishing, ics |
2026-06-16 |
| high |
Rockwell Automation FactoryTalk Analytics PavilionX |
advisory |
cisa-advisories, vendor-blogs |
|
ics |
2026-06-16 |
| high |
Rockwell Automation CompactLogix |
advisory |
cisa-advisories, vendor-blogs |
|
phishing, ics |
2026-06-16 |
| high |
sunwukongs.exe |
malware |
malware-bazaar |
f3355943d1b27977…, 0f89e6a8ca11c4e7… |
exe |
2026-06-22 |
| high |
ScreenConnect.ClientSetup.exe |
malware |
malware-bazaar |
80ea7456faf8688b…, e4841bff2e9072bb… |
signed |
2026-06-22 |
| high |
INTERMEDIATE BKR SURVEY. Formato BASE_083658.xls |
malware |
malware-bazaar |
5485368e29878f81…, f500581a9e3ba199… |
xls |
2026-06-22 |
| high |
Rusko selo vodovod i grejanje.xls |
malware |
malware-bazaar |
69ff04f88458bf9f…, 8c28702a17cddfe3… |
xls |
2026-06-22 |
| high |
Purchase Order for 20ft.docm |
malware |
malware-bazaar |
38ac227c825ab5a0…, 73f8b1defc80ba1c… |
docm |
2026-06-22 |
| high |
BLAZE FREE INTERNAL Cracked.exe |
malware |
malware-bazaar |
12b90ddb368ab4ff…, 0c4f98399c7d35ad… |
CoinMiner, exe, xmrig |
2026-06-22 |
| high |
Satınalma Siparişi Q62026-V5560001.xls |
malware |
malware-bazaar |
99a218e5ef6b32d4…, 22c64ea564c04e44… |
geo, TUR, xls |
2026-06-22 |
| high |
support.client.exe |
malware |
malware-bazaar |
0b3e31bd2e94bb8d…, 2312608a5b3968e1… |
signed |
2026-06-22 |
| high |
Client.exe |
malware |
malware-bazaar |
3f55e9b6542684cb…, 9f21fda4eace55e9… |
email, exe, spam |
2026-06-22 |
| high |
Loan_Prediction_Approval_v3.3.zip |
malware |
malware-bazaar |
ed1d99b06bccf943…, bfab914fe1b96232… |
|
2026-06-22 |
| high |
undetek-v10.34.exe |
malware |
malware-bazaar |
674295167707c56a…, 158b8af97dc35528… |
exe, miner, salatstealer, upx, xmrig |
2026-06-22 |
| high |
undetek-v10.37.exe |
malware |
malware-bazaar |
97d52f54dfdbe3f2…, 1f122145a516407b… |
exe |
2026-06-22 |
| high |
crypted (4).js |
malware |
malware-bazaar |
05b67b5e047a4270…, 15d472fd9b877b99… |
js, PhantomStealer |
2026-06-22 |
| high |
d9e0461524386292212444734e44619e.exe |
malware |
malware-bazaar |
6a0bf1dba11b61b4…, d9e0461524386292… |
exe |
2026-06-22 |
| high |
1688a855869a249114084ae11f82fd8e.exe |
malware |
malware-bazaar |
16de32e17a146551…, 1688a855869a2491… |
exe |
2026-06-22 |
| high |
098a3905a8bde664d46f9967e9c34770.exe |
malware |
malware-bazaar |
3e982ec9ece55bc3…, 098a3905a8bde664… |
exe, RustyStealer |
2026-06-22 |
| high |
mfrmfral.bat |
malware |
malware-bazaar |
f710fb64a042409d…, 436a48cb924dc5ab… |
bat, RAT, RatonRAT |
2026-06-22 |
| high |
Yeni Talep Duco_Nq.DD.js |
malware |
malware-bazaar |
a61c493ca9a11e4e…, 38028d442b37bb94… |
AsyncRAT, geo, js, RAT, TUR |
2026-06-22 |
| high |
НсаtаlinаХ64-v.1.234.exe |
malware |
malware-bazaar |
85faf8edd9d7b2c7…, a604cd455d2e8c3d… |
exe, signed, stealc, stealer, vidar, infostealer |
2026-06-22 |
| high |
ohshit.spc |
malware |
malware-bazaar |
69e3b714d2a4fac4…, 2e01679e7d06069f… |
elf, Mirai, botnet |
2026-06-22 |
| high |
libwinpthread-1.dll |
malware |
malware-bazaar |
c5bb14bf2a888516…, 9bd6df880bbe0fd7… |
dll, exe |
2026-06-22 |
| high |
ParalivesTrainer.exe |
malware |
malware-bazaar |
a30e92239077cdd1…, 0b2deab99584acf6… |
exe |
2026-06-22 |
| high |
setup.exe |
malware |
malware-bazaar |
409ad0799fe0b1ca…, be2bc476dc6a1816… |
exe, RemusStealer, signed |
2026-06-22 |
| high |
socolive22.exe |
malware |
malware-bazaar |
d337ba3b1ea0946b…, 3ebaabe329226d8e… |
exe, NanoCore, RAT |
2026-06-22 |
| high |
file |
malware |
malware-bazaar |
03ab8ad3d41ca487…, 05cacbb03802272d… |
dropped-by-GCleaner, exe, F, MIX1.file, signed |
2026-06-22 |
| high |
НсаtаlinаХ64-v.6.981.exe |
malware |
malware-bazaar |
ff1860389f41deed…, 7d8946ca862fe4a2… |
exe, signed, stealc, stealer, vidar, infostealer |
2026-06-22 |
| high |
c8545034cd4fe71eeadb24dacddc5da95c4311c7112c299f1325801f3e06f928 |
malware |
malware-bazaar |
c8545034cd4fe71e…, 6c533f0ae1236042… |
elf, Mirai, wraith, botnet |
2026-06-22 |
| high |
88d028a54a136782982817d1d93c89b075b7f04897b0c0681311add7c8712eb6 |
malware |
malware-bazaar |
88d028a54a136782…, c3406825be3171f8… |
elf, Mirai, wraith, botnet |
2026-06-22 |
| high |
3ad48bae18b7ea8e7ffe3608b6eeaa4673b6ff47e9e6a21def774eecba66364a |
malware |
malware-bazaar |
3ad48bae18b7ea8e…, 59b98f52977620c5… |
elf, Mirai, wraith, botnet |
2026-06-22 |
| high |
mpclient.dll |
malware |
malware-bazaar |
f3321076596f3bf0…, adf6a14557d511c3… |
dll, exe, signed, stealc, stealer, vidar, infostealer |
2026-06-22 |
| high |
loadermanager.lua |
malware |
malware-bazaar |
58ff722ee7e956e1…, 11e3254f10f02bc6… |
base64, lua, payload, suspicious |
2026-06-22 |
| high |
file |
malware |
malware-bazaar |
e350ca46f64afa44…, 343da20a5db5a3dc… |
CoinMiner, d52f85, dropped-by-Amadey, exe |
2026-06-22 |
| high |
XENO.exe |
malware |
malware-bazaar |
f1df00a47848af0d…, 7ee470fa82fd63c4… |
blankgrabber, exe, stealer |
2026-06-22 |
| high |
AryStinger botnet infected thousands of D-Link routers worldwide |
news |
general-news |
|
botnet |
2026-06-21 |
| high |
Microsoft links Mastra AI supply chain attack to North Korean hackers |
news |
general-news |
|
supply-chain |
2026-06-20 |
| high |
Canada’s Spy Agency Used First-of-Its-Kind Warrant to Clean Botnet-Infected Devices |
news |
general-news |
|
botnet |
2026-06-22 |
| high |
AryStinger Malware Infects 4,300 Legacy Routers to Build Reconnaissance Proxy Network |
news |
general-news |
|
botnet |
2026-06-22 |
| high |
ThreatsDay Bulletin: Claude Chat Abuse, NastyC2 npm Packages, Device-Code Phishing + 25 More Stories |
news |
general-news |
|
phishing, botnet |
2026-06-18 |
| high |
Microsoft Details Windows Clipper Malware Campaign Using USB LNK Worm and Tor-Based C2 |
news |
general-news |
|
botnet |
2026-06-18 |
| high |
Junior Hacker Used Tailscale and OpenSSH to Keep Access After His C2 Went Offline |
news |
general-news |
|
botnet, infostealer |
2026-06-17 |
| high |
145 Mastra npm Packages Compromised via Hijacked Contributor Account |
news |
general-news |
|
supply-chain |
2026-06-17 |
| high |
China-Linked SprySOCKS Backdoor Expands to Windows with Driver-Based Stealth |
news |
general-news |
|
botnet |
2026-06-16 |
| high |
North Korean Hackers Blamed for Mastra NPM Supply Chain Attack |
news |
general-news |
|
supply-chain |
2026-06-22 |
| high |
In Other News: Apple Patches Beats Eavesdropping Flaw, DOT Closes Delta CrowdStrike Probe, AWS Continuum |
news |
general-news |
|
botnet |
2026-06-19 |
| high |
Microsoft Attributes Mastra AI Supply Chain Attack to North Korea |
news |
general-news |
|
supply-chain |
2026-06-22 |
| high |
SprySOCKS Backdoor Expands From Linux to Windows |
news |
general-news |
|
botnet |
2026-06-16 |
| high |
Police raid malware network tied to Russia's Evil Corp hacker group |
news |
general-news |
|
botnet |
2026-06-19 |
| high |
Authorities disrupt Evil Corp’s SocGholish botnet |
news |
general-news |
|
botnet |
2026-06-18 |
| high |
Accenture shells out $4.18B on three companies in big industrial cybersecurity push |
news |
general-news |
|
ics |
2026-06-18 |
| medium |
CISA Urges Hardening Fortinet Devices After Reports of Credential Exposure |
advisory |
cisa-advisories |
|
phishing |
2026-06-18 |
| medium |
payload: undefined |
threat-intel |
threatfox |
|
ContagiousInterview, akira, elf, Ransomware, note, ransomnote, ClickFix, crypter, rundll32, WebDav, hta-polyglot, Loader, msix, IoT, Mozi, China, CrowDoor, FamousSparrow, Telecom, TernDoor, TropicTrooper, UAT-9244, malicious, Kongtuke, python-backdoor, winpython, Sheet Rat, SheetRAT, powershell-loader, RC4, Dropper, fake-document, logmein-resolve, rmm, vbs, discord-c2, golang, infostealer, vileransomware, Downloader, iran, mois, MuddyWater, stagecomp, ransomware, botnet |
2026-06-21 |
| medium |
Webinar: How attackers bypass MFA and how defenders can respond |
news |
general-news |
|
phishing |
2026-06-19 |
| medium |
Crypto Clipper Campaign Abuses Fake Reviews, AI Narrators, and VirusTotal Comments |
news |
general-news |
|
phishing |
2026-06-17 |
| medium |
Fake Microsoft Alerts Used to Deploy North Korean NarwhalRAT Malware |
news |
general-news |
|
phishing |
2026-06-16 |
| medium |
North Korean Hackers Are Turning Developer Tools Into Malware Delivery Channels |
news |
general-news |
|
phishing |
2026-06-15 |
| medium |
Sweeping Credential-Harvesting Heist Compromises 30K+ Fortinet Devices |
news |
general-news |
|
phishing |
2026-06-17 |
| medium |
Fortinet Responds to FortiBleed Campaign |
news |
general-news |
|
phishing |
2026-06-22 |
| medium |
Serverless Phishing Kit on GitHub Targets Mexican Banks |
news |
general-news |
|
phishing |
2026-06-17 |
| unknown |
CISA Adds One Known Exploited Vulnerability to Catalog |
advisory |
cisa-advisories |
|
|
2026-06-18 |
| unknown |
CVE-2025-5791 Users: `root` appended to group listings |
advisory |
vendor-blogs |
|
|
2026-06-20 |
| unknown |
CVE-2025-4574 Crossbeam-channel: crossbeam-channel vulnerable to double free on drop |
advisory |
vendor-blogs |
|
|
2026-06-20 |
| unknown |
CVE-2026-45445 AES-OCB IV Ignored on EVP_Cipher() Path |
advisory |
vendor-blogs |
|
|
2026-06-20 |
| unknown |
CVE-2026-34183 Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler |
advisory |
vendor-blogs |
|
|
2026-06-20 |
| unknown |
CVE-2026-7383 Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion |
advisory |
vendor-blogs |
|
|
2026-06-20 |
| unknown |
CVE-2026-42768 Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt() |
advisory |
vendor-blogs |
|
|
2026-06-20 |
| unknown |
CVE-2026-9076 Out-of-Bounds Read in CMS Password-Based Decryption |
advisory |
vendor-blogs |
|
|
2026-06-20 |
| unknown |
CVE-2026-45446 Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes |
advisory |
vendor-blogs |
|
|
2026-06-20 |
| unknown |
CVE-2026-42766 Possible NULL Dereference in Password-Based CMS Decryption |
advisory |
vendor-blogs |
|
|
2026-06-20 |
| unknown |
CVE-2026-42767 NULL Pointer Dereference in CRMF EncryptedValue Decryption |
advisory |
vendor-blogs |
|
|
2026-06-20 |
| unknown |
CVE-2026-34180 Heap Buffer Over-read in ASN.1 Content Parsing |
advisory |
vendor-blogs |
|
|
2026-06-20 |
| unknown |
CVE-2026-44967 opentelemetry-cpp: OTLP HTTP exporters read unbounded HTTP response |
advisory |
vendor-blogs |
|
|
2026-06-20 |
| unknown |
CVE-2026-46331 net/sched: fix pedit partial COW leading to page cache corruption |
advisory |
vendor-blogs |
|
|
2026-06-20 |
| unknown |
CVE-2026-45485 Microsoft Office Information Disclosure Vulnerability |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2026-45466 Microsoft Word Information Disclosure Vulnerability |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2026-45649 Office for Android Spoofing Vulnerability |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2026-44822 Microsoft Excel Information Disclosure Vulnerability |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2026-45459 Microsoft Excel Security Feature Bypass Vulnerability |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
Chromium: CVE-2026-12439 Use after free in Digital Credentials |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
Chromium: CVE-2026-12440 Use after free in DigitalCredentials |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
Chromium: CVE-2026-12445 Use after free in Extensions |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
Chromium: CVE-2026-12446 Insufficient data validation in Passwords |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
Chromium: CVE-2026-12441 Use after free in File Input |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
Chromium: CVE-2026-12447 Heap buffer overflow in WebRTC |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
Chromium: CVE-2026-12443 Use after free in Web Authentication |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
Chromium: CVE-2026-12452 Use after free in Downloads |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
Chromium: CVE-2026-12453 Insufficient validation of untrusted input in Input |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
Chromium: CVE-2026-12455 Use after free in Tab Strip |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
Chromium: CVE-2026-12456 Insufficient validation of untrusted input in Extensions |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
Chromium: CVE-2026-12458 Incorrect security UI in Passwords |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
Chromium: CVE-2026-12457 Insufficient data validation in Extensions |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
Chromium: CVE-2026-12459 Inappropriate implementation in Serial |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
Chromium: CVE-2026-12460 Insufficient policy enforcement in File System Access |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
Chromium: CVE-2026-12462 Use after free in Media |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
Chromium: CVE-2026-12464 Use after free in Browser |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
Chromium: CVE-2026-12463 Inappropriate implementation in Views |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
Chromium: CVE-2026-12465 Insufficient validation of untrusted input in Metrics |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
Chromium: CVE-2026-12454 Race in Safe Browsing |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
Chromium: CVE-2026-12468 Inappropriate implementation in Updater |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
Chromium: CVE-2026-12449 Use after free in Chromoting |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
Chromium: CVE-2026-12444 Out of bounds read in Chromoting |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
Chromium: CVE-2026-12437 Use after free in WebShare |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
Chromium: CVE-2026-12461 Out of bounds read in WebRTC |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2026-42903 Windows Kerberos Denial of Service Vulnerability |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2026-12439 Use after free in Digital Credentials |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2026-12440 Use after free in DigitalCredentials |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2026-12445 Use after free in Extensions |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2026-12446 Insufficient data validation in Passwords |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2026-12441 Use after free in File Input |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2026-12447 Heap buffer overflow in WebRTC |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2026-12443 Use after free in Web Authentication |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2026-12452 Use after free in Downloads |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2026-12453 Insufficient validation of untrusted input in Input |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2026-12455 Use after free in Tab Strip |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2026-12456 Insufficient validation of untrusted input in Extensions |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2026-12458 Incorrect security UI in Passwords |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2026-12457 Insufficient data validation in Extensions |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2026-12459 Inappropriate implementation in Serial |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2026-12460 Insufficient policy enforcement in File System Access |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2026-12462 Use after free in Media |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2026-12464 Use after free in Browser |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2026-12463 Inappropriate implementation in Views |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2026-12465 Insufficient validation of untrusted input in Metrics |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2026-12454 Race in Safe Browsing |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2026-12468 Inappropriate implementation in Updater |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2026-12449 Use after free in Chromoting |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2026-12444 Out of bounds read in Chromoting |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2026-12437 Use after free in WebShare |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2026-12461 Out of bounds read in WebRTC |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2026-24289 Windows Kernel Elevation of Privilege Vulnerability |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2026-32177 .NET Elevation of Privilege Vulnerability |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2025-6965 Integer Truncation on SQLite |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2026-8376 Perl versions through 5.43.10 have a heap buffer overflow when compiling regular expressions with a repeated fixed string on 32-bit builds |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2026-48914 Qemu-kvm: heap buffer overflow in virtio-blk scsi request handling |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2026-42014 Gnutls: fix use-after-free in gnutls_pkcs11_token_set_pin |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2026-53689 |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2026-12087 Socket versions before 2.041 for Perl have an out-of-bounds heap read |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2026-9669 bz2.BZ2Decompressor reuse after error can cause a stack buffer overflow |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2026-43966 HTTP Response Splitting via Non-VCHAR Bytes in cow_http_struct_hd:escape_string/2 |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2026-10275 OpenSC pkcs11-tool Key Generation pkcs11-tool.c test_kpgen_certwrite buffer overflow |
advisory |
vendor-blogs |
|
|
2026-06-19 |
| unknown |
CVE-2026-47633 Microsoft Cost Management Information Disclosure Vulnerability |
advisory |
vendor-blogs |
|
|
2026-06-18 |
| unknown |
CVE-2026-32208 Microsoft Edge (Chromium-based) Spoofing Vulnerability |
advisory |
vendor-blogs |
|
|
2026-06-18 |
| unknown |
CVE-2026-32174 Azure Bot Service Elevation of Privilege Vulnerability |
advisory |
vendor-blogs |
|
|
2026-06-18 |
| unknown |
CVE-2026-45480 Azure Active Directory Elevation of Privilege Vulnerability |
advisory |
vendor-blogs |
|
|
2026-06-18 |
| unknown |
CVE-2026-42895 Microsoft Copilot Tampering Vulnerability |
advisory |
vendor-blogs |
|
|
2026-06-18 |
| unknown |
CVE-2026-54130 M365 Copilot Information Disclosure Vulnerability |
advisory |
vendor-blogs |
|
|
2026-06-18 |
| unknown |
CVE-2026-47647 Dynamics 365 Elevation of Privilege Vulnerability |
advisory |
vendor-blogs |
|
|
2026-06-18 |
| unknown |
CVE-2026-48584 Microsoft Azure Synapse Elevation of Privilege Vulnerability |
advisory |
vendor-blogs |
|
|
2026-06-18 |
| unknown |
CVE-2026-48582 Microsoft Exchange Online Elevation of Privilege Vulnerability |
advisory |
vendor-blogs |
|
|
2026-06-18 |
| unknown |
CVE-2026-47645 Microsoft 365 Copilot's Business Chat Elevation of Privilege Vulnerability |
advisory |
vendor-blogs |
|
|
2026-06-18 |
| unknown |
CVE-2026-47646 Dynamics 365 Customer Voice Spoofing Vulnerability |
advisory |
vendor-blogs |
|
|
2026-06-18 |
| unknown |
CVE-2025-71073 Input: lkkbd - disable pending work before freeing device |
advisory |
vendor-blogs |
|
|
2026-06-18 |
| unknown |
CVE-2025-71072 shmem: fix recovery on rename failures |
advisory |
vendor-blogs |
|
|
2026-06-18 |
| unknown |
CVE-2026-28387 Potential Use-after-free in DANE Client Code |
advisory |
vendor-blogs |
|
|
2026-06-18 |
| unknown |
CVE-2026-43308 btrfs: don't BUG() on unexpected delayed ref type in run_one_delayed_ref() |
advisory |
vendor-blogs |
|
|
2026-06-18 |
| unknown |
CVE-2026-25681 Invoking incorrect handling of character references in DOCTYPE nodes in golang.org/x/net/html |
advisory |
vendor-blogs |
|
|
2026-06-18 |
| unknown |
CVE-2026-25680 Invoking denial of service when parsing arbitrary HTML in golang.org/x/net/html |
advisory |
vendor-blogs |
|
|
2026-06-18 |
| unknown |
CVE-2026-45447 Heap Use-After-Free in the PKCS7_verify() Function |
advisory |
vendor-blogs |
|
|
2026-06-18 |
| unknown |
CVE-2026-48854 Unbounded request body accumulation causes memory exhaustion in elixir-grpc/grpc |
advisory |
vendor-blogs |
|
|
2026-06-18 |
| unknown |
CVE-2026-46292 pmdomain: core: Fix detach procedure for virtual devices in genpd |
advisory |
vendor-blogs |
|
|
2026-06-18 |
| unknown |
CVE-2026-46274 io-wq: check that the predecessor is hashed in io_wq_remove_pending() |
advisory |
vendor-blogs |
|
|
2026-06-18 |
| unknown |
CVE-2026-46291 crypto: caam - guard HMAC key hex dumps in hash_digest_key |
advisory |
vendor-blogs |
|
|
2026-06-18 |
| unknown |
CVE-2026-46293 clk: microchip: mpfs-ccc: fix out of bounds access during output registration |
advisory |
vendor-blogs |
|
|
2026-06-18 |
| unknown |
CVE-2026-34182 CMS AuthEnvelopedData Processing May Accept Forged Messages |
advisory |
vendor-blogs |
|
|
2026-06-18 |
| unknown |
CVE-2026-47636 Microsoft SharePoint Server Spoofing Vulnerability |
advisory |
vendor-blogs |
|
|
2026-06-17 |
| unknown |
CVE-2026-42828 Windows Projected File System Elevation of Privilege Vulnerability |
advisory |
vendor-blogs |
|
|
2026-06-17 |
| unknown |
CVE-2026-40371 Microsoft Dynamics 365 (on-premises) Elevation of Privilege Vulnerability |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
CVE-2026-45602 Windows Dynamic Host Configuration Protocol (DHCP) Tampering Vulnerability |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
CVE-2026-50656 Microsoft Defender Elevation of Privilege Vulnerability |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
CVE-2026-42915 Microsoft Windows VMSwitch Denial of Service Vulnerability |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
CVE-2026-54411 Linux-PAM through 1.7.2 contains an observable timing discrepancy (CWE-208) in the pam_userdb module's plaintext-password comparison path in modules/pam_userdb/pam_userdb.c that allows a local or network-adjacent attacker able to repeatedly drive authentication through a calling service to recover the plaintext password of a target account by measuring response-timing differences. The comparison uses strncmp() (or strncasecmp() when PAM_ICASE_ARG is set) preceded by a length-equality check, so the time to reject a candidate depends on the index of the first differing byte and on whether the candidate's length matches the stored password, leaking the password length and individual prefix bytes. The vulnerable path is reached when the administrator configures pam_userdb with crypt=none, with an unrecognized crypt method, or without a crypt= argument, causing the module to store and compare credentials in plaintext. |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11628 Use after free in Ozone |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11631 Use after free in Aura |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11632 Use after free in TabStrip |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11633 Use after free in Bluetooth |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11634 Use after free in Gamepad |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11639 Use after free in Compositing |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11637 Use after free in Views |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11636 Use after free in Autofill |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11638 Use after free in Printing |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11640 Integer overflow in libyuv |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11642 Use after free in Web Apps |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11645 Out of bounds memory access in V8 |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11643 Use after free in Proxy |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11646 Use after free in ViewTransitions |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11657 Use after free in Payments |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11660 Insufficient validation of untrusted input in New Tab Page |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11659 Insufficient validation of untrusted input in UI |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11663 Use after free in Skia |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11662 Type Confusion in Bindings |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11665 Out of bounds read in Dawn |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11668 Uninitialized Use in Codecs |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11669 Integer overflow in Media |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11670 Use after free in PDF |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11671 Use after free in Navigation |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11672 Out of bounds write in GPU |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11673 Use after free in InterestGroups |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11675 Insufficient validation of untrusted input in Skia |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11674 Use after free in Guest View |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11676 Insufficient validation of untrusted input in Dawn |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11677 Race in Network |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11679 Use after free in Codecs |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11682 Insufficient validation of untrusted input in Views |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11683 Use after free in WebCodecs |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11684 Insufficient policy enforcement in Network |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11687 Use after free in Dawn |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11688 Object lifecycle issue in SVG |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11685 Insufficient data validation in MediaCapture |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11689 Insufficient validation of untrusted input in Passwords |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11690 Out of bounds read and write in Media |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11692 Use after free in Read Anything |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11693 Inappropriate implementation in Plugins |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11694 Use after free in ServiceWorker |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11695 Inappropriate implementation in Passwords |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11696 Uninitialized Use in Video |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11700 Use after free in Tracing |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11648 Use after free in FullScreen |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11651 Use after free in Network |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11649 Use after free in V8 |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Chromium: CVE-2026-11654 Use after free in CameraCapture |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
Close Encounters of the Human Kind |
advisory |
vendor-blogs |
|
|
2026-06-18 |
| unknown |
Scripting the disassembler: Local agentic reverse engineering through vbdec’s live COM object model |
advisory |
vendor-blogs |
|
|
2026-06-18 |
| unknown |
SD1775 | FLEX I/O Dual-port EtherNet/IP Adapters – Multiple Vulnerabilities |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
SD1777 | FactoryTalk® Analytics™ PavilionX™ - Improper API Authorization |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
SD1773 | FactoryTalk Historian Site Edition - Multiple Vulnerabilities |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
SD1776 | CompactLogix 5370 Controllers – Multiple Vulnerabilities |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
SD1772 | Logix 5370 and 5570 Controllers Vulnerable To Denial of Service Via CIP |
advisory |
vendor-blogs |
|
|
2026-06-16 |
| unknown |
A Glimpse into the “Search Your Target” Market for Stolen Credentials |
news |
general-news |
|
|
2026-06-22 |
| unknown |
Klue OAuth breach victim list grows as Icarus hackers claim attack |
news |
general-news |
|
|
2026-06-19 |
| unknown |
Hackers exploit info disclosure bug in Gravity SMTP WordPress plugin |
news |
general-news |
|
|
2026-06-19 |
| unknown |
Texas govt data breach exposes over 3 million driver’s licenses |
news |
general-news |
|
|
2026-06-19 |
| unknown |
Microsoft: June 2026 Windows updates break Recycle Bin prompts |
news |
general-news |
|
|
2026-06-19 |
| unknown |
CISA: Splunk Enterprise flaw actively exploited, patch by Sunday |
news |
general-news |
|
|
2026-06-19 |
| unknown |
CISA warns Fortinet users to secure devices after FortiBleed leak |
news |
general-news |
|
|
2026-06-19 |
| unknown |
Nintendo confirms data stolen in WebMD subsidiary cyberattack |
news |
general-news |
|
|
2026-06-18 |
| unknown |
29-Year-Old Squid Proxy Bug 'Squidbleed' Can Leak Cleartext HTTP Requests |
news |
general-news |
|
|
2026-06-22 |
| unknown |
New OXLOADER Loader Uses Malicious Google Ads to Deliver CastleStealer |
news |
general-news |
|
|
2026-06-22 |
| unknown |
Stop Your Legacy Infrastructure from Hijacking Your AI Agents |
news |
general-news |
|
|
2026-06-22 |
| unknown |
Hackers Exploit Gravity SMTP WordPress Plugin Bug to Expose API Keys |
news |
general-news |
|
|
2026-06-20 |
| unknown |
Unpatchable 'usbliter8' Exploit Breaks Apple A12 and A13 SecureROM Boot Chain |
news |
general-news |
|
|
2026-06-19 |
| unknown |
From Assistive to Agentic: The AI Shift That's Redefining Threat Management |
news |
general-news |
|
|
2026-06-19 |
| unknown |
Salesforce Disables Klue App Integration After OAuth Token Abuse Exposes Customer Data |
news |
general-news |
|
|
2026-06-19 |
| unknown |
Apple Patches Beats Studio Buds Flaw Letting Nearby Attackers Spy via Microphone |
news |
general-news |
|
|
2026-06-19 |
| unknown |
Malicious JetBrains Plugins Steal AI API Keys as Chrome Extensions Capture Chatbot Chats |
news |
general-news |
|
|
2026-06-17 |
| unknown |
CISA Warns of Actively Exploited Joomla JCE Flaw Allowing PHP Code Execution |
news |
general-news |
|
|
2026-06-17 |
| unknown |
Google Vertex AI SDK Flaw Let Attackers Hijack Model Uploads via Bucket Squatting |
news |
general-news |
|
|
2026-06-16 |
| unknown |
ClickFix Campaigns Expand Malware Delivery With New Loaders and Fake Update Lures |
news |
general-news |
|
|
2026-06-16 |
| unknown |
Survey: 94% of Incidents Involve Anonymized Infrastructure. Teams Are Still Reactive |
news |
general-news |
|
|
2026-06-16 |
| unknown |
Attackers Exploit Three Fortinet FortiSandbox Flaws, One Patched Last Week |
news |
general-news |
|
|
2026-06-16 |
| unknown |
Cisco Releases Security Updates for Actively Exploited SD-WAN Manager Flaw |
news |
general-news |
|
|
2026-06-16 |
| unknown |
CISA Flags LiteSpeed cPanel Plugin Flaw Exploited for Root Privilege Escalation |
news |
general-news |
|
|
2026-06-16 |
| unknown |
Chinese Hackers Abused Google Workspace Rules to Steal Research and Defense Emails |
news |
general-news |
|
|
2026-06-15 |
| unknown |
LiteLLM Vulnerability Chain Lets Low-Privilege Users Take Over AI Gateway Servers |
news |
general-news |
|
|
2026-06-15 |
| unknown |
Novo Nordisk Breach Highlights Software Development Pipeline Risk |
news |
general-news |
|
|
2026-06-18 |
| unknown |
Fileless Phantom Stealer Targets Browser Credentials |
news |
general-news |
|
|
2026-06-16 |
| unknown |
SprySOCKS Windows Variant Abuses Kernel Drivers to Evade Detection |
news |
general-news |
|
|
2026-06-16 |
| unknown |
Rokarolla Android Trojan Levels Up to Full Device Control, Persistence |
news |
general-news |
|
|
2026-06-16 |
| unknown |
HTTP/2 Bomb Attacks Put Telcos, Healthcare Orgs at Risk |
news |
general-news |
|
|
2026-06-15 |
| unknown |
Copilot 'SearchLeak' Attack Allows 1-Click Data Theft |
news |
general-news |
|
|
2026-06-15 |
| unknown |
China-Nexus Actor Spies on US Researchers Undetected for a Year |
news |
general-news |
|
|
2026-06-15 |
| unknown |
Decades-Old Squid Proxy Flaw ‘Squidbleed’ Can Expose User Data |
news |
general-news |
|
|
2026-06-22 |
| unknown |
Attackers Exploit Gravity SMTP Plugin Flaw to Harvest Valuable WordPress Data |
news |
general-news |
|
|
2026-06-22 |
| unknown |
New Exploit Bypasses Apple’s Boot Defenses, Affects Millions of iPhones |
news |
general-news |
|
|
2026-06-22 |
| unknown |
Texas Parks & Wildlife Data Breach Affects 3 Million Individuals |
news |
general-news |
|
|
2026-06-22 |
| unknown |
Unpatchable BootROM Flaw Impacts Apple A12, A13 Chips |
news |
general-news |
|
|
2026-06-22 |
| unknown |
Klue Breach Enables Hackers to Compromise Cybersecurity Firms via OAuth Tokens |
news |
general-news |
|
|
2026-06-22 |
| unknown |
AWS Unveils 'Continuum,' an AI-Powered Vulnerability Management Platform |
news |
general-news |
|
|
2026-06-19 |
| unknown |
Confidence Lacks in Threat Detection Across Non-Email Channels like Slack and Teams |
news |
general-news |
|
|
2026-06-19 |
| unknown |
LATAM Infrastructure Hit by Fortinet and Ivanti Exploits |
news |
general-news |
|
|
2026-06-18 |
| unknown |
Hostile States Behind 75% of Cyber-Attacks on UK Critical Infrastructure, NCSC Warns |
news |
general-news |
|
|
2026-06-18 |
| unknown |
AI Threats and Alert Fatigue Challenge Cybersecurity Teams |
news |
general-news |
|
|
2026-06-17 |
| unknown |
EU Security Experts to Support Ukrainian Organizations in Case of Cyber-Attacks |
news |
general-news |
|
|
2026-06-17 |
| unknown |
Rokarolla Trojan Combines Banking Fraud With Device Surveillance |
news |
general-news |
|
|
2026-06-16 |
| unknown |
Chainguard, JPMorgan, BNY Team Up to Secure Open Source from AI Threats |
news |
general-news |
|
|
2026-06-16 |
| unknown |
Attackers Hijack Popular WordPress Plugins to Deploy Backdoors |
news |
general-news |
|
|
2026-06-15 |
| unknown |
Who pays when you gate cyber-capable AI models? |
news |
general-news |
|
|
2026-06-22 |
| unknown |
Hundreds of AI-powered iOS apps found exposing credentials |
news |
general-news |
|
|
2026-06-22 |
| unknown |
The systemd 261 release brings a software TPM, new OS installer |
news |
general-news |
|
|
2026-06-21 |
| unknown |
Klue breach lead to Salesforce data theft, Huntress affected |
news |
general-news |
|
|
2026-06-19 |
| unknown |
Cybercriminals abused GitHub, YouTube and VirusTotal to push crypto-stealing malware |
news |
general-news |
|
|
2026-06-19 |
| unknown |
Suspected cyberattack triggers false emergency alerts across parts of Brazil |
news |
general-news |
|
|
2026-06-22 |
| unknown |
Attackers hit pair of critical Fortinet vulnerabilities the vendor disclosed in April |
news |
general-news |
|
|
2026-06-17 |
| unknown |
AI’s constant patching treadmill can be a security problem |
news |
general-news |
|
|
2026-06-16 |
| unknown |
Google exposes China espionage group that’s been lurking in networks undetected since 2023 |
news |
general-news |
|
|
2026-06-15 |