| low |
CVE-2026-35342 — The mktemp utility in uutils coreutils fails to properly handle an empty TMPDIR environment variable… |
vulnerability |
nvd |
CVE-2026-35342 |
|
2026-04-22 |
| high |
CVE-2026-35341 — A vulnerability in uutils coreutils mkfifo allows for the unauthorized modification of permissions o… |
vulnerability |
nvd |
CVE-2026-35341 |
|
2026-04-22 |
| medium |
CVE-2026-35340 — A flaw in the ChownExecutor used by uutils coreutils chown and chgrp causes the utilities to return… |
vulnerability |
nvd |
CVE-2026-35340 |
|
2026-04-22 |
| medium |
CVE-2026-35339 — The recursive mode (-R) of the chmod utility in uutils coreutils incorrectly handles exit codes when… |
vulnerability |
nvd |
CVE-2026-35339 |
|
2026-04-22 |
| high |
CVE-2026-35338 — A vulnerability in the chmod utility of uutils coreutils allows users to bypass the --preserve-root… |
vulnerability |
nvd |
CVE-2026-35338 |
|
2026-04-22 |
| medium |
CVE-2026-32885 — DDEV is an open-source tool for running local web development environments for PHP and Node.js. Vers… |
vulnerability |
nvd |
CVE-2026-32885 |
|
2026-04-22 |
| medium |
CVE-2026-1660 — GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.3 before 18.9.6, 18.10… |
vulnerability |
nvd |
CVE-2026-1660 |
|
2026-04-22 |
| low |
CVE-2025-9957 — GitLab has remediated an issue in GitLab CE/EE affecting all versions from 11.2 before 18.9.6, 18.10… |
vulnerability |
nvd |
CVE-2025-9957 |
|
2026-04-22 |
| medium |
CVE-2025-6016 — GitLab has remediated an issue in GitLab CE/EE affecting all versions from 9.2 before 18.9.6, 18.10… |
vulnerability |
nvd |
CVE-2025-6016 |
|
2026-04-22 |
| medium |
CVE-2025-3922 — GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.4 before 18.9.6, 18.10… |
vulnerability |
nvd |
CVE-2025-3922 |
|
2026-04-22 |
| medium |
CVE-2025-0186 — GitLab has remediated an issue in GitLab CE/EE affecting all versions from 10.6 before 18.9.6, 18.10… |
vulnerability |
nvd |
CVE-2025-0186 |
|
2026-04-22 |
| unknown |
MacOS Native Tools Enable Stealthy Enterprise Attacks |
news |
general-news |
|
|
2026-04-22 |
| medium |
CVE-2026-30139 — A reflected cross-site scripting (XSS) vulnerability in the AdvancedSearch functionality of Silverpe… |
vulnerability |
nvd |
CVE-2026-30139 |
|
2026-04-22 |
| medium |
CVE-2025-58922 — Cross-Site Request Forgery (CSRF) vulnerability in ThemeFusion Avada allows Cross Site Request Forge… |
vulnerability |
nvd |
CVE-2025-58922 |
|
2026-04-22 |
| unknown |
NCSC flags widening gap between cyber threats and national resilience, urges action as AI fuels rise in disruptive attacks |
advisory |
vendor-blogs |
|
|
2026-04-22 |
| critical |
ZeroFox data shows ransomware stabilizing at scale, with manufacturing absorbing nearly one in five attacks |
advisory |
vendor-blogs |
|
ransomware |
2026-04-22 |
| unknown |
BRIDGE:BREAK reveals 22 vulnerabilities in serial-to-IP converters enabling disruption and lateral movement across OT |
advisory |
vendor-blogs |
|
|
2026-04-22 |
| unknown |
Australia’s CISC tightens cyber reporting rules to capture AI-driven incidents in critical infrastructure |
advisory |
vendor-blogs |
|
|
2026-04-22 |
| unknown |
French police arrest suspected hacker behind dozens of data breaches |
news |
general-news |
|
|
2026-04-22 |
| high |
Harvester Deploys Linux GoGra Backdoor in South Asia Using Microsoft Graph API |
news |
general-news |
|
botnet |
2026-04-22 |
| unknown |
ServiceNow closes Armis deal to extend AI-powered cyber risk visibility across OT and IoT |
advisory |
vendor-blogs |
|
|
2026-04-22 |
| high |
CVE-2026-35548 — An issue was discovered in guardsix (formerly Logpoint) ODBC Enrichment Plugins before 5.2.1 (5.2.1… |
vulnerability |
nvd |
CVE-2026-35548 |
|
2026-04-22 |
| unknown |
NCSC Unveils SilentGlass, a Plug-In Device to Protect Monitors from Cyber-Attacks |
news |
general-news |
|
|
2026-04-22 |
| unknown |
DPRK Fake Job Scams Self-Propagate in 'Contagious Interview' |
news |
general-news |
|
|
2026-04-22 |
| unknown |
After Bluesky, Mastodon Targeted in DDoS Attack |
news |
general-news |
|
|
2026-04-22 |
| medium |
CVE-2026-6862 — A flaw was found in libefiboot, a component of efivar. The device path node parser in libefiboot fai… |
vulnerability |
nvd |
CVE-2026-6862 |
|
2026-04-22 |
| medium |
CVE-2026-6861 — A flaw was found in GNU Emacs. This vulnerability, a memory corruption issue, occurs when Emacs proc… |
vulnerability |
nvd |
CVE-2026-6861 |
|
2026-04-22 |
| high |
CVE-2026-6859 — A flaw was found in InstructLab. The `linux_train.py` script hardcodes `trust_remote_code=True` when… |
vulnerability |
nvd |
CVE-2026-6859 |
|
2026-04-22 |
| critical |
CVE-2026-6356 — A vulnerability in the web application allows standard users to escalate their privileges to those o… |
vulnerability |
nvd |
CVE-2026-6356 |
|
2026-04-22 |
| medium |
CVE-2026-6355 — A vulnerability in the web application allows unauthorized users to access and manipulate sensitive… |
vulnerability |
nvd |
CVE-2026-6355 |
|
2026-04-22 |
| unknown |
CVE-2026-5750 — An insecure direct object reference (IDOR) vulnerability in the Fullstep V5 registration process all… |
vulnerability |
nvd |
CVE-2026-5750 |
|
2026-04-22 |
| unknown |
CVE-2026-5749 — Inadequate access control in the registration process in Fullstep V5, which could allow unauthentica… |
vulnerability |
nvd |
CVE-2026-5749 |
|
2026-04-22 |
| high |
CVE-2026-41651 — PackageKit is a a D-Bus abstraction layer that allows the user to manage packages in a secure way us… |
vulnerability |
nvd |
CVE-2026-41651 |
|
2026-04-22 |
| medium |
CVE-2026-33611 — An operator allowed to use the REST API can cause the Authoritative server to produce invalid HTTPS… |
vulnerability |
nvd |
CVE-2026-33611 |
|
2026-04-22 |
| medium |
CVE-2026-33610 — A rogue primary server may cause file descriptor exhaustion and eventually a denial of service, when… |
vulnerability |
nvd |
CVE-2026-33610 |
|
2026-04-22 |
| medium |
CVE-2026-33609 — Incomplete escaping of LDAP queries when running with 8bit-dns enabled allows users to perform queri… |
vulnerability |
nvd |
CVE-2026-33609 |
|
2026-04-22 |
| high |
CVE-2026-33608 — An attacker can send a notify request that causes a new secondary domain to be added to the bind bac… |
vulnerability |
nvd |
CVE-2026-33608 |
|
2026-04-22 |
| medium |
CVE-2026-33602 — A rogue backend can send a crafted UDP response with a query ID off by one related to the maximum co… |
vulnerability |
nvd |
CVE-2026-33602 |
|
2026-04-22 |
| low |
CVE-2026-33599 — A rogue backend can send a crafted SVCB response to a Discovery of Designated Resolvers request, whe… |
vulnerability |
nvd |
CVE-2026-33599 |
|
2026-04-22 |
| medium |
CVE-2026-33598 — A cached crafted response can cause an out-of-bounds read if custom Lua code calls getDomainListByAd… |
vulnerability |
nvd |
CVE-2026-33598 |
|
2026-04-22 |
| low |
CVE-2026-33597 — PRSD detection denial of service |
vulnerability |
nvd |
CVE-2026-33597 |
|
2026-04-22 |
| low |
CVE-2026-33596 — A client might theoretically be able to cause a mismatch between queries sent to a backend and the r… |
vulnerability |
nvd |
CVE-2026-33596 |
|
2026-04-22 |
| medium |
CVE-2026-33595 — A client can trigger excessive memory allocation by generating a lot of errors responses over a sing… |
vulnerability |
nvd |
CVE-2026-33595 |
|
2026-04-22 |
| medium |
CVE-2026-33594 — A client can trigger excessive memory allocation by generating a lot of queries that are routed to a… |
vulnerability |
nvd |
CVE-2026-33594 |
|
2026-04-22 |
| high |
CVE-2026-33593 — A client can trigger a divide by zero error leading to crash by sending a crafted DNSCrypt query. |
vulnerability |
nvd |
CVE-2026-33593 |
|
2026-04-22 |
| medium |
CVE-2026-33254 — An attacker can create a large number of concurrent DoQ or DoH3 connections, causing unlimited memor… |
vulnerability |
nvd |
CVE-2026-33254 |
|
2026-04-22 |
| unknown |
CVE-2026-31530 — In the Linux kernel, the following vulnerability has been resolved: cxl/port: Fix use after free of… |
vulnerability |
nvd |
CVE-2026-31530 |
|
2026-04-22 |
| unknown |
CVE-2026-31529 — In the Linux kernel, the following vulnerability has been resolved: cxl/region: Fix leakage in __con… |
vulnerability |
nvd |
CVE-2026-31529 |
|
2026-04-22 |
| unknown |
CVE-2026-31528 — In the Linux kernel, the following vulnerability has been resolved: perf: Make sure to use pmu_ctx->… |
vulnerability |
nvd |
CVE-2026-31528 |
|
2026-04-22 |
| unknown |
CVE-2026-31527 — In the Linux kernel, the following vulnerability has been resolved: driver core: platform: use gener… |
vulnerability |
nvd |
CVE-2026-31527 |
|
2026-04-22 |