Recent Advisories

Severity ID Title Vendor Product Date Type
HIGH 7.5 CVE-2026-9863

Core Privileged Access Manager (BoKS) upgrade tooling command injection vulnerability_CVE-2026-9863

Fortra BoKS Manager contains an OS command injection vulnerability in the client upgrade and patch tooling for legacy tar-based client installation...

Fortra Core Privileged Access Manager (BoKS) boks-server 8.1.0.0 CVE
HIGH 7.5 THN:0C053FA1B9E...

One-Click Microsoft 365 Copilot Flaw Could Have Let Attackers Steal Emails, Files_THN:0C053FA1B9E28CFF8B119BFB93E9A94A

![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgH3B8zgsVZmHEyLi8McE-eOrGvwf6Uh3zyqWrttvaEddXJCot7sybI1o-Ly5Q1TtuEJx9BzXol3oaXSFdzFi...

N/A N/A THN
HIGH 8.8 THN:856A8FFBDB6...

⚡ Weekly Recap: Chrome 0-Day, UniFi Exploits, macOS Stealers, VPN Flaw and More_THN:856A8FFBDB69929C783A53A3AC085A13

![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgOtdohah5P1Lv9egIZCwwxpEdcV4phYigmhvgzB3ulDhSeeffe4qDsVoowrzaTD6WsgwyjKIdJ_vzvnsUJ78...

N/A N/A THN
HIGH 8.8 CVE-2026-5242

Code Injection in Mia Technologies’ Pizzy Library_CVE-2026-5242

Improper neutralization of formula elements in a CSV file vulnerability in MIA Technology Inc. Pizzy Library allows Code Injection. This issue aff...

MIA Technology Inc. Pizzy Library 1.0.0.26250 CVE
HIGH 7.1 CVE-2026-5233

Missing Rate Limiting in Mia Technologies’ Pizzy Library_CVE-2026-5233

Improper Control of Interaction Frequency vulnerability in MIA Technology Inc. Pizzy Library allows Flooding. This issue affects Pizzy Library: fr...

MIA Technology Inc. Pizzy Library 1.0.0.26250 CVE
HIGH 7.1 CVE-2026-5230

Improper Access Control in Mia Technologies’ Pizzy Library_CVE-2026-5230

Improper Access Control, Missing Authorization vulnerability in MIA Technology Inc. Pizzy Library allows Exploiting Incorrectly Configured Access C...

MIA Technology Inc. Pizzy Library 1.0.0.26250 CVE
HIGH 7.5 CVE-2026-5079

multer vulnerable to Denial of Service via deeply nested field names_CVE-2026-5079

Impact: multer versions 1.0.0 through 2.1.1 and 3.0.0-alpha.1 are vulnerable to a Denial of Service via deeply nested field names in multipart form...

multer multer 1.0.0 CVE
HIGH 8.8 CVE-2026-49111

WordPress Masteriyo – LMS plugin <= 2.2.0 - Privilege Escalation vulnerability_CVE-2026-49111

Incorrect Privilege Assignment vulnerability in ThemeGrill Masteriyo - LMS allows Privilege Escalation. This issue affects Masteriyo - LMS: from n...

ThemeGrill Masteriyo - LMS n/a CVE
HIGH 7.5 CVE-2026-49064

WordPress GetPaid plugin <= 2.8.49 - Sensitive Data Exposure vulnerability_CVE-2026-49064

Insertion of Sensitive Information Into Sent Data vulnerability in Stiofan GetPaid allows Retrieve Embedded Sensitive Data. This issue affects Get...

Stiofan GetPaid n/a CVE
HIGH 8.8 CVE-2026-49062

WordPress Faust.js plugin <= 1.8.7 - Broken Authentication vulnerability_CVE-2026-49062

Authentication Bypass Using an Alternate Path or Channel vulnerability in WP Engine Faust.Js allows Password Recovery Exploitation. This issue aff...

WP Engine Faust.js n/a CVE