Recent Advisories

Severity ID Title Vendor Product Date Type
HIGH 8.3 CVE-2026-50521

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability_CVE-2026-50521

{“lastseen”:””,”description”:””,”published”:”2026-07-01T20:14:43.695Z”,&#82...

Microsoft Microsoft Edge (Chromium-based) 1.0.0.0 CVE
HIGH 7.2 CVE-2026-58263

Jodit Editor: Mutation XSS in jodit clean-html via a MathML/style rawtext carrier_CVE-2026-58263

Jodit Editor is a WYSIWYG editor with written in pure TypeScript file and image editing capabilities. In versions prior to 4.12.28, the built-in cl...

xdan jodit < 4.12.28 CVE
MEDIUM 4.8 CVE-2026-55661

TinaCMS rich-text (slatejson) rendering does not sanitize link/image URLs, allowing stored XSS via dangerous URL schemes_CVE-2026-55661

Tina is a headless content management system. In versions prior to @tinacms/mdx 2.1.7 and tinacms 3.9.3, rich-text parsing and the default link/i...

tinacms tinacms < 3.9.3 CVE
HIGH 7.6 CVE-2026-55660

TinaCMS: Cross-origin postMessage handlers and rich-text URL-sanitization bypass enable stored XSS and session takeover_CVE-2026-55660

Tina is a headless content management system. In versions prior to @tinacms/app 2.5.6 and tinacms 3.9.3, cross-origin postMessage handlers and a ri...

tinacms tinacms < 3.9.3 CVE
MEDIUM 6.3 CVE-2026-54756

Jodit Editor: Prototype pollution via Jodit.configure() / ConfigMerge_CVE-2026-54756

Jodit Editor is a WYSIWYG editor with written in pure TypeScript file and image editing capabilities. In versions prior to 4.12.18, Jodit.configure...

xdan jodit < 4.12.18 CVE
MEDIUM 5.4 CVE-2026-54720

Silverstripe Framework: Possible XSS attack through media embed_CVE-2026-54720

Silverstripe Framework is a PHP framework which powers the Silverstripe CMS. In versions prior to 6.2.2, the "Insert media from web" functionality ...

silverstripe silverstripe-framework < 6.2.2 CVE
HIGH 7.8 CVE-2026-54074

@tinacms/cli: Remote Code Execution via Forestry migration — unsanitised __TINA_INTERNAL__ marker in user-controlled YAML labels_CVE-2026-54074

Tina is a headless content management system. @tinacms/cli versions prior to 2.4.3 contain a Remote Code Execution vulnerability in the Forestry-to...

tinacms tinacms < 2.4.3 CVE
MEDIUM 5.3 CVE-2026-14340

An incorrect authorization vulnerability in GitHub Enterprise Server allows issue creation in unrelated public repositories_CVE-2026-14340

An incorrect authorization vulnerability was identified in GitHub Enterprise Server that allowed a user-to-server token scoped to a GitHub App inst...

GitHub Enterprise Server 3.16.0 CVE
CRITICAL 10 9300A862-8FDF-

Exploit for SQL Injection in Sangoma Freepbx_9300A862-8FDF-5FB3-B6EB-72DB0241BA85

CVE-2025-57819 Exploit Metadata - Severity: Critical 9.8 - Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - Type: Unauthenticated SQL Injecti...

N/A N/A GITHUBEXPLOIT
NONE 3C05B801-8687-

unified-bb-suite_3C05B801-8687-5076-995A-55DFAC5DBCAC

Unified BB Suite — Combined Workflow Two workflows merged into one · 33 tools · 30 Python scripts · 3 enhanced core tools Zero CGO · Termux-native ...

N/A N/A GITHUBEXPLOIT