Recent Advisories

Severity ID Title Vendor Product Date Type
NONE THN:B4D7A1F379A...

Researcher Analyzes 3,000 Live ClickFix Payloads, Exposing API-Driven Malware Delivery_THN:B4D7A1F379A5B964A3E344EE5A2CEAE2

![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjXEaR4unJmt3rBY1LzI0Gq_veoF7Qzi-yPQNUcoR2oNV802lQ4MZAviyeq7bBh73PLAyp1quTozDq0ki_zm_...

N/A N/A THN
NONE THN:C46AE7905BE...

Azure CLI Password Spray Hits at Least 78 Microsoft Accounts in 81M+ Attempts_THN:C46AE7905BE451EB6EFAFFDF0134A46D

![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjlhMdp0ML_DO3inv2zhyphenhyphenoZ9CmB1ESRBbVh_YHPol3serW7D4zTsXPGVjF62GhEcvamH6fmTs0Z...

N/A N/A THN
MEDIUM 6.4 CVE-2026-9107

Kali Forms <= 2.4.13 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'kaliforms_field_components' Parameter_CVE-2026-9107

The Kali Forms — Contact Form & Drag-and-Drop Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'meta[kaliforms_fie...

wpchill Kali Forms — Contact Form & Drag-and-Drop Builder CVE
CRITICAL 9.8 CVE-2026-7840

UltraVNC repeater HTTP server global buffer overflow via long URI (pre-auth RCE)_CVE-2026-7840

UltraVNC repeater through 1.8.2.2 contains a global buffer overflow in its embedded HTTP administration server. The functions wi_senderr() and wi_r...

uvnc UltraVNC 1.8.2.2 CVE
CRITICAL 9.1 CVE-2026-7839

UltraVNC repeater ships hardcoded default admin password allowing unauthenticated admin access_CVE-2026-7839

UltraVNC repeater through 1.8.2.2 initializes the HTTP administration server with a hardcoded default password. In repeater/webgui/settings.c:197, ...

uvnc UltraVNC CVE
HIGH 8.8 CVE-2026-7838

UltraVNC viewer heap buffer overflow via integer overflow in RFB connection-failure reason length_CVE-2026-7838

UltraVNC viewer through 1.8.2.2 contains an integer overflow leading to a heap buffer overflow in the RFB protocol failure-response parsing path. I...

uvnc UltraVNC CVE
HIGH 7.5 CVE-2026-7831

UltraVNC viewer off-by-one stack overflow in ServerInit desktop name parsing_CVE-2026-7831

UltraVNC viewer through 1.8.2.2 contains an off-by-one stack buffer overflow in the RFB ServerInit message handler. In vncviewer/ClientConnection.c...

uvnc UltraVNC CVE
HIGH 7.4 CVE-2026-7830

UltraVNC MS-Logon II uses 64-bit Diffie-Hellman and seeded libc rand() enabling credential interception_CVE-2026-7830

UltraVNC through 1.8.2.2 uses inadequate cryptography in the MS-Logon II authentication scheme (rfbUltraVNC_MsLogonIIAuth). In rfb/dh.cpp the Diffi...

uvnc UltraVNC CVE
HIGH 7.2 CVE-2026-7829

UltraVNC repeater authenticated out-of-bounds write in rule parser via oversized token_CVE-2026-7829

UltraVNC repeater through 1.8.2.2 contains a post-authentication out-of-bounds write in the allow/deny rule parser. In repeater/webgui/settings.c:2...

uvnc UltraVNC CVE
MEDIUM 5.3 CVE-2026-7828

UltraVNC repeater integer overflow in win_log malloc leading to heap overflow_CVE-2026-7828

UltraVNC repeater through 1.8.2.2 contains an integer overflow in the HTTP request logging path. In repeater/webgui/settings.c:336, the win_log() f...

uvnc UltraVNC CVE