Recent Advisories

Severity ID Title Vendor Product Date Type
CRITICAL 9.2 A750C77E-2A84-

Exploit for Incorrect Calculation of Buffer Size in F5 Dos_A750C77E-2A84-512E-851A-D31DBACF4509

RIFT — Remote Injection & Fault Trigger Author: Michael Sanji Winaya Prawiradibrata AI Co-Author: Varanus — sahabatku Heap buffer overflow exploit ...

N/A N/A GITHUBEXPLOIT
NONE 4A2B93CF-136D-

0day-Rubbish_4A2B93CF-136D-5F1E-8106-D0E105DC92C2

0day Rubbish 0day vulnerabilities have become rubbish in the AI era. 🎯 Why This Exists Traditional vulnerability disclosure is broken. It's slow, ...

N/A N/A GITHUBEXPLOIT
HIGH 7.2 CVE-2026-50043

CVE-2026-50043_CVE-2026-50043

Improper neutralization of special elements used in an OS command ('OS Command Injection') issue exists in SkyBridge MB-A100/MB-A110. If this vulne...

Seiko Solutions Inc. SkyBridge MB-A100/MB-A110 all versions CVE
MEDIUM 6.4 CVE-2026-13733

Download Manager <= 3.3.60 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'no_data_msg' Shortcode Attribute_CVE-2026-13733

The Download Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'no_data_msg' Shortcode Attribute in all versions up to,...

codename065 Download Manager CVE
MEDIUM 6.4 CVE-2026-12732

LearnPress <= 4.4.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'class_wrapper_form' Shortcode Attribute_CVE-2026-12732

The LearnPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'class_wrapper_form' shortcode attribute in versions up to...

thimpress LearnPress – WordPress LMS Plugin for Create and Sell Online Courses CVE
HIGH 8.7 CVE-2026-12577

DVP80ES3 Improperly Implemented Security Check for Standard vulnerability_CVE-2026-12577

DVP80ES3 with Improperly Implemented Security Check for Standard vulnerability.

deltaww DVP80ES3 CVE
HIGH 7.5 CVE-2026-12576

DVP80ES3 Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability_CVE-2026-12576

DVP80ES3 with Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability.

deltaww DVP80ES3 CVE
HIGH 7.5 CVE-2026-12575

DVP80ES3 Improper Resource Shutdown or Release Vulnerability_CVE-2026-12575

DVP80ES3 with  Improper Resource Shutdown or Release vulnerability.

deltaww DVP80ES3 CVE
MEDIUM 4.3 CVE-2026-12435

Motors <= 1.4.111 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Meta Modification via 'stm_mark_as_sold_car' Parameter_CVE-2026-12435

The Motors – Car Dealership & Classified Listings Plugin plugin for WordPress is vulnerable to authorization bypass in all versions up to, and incl...

stylemix Motors – Car Dealership & Classified Listings Plugin CVE
MEDIUM 4.3 CVE-2026-12408

Slim SEO <= 4.9.8 - Authenticated (Contributor+) Insufficient Authorization to Private Content Disclosure via 'object.ID' Parameter_CVE-2026-12408

The Slim SEO – A Fast & Automated SEO Plugin For WordPress plugin for WordPress is vulnerable to Unauthorized Private Content Disclosure in all ver...

rilwis Slim SEO – A Fast & Automated SEO Plugin For WordPress CVE