Recent Advisories

Severity ID Title Vendor Product Date Type
MEDIUM 6.9 CVE-2026-55791

Craft CMS: Blind SSRF and Arbitrary JavaScript Injection via Host Header Poisoning in actionResourceJs_CVE-2026-55791

Craft CMS is a content management system (CMS). Versions 4.0.0-RC1 and above, prior to 4.18.0 and 5.0.0-RC1, and above, prior to 5.10.0, are vulner...

craftcms cms >= 5.0.0-RC1, < 5.10.0 CVE
MEDIUM 6 CVE-2026-50280

Craft CMS: Authorization bypass in `entries/move-to-section` via missing target-section save check_CVE-2026-50280

Craft CMS is a content management system (CMS). In versions 5.0.0-RC1 and above prior to 5.9.21, the EntriesController::actionMoveToSection() endpo...

craftcms cms >= 5.0.0-RC1, < 5.9.21 CVE
HIGH 7.6 CVE-2026-50279

Craft CMS: Authorship spoofing in `entries/save-entry` via pre-check/post-mutation authorization gap_CVE-2026-50279

Craft CMS is a content management system (CMS). IN versions 5.0.0-RC1 and above prior to 5.9.21, theEntriesController::actionSaveEntry() performs e...

craftcms cms >= 5.0.0-RC1, < 5.9.21 CVE
NONE MALWAREBYTES:25...

Fake Perplexity Chrome extension spies on your searches_MALWAREBYTES:252EA3E0AE5014871441073E13B63101

Type "Perplexity" into the Chrome Web Store and you get a range of browser extensions offering access to the popular AI search service. Until last ...

N/A N/A MALWAREBYTES
NONE HACKREAD:15DFA4...

The Cost of Non-Compliance: Why AI Governance Is the New Enterprise Imperative_HACKREAD:15DFA4F9F86366B28EA488550D76C6F9

AI governance helps enterprises control tool use, reduce compliance risk, protect customer data, and avoid fines as teams adopt AI faster than policy.

N/A N/A HACKREAD
NONE A00EE5B6-8F94-

SQLi-PoC_A00EE5B6-8F94-5989-907C-384C5EFDE512

SQLi-PoC — CW... flag extractor A self-contained, sqlmap-free SQL-injection exploit that extracts a CW... flag from a SQLite-backed API in under 15...

N/A N/A GITHUBEXPLOIT
CRITICAL 9.4 8D80E256-E0CF-

Exploit for OS Command Injection in Devcode Openstamanager_8D80E256-E0CF-5629-972A-654657B04B04

CVE-2025-69212 --- Description OpenSTAManager is a management software solution for technical assistance, electronic invoicing, and accounting. The...

N/A N/A GITHUBEXPLOIT
MEDIUM 4.3 CVE-2026-14092

CVE-2026-14092_CVE-2026-14092

Insufficient policy enforcement in Privacy in Google Chrome prior to 150.0.7871.47 allowed an attacker in a privileged network position to leak cro...

Google Chrome 150.0.7871.47 CVE
CRITICAL 9.8 CVE-2026-14090

CVE-2026-14090_CVE-2026-14090

Insufficient validation of untrusted input in CameraCapture in Google Chrome on ChromeOS prior to 150.0.7871.47 allowed a remote attacker to perfor...

Google Chrome 150.0.7871.47 CVE
HIGH 8.8 CVE-2026-14087

CVE-2026-14087_CVE-2026-14087

Heap buffer overflow in WebNN in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process...

Google Chrome 150.0.7871.47 CVE