Recent Advisories

Severity ID Title Vendor Product Date Type
CRITICAL 10 CVE-2026-56415

OS Command Injection in StoneFly Storage Concentrator_CVE-2026-56415

Storage Concentrator (SC & SCVM) contains a command injection vulnerability within the debug.pl script that is reachable without authentication. A ...

Stonefly Storage Concentrator CVE
CRITICAL 10 CVE-2026-56413

OS Command Injection in StoneFly Storage Concentrator_CVE-2026-56413

Storage Concentrator (SC & SCVM) contains a command injection vulnerability in the ms_service.pl service, which listens on TCP port 9000 by default...

StoneFly Storage Concentrator CVE
CRITICAL 9.2 CVE-2026-55721

SQL Injection in StoneFly Storage Concentrator_CVE-2026-55721

Storage Concentrator (SC & SCVM) is vulnerable to SQL injection through cookie values processed by the login.pl and debug.pl scripts. The cookie va...

StoneFly Storage Concentrator CVE
MEDIUM 6.3 CVE-2026-55223

c3p0 exposes a deserialization “sink” via JDBC DataSource bean properties_CVE-2026-55223

c3p0 is a JDBC Connection pooling library. In versions prior to 0.14.0, c3p0 in combination with other libraries, can compose to a "sink" for des...

swaldman c3p0 < 0.14.0 CVE
CRITICAL 9.3 CVE-2026-50110

Use of Hard-coded Credentials in StoneFly Storage Concentrator_CVE-2026-50110

Storage Concentrator (SC & SCVM) contains hardcoded credentials for numerous internal services embedded within a configuration file. While the cred...

StoneFly Storage Concentrator CVE
NONE MALWAREBYTES:76...

Watch out for “high paying, low effort” Amazon job texts_MALWAREBYTES:7664CEF9E63F1C210095EE36493FED6B

Remote, flexible, high‑paying work is a tempting prospect, and the holy grail for many people looking for a new role. But it's not just recruiters ...

N/A N/A MALWAREBYTES
NONE B201DF04-51B6-

redteam-threat-exploits_B201DF04-51B6-52D3-A8EA-718A6037086E

redteam-threat-exploits A Claude Code skill that turns OpenCTI threat intelligence into red team exercise material: rank top threats from OpenCTI, ...

N/A N/A GITHUBEXPLOIT
NONE 6701D9A4-CBB9-

ctf-poc_6701D9A4-CBB9-5F86-A45E-F2C7570CFA9B

Xerces-C++ PE Entity UAF RCE PoC Tiny proof harness for Apache Xerces-C++ at commit 53c0401812bfe5523594c1180f5ac7c758a2eaf7. The bug is a paramete...

N/A N/A GITHUBEXPLOIT
LOW 3.5 CVE-2026-9836

IBM DataStage Flow Designer application is affected by an information disclosure vulnerability_CVE-2026-9836

IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is affected by an information disclosure vulnerability.

IBM InfoSphere Information Server 11.7.0.0 CVE
MEDIUM 6.5 CVE-2026-9002

IBM WebSphere eXtremes Scale is affected by uncontrolled resource consumption when XDF is enabled_CVE-2026-9002

IBM WebSphere Extreme Scale 8.6.1.0 through 8.6.1.6 could allow an adjacent attacker to cause a denial of service due to improper validation in the...

IBM WebSphere Extreme Scale 8.6.1.0 CVE