1917 items
Unread (2155) All Dismissed
CRITICAL
CVE-2026-8376 (CVSS 9.8) — Perl versions through 5.43.10 have a heap buffer overflow when compiling regular expressions with a ...
NVD CVE-2026-8376 11d ago
CRITICAL
CVE-2026-48172: LiteSpeed cPanel Plugin Privilege Escalation Vulnerability (LiteSpeed cPanel Plugin)
CISA KEV CVE-2026-48172actively-exploited +2 11d ago
CRITICAL
CVE-2026-48172 (CVSS 9.8) — LiteSpeed User-End cPanel Plugin before 2.4.5 allows privilege escalation (possibly to root), as exp...
NVD 16d ago
INFO
LiteSpeed cPanel Plugin CVE-2026-48172 Exploited to Run Scripts as Root
The Hacker News 14d ago
HIGH
CVE-2026-9482 (CVSS 8.8) — A vulnerability has been found in Edimax EW-7438RPn 1.31. This impacts the function formSDHCP of the...
NVD CVE-2026-9482 12d ago
HIGH
CVE-2026-9481 (CVSS 8.8) — A flaw has been found in Edimax EW-7438RPn 1.31. This affects the function formStats of the file /go...
NVD CVE-2026-9481 12d ago
HIGH
CVE-2026-9480 (CVSS 8.8) — A vulnerability was detected in Edimax EW-7438RPn 1.31. The impacted element is the function formref...
NVD CVE-2026-9480 12d ago
HIGH
CVE-2026-9479 (CVSS 8.8) — A security vulnerability has been detected in Edimax EW-7438RPn 1.31. The affected element is the fu...
NVD CVE-2026-9479 12d ago
CRITICAL
CVE-2026-9478 (CVSS 9.8) — A weakness has been identified in Totolink A8000RU 7.1cu.643_b20200521. Impacted is the function set...
NVD CVE-2026-9478 12d ago
CRITICAL
CVE-2026-9477 (CVSS 9.8) — A security flaw has been discovered in Totolink A8000RU 7.1cu.643_b20200521. This issue affects the ...
NVD CVE-2026-9477 12d ago
CRITICAL
CVE-2026-9476 (CVSS 9.8) — A vulnerability was identified in Totolink A8000RU 7.1cu.643_b20200521. This vulnerability affects t...
NVD CVE-2026-9476 12d ago
CRITICAL
CVE-2026-9475 (CVSS 9.8) — A vulnerability was determined in Totolink A8000RU 7.1cu.643_b20200521. This affects the function se...
NVD CVE-2026-9475 12d ago
HIGH
CVE-2026-9474 (CVSS 7.3) — A vulnerability was found in yashpokharna2555 StudentManagementSystem up to cb2f558ddf8d19396de0f92a...
NVD CVE-2026-9474 12d ago
HIGH
CVE-2026-9470 (CVSS 7.3) — A security vulnerability has been detected in yashpokharna2555 StudentManagementSystem cb2f558ddf8d1...
NVD CVE-2026-9470 12d ago
HIGH
CVE-2026-9469 (CVSS 7.3) — A weakness has been identified in yashpokharna2555 StudentManagementSystem cb2f558ddf8d19396de0f92ab...
NVD CVE-2026-9469 12d ago
HIGH
CVE-2026-42782 (CVSS 7.2) — Improper Isolation or Compartmentalization vulnerability in Apache Syncope. An administrator with a...
NVD CVE-2026-42782 12d ago
HIGH
CVE-2026-9465 (CVSS 7.3) — A vulnerability was found in Tiandy Easy7 Integrated Management Platform 7.17.0. This vulnerability ...
NVD CVE-2026-9465 12d ago
HIGH
CVE-2026-9463 (CVSS 8.8) — A flaw has been found in Edimax EW-7438RPn 1.31. Affected by this issue is the function formLicence ...
NVD CVE-2026-9463 12d ago
HIGH
CVE-2026-9462 (CVSS 8.8) — A vulnerability was detected in Edimax EW-7438RPn 1.31. Affected by this vulnerability is the functi...
NVD CVE-2026-9462 12d ago
HIGH
CVE-2026-47077 (CVSS 7.5) — Allocation of Resources Without Limits or Throttling vulnerability in benoitc hackney allows Floodin...
NVD CVE-2026-47077 12d ago
HIGH
CVE-2026-47075 (CVSS 7.5) — Improper Neutralization of CRLF Sequences vulnerability in benoitc hackney allows HTTP Request Split...
NVD CVE-2026-47075 12d ago
HIGH
CVE-2026-47073 (CVSS 7.5) — Allocation of Resources Without Limits or Throttling vulnerability in benoitc hackney allows Floodin...
NVD CVE-2026-47073 12d ago
HIGH
CVE-2026-47072 (CVSS 7.5) — Improper Neutralization of CRLF Sequences ('CRLF Injection') vulnerability in benoitc hackney allows...
NVD CVE-2026-47072 12d ago
HIGH
CVE-2026-47071 (CVSS 7.5) — Uncontrolled Resource Consumption vulnerability in benoitc hackney allows Flooding. The SOCKS5 trans...
NVD CVE-2026-47071 12d ago
HIGH
CVE-2026-47067 (CVSS 7.5) — Allocation of Resources Without Limits or Throttling vulnerability in benoitc hackney allows Floodin...
NVD CVE-2026-47067 12d ago
HIGH
CVE-2026-47066 (CVSS 7.5) — Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in benoitc hackney allows Exces...
NVD CVE-2026-47066 12d ago
HIGH
CVE-2018-25381 (CVSS 7.1) — Joomla Responsive Portfolio 1.6.1 contains an SQL injection vulnerability that allows authenticated ...
NVD CVE-2018-25381 12d ago
HIGH
CVE-2018-25380 (CVSS 7.1) — Joomla Component eXtroForms 2.1.5 contains an SQL injection vulnerability that allows authenticated ...
NVD CVE-2018-25380 12d ago
HIGH
CVE-2018-25379 (CVSS 8.2) — Collectric CMU 1.0 contains a boolean-based blind SQL injection vulnerability in the lang parameter ...
NVD CVE-2018-25379 12d ago
HIGH
CVE-2018-25377 (CVSS 8.4) — Flash Slideshow Maker Professional 5.20 contains a buffer overflow vulnerability in the registration...
NVD CVE-2018-25377 12d ago
HIGH
CVE-2018-25376 (CVSS 8.4) — Socusoft 3GP Photo Slideshow 8.05 contains a buffer overflow vulnerability in the registration dialo...
NVD CVE-2018-25376 12d ago
HIGH
CVE-2018-25375 (CVSS 8.4) — SocuSoft iPod Photo Slideshow 8.05 contains a buffer overflow vulnerability in the registration dial...
NVD CVE-2018-25375 12d ago
HIGH
CVE-2018-25374 (CVSS 7.5) — Softneta MedDream PACS Server Premium 6.7.1.1 contains a directory traversal vulnerability that allo...
NVD CVE-2018-25374 12d ago
HIGH
CVE-2018-25373 (CVSS 8.4) — SocuSoft DVD Photo Slideshow Professional 8.07 contains a stack-based buffer overflow vulnerability ...
NVD CVE-2018-25373 12d ago
HIGH
CVE-2018-25372 (CVSS 8.2) — MedDream PACS Server Premium 6.7.1.1 contains an SQL injection vulnerability that allows unauthentic...
NVD CVE-2018-25372 12d ago
HIGH
CVE-2018-25371 (CVSS 8.2) — mooSocial Store Plugin 2.6 contains a blind SQL injection vulnerability that allows unauthenticated ...
NVD CVE-2018-25371 12d ago
HIGH
CVE-2018-25368 (CVSS 7.5) — Nord VPN 6.14.31 contains a denial of service vulnerability that allows unauthenticated attackers to...
NVD CVE-2018-25368 12d ago
HIGH
CVE-2018-25366 (CVSS 8.4) — CuteFTP 5.0 XP contains a buffer overflow vulnerability that allows local attackers to execute arbit...
NVD CVE-2018-25366 12d ago
HIGH
CVE-2018-25364 (CVSS 8.2) — Twitter-Clone 1 contains a SQL injection vulnerability that allows unauthenticated attackers to exec...
NVD CVE-2018-25364 12d ago
HIGH
CVE-2018-25362 (CVSS 8.2) — Twitter-Clone 1 contains a SQL injection vulnerability in follow.php that allows attackers to manipu...
NVD CVE-2018-25362 12d ago
HIGH
CVE-2018-25360 (CVSS 8.4) — AgataSoft Auto PingMaster 1.5 contains a stack-based buffer overflow vulnerability in the Trace Rout...
NVD CVE-2018-25360 12d ago
HIGH
CVE-2018-25359 (CVSS 8.4) — Splinterware System Scheduler Pro 5.12 contains an insecure file permissions vulnerability that allo...
NVD CVE-2018-25359 12d ago
HIGH
CVE-2026-9461 (CVSS 8.8) — A security vulnerability has been detected in Edimax EW-7438RPn 1.31. Affected is the function formR...
NVD CVE-2026-9461 12d ago
HIGH
CVE-2026-9460 (CVSS 8.8) — A weakness has been identified in Edimax EW-7438RPn 1.31. This impacts the function formAccept of th...
NVD CVE-2026-9460 12d ago
HIGH
CVE-2026-9459 (CVSS 8.8) — A security flaw has been discovered in Edimax EW-7438RPn 1.31. This affects the function formConnect...
NVD CVE-2026-9459 12d ago
CRITICAL
CVE-2026-9458 (CVSS 9.8) — A vulnerability was identified in Totolink A8000RU 7.1cu.643_b20200521. The impacted element is the ...
NVD CVE-2026-9458 12d ago
CRITICAL
CVE-2026-9457 (CVSS 9.8) — A vulnerability was determined in Totolink A8000RU 7.1cu.643_b20200521. The affected element is the ...
NVD CVE-2026-9457 12d ago
HIGH
MiniPlasma Windows 0-Day Enables SYSTEM Privilege Escalation on Fully Patched Systems
The Hacker News supply-chainbreachesmalware +19 19d ago
INFO
'Dirty Frag' Exploit Poised to Blow Up on Enterprise Linux Distros
rss:darkreading 26d ago
INFO
It's Patch Tuesday for Microsoft & Not a Zero-Day In Sight
rss:darkreading 24d ago
INFO
Microsoft Patches 138 Vulnerabilities, Including DNS and Netlogon RCE Flaws
The Hacker News 24d ago
INFO
[Webinar] How Modern Attack Paths Cross Code, Pipelines, and Cloud
The Hacker News 24d ago
INFO
Four OpenClaw Flaws Enable Data Theft, Privilege Escalation, and Persistence
The Hacker News 22d ago
INFO
Can Laws Stop Deepfakes? South Korea Aims to Find Out
rss:darkreading 19d ago
INFO
Processes and Culture Top Reasons Behind Data Breaches
rss:darkreading 17d ago
INFO
When Identity is the Attack Path
The Hacker News 16d ago
INFO
CISA Adds Exploited Langflow and Trend Micro Apex One Vulnerabilities to KEV
The Hacker News 15d ago
INFO
Meta settles school district lawsuit claiming addictive design harmed students' mental health
The Record 15d ago
INFO
Claude Mythos AI Finds 10,000 High-Severity Flaws in Widely Used Software
The Hacker News 14d ago
INFO
⚡ Weekly Recap: Linux Flaws, Defender 0-Days, Router Botnets, and Supply Chain Chaos
The Hacker News 12d ago
INFO
CERT-In Mandates 12-Hour Patching for Internet-Facing Flaws Amid AI-Assisted Attacks
The Hacker News 11d ago
INFO
RevEng.AI Raises $15 Million to Hunt for Flaws and Backdoors in Software Binaries
SecurityWeek 10d ago
INFO
California Sues 23andMe, Alleging It Failed to Protect User Data in 2023 Breach
SecurityWeek 8d ago
INFO
California AG sues 23andMe over 2023 breach exposing health data
BleepingComputer 8d ago
INFO
Kirki, Burst Statistics WordPress Plugin Flaws in Attackers’ Crosshairs
SecurityWeek 3d ago
INFO
Chrome 149 Patches 429 Vulnerabilities
SecurityWeek 1d ago
INFO
EU unveils tech sovereignty package to cut reliance on US, Chinese suppliers
The Record 1d ago
INFO
Ghost CMS Vulnerability Exploited to Hack Over 700 Websites
SecurityWeek breachesransomwaresupply-chain 12d ago
CRITICAL
CVE-2026-9456 (CVSS 9.8) — A vulnerability was found in Totolink A8000RU 7.1cu.643_b20200521. Impacted is the function setOpenV...
NVD CVE-2026-9456 12d ago
CRITICAL
CVE-2026-9455 (CVSS 9.8) — A vulnerability has been found in Totolink A8000RU 7.1cu.643_b20200521. This issue affects the funct...
NVD CVE-2026-9455 12d ago
CRITICAL
CVE-2026-9454 (CVSS 9.8) — A flaw has been found in Totolink A8000RU 7.1cu.643_b20200521. This vulnerability affects the functi...
NVD CVE-2026-9454 12d ago
CRITICAL CISA KEV Tue, 26 May 2026 00:00:00 UTC
CVE-2026-48172: LiteSpeed cPanel Plugin Privilege Escalation Vulnerability (LiteSpeed cPanel Plugin)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog
TL;DR AI
Malicious cyber attackers exploited a publicly available vulnerability in an open-source security framework used by many organizations to protect their networks, compromising sensitive data and disrupting global supply chains. The attackers used the vulnerability to gain access to sensitive data, including financial information, intellectual property, and customer data. The attack highlights the importance of using secure technologies and frameworks to protect against such vulnerabilities.
CVE-2026-48172actively-exploited
Read full story ↗
Related coverage (2)
CVE-2026-48172 (CVSS 9.8) — LiteSpeed User-End cPanel Plugin before 2.4.5 allows privilege escalation (possibly to root), as exp...
NVD 16d ago
LiteSpeed cPanel Plugin CVE-2026-48172 Exploited to Run Scripts as Root
The Hacker News 14d ago