Aggregator

A vulnerability, which was classified as problematic, has been found in SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /queue.php. This manipulation of the argument firstname/lastname causes cross site scripting. This vulnerability is tracked as CVE-2026-3171. The attack is possible to be carried out remotely. Moreover, an exploit is present.

A vulnerability classified as problematic was found in SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System 1.0. Affected is an unknown function of the file /patient-search.php. The manipulation of the argument First Name/Last Name results in cross site scripting. This vulnerability is identified as CVE-2026-3170. The attack can be executed remotely. Additionally, an exploit exists.

Submit #760597 / VDB-165781

A vulnerability classified as critical has been found in Tenda F453 1.0.0.3. This impacts the function fromSafeEmailFilter of the file /goform/SafeEmailFilter of the component httpd. The manipulation of the argument page leads to buffer overflow. This vulnerability is referenced as CVE-2026-3169. Remote exploitation of the attack is possible. Furthermore, an exploit is available.

A vulnerability described as critical has been identified in Tenda F453 1.0.0.3. This affects the function fromNatStaticSetting of the file /goform/NatStaticSetting of the component httpd. Executing a manipulation of the argument page can lead to buffer overflow. The identification of this vulnerability is CVE-2026-3168. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability marked as critical has been reported in Tenda F453 1.0.0.3. The impacted element is the function formWebTypeLibrary of the file /goform/webtypelibrary of the component httpd. Performing a manipulation of the argument webSiteId results in buffer overflow. This vulnerability was named CVE-2026-3167. The attack may be initiated remotely. In addition, an exploit is available.

A vulnerability labeled as critical has been found in Tenda F453 1.0.0.3. The affected element is the function fromRouteStatic of the file /goform/RouteStatic of the component httpd. Such manipulation of the argument page leads to buffer overflow. This vulnerability is uniquely identified as CVE-2026-3166. The attack can be launched remotely. Moreover, an exploit is present.

A vulnerability identified as critical has been detected in Tenda F453 1.0.0.3. Impacted is the function fromSetWifiGusetBasic of the file /goform/AdvSetWrlsafeset of the component httpd. This manipulation of the argument mit_ssid causes buffer overflow. This vulnerability is handled as CVE-2026-3165. The attack can be initiated remotely. Additionally, an exploit exists.

Submit #760189 / VDB-347678

Why Governance, Access Control and Vendor Oversight Now Define Patient Safety
Healthcare breaches do not start with a single technical failure. Digital risk has become clinical risk, driven by weak governance, excess access and unmanaged vendors. Resilience now depends on governance, not more tooling.

DeepSeek, MoonShot AI, MiniMax Used 24,000 Fake Accounts in Campaign
Anthropic has accused three Chinese AI firms of running coordinated, large-scale operations to steal capabilities from its Claude models. The U.S.-based company said DeepSeek, Moonshot AI and MiniMax are conducting "industrial-scale campaigns" using tens of thousands of fraudulent accounts.

Submit #760179 / VDB-332582

Submit #759845 / VDB-347677

A vulnerability categorized as critical has been discovered in itsourcecode News Portal Project 1.0. This issue affects some unknown processing of the file /admin/contactus.php. The manipulation of the argument pagetitle results in sql injection. This vulnerability is known as CVE-2026-3164. It is possible to launch the attack remotely. Furthermore, an exploit is available.

Gen AI Nears 98% Adoption as OTel Gains Ground in Production
From automated correlation to agentic AI that investigates and remediates incidents, observability is entering a new phase. With generative AI adoption accelerating and OpenTelemetry gaining production ground, integrated intelligence is becoming table stakes.

Why Governance, Access Control and Vendor Oversight Now Define Patient Safety
Healthcare breaches do not start with a single technical failure. Digital risk has become clinical risk, driven by weak governance, excess access and unmanaged vendors. Resilience now depends on governance, not more tooling.