Aggregator

CMD

Dark Feed IO
1 month 2 weeks ago

You must login to view this content

cohenido

iOS 26.5 is out, bringing encrypted RCS messaging to iPhone and Android users

Help Net Security
1 month 2 weeks ago

Apple is bringing long-awaited end-to-end encryption to Rich Communication Services (RCS) messaging between iPhone and Android users in iOS 26.5. The feature is launching in beta for iPhone users running iOS 26.5 on supported carriers and Android users using the latest version of Google Messages. “When RCS messages are end-to-end encrypted, they can’t be read while they’re sent between devices,” Apple said. “Users will know that a conversation is end-to-end encrypted when they see a … More →

The post iOS 26.5 is out, bringing encrypted RCS messaging to iPhone and Android users appeared first on Help Net Security.

Sinisa Markovic

CVE-2026-45222 | steipete summarize up to 0.14.1 ~/.summarize/daemon.json permission assignment

VulDB Recent Entries
1 month 2 weeks ago
A vulnerability was found in steipete summarize up to 0.14.1 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file ~/.summarize/daemon.json. Executing a manipulation can lead to incorrect permission assignment. This vulnerability appears as CVE-2026-45222. The attack requires local access. There is no available exploit. It is best practice to apply a patch to resolve this issue.
vuldb.com

CVE-2026-42866 | Alfredredbird tookie-osint up to 4.1fix modules/modules.py write_txt/write_csv/write_json/scan_file path traversal

VulDB Recent Entries
1 month 2 weeks ago
A vulnerability, which was classified as critical, has been found in Alfredredbird tookie-osint up to 4.1fix. This affects the function write_txt/write_csv/write_json/scan_file of the file modules/modules.py. This manipulation causes path traversal. This vulnerability is registered as CVE-2026-42866. The attack needs to be launched locally. No exploit is available. It is advisable to upgrade the affected component.
vuldb.com

CVE-2026-42864 | ManoManoTech firefighter-incident up to 0.0.53 jira_bot httpx.get missing authentication

VulDB Recent Entries
1 month 2 weeks ago
A vulnerability classified as critical has been found in ManoManoTech firefighter-incident up to 0.0.53. The affected element is the function httpx.get of the file /api/v2/firefighter/raid/jira_bot. The manipulation leads to missing authentication. This vulnerability is listed as CVE-2026-42864. The attack may be initiated remotely. There is no available exploit. It is recommended to upgrade the affected component.
vuldb.com

CVE-2026-42871 | LabRedesCefetRJ WeGIA up to 3.6.x familiar_docfamiliar.php information disclosure

VulDB Recent Entries
1 month 2 weeks ago
A vulnerability marked as problematic has been reported in LabRedesCefetRJ WeGIA up to 3.6.x. This issue affects some unknown processing of the file atendido/familiar_docfamiliar.php. Performing a manipulation results in information disclosure. This vulnerability is identified as CVE-2026-42871. The attack can be initiated remotely. There is not any exploit available. It is suggested to upgrade the affected component.
vuldb.com

CVE-2026-45109 | next.js App Router Application authentication bypass

VulDB Recent Entries
1 month 2 weeks ago
A vulnerability identified as critical has been detected in next.js. This affects an unknown part of the component App Router Application. This manipulation causes authentication bypass using alternate channel. The identification of this vulnerability is CVE-2026-45109. It is possible to initiate the attack remotely. There is no exploit available. You should upgrade the affected component.
vuldb.com

Managed ad