Aggregator

A vulnerability was found in AWS tough and tuftool and classified as critical. This impacts the function copy_target/link_target. Executing a manipulation can lead to path traversal. This vulnerability is handled as CVE-2026-6968. The attack can be executed remotely. There is not any exploit available. It is suggested to upgrade the affected component.

A vulnerability has been found in AWS tough and tuftool 0.22.0/up to 0.21 and classified as problematic. This affects an unknown function. Performing a manipulation results in improper verification of cryptographic signature. This vulnerability is known as CVE-2026-6966. Remote exploitation of the attack is possible. No exploit is available. The affected component should be upgraded.

A vulnerability, which was classified as critical, was found in Deskflow up to 1.26.0.138. The impacted element is the function ClipboardChunk::assemble in the library src/lib/deskflow/IClipboard.cpp. Such manipulation leads to buffer overflow. This vulnerability is traded as CVE-2026-41476. The attack may be launched remotely. There is no exploit available. You should upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in bacnet-stack BACnet Stack up to 1.4.2. The affected element is the function rpm_decode_object_property of the file src/bacnet/rpm.c of the component ReadPropertyMultiple Service. This manipulation causes out-of-bounds read. This vulnerability appears as CVE-2026-41503. The attack may be initiated remotely. There is no available exploit. It is advisable to upgrade the affected component.

A vulnerability classified as problematic was found in bacnet-stack BACnet Stack up to 1.4.2. Impacted is the function rpm_decode_object_id of the file src/bacnet/rpm.c of the component ReadPropertyMultiple Service. The manipulation results in out-of-bounds read. This vulnerability is reported as CVE-2026-41502. The attack can be launched remotely. No exploit exists. Upgrading the affected component is advised.

A vulnerability classified as problematic has been found in bacnet-stack BACnet Stack up to 1.4.2. This issue affects the function wpm_decode_object_property of the component WritePropertyMultiple Service. The manipulation leads to out-of-bounds read. This vulnerability is documented as CVE-2026-41475. The attack can be initiated remotely. There is not any exploit available. It is recommended to upgrade the affected component.

Okta's Shiven Ramji on Visibility, Identity and Hidden Risk
Enterprises are rapidly deploying AI agents, but many don't know where they are or what they're accessing. Shiven Ramji of Okta explains why "shadow agents" are the next major security risk and how identity, visibility and governance must evolve to keep up.

Agencies Urged to Track and Disrupt Coordinated AI Extraction Campaigns
The White House is escalating coordination with AI firms after identifying large-scale foreign campaigns using proxy accounts and jailbreaking techniques to extract capabilities from U.S. models, raising national security concerns and prompting new detection, logging and accountability measures.

Continuous Integration Has Its Downsides
As supply-chain attacks against widely-used, open-source software repositories continue, experts are urging developers to not only rely on code integrity tools, but also to introduce a delay before merging new repos, since unfolding attacks tend to get spotted in days, if not hours or minutes.

HHS OCR Breach Investigators Again Find All-Too-Common Risk Analysis Failures
Faulty or non-existent security risk analyses cost a medical imaging provider, a women's healthcare group, a health plan and a third-party insurance administrator a collective $1.7 million in fines after federal regulators concluded they didn't do enough to prevent ransomware attacks.

An April 30 deadline is looming to extend expiring Section 702 powers, and the newest legislation to re-up it is drawing fire from the left and right.

The post Latest spy power reauthorization bill leaves critics unimpressed appeared first on CyberScoop.

Cybersecurity agencies in the U.S. and U.K. are warning about a custom malware called Firestarter persisting on Cisco Firepower and Secure Firewall devices running Adaptive Security Appliance (ASA) or Firepower Threat Defense (FTD) software. [...]

A vulnerability described as critical has been identified in KLiK SocialMediaWebsite up to 1.0.1. This vulnerability affects unknown code of the file /includes/get_message_ajax.php of the component Private Message Handler. Executing a manipulation of the argument c_id can lead to sql injection. This vulnerability is registered as CVE-2026-7002. It is possible to launch the attack remotely. No exploit is available.

A vulnerability marked as problematic has been reported in Datacom DM4100 1.3.6.1.4.1.3709. This affects an unknown part of the component Ethernet Configuration Page. Performing a manipulation of the argument Name results in cross site scripting. This vulnerability is cataloged as CVE-2026-7001. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability labeled as problematic has been found in Datacom DM4100 1.3.6.1.4.1.3709. Affected by this issue is some unknown functionality of the component VLAN Page. Such manipulation of the argument VLAN Name leads to cross site scripting. This vulnerability is listed as CVE-2026-7000. The attack may be performed from remote. In addition, an exploit is available. The vendor was contacted early about this disclosure but did not respond in any way.

Submit #797302 / VDB-359561

Submit #797368 / VDB-359560

Submit #797281 / VDB-359559

A vulnerability identified as problematic has been detected in BIVOCOM TR321 21.1.1.50. Affected by this vulnerability is an unknown functionality of the component Wireless Setting. This manipulation of the argument Network Name SSID causes cross site scripting. This vulnerability is tracked as CVE-2026-6999. The attack is possible to be carried out remotely. Moreover, an exploit is present. The vendor was contacted early about this disclosure but did not respond in any way.