[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"cve-CVE-2026-10510":3,"landing-trending":45,"landing-articles":124},{"id":4,"cve_id":5,"summary":6,"published":7,"cvss_data":8,"is_remote":30,"cwes":31,"cpes":33,"technologies":34,"references":35,"score":40,"epss_score":41,"epss_percentile":41,"is_kev":42,"cisa_kev_date_added":43,"cisa_kev_due_date":43,"exploits":44},353733,"CVE-2026-10581","A flaw has been found in DedeCMS 5.7.88. Affected by this vulnerability is the function base64_decode of the file \u002Fplus\u002Fdownload.php?open=1. This manipulation of the argument Link causes server-side request forgery. Remote exploitation of the attack is possible. The exploit has been published and may be used.","2026-06-02T04:17:00Z",{"cvss_v2.0":9,"cvss_v3.1":17,"cvss_v4.0":24},{"version":10,"baseScore":11,"accessVector":12,"vectorString":13,"authentication":14,"integrityImpact":15,"accessComplexity":16,"availabilityImpact":15,"confidentialityImpact":15},"2.0",6.5,"NETWORK","AV:N\u002FAC:L\u002FAu:S\u002FC:P\u002FI:P\u002FA:P","SINGLE","PARTIAL","LOW",{"scope":18,"version":19,"baseScore":20,"attackVector":12,"baseSeverity":21,"vectorString":22,"integrityImpact":16,"userInteraction":23,"attackComplexity":16,"availabilityImpact":16,"privilegesRequired":16,"confidentialityImpact":16},"UNCHANGED","3.1",6.3,"MEDIUM","CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:L\u002FI:L\u002FA:L","NONE",{"Safety":25,"version":26,"Recovery":25,"baseScore":27,"Automatable":25,"attackVector":12,"baseSeverity":16,"valueDensity":25,"vectorString":28,"exploitMaturity":29,"providerUrgency":25,"userInteraction":23,"attackComplexity":16,"attackRequirements":23,"privilegesRequired":16,"subIntegrityImpact":23,"vulnIntegrityImpact":16,"integrityRequirement":25,"modifiedAttackVector":25,"subAvailabilityImpact":23,"vulnAvailabilityImpact":16,"availabilityRequirement":25,"modifiedUserInteraction":25,"modifiedAttackComplexity":25,"subConfidentialityImpact":23,"vulnConfidentialityImpact":16,"confidentialityRequirement":25,"modifiedAttackRequirements":25,"modifiedPrivilegesRequired":25,"modifiedSubIntegrityImpact":25,"modifiedVulnIntegrityImpact":25,"vulnerabilityResponseEffort":25,"modifiedSubAvailabilityImpact":25,"modifiedVulnAvailabilityImpact":25,"modifiedSubConfidentialityImpact":25,"modifiedVulnConfidentialityImpact":25},"NOT_DEFINED","4.0",2.1,"CVSS:4.0\u002FAV:N\u002FAC:L\u002FAT:N\u002FPR:L\u002FUI:N\u002FVC:L\u002FVI:L\u002FVA:L\u002FSC:N\u002FSI:N\u002FSA:N\u002FE:P\u002FCR:X\u002FIR:X\u002FAR:X\u002FMAV:X\u002FMAC:X\u002FMAT:X\u002FMPR:X\u002FMUI:X\u002FMVC:X\u002FMVI:X\u002FMVA:X\u002FMSC:X\u002FMSI:X\u002FMSA:X\u002FS:X\u002FAU:X\u002FR:X\u002FV:X\u002FRE:X\u002FU:X","PROOF_OF_CONCEPT",true,[32],"CWE-918",[],[],[36,37,38,39],"https:\u002F\u002Fvuldb.com\u002Fcve\u002FCVE-2026-10581","https:\u002F\u002Fvuldb.com\u002Fsubmit\u002F829404","https:\u002F\u002Fvuldb.com\u002Fvuln\u002F367676","https:\u002F\u002Fvuldb.com\u002Fvuln\u002F367676\u002Fcti",0.31,0,false,null,[],{"count":46,"next":47,"previous":43,"results":48},72,"http:\u002F\u002Fweb:8606\u002Fapi\u002Ftrending_attacks\u002F?page=2&sorted_by=-published_at",[49,57,65,71,78,85,93,101,109,117],{"id":50,"title":51,"summary":52,"published_at":53,"severity":54,"vendor":55,"products":56},1,"SQL injection in Roundcube","Roundcube is an open-source webmail application that allows users to access and manage email through a web browser.\r\n\r\nCVE-2026-48842 is a pre-authentication SQL injection vulnerability affecting Roundcube Webmail versions before 1.6.16 and 1.7.1. The flaw exists in the virtuser_query plugin and can be exploited remotely without authentication through a preg_replace() backslash escape bypass, potentially allowing attackers to manipulate database queries and compromise sensitive information.","2026-05-29T07:49:59.620563Z",3,"Roundcube",[55],{"id":58,"title":59,"summary":60,"published_at":61,"severity":62,"vendor":63,"products":64},2,"Privilege escalation in Joomla","Joomla is a free and open-source content management system (CMS) used to build and manage websites, portals, and web applications. It provides a flexible framework with extensions, templates, and user management features, making it popular for both small websites and large enterprise platforms.\r\n\r\nCVE-2026-48904 is a privilege escalation vulnerability affecting Joomla CMS due to an improper access control check in the com_users webservice endpoint. An attacker could exploit this flaw remotely to modify user group permissions and gain elevated privileges, potentially leading to unauthorized administrative access. The vulnerability affects Joomla versions 4.0.0–5.4.5 and 6.0.0–6.1.0 and was fixed in versions 5.4.6 and 6.1.1.","2026-05-29T07:47:03.760767Z",4,"Joomla",[63],{"id":54,"title":66,"summary":67,"published_at":68,"severity":58,"vendor":69,"products":70},"Unauthorized access to container images in Gitea","Gitea is an open-source, self-hosted Git service platform designed for software development and version control. It provides features similar to GitHub or GitLab, including repository management, issue tracking, pull requests, CI\u002FCD integrations, and team collaboration.\r\n\r\nCVE-2026-27771 is a security vulnerability affecting Gitea versions prior to 1.26.2 that allowed unauthenticated users to access private container images without valid credentials. The flaw was caused by improper permission checks in the container registry component, potentially exposing sensitive internal images across thousands of internet-facing deployments.","2026-05-27T12:07:45.656936Z","Gitea",[69],{"id":62,"title":72,"summary":73,"published_at":74,"severity":54,"vendor":75,"products":76},"Multiples vulnerabilities in Microsoft Sharepoint","Microsoft SharePoint is a web-based collaboration and document management platform developed by Microsoft. It is commonly used by organizations to store, share, and manage documents, automate workflows, and improve team collaboration across departments.\r\n\r\nCVE-2026-32201 is a spoofing vulnerability affecting Microsoft SharePoint Server caused by improper input validation. An unauthenticated attacker could exploit this flaw over a network to impersonate trusted entities or manipulate how SharePoint handles requests. Microsoft classified the issue as important, and reports indicated that it was actively exploited in the wild shortly after disclosure.\r\n\r\nCVE-2026-45659 is a high-severity remote code execution vulnerability in Microsoft SharePoint related to unsafe deserialization of untrusted data. An authenticated attacker with low privileges could exploit the flaw remotely without user interaction, potentially gaining full control over the affected SharePoint server. Security advisories strongly recommend applying Microsoft patches as soon as possible due to the critical impact of the vulnerability","2026-05-27T08:28:34.715664Z","Microsoft",[77],"Sharepoint",{"id":79,"title":80,"summary":81,"published_at":82,"severity":62,"vendor":75,"products":83},5,"Remote Code Execution in Microsoft Windows DNS","Microsoft Windows DNS is the DNS client service used by Windows systems to resolve domain names and communicate with DNS servers.\r\nCVE-2026-41096 is a critical heap-based buffer overflow vulnerability in the Windows DNS Client that allows unauthenticated remote code execution via specially crafted DNS responses.\r\nAn attacker controlling or intercepting DNS traffic could trigger memory corruption and execute arbitrary code remotely on vulnerable Windows machines.","2026-05-26T12:15:17.186896Z",[84],"Windows DNS",{"id":86,"title":87,"summary":88,"published_at":89,"severity":54,"vendor":90,"products":91},6,"Remote Code Execution in extension \"Content Element Selector\" on TYPO3 server","The extension passes an attacker-controlled cookie directly to PHP's unserialize() without safely processing the input. A remote, unauthenticated attacker can supply a crafted serialized payload to trigger PHP Object Injection, leading to Remote Code Execution on the TYPO3 server. Exploitation requires the content element to be configured with \"Persistent Mode: Static\" in the plugin settings.","2026-05-25T16:40:32.703006Z","TYPO3",[92],"Extension \"Content Element Selector\"",{"id":94,"title":95,"summary":96,"published_at":97,"severity":62,"vendor":98,"products":99},7,"Unauthorized API Access in Cisco Secure Workload","A vulnerability in the access validation of internal REST APIs of Cisco Secure Workload could allow an unauthenticated, remote attacker to access site resources with the privileges of the Site Admin role.\r\n\r\nThis vulnerability is due to insufficient validation and authentication when accessing REST API endpoints. An attacker could exploit this vulnerability if they are able to send a crafted API request to an affected endpoint. A successful exploit could allow the attacker to read sensitive information and make configuration changes across tenant boundaries with the privileges of the Site Admin user.","2026-05-22T15:53:55.690058Z","Cisco",[100],"Cisco Secure Workload",{"id":102,"title":103,"summary":104,"published_at":105,"severity":62,"vendor":106,"products":107},8,"Path Traversal in the UniFi Network Application","A malicious actor with access to the network could exploit a Path Traversal vulnerability found in the UniFi Network Application to access files on the underlying system that could be manipulated to access an underlying account.\r\nRemediation: Update UniFi Network Application to the patched version listed in Ubiquiti Security Advisory Bulletin 062. Access to the management port (8443\u002FTCP) should be restricted to VPN or a bastion host and must never be exposed directly to the internet. Additionally, MFA should be enabled on all UniFi controller accounts.","2026-05-22T15:49:16.823838Z","Ubiquiti Inc",[108],"UniFi Network Application",{"id":110,"title":111,"summary":112,"published_at":113,"severity":54,"vendor":114,"products":115},9,"SQL Injection in Drupal Core","Drupal core includes a database abstraction API to ensure that queries executed against the database are sanitized to prevent SQL injection attacks. A vulnerability in this API allows an attacker to send specially crafted requests, resulting in arbitrary SQL injection for sites using PostgreSQL databases. This can lead to information disclosure, and in some cases privilege escalation, remote code execution, or other attacks. This vulnerability can be exploited by anonymous users.\r\n\r\nAffected versions: \r\n>= 8.9.0 \u003C 10.4.10 || >= 10.5.0 \u003C 10.5.10 || >= 10.6.0 \u003C 10.6.9 || >= 11.0.0 \u003C 11.1.10 || >= 11.2.0 \u003C 11.2.12 || >= 11.3.0 \u003C 11.3.10\r\n\r\nThis SQL injection vulnerability only affects sites using PostgreSQL. However, the third-party dependency updates in these releases apply to all sites.","2026-05-22T12:55:49.679012Z","",[116],"Drupal",{"id":118,"title":119,"summary":120,"published_at":121,"severity":54,"vendor":114,"products":122},10,"Pre-authentication Code Injection in version 1.0.0 or later of ChromaDB Python","A pre-authentication, code injection vulnerability in version 1.0.0 or later of the ChromaDB Python project allows an unauthenticated attacker to run arbitrary code on the server by sending a malicious model repository and trust_remote_code set to true in the \u002Fapi\u002Fv2\u002Ftenants\u002F{tenant}\u002Fdatabases\u002F{db}\u002Fcollections endpoint.","2026-05-20T09:00:17.594757Z",[123],"ChromaDB",{"count":54,"next":43,"previous":43,"results":125},[126,133,140],{"id":50,"title":127,"summary":128,"published_at":129,"type":130,"link":131,"image_url":132},"Typosquatting: When Your Brand Becomes the Entry Point for Cyberattacks","Cybercriminals use fake lookalike domains to impersonate brands and launch phishing campaigns. Discover how Patrowl detects and monitors typosquatting domains before attacks happen.","2026-05-21T00:00:00Z","hacks","https:\u002F\u002Fpatrowl.io\u002Fen\u002Fblog\u002Ftyposquatting-cybersecurite-menaces","https:\u002F\u002Fpatrowl.io\u002Fmedia\u002Fsite\u002Fb5d04d07d5-1779365167\u002Fvisuel_site_typosquatting3_720.jpg",{"id":54,"title":134,"summary":135,"published_at":136,"type":137,"link":138,"image_url":139},"CISO Challenges 2026: Fewer Attacks, Greater Impact","Why cyberattacks are becoming quieter but far more damaging: Shadow AI, third-party exposure, external visibility and continuous compliance.","2026-05-18T00:00:00Z","retrospectives","https:\u002F\u002Fpatrowl.io\u002Fen\u002Fblog\u002Fciso-challenges-2026-cyber-exposure","https:\u002F\u002Fpatrowl.io\u002Fmedia\u002Fsite\u002F28bf6bb7ba-1779092828\u002Fciso-challenges-2026-webinar.png",{"id":58,"title":141,"summary":142,"published_at":143,"type":144,"link":145,"image_url":146},"What Makes an Asset Hackable? The 4 Pillars Attackers Evaluate","Attackers don","2026-05-05T00:00:00Z","security tips","https:\u002F\u002Fpatrowl.io\u002Fen\u002Fblog\u002Fwhat-makes-an-asset-hackable","https:\u002F\u002Fpatrowl.io\u002Fmedia\u002Fpages\u002Fblog\u002Fwhat-makes-an-asset-hackable\u002Fa0c8788434-1778146446\u002Fasset-hackable.png"]