Security Intel Hub 29123+

Curated security advisories, vulnerability analyses, and exploit write-ups — auto-cleaned and translated to English. Updated continuously.

Filter

KEV only

Verified PoC

TYPO3 Form Framework Privilege Escalation & SQL Injection Vulnerability (CVE-2026-49741)

typo3.org · 2026-06-13

### Vulnerability Overview **Vulnerability Name**: TYPO3-CORE-SA-2026-017: Privilege Escalation & SQL Injection in Form Framework **Publication Date**: June 9, 2026 **Vulnerability Type**: Privilege E…

TYPO3 Clipboard Broken Access Control Vulnerability (CVE-2026-47351) Advisory

typo3.org · 2026-06-13

### Vulnerability Overview - **Vulnerability Name**: TYPO3-CORE-SA-2026-014: Broken Access Control in Clipboard - **Publication Date**: June 9, 2026 - **Vulnerability Type**: Broken Access Control - *…

TYPO3 Media Module Broken Access Control Vulnerability Advisory (CVE-2026-49742)

typo3.org · 2026-06-13

### Vulnerability Overview - **Vulnerability Name**: TYPO3-CORE-SA-2026-013: Broken Access Control in Media Module - **Publication Date**: June 9, 2026 - **Severity**: High - **CVSS Score**: 4.0 (AV:N…

TYPO3 Form Framework Broken Access Control Advisory (CVE-2026-11607)

typo3.org · 2026-06-13

### Vulnerability Overview - **Vulnerability Name**: TYPO3-CORE-SA-2026-019: Broken Access Control in Form Framework - **Publication Date**: June 9, 2026 - **Vulnerability Type**: Broken Access Contro…

CVSS 7.5

Fix for DoS vulnerability (infinite loop) in image-size ICONS parser

web.archive.org · 2026-06-13

### Vulnerability Overview - **Vulnerability Title**: security: fix potential Denial of Service due to infinite loop #439 - **Vulnerability Description**: This vulnerability may lead to a Denial of Se…

CleanTalk < 6.79 Unauthenticated Stored XSS via Comment Shortcode Bypass CVE-2026-8071

wpscan.com · 2026-06-13

### Vulnerability Overview - **Vulnerability Name**: Spam protection, Honeypot, Anti-Spam by CleanTalk key_is_ok` and only registers 1. Install and activate the `cleantalk-spam-protect` plugin v6.78. …

Agile Store Locator <1.6.6 Admin Stored XSS via map_style

wpscan.com · 2026-06-13

### Vulnerability Overview - **Vulnerability Name**: Agile Store Locator ' \ --data-urlencode 'map_style=alert(/XSS-map_style/)' \ --data-urlencode 'slug_attr_ddn' \ --data-urlencode 'data[remove_maps…

WPForms Lite Unauthenticated PayPal Webhook Forgery (CVE-2026-4986) Advisory

wpscan.com · 2026-06-13

### Vulnerability Overview - **Vulnerability Name**: WPForms Lite < 1.10.0.5 – Unauthenticated PayPal Webhook Forgery - **Description**: The plugin fails to validate the authenticity of incoming PayPa…

Secure Copy Content Protection < 5.1.5 Admin+ Stored XSS via ays_sccp_sub_icon_image Parameter (CVE-2026-9269)

wpscan.com · 2026-06-13

### Vulnerability Overview **Title**: Secure Copy Content Protection and Content Locking ]*value="([^"]+)"', response.text) ays_sccp_tab = tab_match.group(1) if tab_match else "0" data = { "settings_a…

XStore Theme <9.7.3 Unauthenticated SQL Injection Vulnerability (CVE-2026-3326)

wpscan.com · 2026-06-13

### Vulnerability Overview - **Vulnerability Name**: XStore < 9.7.3 - Unauthenticated SQLi - **Description**: The theme fails to properly sanitize and escape parameters when handling AJAX actions, all…

AMD SEV-SNP Coherency Vulnerability Advisory (CVE-2025-54509)

www.amd.com · 2026-06-13

### Vulnerability Overview AMD has released a security advisory (AMD-SB-3039) titled "ASP Incoherent Memory Access." Researchers reported to AMD that a malicious hypervisor can compromise the integrit…

CVE-2026-9067: Unauthenticated Arbitrary File Upload in Schema & Structured Data for WP < 1.60

wpscan.com · 2026-06-13

### Vulnerability Overview **Vulnerability Name**: Schema & Structured Data for WP & AMP ' \ -F 'saswp-rf-form-image=@evil.csv;type=image/png;filename=evil.csv' ``` Response on 1.59: ```json {"success…

CVSS 5.3

AMD SEV-SNP Memory Aliasing Vulnerability Advisory CVE-2024-21944

www.amd.com · 2026-06-13

### Vulnerability Overview - **Vulnerability Name**: Undermining Integrity Features of SEV-SNP with Memory Aliasing - **AMD ID**: AMD-SB-3015 - **Potential Impact**: Integrity Loss - **Severity**: Med…

KeepInMind Dashboard Notes <0.8.4.2 Contributor+ Stored XSS leading to Account Takeover

wpscan.com · 2026-06-13

# KeepInMind - Dashboard Notes Session ExpiredYour session has expired. Please log in again.Log In" } ```

WordPress Lazy Blocks < 4.3.0 Stored XSS via XML-RPC Bypass

wpscan.com · 2026-06-13

# WordPress Plugin Vulnerabilities ## Lazy Blocks '}, {'key': 'lazyblocks_code_output_method', 'value': 'html'}, {'key': 'lazyblocks_category', 'value': 'text'}, ], }) # 2) Create a page that embeds t…

CVSS 5.9

Arista EOS RCE Vulnerability CVE-2016-10144 Affected Versions

www.arista.com · 2026-06-13

### Vulnerability Overview - **CVE ID**: CVE-2016-10144 - **Publication Date**: October 11, 2016 - **Description**: This vulnerability allows an attacker to trigger a remote code execution (RCE) flaw …

Premium intel

CVSS 9.6

CVE-2019-1613 Remote Code Execution Vulnerability Advisory

www.arista.com · 2026-06-13

### Vulnerability Overview - **Vulnerability Name**: CVE-2019-1613 - **Description**: This vulnerability allows an attacker to trigger remote code execution (RCE) on the device by sending specially cr…

CVSS 5.3

Arista EOS Pre-Auth RCE Vulnerability Advisory (High Severity)

www.arista.com · 2026-06-13

### Vulnerability Overview - **Vulnerability ID**: 0102 - **Release Date**: January 15, 2024 - **Severity**: High - **Description**: This vulnerability allows attackers to execute arbitrary code witho…

CVSS 8.3

Arista Security Advisory 0126: Multiple Local Privilege Escalation Vulnerabilities in EOS (CVE-2020-5088/5089/5090)

www.arista.com · 2026-06-13

### Vulnerability Overview - **Vulnerability Name**: Arista Security Advisory 0126 - **Release Date**: October 16, 2020 - **CVSS Score**: 7.5 (High) - **Vulnerability Description**: - **MCI Rade Issue…

Arista Networks Security Advisory (202): ICMPv6 Unauthorized Access Vulnerability

www.arista.com · 2026-06-13

# Arista Networks Security Advisory (202) ## Vulnerability Overview - **Vulnerability ID**: 202 - **Release Date**: 2024-05-15 - **Severity**: Medium - **Description**: - In Arista EOS versions 4.28.0…

All articles are auto-cleaned (markdown extraction + LLM noise removal) and translated to English by our offline pipeline. Source URL is always preserved at the bottom of each article.

Want a specific source covered? Email us — we add new feeds weekly.

Goal Reached Thanks to every supporter — we hit 100%!

Security Intel Hub 29123+