•30 minutes ago•GHSA-955R-262C-33JC
9.4CVE-2026-33634: Supply Chain Compromise and Malicious Code Execution in Telnyx Python SDK
The official Telnyx Python SDK (telnyx) on PyPI was compromised in a supply chain attack by the threat actor TeamPCP. Versions 4.87.1 and 4.87.2 contain embedded malicious code that executes upon import, utilizing WAV audio steganography to deploy secondary payloads for credential harvesting and persistence.
0 views•6 min read
•about 1 hour ago•CVE-2026-34385
6.2CVE-2026-34385: Second-Order SQL Injection in Fleet Apple MDM Profile Delivery
Fleet open-source device management software prior to version 4.81.0 contains a second-order SQL injection vulnerability in its Apple MDM profile delivery pipeline. An attacker with a valid MDM enrollment certificate can exploit this flaw to execute arbitrary database modifications.
0 views•5 min read
•about 3 hours ago•CVE-2026-34386
6.3CVE-2026-34386: Authenticated SQL Injection in Fleet MDM Bootstrap Package Configuration
Fleet open-source device management software prior to version 4.81.0 contains a SQL injection vulnerability in its MDM bootstrap package configuration module. Authenticated users with Team Admin or Global Admin privileges can execute arbitrary database queries when the Apple MDM feature is enabled.
1 views•6 min read
•about 10 hours ago•CVE-2026-34388
6.6CVE-2026-34388: Authenticated Denial of Service via Unhandled gRPC Log Type in Fleet Launcher
Fleet Device Management versions prior to 4.81.0 contain a Denial of Service (DoS) vulnerability in the gRPC launcher endpoint. An enrolled host can submit an unexpected log type value that triggers an unhandled Go panic, crashing the entire server process and disrupting all MDM operations.
6 views•8 min read
•about 10 hours ago•CVE-2017-20229
9.8CVE-2017-20229: Stack-Based Buffer Overflow in MAWK Interpreter
MAWK versions 1.3.3-17 and prior contain a critical stack-based buffer overflow vulnerability in the main argument parsing and stack management routines. This flaw allows an attacker to achieve arbitrary code execution by supplying excessively long command-line arguments, overwriting adjacent memory to hijack control flow via a Return-Oriented Programming (ROP) chain.
7 views•5 min read
•about 23 hours ago•CVE-2026-34389
4.9CVE-2026-34389: Authentication Bypass via Invitation Token Mishandling in Fleet
Fleet, an open-source device management platform, contains an improper authentication vulnerability in its user invitation flow. Prior to version 4.81.0, the application failed to validate that the email address submitted during account registration matched the address associated with the provided invitation token. This allows attackers possessing a valid invitation token to provision accounts under arbitrary email addresses while inheriting the privilege level assigned to the original invitee.
8 views•5 min read
•1 day ago•GHSA-HR5V-J9H9-XJHG
7.7GHSA-HR5V-J9H9-XJHG: Sandbox Bypass and Arbitrary File Exfiltration in OpenClaw
OpenClaw prior to version 2026.3.24 contains a high-severity path traversal vulnerability (CWE-22) within its outbound media handling logic. By leveraging unnormalized parameter aliases, sandboxed agents can bypass filesystem isolation to read and exfiltrate arbitrary files from the host system.
7 views•6 min read
•1 day ago•CVE-2026-34368
5.3CVE-2026-34368: TOCTOU Race Condition in WWBN AVideo YPTWallet Plugin
WWBN AVideo versions up to and including 26.0 suffer from a Time-of-Check-Time-of-Use (TOCTOU) race condition in the YPTWallet plugin's transfer logic. This vulnerability allows authenticated users to bypass balance checks via concurrent requests, enabling unauthorized financial transfers. The flaw is compounded by a secondary vulnerability that permits captcha token reuse.
7 views•6 min read
•1 day ago•CVE-2025-53521
9.8CVE-2025-53521: Unauthenticated Remote Code Execution in F5 BIG-IP APM
CVE-2025-53521 is a critical vulnerability in the F5 BIG-IP Access Policy Manager (APM) that permits unauthenticated, remote attackers to achieve Remote Code Execution (RCE) or Denial of Service (DoS). The flaw exists in the Traffic Management Microkernel (TMM) process, which fails to appropriately throttle or limit resource allocation when handling specific malicious traffic directed at active APM policies.
19 views•5 min read
•1 day ago•GHSA-C279-989M-238F
6.9GHSA-C279-989M-238F: Nil Pointer Dereference in Sliver C2 Reverse Tunnel Handler
A Nil Pointer Dereference vulnerability exists in the Sliver adversary emulation framework, specifically within the `tunnelCloseHandler` function. Authenticated operators or active implants can trigger a goroutine panic by attempting to close a reverse tunnel. This results in a localized denial-of-service condition and subsequent resource leakage.
8 views•6 min read
•1 day ago•GHSA-46WH-3698-F2CX
9.3CVE-2026-33186: Deny Rule Bypass in Traefik via gRPC-Go Path Canonicalization Flaw
A critical authorization bypass vulnerability exists in Traefik due to improper path normalization in its underlying gRPC-Go dependency (CVE-2026-33186). Unauthenticated attackers can bypass configured deny rules by sending maliciously crafted gRPC requests over HTTP/2 that omit the mandatory leading slash in the :path pseudo-header. This canonicalization mismatch allows unauthorized access to protected services.
13 views•6 min read
•2 days ago•GHSA-WPRJ-9CVC-5W37
7.5GHSA-wprj-9cvc-5w37: Unauthenticated Access to Sensitive Data via Missing Authorization in AVideo
WWBN AVideo versions up to and including 26.0 suffer from a systematic authorization failure (CWE-862). Unauthenticated attackers can query multiple JSON endpoints across various plugins to extract sensitive system, financial, and user data. The vulnerability resides in the omission of access control checks within data table listing scripts.
8 views•5 min read