CVE-2026-27771

Overview

Pending

Pending

Published

Pending

Updated

CVSS

Pending

EPSS

Pending

MITRE

KEV

Description

This candidate has been reserved by a CVE Numbering Authority (CNA). This record will be updated by the assigning CNA once details are available.

Statistics

4 Posts
73 Interactions

Last activity: Last hour

Fediverse

Forgejo @forgejo

A security vulnerability labelled CVE-2026-27771 affecting Forgejo and Gitea is being widely reported recently.

Packages in Forgejo are visible to unauthenticated users if they are published under a public owner, as designed. It is not a security vulnerability, but a misunderstanding about the permissions and a good opportunity for users to review that they are not in a misconfigured state.

Please see the statement issued by the security team here for more details: https://codeberg.org/forgejo/website/issues/839#issuecomment-15980039

40
32
0
Last hour

Thomas Guyot-Sionnest @dermoth

@domi CVE-2026-27771 is really the cherry on top, not even filled anywhere yet. Thanks for providing a list of security sites to blacklist just one search away!

0
0
0
4h ago

Bluesky

L'algorisme @lalgorisme.bsky.social

🧵Durant uns 4 anys, qualsevol ha pogut descarregar imatges "privades" de Gitea sense compte ni contrasenya. Hi ha més de 30.000 instàncies afectades en 30 països. L'etiqueta "privat" senzillament no funcionava com s'esperava al registre de contenidors. CVE-2026-27771

1
0
0
8h ago

Information Security Briefly @infosecbriefly.bsky.social

CVE-2026-27771 let unauthenticated users pull private container images from affected Gitea instances via anonymous registry requests.

0
0
0
3h ago

CVE-2026-48710

Overview

Kludex
starlette

26 May 2026

Published

27 May 2026

Updated

CVSS v3.1

MEDIUM (6.5)

EPSS

0.03%

MITRE

KEV

Description

Starlette is a lightweight ASGI framework/toolkit. Prior to version 1.0.1, the HTTP `Host` request header was not validated before being used to reconstruct `request.url`. Because the routing algorithm relies on the raw HTTP path while `request.url` is rebuilt from the `Host` header, a malformed header could make `request.url.path` differ from the path that was actually requested. Middleware and endpoints that apply security restrictions based on `request.url` (rather than the raw `scope` path) could therefore be bypassed. Users should upgrade to a version greater than or equal to version 1.0.1, which validates the `Host` header against the grammar of RFC 9112 §3.2 / RFC 3986 §3.2.2 when constructing `request.url` and falls back to `scope["server"]` for malformed values.

Statistics

4 Posts
26 Interactions

Last activity: Last hour

Fediverse

X41 D-Sec GmbH @x41sec

There's an update for the Starlette issue: We've scanned thousands of hosts for CVE-2026-48710 and found something important: Being behind a proxy or CloudFlare isn't always a protection unlike previously stated!
When a reverse proxy or CDN (including Cloudflare) sits in front of the target and rejects malformed Host headers, the X-Forwarded-Host header can sometimes be used to bypass the protection! If the backend middleware reads X-Forwarded-Host and updates the ASGI scope, the malicious value can reach the ASGI and Starlette. #badhost

12
9
0
7h ago

N_{Dario Fadda} @nuke

BadHost (CVE-2026-48710): Critical Authentication Bypass Threatens Thousands of AI Agent Applications
#CyberSecurity
https://securebulletin.com/badhost-cve-2026-48710-critical-authentication-bypass-threatens-thousands-of-ai-agent-applications/

5
0
0
6h ago

al @alan

1/3
BadHost (CVE-2026-48710) exposes MCP servers through a trivial HTTP header parsing flaw that hits 325 million weekly downloads across FastAPI, vLLM, LiteLLM, and the entire agentic AI stack.

But the vulnerability isn't the story. The story is why patches won't fix it.

https://haunted.lighthouse.co.im/articles/badhost-mcp-sovereignty/

0
0
0
Last hour

al @alan

3/3

This is a supply chain story dressed as a CVE. The ecosystem was built too fast. Security assumed it would catch up. It hasn't.

Digital sovereignty without perimeter defence is just security theatre. If you're running MCP servers and you skip the proxy because 'it adds complexity,' you've already lost.

https://haunted.lighthouse.co.im/articles/badhost-mcp-sovereignty/

#BadHost #CVE202648710 #Starlette #FastAPI #MCP #SupplyChain #CyberSecurity #DigitalSovereignty #ShadowIT #Architecture

0
0
0
Last hour

CVE-2026-35616

Overview

Fortinet
FortiClientEMS

04 Apr 2026

Published

21 Apr 2026

Updated

CVSS v3.1

CRITICAL (9.1)

EPSS

43.21%

MITRE

KEV

Description

A improper access control vulnerability in Fortinet FortiClientEMS 7.4.5 through 7.4.6 may allow an unauthenticated attacker to execute unauthorized code or commands via crafted requests.

Statistics

4 Posts
1 Interaction

Last activity: 2 hours ago

Fediverse

DragonJAR @dragonjar

En las últimas 24 horas, múltiples vulnerabilidades críticas han puesto en riesgo sistemas estatales, corporativos y plataformas populares como FortiClient EMS, Apache Ignite, Microsoft SharePoint y Gitea, además del surgimiento de malware sofisticado en paquetes npm ligados a IA, evidenciando la urgencia de actualizar y reforzar la seguridad en todas las capas. Descubre estos y más detalles en el siguiente listado de noticias sobre seguridad informática:

🗞️ ÚLTIMAS NOTICIAS EN SEGURIDAD INFORMÁTICA 🔒
====| 🔥 LO QUE DEBES SABER HOY 28/05/26 📆 |====

🔓 HACKER RUMANO SENTENCIADO EN EE.UU. POR VENDER ACCESO A RED ESTATAL

Catalin Dragomir se declaró culpable de vender acceso a la red gubernamental del estado de Oregón, exponiendo información crítica y riesgos significativos para la seguridad pública. Este caso subraya la importancia de fortalecer la vigilancia interna y las medidas de protección en infraestructuras estatales. Conoce más sobre esta sentencia y sus implicaciones en la seguridad nacional 👉 https://djar.co/iWAQ

⚠️ PAQUETE NPM MALICIOSO ROBÓ ARCHIVOS DE USUARIOS DE CLAUDE AI VÍA GITHUB

Un paquete npm descargado 676 veces contenía malware que extraía archivos del directorio de usuarios de Claude AI mediante cargas a GitHub, lo que intensifica la amenaza del malware impulsado por inteligencia artificial. Esta vulnerabilidad demuestra la necesidad de revisar y controlar estrictamente las dependencias en proyectos que utilizan inteligencia artificial. Descubre cómo proteger tus proyectos contra esta amenaza 👉 https://djar.co/bLS9Hx

🛡️ FORTICLIENT EMS EXPLOITADO CON CVE-2026-35616 PARA DISTRIBUIR INFOSTEALER

Un grupo de atacantes ha explotado la vulnerabilidad CVE-2026-35616 en FortiClient EMS para distribuir un infostealer que se hace pasar por un parche oficial de Fortinet. Este ataque afecta a endpoints gestionados y pone en riesgo información sensible corporativa. Se recomienda aplicar parches y revisar la integridad de las actualizaciones. Más detalles sobre el modus operandi y cómo defenderse 👉 https://djar.co/EovoG

💥 VULNERABILIDAD CRÍTICA EN APACHE IGNITE: EJECUCIÓN REMOTA DE CÓDIGO VÍA DESERIALIZACIÓN

Apache Ignite, una plataforma de computación distribuida ampliamente utilizada, presenta una vulnerabilidad que permite ejecución remota de código aprovechando un exploit de deserialización. Esto puede comprometer entornos productivos y servicios críticos, enfatizando la importancia de aplicar actualizaciones de seguridad urgentes. Aprende cómo identificar y mitigar esta falla 👉 https://djar.co/bb7eWd

🚨 NUEVA FALTA DE SEGURIDAD RCE EN MICROSOFT SHAREPOINT: ACTUALIZA YA

Microsoft SharePoint sufre una vulnerabilidad crítica (CVE-2026-45659) que posibilita ejecución remota de código con poco esfuerzo técnico, poniendo en riesgo datos y sistemas organizacionales. Si aún no has aplicado el parche, la recomendación es actualizar de inmediato para evitar explotación. Infórmate sobre cómo proteger tu entorno SharePoint 👉 https://djar.co/L0Hag

🔐 VULNERABILIDAD EN GITEA PERMITE ACCEDER A IMÁGENES DE CONTENEDORES PRIVADAS SIN AUTENTICACIÓN

Se ha descubierto un fallo en Gitea que posibilita el acceso no autorizado a imágenes privadas de contenedores sin necesidad de autenticación, lo que puede llevar a filtración de datos sensibles y comprometer la cadena de suministro. Conoce las medidas para detectar y cerrar esta brecha 👉 https://djar.co/OwH0o

0
0
0
4h ago

Bluesky

OpsMatters @opsmatters.com

The latest update for #ArcticWolf includes "FortiClient EMS Exploited via CVE-2026-35616 to Deliver EKZ Infostealer Disguised as a Fortinet Patch" and "How AI Is Transforming Detection Engineering". #cybersecurity #infosec #networks https://opsmtrs.com/2ZFbaTl

0
1
0
11h ago

boredchilada @boredchilada.bsky.social

~Arcticwolf~ CVE-2026-35616 is actively exploited to push EKZ Infostealer to managed endpoints via fake patches. - IOCs: 83. 138. 53. 110, 185. 220. 101. 15, 192. 42. 116. 14 - #CVE202635616 #Malware #ThreatIntel

0
0
0
19h ago

Information Security Briefly @infosecbriefly.bsky.social

CVE-2026-35616 in FortiClient EMS enables unauthenticated remote code execution, and attackers are exploiting it to deploy EKZ Infostealer via managed VPN scripting workflows.

0
0
0
2h ago

CVE-2026-48095

Overview

Pending

Pending

Published

Pending

Updated

CVSS

Pending

EPSS

Pending

MITRE

KEV

Description

This candidate has been reserved by a CVE Numbering Authority (CNA). This record will be updated by the assigning CNA once details are available.

Statistics

4 Posts
6 Interactions

Last activity: 21 hours ago

Fediverse

Alexandre Borges @alexandreborges

GHSL-2026-140: Heap Buffer Write Overflow in 7-Zip (CVE-2026-48095):

https://securitylab.github.com/advisories/GHSL-2026-140_7-Zip/

#vulnerability #cybersecurity #informationsecurity #exploitation #cve

2
0
0
21h ago

Bluesky

GitHub Security Lab @securitylab.github.com

Proof of Concept for GHSL-2026-140 (CVE-2026-48095) in 7-Zip <= 26.00. A crafted archive shrinks a 256 MB buffer into 1 byte, overwrites a function pointer with file content, and redirects execution. Full weaponization needs an ASLR bypass. Fixed in 26.01. securitylab.github.com/advisories/G...

2
0
1
22h ago

Alexandre Borges @alexandreborges.bsky.social

GHSL-2026-140: Heap Buffer Write Overflow in 7-Zip (CVE-2026-48095): securitylab.github.com/advisories/G... #vulnerability #cybersecurity #informationsecurity #exploitation #cve

1
1
0
21h ago

CVE-2026-26980

Overview

TryGhost
Ghost

20 Feb 2026

Published

26 May 2026

Updated

CVSS v3.1

CRITICAL (9.4)

EPSS

56.66%

MITRE

KEV

Description

Ghost is a Node.js content management system. Versions 3.24.0 through 6.19.0 allow unauthenticated attackers to perform arbitrary reads from the database. This issue has been fixed in version 6.19.1.

Statistics

2 Posts
1 Interaction

Last activity: 6 hours ago

Fediverse

benzogaga33 :verified: @benzogaga33

Plus de 700 sites piratés : la faille critique de Ghost CMS qui sème la terreur sur le web https://goodtech.info/ghost-cms-faille-critique-cve-2026-26980-clickfix-piratage/ #Développement #Applications #Sécurité #Àlaune

0
1
0
6h ago

Apostolos K. @koutropoulos

Ghost CMS CVE-2026-26980 Exploited to Hijack 700+ Sites for ClickFix Attacks https://thehackernews.com/2026/05/ghost-cms-cve-2026-26980-exploited-to.html

0
0
0
18h ago

CVE-2026-9712

Overview

pretix
pretix
pretix

27 May 2026

Published

27 May 2026

Updated

CVSS v4.0

LOW (3.8)

EPSS

0.04%

MITRE

KEV

Description

When creating an export through the pretix API, API clients are returned an UUID value for their export job (a long, random string like 35742818-c375-4d15-839f-d49aecce94d6). Using this UUID, the API client can then request the actual file for download. The same kind of UUID is used in other places in pretix when temporary files are generated for internal use or download. One remaining API endpoint, however, wrongfully did not verify if the UUID used for download actually belongs to a file that is supposed to be downloadable and belongs to the correct user. In reality, this is hard to exploit because an attacker would need to have access to a valid UUID for the file they desire which is unlikely to happen without a separate security problem giving them access to logs etc.

Statistics

2 Posts

Last activity: 15 hours ago

Bluesky

nixpkgs security changes @nixpkgssecuritychanges.gerbet.me

pretix: patch CVE-2026-9712 https://github.com/NixOS/nixpkgs/pull/524971 #security

0
0
0
19h ago

nixpkgs prs bot @nixpkgs-prs-bot.bsky.social

#524985 rustPlatform.importCargoLock: download crates from static.crates.io #524983 evcc: 0.307.1 -> 0.307.2 #524975 prometheus-pushgateway: 1.11.2 -> 1.11.3 #524971 pretix: patch CVE-2026-9712 #524970 beamMinimal27Packages.erlang: fix build failure from ignored DOC_TARGETS

0
0
0
15h ago

CVE-2026-28910

Overview

Apple
macOS

11 May 2026

Published

12 May 2026

Updated

CVSS

Pending

EPSS

0.01%

MITRE

KEV

Description

This issue was addressed with improved permissions checking. This issue is fixed in macOS Tahoe 26.4. A malicious app may be able to access arbitrary files.

Statistics

1 Post
9 Interactions

Last activity: 1 hour ago

Fediverse

Mysk🇨🇦🇩🇪 @mysk

We had lengthy discussions explaining the bug to Apple. It was clear to us the bug was new to Apple Product Security. After 5 months, they informed us that the report was treated as a duplicate and it was addressed.
We just got this update for CVE-2026-28910: No bounty

You can read the full blog post (aka charity work for a 4-trillion-dollar company) highlighting this bug here:

https://mysk.blog/2026/05/19/cve-2026-28910/

#apple #privacy #macos #infosec #security

5
4
0
1h ago

CVE-2026-45659

Overview

Microsoft
Microsoft SharePoint Enterprise Server 2016

22 May 2026

Published

27 May 2026

Updated

CVSS v3.1

HIGH (8.8)

EPSS

0.62%

MITRE

KEV

Description

Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

Statistics

2 Posts

Last activity: 4 hours ago