nick

Vulnerability Intelligence Report — June 1, 2026 Coverage: May 31 – June 1, 2026 | New exploitation confirmations: 1 | CISA KEV deadlines today: 1 … Read More

An unauthenticated SQL injection vulnerability in the GEO my WP WordPress plugin, tracked as CVE-2026-9757, allows remote attackers to execute arbitrary SQL queries against the … Read More

A privilege escalation vulnerability in the Simple History WordPress plugin, tracked as CVE-2026-7459, allows authenticated attackers with Subscriber-level access — the lowest WordPress user role … Read More

A remote code execution vulnerability in the Spectra — Gutenberg Blocks plugin for WordPress, tracked as CVE-2026-7465, allows authenticated attackers with Contributor-level access or higher … Read More

A local privilege escalation vulnerability in the Linux kernel’s CIFS subsystem — named CIFSwitch by its discoverer — allows any unprivileged local user to gain … Read More

Palo Alto Networks has disclosed an authentication bypass vulnerability in PAN-OS GlobalProtect, tracked as CVE-2026-0257, carrying a CVSS score of 9.1. The vulnerability has been … Read More

Vulnerability Intelligence Report — May 31, 2026 Coverage: May 30–31, 2026 | New items this report: 5 | Exploitation status changes: 1 | CISA KEV … Read More

Vulnerability Intelligence Report — May 30, 2026 Coverage: May 29–30, 2026 | New items this report: 6 | CISA KEV additions: 1 | Actively exploitable: … Read More

Vulnerability Intelligence Report — May 29, 2026 Coverage: May 28–29, 2026 | New items this report: 8 | Actively exploited: 4 Previous report: May 28, … Read More

Drupal has disclosed a critical SQL injection vulnerability in Drupal Core, tracked as CVE-2026-9082, that carries a CVSS score of 9.8. The vulnerability has been … Read More