Vulnerability Intelligence Report — June 5, 2026
Vulnerability Intelligence Report — June 5, 2026 Coverage: June 4–5, 2026 | New items: 8 | CISA KEV deadlines today: 2 | CISA KEV deadlines … Read More
Vulnerability Intelligence Report — June 5, 2026 Coverage: June 4–5, 2026 | New items: 8 | CISA KEV deadlines today: 2 | CISA KEV deadlines … Read More
Two denial-of-service vulnerabilities have been disclosed in SolarWinds products, tracked as CVE-2026-28318 and CVE-2026-28299. Both allow unauthenticated attackers to crash services through specially crafted requests. … Read More
A vulnerability in FOSSBilling, the open-source billing and client management system, tracked as CVE-2026-43926, exposes password reset tokens through the confirmation endpoint at /client/reset-password-confirm/:hash. Versions … Read More
A type confusion vulnerability in the Perl Cpanel::JSON::XS module, tracked as CVE-2026-9334, allows attackers to bypass JSON validation when dupkeys_as_arrayref is enabled. Versions before 4.41 … Read More
Two critical vulnerabilities have been disclosed in React Router, the standard routing library for React applications used by millions of projects, tracked as CVE-2026-42211 (CVSS … Read More
A vulnerability in Go’s x509 certificate verification, tracked as CVE-2026-27145, causes incorrect hostname validation when a certificate contains multiple DNS Subject Alternative Name (SAN) entries. … Read More
A vulnerability in AIOHTTP, the popular asynchronous HTTP client/server framework for Python, tracked as CVE-2026-47265 (CVSS 7.5 High), causes cookies set with the cookies parameter … Read More
Two critical web security vulnerabilities have been disclosed in elixir-mint, the HTTP client library for the Elixir programming language, tracked as CVE-2026-48861 (CVSS 9.1 Critical) … Read More
Three vulnerabilities have been disclosed in MISP, the widely deployed open-source threat intelligence sharing platform, tracked as CVE-2026-10868 (CVSS 9.8 Critical), CVE-2026-10864 (CVSS 7.5 High), … Read More
Three vulnerabilities have been disclosed in LibreChat, the open-source ChatGPT clone supporting multiple AI providers, tracked as CVE-2026-32625 (CVSS 9.8 Critical), CVE-2026-44653 (CVSS 7.5 High), … Read More