Summary A critical vulnerability has been disclosed in the SimpleHelp remote support platform that allows unauthenticated attackers to create rogue administrator accounts. This flaw enables … Read More
Vulnerability Intelligence Report — June 16, 2026 Coverage: June 1–16, 2026 | Total CISA KEV additions (period): 14 | New KEVs yesterday: 2 | Oracle … Read More
Overview CVE-2026-12191 is a high-severity insecure deserialization vulnerability in Comma AI Openpilot, an open-source autonomous driving research platform. The vulnerability exists in the modeld.py module, … Read More
CVE-2026-54412: MQTT-C Heap-Based Out-of-Bounds Read (CVSS 8.2 HIGH) Published: June 2026 | CVSS: 8.2 HIGH | Severity: High Summary CVE-2026-54412 is a heap-based out-of-bounds (OOB) … Read More
What Is CVE-2026-54411? CVE-2026-54411 is a timing side-channel vulnerability in the pam_userdb module of Linux-PAM. The issue resides in pam_userdb.c, where the plaintext password comparison … Read More
Perl Library Security Advisory — June 2026 2 CVEs | OS Command Injection & File Overwrite | Config::IniFiles & GD Both vulnerabilities stem from unsafe … Read More
CVE-2026-54410 — nanoMODBUS Off-by-One Buffer Overflow in Modbus/TCP Server CVSS 8.6 (HIGH) | CWE-193: Off-by-One Error | Affects nanoMODBUS ≤ 1.23.0 A remote unauthenticated attacker … Read More
Vulnerability Intelligence Report — June 15, 2026 Coverage: June 1–15, 2026 | New CISA KEV additions (period): 12 | New KEV since yesterday: 0 | … Read More
CVE-2026-11624 — Model Context Protocol (MCP) DNS Rebinding | Origin Header Validation Bypass | AI Agent Infrastructure Affects MCP server implementations prior to v0.25. Enables … Read More
CVE-2026-9848 \u2014 WP Ticket WordPress Plugin SQL Injection CVSS 7.5 (HIGH) | Unauthenticated SQL Injection | Affects WP Ticket \u2264 6.0.4 The WP Ticket plugin … Read More
