An improper authentication vulnerability in Check Point Security Gateway’s IKEv1 key exchange, tracked as CVE-2026-50751, allows an unauthenticated remote attacker to bypass user authentication and … Read More
Vulnerability Intelligence Report — June 9, 2026 Coverage: June 8–9, 2026 | New CISA KEV additions: 2 | New items: 2 | KEV deadlines today: … Read More
An integer underflow vulnerability in Comodo Internet Security’s firewall driver Inspect.sys, tracked as CVE-2026-49494 (CVSS 7.5), allows crafted IPv6 packets to trigger unexpected behaviour in … Read More
Vulnerability Intelligence Report — June 8, 2026 Coverage: June 7–8, 2026 | New CISA KEV additions: 0 | New items: 1 | KEV deadline tomorrow … Read More
An arbitrary file upload vulnerability in the MDJM Event Management WordPress plugin, tracked as CVE-2026-7537 (CVSS 7.2), allows authenticated attackers with administrator access to upload … Read More
A privilege escalation vulnerability in the Booking Package WordPress plugin, tracked as CVE-2026-9851 (CVSS 7.2), allows attackers to take over user accounts — including administrator … Read More
A local file inclusion vulnerability in the WP User Manager WordPress plugin, tracked as CVE-2026-9290 (CVSS 7.5), allows unauthenticated attackers to include and execute arbitrary … Read More
A critical remote code execution vulnerability in the Everest Forms Pro WordPress plugin, tracked as CVE-2026-3300, allows unauthenticated attackers to execute arbitrary PHP code on … Read More
Vulnerability Intelligence Report — June 7, 2026 Coverage: June 6–7, 2026 | New items: 4 | KEV deadlines June 9 (OpenSSL): 1 | KEV deadlines … Read More
An authentication bypass vulnerability in the Hippoo Mobile App for WooCommerce WordPress plugin, tracked as CVE-2026-10580 (CVSS 9.8), allows unauthenticated attackers to gain administrator-level access … Read More
