IoT Vulnerability

No Patch for the EOL: CISA Warns of Critical 9.8 Severity Flaw in USR-W610 IoT Devices

shell-quote command injection AI-Driven Vulnerabilities Q1 2026 Cyber Threats vm2 Sandbox Escape Node.js RCE upKeeper Privilege Escalation CVE-2026-2449 Pharos Controls Vulnerability Root Access Exploit Cybersecurity Vulnerability Roundup CVSS 10.0 Flaws Shadow Archives CVE-2026-0866 MS-Agent Prompt Injection CVE-2026-2256 basic-ftp Path Traversal CVE-2026-27699 telnetd Root Vulnerability CVE-1999-0073 Regression USR-W610 Vulnerabilities End-of-Life IoT Security IceWarp Security Update IceWarp Vulnerabilities Airleader Master Vulnerability CVE-2026-1358 ZLAN5143D Vulnerability CISA ICS Advisory Acronis Cyber Protect Vulnerability CVE-2025-30411 WAGO 852 Vulnerability OT Network Security SandboxJS Vulnerability Sandbox Escape (CVSS 10.0) Kubernetes Local Path Provisioner CVE-2025-62878 CISA Unresponsive Vendors Avation & RISS Vulnerabilities KiloView Vulnerability CVE-2026-1453 OpenClaw RCE vulnerability Johnson Controls Vulnerability CVE-2025-26385 SandboxJS Vulnerability CVE-2026-23830 ibaPDA Vulnerability CVE-2025-14988 Protobuf Vulnerability CVE-2026-0994 AVEVA Process Optimization Vulnerability CVE-2025-61937 ConnectWise PSA Vulnerability CVE-2026-0695 Aruba VIA Vulnerability CVE-2025-37186 aiohttp v3.13.3, Denial of Service (DoS) SmarterMail RCE, CVE-2025-52691 Airoha RACE, Headphone Jacking HPE OneView RCE CVE-2025-37164 FreePBX Auth Bypass, PBX Takeover ScreenConnect Config Flaw, Untrusted Extensions Ruby SAML Auth Bypass, XML Parser Differential Devolutions SQL Injection, Password Manager Flaw Vivotek Unauthenticated RCE, EOL IP Camera Flaw Lynx+ Critical Flaw, Unauthenticated Reset Firebox Default Credentials, CVE-2025-59396 Veeder-Root RCE, Critical ATG Flaw ArcGIS Server SQLi Watchdoc RCE, CVE-2025-58384 Delta DIALink Daikin Security Gateway, authentication bypass Frostbyte10, industrial controller security SunPower, vulnerability Ubiquiti UniFi Connect, EV Station Vulnerabilities Adobe Experience Manager, RCE Vulnerability UniFi Access, Command Injection LDAPNightmare - CVE-2025-1316

No Patch for the EOL: CISA Warns of Critical 9.8 Severity Flaw in USR-W610 IoT Devices

Do Son February 24, 2026

The Cybersecurity and Infrastructure Security Agency (CISA) issues a warning regarding multiple critical vulnerabilities in widely deployed...

Unpatched & Exposed: Legacy Vivotek Cameras Broadcast Live Video to All

Fortra BoKS vulnerability OS command injection, CVE-2026-9862 Altium Enterprise Server Vulnerability CVE-2026-9129 Path Traversal Patreon OAuth Vulnerability Identity Collision DRC INSIGHT Vulnerability Exam Data Hijacking Horner Automation PLC Industrial Brute Force Honeywell IQ4x Vulnerability CVE-2026-3611 DJI Romo vacuum security flaw Python Cryptography Vulnerability CVE-2026-26007 Open5GS Vulnerability CVE-2026-0622 Vivotek IP7137 Vulnerabilities CVE-2025-66049 Forcepoint DLP Vulnerability CVE-2025-14026 Cellopoint Secure Email Gateway - CVE-2024-9043

Unpatched & Exposed: Legacy Vivotek Cameras Broadcast Live Video to All

Do Son January 12, 2026

Owners of legacy Vivotek IP7137 surveillance cameras have been dealt a harsh reality check: their devices are...

One Request to Rule Them All: Critical Trendnet Flaw (CVE-2025-15471) Allows Total Takeover Trendnet TEW-713RE Vulnerability CVE-2025-15471

Trendnet TEW-713RE Vulnerability CVE-2025-15471

One Request to Rule Them All: Critical Trendnet Flaw (CVE-2025-15471) Allows Total Takeover

Do Son January 8, 2026

A critical pre-authentication command injection vulnerability has been uncovered in the Trendnet TEW-713RE Wi-Fi extender, allowing remote...

🚨

Receive alerts for vulnerabilities being exploited in the wild.

⚡

Get notified instantly when a Proof of Concept (PoC) exploit is published.

🔍

Access critical info on vulnerabilities even when marked as "RESERVED".

🧠

Insights powered by decades of expertise and global intelligence sources.

🎯

Customize alerts with up to 10 keywords for your specific tech stack.

📊

Export the raw CVE database for SIEM integration and reporting.

CVE-2026-48558CVSS 10.0
SimpleHelp versions 5.5.15 and prior and 6.0 pre-release versions contain an authentication bypass vulnerability in the OIDC authentication...
Admin intel🗓 Updated: Jun 29, 2026
CVE-2026-46817CVSS 9.8
Vulnerability in the Oracle Payments product of Oracle E-Business Suite (component: File Transmission). Supported versions that are affected...
Admin intel🗓 Updated: Jun 29, 2026
CVE-2026-28496CVSS 9.4
FOSSBilling is a free, open-source billing and client management system. Versions prior to 0.8.0 have a Server-Side Template...
Admin intel🗓 Updated: Jun 25, 2026
CVE-2026-12569
PTC Windchill and FlexPLM contains an improper input validation vulnerability allowing an unauthenticated, remote attacker to execute arbitrary...
🗓 Added to KEV: Jun 25, 2026
CVE-2025-67038CVSS 9.8
Lantronix EDS5000 contains a code injection vulnerability that could allow attackers to inject arbitrary OS commands into the...
🗓 Added to KEV: Jun 23, 2026
CVE-2026-34910CVSS 10.0
Ubiquiti UniFi OS contains an improper input validation vulnerability which could allow a malicious actor with access to...
🗓 Added to KEV: Jun 23, 2026
CVE-2026-34909CVSS 10.0
Ubiquiti UniFi OS contains a path traversal vulnerability which could allow a malicious actor with access to the...
🗓 Added to KEV: Jun 23, 2026
CVE-2026-34908CVSS 10.0
Ubiquiti UniFi OS contains an improper access control vulnerability which could allow a malicious actor with access to...
🗓 Added to KEV: Jun 23, 2026