Search
Search HackerFeeds
Across ransomware, CVEs, defacements, breaches, and countries — last 90 days
Search
Across ransomware, CVEs, defacements, breaches, and countries — last 90 days
13 of 68 results
CVE
(10)CVE-2026-47693
Poweradmin is a web-based DNS administration tool for PowerDNS server. Versions prior to 4.2.4 and 4.3.3 are vulnerable to CSV Injection (Formula Injection) in
matched in description · 2026-06-23
CVE-2026-4983
Open VSX Registry does not sanitize SVG files uploaded as extension icons prior to storage, and serves them with Content-Type: image/svg+xml without security he
matched in description · 2026-06-23
CVE-2026-56697
Nuxt versions 4.0.0 before 4.4.7 and 3.x before 3.21.7 accept protocol-relative paths such as //evil.com in the reloadNuxtApp function; these pass the script-pr
matched in description · 2026-06-22
CVE-2026-56326
Nuxt versions 4.0.0 before 4.4.7 and 3.x before 3.21.7 contain a server-side open redirect vulnerability in navigateTo that fails to properly validate path-norm
matched in description · 2026-06-22
CVE-2026-12863
An unvalidated redirect was contained in Venueless' social login functionality and could be exploited for phishing using trusted domains.
matched in description · 2026-06-22
CVE-2026-56332
Capgo before 12.128.2 contains an open redirect vulnerability in the confirm-signup endpoint that allows attackers to redirect users to arbitrary external websi
matched in description · 2026-06-20
CVE-2026-56330
Capgo before 12.128.2 contains an open redirect vulnerability in stripe_portal and stripe_checkout endpoints that accept unvalidated callbackUrl, successUrl, an
matched in description · 2026-06-20
CVE-2026-44915
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Apache APISIX. The default configuration of cas-auth in Apache APISIX is vulnerable to phi
matched in description · 2026-06-19
CVE-2026-12049
Open redirect in pgAdmin 4's multi-factor authentication flow. The MFA validate and register endpoints honoured the user-supplied 'next' query/form parameter wi
matched in description · 2026-06-19
CVE-2026-12048
Stored cross-site scripting in pgAdmin 4's error-rendering and plan-node-rendering paths. Text returned by a PostgreSQL server (ErrorResponse messages, includin
matched in description · 2026-06-19
Handala’s attack on Israeli organizations
handala • IL
matched in description · 2024-07-21