Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Jun 15SEC Consult Vulnerability Lab Security Advisory < 20260615-1 > ======================================================================= title: Multiple Vulnerabilities           product: Wertheim SafeController Hardware for VAULT ROOMS (Safe Deposit Locker System – Microcontroller) vulnerable version: Controller 65000 - AssemblyVersion 6.11.8130.22319                     Controller...

Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Jun 15SEC Consult Vulnerability Lab Security Advisory < 20260615-0 > ======================================================================= title: Multiple Critical Vulnerabilities product: Wertheim SafeController Software for VAULT ROOMS (Safe Deposit Locker System) vulnerable version: AssemblyVersion 6.15.8328.28014 fixed version: No information provided by vendor CVE number:...

Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Jun 15SEC Consult Vulnerability Lab Security Advisory < 20260610-0 > ======================================================================= title: Local Privilege Escalation product: Slate Digital Connect (macOS)  vulnerable version: 1.37.0 fixed version: - CVE number: CVE-2026-24066, CVE-2026-24067              impact: high homepage:...

Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Jun 15SEC Consult Vulnerability Lab Security Advisory < 20260609-0 > ======================================================================= title: Multiple Local Privilege Escalation Vulnerabilities product: Waves Audio - Waves Central vulnerable version: v13.0.8 - v16.6.0       fixed version: v16.6.2          CVE number: CVE-2026-24064, CVE-2026-24065              impact: high...

Posted by Egidio Romano on Jun 15----------------------------------------------------------------------- Discuz! <= X5.0 (enable_disable.php) Local File Inclusion Vulnerability ----------------------------------------------------------------------- [-] Software Link: https://www.discuz.vip [-] Affected Versions: Version X5.0, releases 20260320 through 20260610. Older X3.4 and X3.5 releases may be affected too. [-] Vulnerability Description: A Local File Inclusion (LFI)...

Posted by Egidio Romano on Jun 15------------------------------------------------------ Discuz! <= X5.0 OCR-based CAPTCHA Bypass Vulnerability ------------------------------------------------------ [-] Software Link: https://www.discuz.vip [-] Affected Versions: Version X5.0, releases 20260320 through 20260610. Older X3.4 and X3.5 releases may be affected too. [-] Vulnerability Description: A security weakness in the CAPTCHA implementation of Discuz! allows automated...

Posted by Egidio Romano on Jun 15------------------------------------------------------------- Discuz! X5.0 (UC_KEY) Cross-Context Token Reuse Vulnerability ------------------------------------------------------------- [-] Software Link: https://www.discuz.vip [-] Affected Versions: Version X5.0, releases 20260320 through 20260501. [-] Vulnerability Description: The vulnerable code is located within the /config/config_ucenter.php configuration file:...

Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Jun 08SEC Consult Vulnerability Lab Security Advisory < 20260608-0 > ======================================================================= title: Privilege Escalation via Binary Planting             product: Genetec-provided RabbitMQ in multiple Genetec products vulnerable version: Multiple products, see below.       fixed version: Multiple products, see below. CVE number: CVE-2026-25112            ...

Posted by Moritz Bechler via Fulldisclosure on Jun 08Advisory ID: SYSS-2026-004 Product: SAP NetWeaver ABAP / SAP_BASIS Manufacturer: SAP SE Affected Version(s): SAP_BASIS 700 - 918 Tested Version(s): 7.93 Patch 300 Vulnerability Type: CWE-347: Improper Verification of Cryptographic Signature Risk Level: High Solution Status: Fixed Manufacturer Notification: 2025-11-06 Solution Date: 2026-02-10...

Posted by Matteo Beccati on Jun 04======================================================================== Revive Adserver Security Advisory REVIVE-SA-2026-002 ------------------------------------------------------------------------ https://www.revive-adserver.com/security/revive-sa-2026-002 ------------------------------------------------------------------------ Date: 2026-06-03 Risk Level: Medium to High Applications affected: Revive Adserver Versions...

Posted by Thomas Weber | CyberDanube via Fulldisclosure on May 31CyberDanube Security Research 20260528-0 ------------------------------------------------------------------------------- title| Multiple Vulnerabilities product| Mennekes Amtron Series and Smart-T PnC vulnerable version| 5.22.3 fixed version| 5.33.11-21500 CVE number| CVE-2026-8979, CVE-2026-8980 impact| High homepage| https://www.mennekes.at/ found|...

Posted by binreaper via Fulldisclosure on May 31Hi all, Posting a brief summary of a four-finding disclosure on bmcweb (the OpenBMC HTTP/Redfish web server), which ships in BMC firmware on most modern enterprise servers — Intel, IBM, HPE, NVIDIA, and various ODMs. Full timeline and analysis on the blog: https://binreaper.pages.dev/posts/2026-05-27-bmcweb-disclosure/ ## Why bmcweb matters A Baseboard Management Controller boots before the host CPU, has full control over the server...

Posted by Noel Butler via Fulldisclosure on May 25So when is the fix for dovecot 2.3 source code due to be released? Since by your wording by not including the first detected versions, it must be assumed 2.3 is affected, and as no EOL has been published or announced for 2.3.x, and as 2.3 is the still the most popular used version by far, should be prudent one is released, given a few more serious fixes have been made in recent times.

Posted by outreach on May 25-----BEGIN SECURITY ADVISORY----- Title: Server-Side Request Forgery (SSRF) in Anthropic mcp-server-fetch and Microsoft playwright-mcp Author: Syed Anas Mohiuddin Date: May 25, 2026 CVSS: 7.5 (HIGH) — AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N References: Already public via GitHub issues (see below) == AFFECTED PRODUCTS == 1. Anthropic mcp-server-fetch (modelcontextprotocol/servers) All versions as of May...

Posted by m.nageh on May 25-----BEGIN SECURITY ADVISORY----- Advisory ID: MONX-2021-001 CVE ID: CVE-2021-21735 Title: ZTE ZXHN H168N V3.5 - Unauthenticated Wizard Credential Disclosure to Full Admin Compromise Affected: ZTE ZXHN H168N V3.5 Date: 2026-05-20 Author: Mina Nageh Salalma (Monx Research) Contact: minanageh379 () gmail com Public URL:...

Posted by m.nageh on May 25-----BEGIN SECURITY ADVISORY----- Advisory ID: MONX-2026-003 CVE ID: CVE-2026-34474 Title: ZTE ZXHN H298A / H108N - Unauthenticated Admin Password & WLAN Credential Exposure Affected: ZTE ZXHN H298A 1.1, ZTE ZXHN H108N 2.6 (EOL; no patch planned) Date: 2026-05-20 Author: Mina Nageh Salalma (Monx Research) Contact: minanageh379 () gmail com Public URL:...

Posted by m.nageh on May 25-----BEGIN SECURITY ADVISORY----- Advisory ID: MONX-2026-002 CVE ID: CVE-2026-34472 Title: ZTE ZXHN H188A V6 - Authentication Bypass via Pre-Login Wizard Credential Leakage Affected: ZTE ZXHN H188A V6.0.10P2_TE, V6.0.10P3N3_TE Date: 2026-05-20 Author: Mina Nageh Salalma (Monx Research) Contact: minanageh379 () gmail com Public URL:...

Posted by m.nageh on May 25-----BEGIN SECURITY ADVISORY----- Advisory ID: MONX-2026-001 CVE ID: CVE-2026-34473 Title: Unauthenticated Denial of Service via Oversized POST Body in ZTE Router CGILua Parser Affected: 17+ ZTE ZXHN router models (~140,000 publicly exposed devices) CVSS Score: 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) Date: 2026-05-20 Author: Mina Nageh Salalma (Monx Research) Contact: minanageh379 () gmail...

Posted by Adamczyk Blazej on May 25━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ Multiple vulnerabilities in Sparx Pro Cloud Server and Enterprise Architect ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ General...

Posted by Apple Product Security via Fulldisclosure on May 17APPLE-SA-05-13-2026-1 Safari 26.5 Safari 26.5 addresses the following issues. Information about the security content is also available at https://support.apple.com/en-us/127121. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. WebKit Available for: macOS Sonoma and macOS Sequoia Impact: Processing maliciously crafted web content may prevent Content...

Posted by Apple Product Security via Fulldisclosure on May 17APPLE-SA-05-11-2026-11 visionOS 26.5 visionOS 26.5 addresses the following issues. Information about the security content is also available at https://support.apple.com/en-us/127120. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. Accelerate Available for: Apple Vision Pro (all models) Impact: An app may be able to cause a denial-of-service Description:...

Posted by Apple Product Security via Fulldisclosure on May 17APPLE-SA-05-11-2026-10 watchOS 26.5 watchOS 26.5 addresses the following issues. Information about the security content is also available at https://support.apple.com/en-us/127119. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. Accelerate Available for: Apple Watch Series 6 and later Impact: An app may be able to cause a denial-of-service Description:...

Posted by Apple Product Security via Fulldisclosure on May 17APPLE-SA-05-11-2026-9 tvOS 26.5 tvOS 26.5 addresses the following issues. Information about the security content is also available at https://support.apple.com/en-us/127118. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. Accelerate Available for: Apple TV HD and Apple TV 4K (all models) Impact: An app may be able to cause a denial-of-service...

Posted by Apple Product Security via Fulldisclosure on May 17APPLE-SA-05-11-2026-8 macOS Sonoma 14.8.7 macOS Sonoma 14.8.7 addresses the following issues. Information about the security content is also available at https://support.apple.com/en-us/127117. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. APFS Available for: macOS Sonoma Impact: An app may be able to cause unexpected system termination Description: A...

Posted by Apple Product Security via Fulldisclosure on May 17APPLE-SA-05-11-2026-7 macOS Sequoia 15.7.7 macOS Sequoia 15.7.7 addresses the following issues. Information about the security content is also available at https://support.apple.com/en-us/127116. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. APFS Available for: macOS Sequoia Impact: An app may be able to cause unexpected system termination Description:...

Posted by Apple Product Security via Fulldisclosure on May 17APPLE-SA-05-11-2026-6 macOS Tahoe 26.5 macOS Tahoe 26.5 addresses the following issues. Information about the security content is also available at https://support.apple.com/en-us/127115. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. Accelerate Available for: macOS Tahoe Impact: An app may be able to cause a denial-of-service Description: An...

Posted by Apple Product Security via Fulldisclosure on May 17APPLE-SA-05-11-2026-5 iOS 15.8.8 and iPadOS 15.8.8 iOS 15.8.8 and iPadOS 15.8.8 addresses the following issues. Information about the security content is also available at https://support.apple.com/en-us/127114. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. Notification Services Available for: iPhone 6s (all models), iPhone 7 (all models), iPhone SE...

Posted by Apple Product Security via Fulldisclosure on May 17APPLE-SA-05-11-2026-4 iOS 16.7.16 and iPadOS 16.7.16 iOS 16.7.16 and iPadOS 16.7.16 addresses the following issues. Information about the security content is also available at https://support.apple.com/en-us/127113. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. Notification Services Available for: iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation,...

Posted by Apple Product Security via Fulldisclosure on May 17APPLE-SA-05-11-2026-3 iPadOS 17.7.11 iPadOS 17.7.11 addresses the following issues. Information about the security content is also available at https://support.apple.com/en-us/127112. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. Notification Services Available for: iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation Impact:...

Posted by Apple Product Security via Fulldisclosure on May 17APPLE-SA-05-11-2026-2 iOS 18.7.9 and iPadOS 18.7.9 iOS 18.7.9 and iPadOS 18.7.9 addresses the following issues. Information about the security content is also available at https://support.apple.com/en-us/127111. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. Accounts Available for: iPhone XS, iPhone XS Max, iPhone XR, iPad 7th generation Impact: An app...

Posted by Apple Product Security via Fulldisclosure on May 17APPLE-SA-05-11-2026-1 iOS 26.5 and iPadOS 26.5 iOS 26.5 and iPadOS 26.5 addresses the following issues. Information about the security content is also available at https://support.apple.com/en-us/127110. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. Accelerate Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and later, iPad Pro...

Posted by Juraj Kosik on May 17VULNERABILITY Non-sanitised submission of malicious SVG files on the Edupage portal in combination with CSRF vulnerability allows triggering various actions on behalf of other users, e.g. identity spoofing, sending fake messages, giving fake approvals, etc. Full disclosure report: https://jkosik.github.io/posts/edupage/ Reference: https://www.edupage.org/ VENDOR: Applied Software Consultants PRODUCT: Edupage - https://www.edupage.org/ Web...

Posted by Juraj Kosik on May 17VULNERABILITY Both authenticated and publicly accessible anonymous guest accounts on Edupage portal allow an attacker to capture the complete list of user IDs, names (students, parents, and teachers), and the associated banking details (IBAN codes) Full disclosure report: https://jkosik.github.io/posts/edupage/ Reference: https://www.edupage.org/ VENDOR: Applied Software Consultants PRODUCT: Edupage - https://www.edupage.org/ Web application...

Posted by Aki Tuomi on May 17Hi! We're sharing our latest advisory with you and like to thank everyone who contributed in finding and solving those vulnerabilities. This advisory is also published at https://documentation.open-xchange.com/dovecot/security/advisories/html/2026/oxdc-adv-2026-0002.html --- Classification: TLP:GREEN Internal reference: DOV-8967 Type: CWE-235 (Improper Handling of Extra Parameters) Component: core Report confidence: Confirmed Solution...

Posted by Milan Berger via Fulldisclosure on Apr 29# Security Advisory: ESP-RFID-Tool v2 PRO **Product:** ESP-RFID-Tool v2 PRO **Vendor:** Raik Schneider (Einstein2150), foto-video-it.de **Repository:** https://github.com/Einstein2150/ESP-RFID-Tool-v2 **Affected Version:** v2.2.1 (latest as of 2026-04-28) **Severity:** CRITICAL **Disclosure Type:** Full Public Disclosure **Disclosure Date:** 2026-04-28 **Researcher:** Milan 't4c' Berger --- ## Disclosure Timeline | Date | Event |...

Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Apr 29*Update 2026-04-28:* The vendor contacted us and now provides a patched version v1.3.674 which can be obtained at the following URL: https://desktime.com/download

Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Apr 29SEC Consult Vulnerability Lab Security Advisory < 20260427-0 > ======================================================================= title: Missing TLS Certificate Validation leading to RCE product: DeskTime Time Tracking App vulnerable version: 1.3.671 fixed version: - CVE number: CVE-2025-10539              impact: medium homepage:https://desktime.com...

Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Apr 29SEC Consult Vulnerability Lab Security Advisory < 20260423-0 > ======================================================================= title: DLL Hijacking product: EfficientLab Controlio (cloud-based employee monitoring service) vulnerable version: <1.3.95      fixed version: 1.3.95         CVE number: CVE-2025-10549             impact: High homepage:https://controlio.net...

Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Apr 29SEC Consult Vulnerability Lab Security Advisory < 20260421-0 > ======================================================================= title: Broken Access Control in Config Endpoint product: LiteLLM vulnerable version: <=v1.83.0       fixed version: v1.83.0-nightly          CVE number: CVE-2026-35029              impact: high homepage:https://www.litellm.ai/            ...

Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Apr 29SEC Consult Vulnerability Lab Security Advisory < 20260415-0 > ======================================================================= title: Exposed Private Key of X.509 Certificate             product: SAP HANA Cockpit & SAP HANA Database Explorer vulnerable version: HANA Cockpit <2.18.2 (HRTT <2.16.254002)       fixed version: HANA Cockpit 2.18.2 (HRTT 2.16.254002)          CVE number:...

Posted by Apple Product Security via Fulldisclosure on Apr 29APPLE-SA-04-22-2026-2 iOS 18.7.8 and iPadOS 18.7.8 iOS 18.7.8 and iPadOS 18.7.8 addresses the following issues. Information about the security content is also available at https://support.apple.com/en-us/127003. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. Notification Services Available for: iPhone XR, iPhone XS, iPhone XS Max, iPhone 11 (all...

Posted by Apple Product Security via Fulldisclosure on Apr 29APPLE-SA-04-22-2026-1 iOS 26.4.2 and iPadOS 26.4.2 iOS 26.4.2 and iPadOS 26.4.2 addresses the following issues. Information about the security content is also available at https://support.apple.com/en-us/127002. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. Notification Services Available for: iPhone 11 and later, iPad Pro 12.9-inch 3rd generation and...

Posted by Nir Yehoshua on Apr 29Hi Full Disclosure list, I published a technical research article titled: When Trusted Tools Become Attack Primitives The article examines how trusted local utilities can become security-relevant primitives when used inside automated processing pipelines. It covers two case studies: 1. macOS textutil resolving remote resources during HTML-to-text conversion. 2. KeePassXC KDBX-controlled KDF parameters creating significant...

Posted by Egidio Romano on Apr 29----------------------------------------------------------------- SocialEngine <= 7.8.0 (get-memberall) SQL Injection Vulnerability ----------------------------------------------------------------- [-] Software Link: https://socialengine.com [-] Affected Versions: Versions 7.8.0, 7.7.0, and likely prior versions. [-] Vulnerability Description: User input passed through the "text" request parameter to the...

Posted by Egidio Romano on Apr 29--------------------------------------------------------------------- SocialEngine <= 7.8.0 Blind Server-Side Request Forgery Vulnerability --------------------------------------------------------------------- [-] Software Link: https://socialengine.com [-] Affected Versions: Versions 7.8.0, 7.7.0, and likely prior versions. [-] Vulnerability Description: User input passed through the "uri" request parameter to the...

Posted by malvuln on Apr 29Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2026 Original source: https://malvuln.com/advisory/8c15ec5f0137d097a345b693f0bffedb.txt Malvuln Intelligence Feed: https://intel.malvuln.com/ Contact: malvuln13 () gmail com Media: x.com/malvuln Threat: Trojan-Spy.Win32.Small Vulnerability: Remote Command Execution Description: The malware opens a listener on TCP port 65535, allowing unauthenticated remote attackers with network access...

Posted by Artur Janicki via Fulldisclosure on Apr 29[APOLOGIES FOR CROSS-POSTING] CALL FOR PAPERS 15th International Workshop on Cyber Crime (IWCC 2026 - https://www.ares-conference.eu/iwcc) to be held in conjunction with the International Conference on Availability, Reliability and Security (ARES 2026 - https://www.ares-conference.eu/) in Linköping, Sweden, August 24-27, 2026 IMPORTANT DATES Submission Deadline May 11, 2026 Author Notification May 29, 2026 Proceedings Version June...

Posted by SBA Research Security Advisory via Fulldisclosure on Apr 29# GoAnywhere MFT Email HTML Injection # Link: https://github.com/sbaresearch/advisories/tree/public/2025/SBA-ADV-20251120-01_GoAnywhere_MFT_Email_HTML_Injection ## Vulnerability Overview ## GoAnywhere MFT before 7.10.0 is affected by an HTML injection vulnerability in its email templating functionality. If an attacker is able to influence the content of a template variable, malicious HTML can be embedded into outgoing emails generated by the...

Posted by Thomas Weber | CyberDanube via Fulldisclosure on Apr 14CyberDanube Security Research 20260408-1 ------------------------------------------------------------------------------- title| Multiple Vulnerabilities product| Siemens SICAM A8000 CP-8050/CP-8031/CP-8010/CP-8012 vulnerable version| <=V25.30 fixed version| V26.10 CVE number| CVE-2026-27664 impact| High homepage| https://siemens.com/ found|...

Posted by Thomas Weber | CyberDanube via Fulldisclosure on Apr 14CyberDanube Security Research 20260408-0 ------------------------------------------------------------------------------- title| Remote Operation Denial of Service product| Siemens SICAM A8000 CP-8050/CP-8031/CP-8010/CP-8012 vulnerable version| <=V25.30 fixed version| V26.10 CVE number| CVE-2026-27663 impact| Medium homepage| https://siemens.com/...