CXSECURITY Database RSS Feed - CXSecurity.com https://cxsecurity.com/wlb/ CXSECURITY Database RSS Feed - World Laboratory of Bugtraq 2 CXSecurity.com en-US Wed, 03 Jun 2026 12:18:19 +0000 CXSecurity CXSecurity: World Laboratory of Bugtraq 2 https://cxsecurity.com/wlb/rss/all/ https://cxsecurity.com/images/wlb/wlblogo.png CXSECURITY Database RSS Feed - World Laboratory of Bugtraq 2 (WLB2) Canvas Breach: Symbiotic Dual-Virus Model & Origin Parity Evidence https://cxsecurity.com/issue/WLB-2026050026 WLB-2026050026 2026-05-27 18:42:46 CET Sentinel-Null Topic: Canvas Breach: Symbiotic Dual-Virus Model & Origin Parity Evidence Risk: Medium Text:CRITICAL EVIDENCE: I have identified 100% logic parity between the initial Canvas exploit and the official "recovery" vector. ... Wed, 27 May 2026 18:42:46 +0000 Open ISES Tickets < 3.44.2 - Hardcoded MySQL Credentials https://cxsecurity.com/issue/WLB-2026050025 WLB-2026050025 2026-05-27 18:42:14 CET Mohammed Idrees Banyamer Topic: Open ISES Tickets < 3.44.2 - Hardcoded MySQL Credentials Risk: Medium Text:#!/usr/bin/env python3 # Exploit Title: Open ISES Tickets < 3.44.2 - Hardcoded MySQL Credentials # CVE: CVE-2026-48242 # Dat... Wed, 27 May 2026 18:42:14 +0000 ePati Antikor NGFW 2.0.1301 Authentication Bypass https://cxsecurity.com/issue/WLB-2026050024 WLB-2026050024 2026-05-27 18:42:02 CET SADIK ERTÜRK Topic: ePati Antikor NGFW 2.0.1301 Authentication Bypass Risk: Medium Text:# Exploit Title: ePati Antikor NGFW 2.0.1301 - Authentication Bypass # Date: 2026-04-13 # Exploit Author: [SADIK ERTÜRK] ... Wed, 27 May 2026 18:42:02 +0000 Windows Shell LNK Spoofing to NTLMv2 Hash Capture https://cxsecurity.com/issue/WLB-2026050023 WLB-2026050023 2026-05-27 18:41:48 CET nu11secur1ty Topic: Windows Shell LNK Spoofing to NTLMv2 Hash Capture Risk: Medium Text:# Titles: CVE-2026-32202 - Windows Shell LNK Spoofing to NTLMv2 Hash Capture # Author: nu11secur1ty # Date: 2026-05-27 # Ven... Wed, 27 May 2026 18:41:48 +0000 Apache HTTP Server 2.4.66 mod_http2 Double-Free Denial of Service https://cxsecurity.com/issue/WLB-2026050022 WLB-2026050022 2026-05-27 18:41:25 CET xeloxa Topic: Apache HTTP Server 2.4.66 mod_http2 Double-Free Denial of Service Risk: Medium Text:# Exploit Title: Apache HTTP Server 2.4.66 - 'mod_http2' Double-Free Denial of Service # Google Dork: intext:"Apache/2.4.66" "... Wed, 27 May 2026 18:41:25 +0000 Grav CMS 2.0.0-beta.2 Remote Code Execution https://cxsecurity.com/issue/WLB-2026050021 WLB-2026050021 2026-05-27 18:41:02 CET Mustafa Murat Akgül Topic: Grav CMS 2.0.0-beta.2 Remote Code Execution Risk: High Text:# Exploit Title: Grav CMS < 2.0.0-beta.2 - Remote Code Execution (RCE) # Date: 2026-05-08 # Exploit Author: Mustafa Murat Ak... Wed, 27 May 2026 18:41:01 +0000 Frigate NVR 0.16.3 Remote Code Execution https://cxsecurity.com/issue/WLB-2026050020 WLB-2026050020 2026-05-23 05:00:22 CET jduardo2704 Topic: Frigate NVR 0.16.3 Remote Code Execution Risk: High Text:# Exploit Title: Frigate NVR 0.16.3 - Remote Code Execution # Date: 2026-02-05 # Exploit Author: jduardo2704 # Vendor Homep... Sat, 23 May 2026 05:00:22 +0000 Linux nf_tables 6.19.3 Local Privilege Escalation https://cxsecurity.com/issue/WLB-2026050019 WLB-2026050019 2026-05-23 05:00:13 CET Aviral Srivastava Topic: Linux nf_tables 6.19.3 Local Privilege Escalation Risk: Medium Text: * Exploit Title: Linux Kernel 3.16 – 6.19.3 nf_tables RCU UAF LPE * CVE: CVE-2026-23231 * Date: 20... Sat, 23 May 2026 05:00:13 +0000 ThingsBoard IoT Platform 4.2.0 Server-Side Request Forgery (SSRF) https://cxsecurity.com/issue/WLB-2026050018 WLB-2026050018 2026-05-23 04:59:56 CET Tamil Mathi T. Topic: ThingsBoard IoT Platform 4.2.0 Server-Side Request Forgery (SSRF) Risk: Low Text:# Exploit Title: ThingsBoard IoT Platform 4.2.0 - Server-Side Request Forgery (SSRF) # Date: 2026-03-25 # Exploit Author: Ta... Sat, 23 May 2026 04:59:56 +0000 Linux Kernel Local Privilege Escalation (CVE-2026-43284 / CVE-2026-43500 / CVE-2026-46300) https://cxsecurity.com/issue/WLB-2026050017 WLB-2026050017 2026-05-23 04:59:49 CET nu11secur1ty Topic: Linux Kernel Local Privilege Escalation (CVE-2026-43284 / CVE-2026-43500 / CVE-2026-46300) Risk: Medium Text:# Titles:** Linux Kernel Local Privilege Escalation (CVE-2026-43284 / CVE-2026-43500 / CVE-2026-46300) # Author:** nu11secur1t... Sat, 23 May 2026 04:59:49 +0000 SUSE Manager 4.3.15 Code Execution https://cxsecurity.com/issue/WLB-2026050016 WLB-2026050016 2026-05-23 04:59:19 CET Wiktor Maj Topic: SUSE Manager 4.3.15 Code Execution Risk: High Text:# Exploit Title: SUSE Manager 4.3.15 - Code Execution # Date: 29.01.2026 # Exploit Author: Wiktor Maj # Vendor Homepage: htt... Sat, 23 May 2026 04:59:19 +0000 Apache HertzBeat 1.8.0 Remote Code Execution https://cxsecurity.com/issue/WLB-2026050015 WLB-2026050015 2026-05-19 21:17:49 CET Brett Gervasoni Topic: Apache HertzBeat 1.8.0 Remote Code Execution Risk: High Text:# Exploit Title: Apache HertzBeat 1.8.0 - Remote Code Execution # Google Dork: N/A # Date: 2026-03-09 # Exploit Author: Bre... Tue, 19 May 2026 21:17:49 +0000 JuzaWeb CMS 3.4.2 Authenticated Remote Code Execution https://cxsecurity.com/issue/WLB-2026050014 WLB-2026050014 2026-05-19 21:17:25 CET Sardor Shoakbarov Topic: JuzaWeb CMS 3.4.2 Authenticated Remote Code Execution Risk: High Text:# Exploit Title: JuzaWeb CMS 3.4.2 - Authenticated Remote Code Execution # Date: 2026-01-10 # Exploit Author: Sardor Shoakbar... Tue, 19 May 2026 21:17:25 +0000 NiceGUI 3.6.1 Path Traversal https://cxsecurity.com/issue/WLB-2026050013 WLB-2026050013 2026-05-19 21:16:17 CET Mohammed Idrees Banyamer Topic: NiceGUI 3.6.1 Path Traversal Risk: Medium Text:# Exploit Title: NiceGUI 3.6.1 - Path Traversal # Author: Mohammed Idrees Banyamer # Instagram: @banyamer_security # GitHub... Tue, 19 May 2026 21:16:17 +0000 GUnet OpenEclass E-learning platform < 4.2 Remote Code Execution (RCE) https://cxsecurity.com/issue/WLB-2026050012 WLB-2026050012 2026-05-19 21:16:06 CET Ashif Iqubal Topic: GUnet OpenEclass E-learning platform < 4.2 Remote Code Execution (RCE) Risk: High Text:# Exploit Title: GUnet OpenEclass E-learning platform < 4.2 - Remote Code Execution (RCE) # Date: 2026-01-08 # Exploit Autho... Tue, 19 May 2026 21:16:06 +0000 Windows Snipping Tool NTLMv2 Hash Hijack https://cxsecurity.com/issue/WLB-2026050011 WLB-2026050011 2026-05-19 21:15:57 CET nu11secur1ty Topic: Windows Snipping Tool NTLMv2 Hash Hijack Risk: Medium Text:# Exploit Title: Windows Snipping Tool - NTLMv2 Hash Hijack # Date: 2026-04-22 # Exploit Author: nu11secur1ty # Video Demo... Tue, 19 May 2026 21:15:57 +0000 telnetd 2.7 Buffer Overflow https://cxsecurity.com/issue/WLB-2026050010 WLB-2026050010 2026-05-13 19:41:02 CET Jeff Barron Topic: telnetd 2.7 Buffer Overflow Risk: High Text:# Exploit Title: telnetd 2.7 - Buffer Overflow # Google Dork: N/A # Date: 2026-04-03 # Exploit Author: Jeff Barron (jeffaf) ... Wed, 13 May 2026 19:41:02 +0000 Kukurigu LPE - Linux Kernel Privilege Escalation (CVE-2026-43284 / CVE-2026-43500) https://cxsecurity.com/issue/WLB-2026050009 WLB-2026050009 2026-05-13 19:40:49 CET nu11secur1ty Topic: Kukurigu LPE - Linux Kernel Privilege Escalation (CVE-2026-43284 / CVE-2026-43500) Risk: Medium Text:# Titles: Kukurigu LPE - Linux Kernel Privilege Escalation (CVE-2026-43284 / CVE-2026-43500) # Author: nu11secur1ty # Date: 2... Wed, 13 May 2026 19:40:49 +0000 Event Booking Calendar-5.0 Cross-site scripting (reflected) https://cxsecurity.com/issue/WLB-2026050008 WLB-2026050008 2026-05-13 19:40:38 CET nu11secur1ty Topic: Event Booking Calendar-5.0 Cross-site scripting (reflected) Risk: Low Text:## Titles: Event Booking Calendar-5.0 Cross-site scripting (reflected) ## Author: nu11secur1ty ## Date: 5/13/2026 ## Vendor... Wed, 13 May 2026 19:40:38 +0000 Linux Kernel Local Privilege Escalation (CVE-2026-43284 / CVE-2026-43500) https://cxsecurity.com/issue/WLB-2026050007 WLB-2026050007 2026-05-13 19:40:32 CET nu11secur1ty Topic: Linux Kernel Local Privilege Escalation (CVE-2026-43284 / CVE-2026-43500) Risk: High Text:# Titles:** Linux Kernel Local Privilege Escalation (CVE-2026-43284 / CVE-2026-43500) # Author:** nu11secur1ty # Date:** 2026... Wed, 13 May 2026 19:40:32 +0000 Ninja Forms Uploads Unauthenticated PHP File Upload https://cxsecurity.com/issue/WLB-2026050006 WLB-2026050006 2026-05-13 19:40:20 CET Sélim Lanouar Topic: Ninja Forms Uploads Unauthenticated PHP File Upload Risk: High Text:# Exploit Title: Ninja Forms Uploads - Unauthenticated PHP File Upload # Date: 2026-04-09 # Exploit Author: ... Wed, 13 May 2026 19:40:20 +0000 Traccar GPS Tracking System 6.11.1 Cross-Site WebSocket Hijacking (CSWSH) https://cxsecurity.com/issue/WLB-2026050005 WLB-2026050005 2026-05-13 19:38:16 CET Hazar Taspinar Topic: Traccar GPS Tracking System 6.11.1 Cross-Site WebSocket Hijacking (CSWSH) Risk: Medium Text:# Exploit Title: Traccar GPS Tracking System 6.11.1 - Cross-Site WebSocket Hijacking (CSWSH) # Date: 2026-02-26 # Exploit Aut... Wed, 13 May 2026 19:38:15 +0000 Erugo 0.2.14 Remote Code Execution (RCE) https://cxsecurity.com/issue/WLB-2026050004 WLB-2026050004 2026-05-04 20:19:59 CET Abdul Moiz Topic: Erugo 0.2.14 Remote Code Execution (RCE) Risk: High Text:# Exploit Title: Erugo < = 0.2.14 - Authenticated Remote Code Execution (RCE) # Date: 2026-02-02 # Exploit Author: Abdul Moiz ... Mon, 04 May 2026 20:19:59 +0000 Linux Kernel Local Privilege Escalation via Memory Handling and Access Control Weakness https://cxsecurity.com/issue/WLB-2026050003 WLB-2026050003 2026-05-04 20:19:47 CET RERO Topic: Linux Kernel Local Privilege Escalation via Memory Handling and Access Control Weakness Risk: Medium Text:A privilege escalation vulnerability class affecting the Linux kernel has been analyzed under controlled local test environment... Mon, 04 May 2026 20:19:47 +0000 Green Hills INTEGRITY RTOS IPCOMShell TELNET Format String Vulnerability - Realistic Full Chain Attack on F-16 Avionics (Ground https://cxsecurity.com/issue/WLB-2026050002 WLB-2026050002 2026-05-04 20:19:01 CET Mohammed Idrees Banyamer Topic: Green Hills INTEGRITY RTOS IPCOMShell TELNET Format String Vulnerability - Realistic Full Chain Attack on F-16 Avionics (Ground Risk: Low Text:#!/usr/bin/env python3 # Exploit Title: Green Hills INTEGRITY RTOS IPCOMShell TELNET Format String Full Chain - Realistic F-16... Mon, 04 May 2026 20:19:01 +0000 Linux Kernel proc_readdir_de() 6.18-rc5 Local Privilege Escalation https://cxsecurity.com/issue/WLB-2026050001 WLB-2026050001 2026-05-04 20:18:27 CET Aviral Srivastava Topic: Linux Kernel proc_readdir_de() 6.18-rc5 Local Privilege Escalation Risk: Medium Text: * Exploit Title: Linux Kernel proc_readdir_de() 6.18-rc5 - Local Privilege Escalation * CVE: CVE-2025-40271 * ... Mon, 04 May 2026 20:18:26 +0000 Insecure Permissions vulnerability in Nagios Network Analyzer v.2024R1.02-64 and before allows a local attacker to escalate pri https://cxsecurity.com/issue/WLB-2026040019 WLB-2026040019 2026-04-26 21:07:36 CET Sarang Tumne Topic: Insecure Permissions vulnerability in Nagios Network Analyzer v.2024R1.02-64 and before allows a local attacker to escalate pri Risk: Medium Text:Insecure Permissions vulnerability in Nagios Network Analyzer v.2024R1.02-64 and before allows a local attacker to escalate pri... Sun, 26 Apr 2026 21:07:36 +0000 Samsung ONE Integer Overflow in CircleConst Tensor Size Calculation https://cxsecurity.com/issue/WLB-2026040018 WLB-2026040018 2026-04-26 21:07:24 CET Mohammed Idrees Banyamer Topic: Samsung ONE Integer Overflow in CircleConst Tensor Size Calculation Risk: Medium Text:#!/usr/bin/env python3 # Exploit Title: Samsung ONE - Integer Overflow in CircleConst Tensor Size Calculation # CVE: CVE-2026... Sun, 26 Apr 2026 21:07:24 +0000 solaredge-CSRF-OOB-Injection https://cxsecurity.com/issue/WLB-2026040017 WLB-2026040017 2026-04-26 21:07:15 CET nu11secur1ty Topic: solaredge-CSRF-OOB-Injection Risk: Medium Text:# Titles: solaredge-CSRF-OOB-Injection # Author: nu11secur1tyAI # Date: 2026-04-26 # Vendor: SolarEdge Technologies Ltd. # ... Sun, 26 Apr 2026 21:07:15 +0000 Trojan-Spy.Win32.Small / Remote Command Execution https://cxsecurity.com/issue/WLB-2026040016 WLB-2026040016 2026-04-22 21:54:00 CET malvuln Topic: Trojan-Spy.Win32.Small / Remote Command Execution Risk: Medium Text:Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2026 Original source: https://malvuln.com/advisory/8c15ec5f0137d097... Wed, 22 Apr 2026 21:54:00 +0000 OpenClaw < 2026.3.28 Discord Text Approval Authorization Bypass https://cxsecurity.com/issue/WLB-2026040015 WLB-2026040015 2026-04-22 21:53:45 CET Mohammed Idrees Banyamer Topic: OpenClaw < 2026.3.28 Discord Text Approval Authorization Bypass Risk: Medium Text:#!/usr/bin/env python3 # Exploit Title: OpenClaw Discord Text Approval Authorization Bypass # CVE: CVE-2026-41303 # Date: 20... Wed, 22 Apr 2026 21:53:45 +0000 Throttlestop Kernel Driver Kernel Out-of-Bounds Write Privilege Escalation https://cxsecurity.com/issue/WLB-2026040014 WLB-2026040014 2026-04-22 21:53:22 CET Xavi Beltran Topic: Throttlestop Kernel Driver Kernel Out-of-Bounds Write Privilege Escalation Risk: Medium Text:# Exploit Title: Throttlestop Kernel Driver - Kernel Out-of-Bounds Write Privilege Escalation # Exploit Details: https://xavi... Wed, 22 Apr 2026 21:53:21 +0000 Critical Remote Code Execution Vulnerability in Windows Internet Key Exchange (IKE) Service (CVE-2026-33824) https://cxsecurity.com/issue/WLB-2026040013 WLB-2026040013 2026-04-19 20:47:26 CET RERO Topic: Critical Remote Code Execution Vulnerability in Windows Internet Key Exchange (IKE) Service (CVE-2026-33824) Risk: High Text:CVE-2026-33824 is a critical remote code execution vulnerability affecting the Windows Internet Key Exchange (IKE) service, whi... Sun, 19 Apr 2026 20:47:26 +0000 WordPress Madara Local File Inclusion https://cxsecurity.com/issue/WLB-2026040012 WLB-2026040012 2026-04-14 19:07:10 CET Beatriz Fresno Naumova Topic: WordPress Madara Local File Inclusion Risk: Medium Text:# Exploit Title: WordPress Madara Local File Inclusion # Date: November 1, 2025 # Exploit Author: Beatriz Fresno Naumova # ... Tue, 14 Apr 2026 19:07:10 +0000 FortiWeb 8.0.2 Remote Code Execution https://cxsecurity.com/issue/WLB-2026040011 WLB-2026040011 2026-04-14 19:06:52 CET Mohammed Idrees Banyamer Topic: FortiWeb 8.0.2 Remote Code Execution Risk: High Text:# Exploit Title: FortiWeb 8.0.2 - Remote Code Execution # Date: 2025-11-22 # Author: Mohammed Idrees Banyamer # Author Coun... Tue, 14 Apr 2026 19:06:52 +0000 Easy File Sharing Web Server v7.2 Buffer Overflow https://cxsecurity.com/issue/WLB-2026040010 WLB-2026040010 2026-04-14 19:06:41 CET Donwor Topic: Easy File Sharing Web Server v7.2 Buffer Overflow Risk: High Text:# Exploit title: Easy File Sharing Web Server v7.2 - Buffer Overflow # Date: 16/10/2025 # Exploit Author: Donwor # X: @real_... Tue, 14 Apr 2026 19:06:29 +0000 NetBT e-Fatura Privilege Escalation https://cxsecurity.com/issue/WLB-2026040009 WLB-2026040009 2026-04-14 19:06:00 CET Seccops Topic: NetBT e-Fatura Privilege Escalation Risk: Medium Text:# Exploit Title: NetBT e-Fatura - Privilege Escalation # Author: Seccops # Discovery Date: 2025-10-03 # Vendor: https://net-... Tue, 14 Apr 2026 19:05:59 +0000 Docker Desktop 4.44.3 Unauthenticated API Exposure https://cxsecurity.com/issue/WLB-2026040008 WLB-2026040008 2026-04-09 20:53:26 CET OilSeller2001 Topic: Docker Desktop 4.44.3 Unauthenticated API Exposure Risk: High Text:# Exploit Title: Docker Desktop 4.44.3 - Unauthenticated API Exposure # Date: 2025-10-06 # Exploit Author: OilSeller2001 # ... Thu, 09 Apr 2026 20:53:26 +0000 MaNGOSWebV4 4.0.6 Reflected XSS https://cxsecurity.com/issue/WLB-2026040007 WLB-2026040007 2026-04-09 20:52:55 CET CodeSecLab Topic: MaNGOSWebV4 4.0.6 Reflected XSS Risk: Low Text:# Exploit Title: MaNGOSWebV4 4.0.6 - Reflected XSS # Date: 2024-10-26 # Exploit Author: CodeSecLab # Vendor Homepage: http... Thu, 09 Apr 2026 20:52:55 +0000 Grafana 11.6.0 SSRF https://cxsecurity.com/issue/WLB-2026040006 WLB-2026040006 2026-04-09 20:52:38 CET Beatriz Fresno Naumova Topic: Grafana 11.6.0 SSRF Risk: Medium Text:# Exploit Title: Grafana 11.6.0 - SSRF # FOFA: app="Grafana" # Date: 2-11-2025 # Exploit Author: Beatriz Fresno Naumova #... Thu, 09 Apr 2026 20:52:38 +0000